Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
P
pve-manager
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Administrator
pve-manager
Commits
a50345c8
Commit
a50345c8
authored
Sep 07, 2015
by
Dietmar Maurer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
convert spiceproxy into a PVE::Service class
parent
31059552
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
112 additions
and
114 deletions
+112
-114
Makefile
PVE/Service/Makefile
+1
-1
spiceproxy.pm
PVE/Service/spiceproxy.pm
+107
-0
Makefile
bin/Makefile
+1
-6
spiceproxy
bin/spiceproxy
+3
-107
No files found.
PVE/Service/Makefile
View file @
a50345c8
include
../../defines.mk
SOURCES
=
pvestatd.pm pveproxy.pm pvedaemon.pm
SOURCES
=
pvestatd.pm pveproxy.pm pvedaemon.pm
spiceproxy.pm
.PHONY
:
install
install
:
${SOURCES}
...
...
PVE/Service/spiceproxy.pm
0 → 100755
View file @
a50345c8
package
PVE::Service::
spiceproxy
;
# Note: In theory, all this can be done by 'pveproxy' daemon. But some
# API call still have blocking code, so we use a separate daemon to avoid
# that the console gets blocked.
use
strict
;
use
warnings
;
use
PVE::
SafeSyslog
;
use
PVE::
Daemon
;
use
PVE::
API2Tools
;
use
PVE::
API2
;
use
PVE::
HTTPServer
;
use
base
qw(PVE::Daemon)
;
my
$cmdline
=
[
$0
,
@ARGV
];
my
%
daemon_options
=
(
max_workers
=>
1
,
# todo: do we need more?
restart_on_error
=>
5
,
stop_wait_time
=>
15
,
leave_children_open_on_reload
=>
1
,
setuid
=>
'
www-data
',
setgid
=>
'
www-data
',
pidfile
=>
'
/var/run/pveproxy/spiceproxy.pid
',
);
my
$daemon
=
__PACKAGE__
->
new
('
spiceproxy
',
$cmdline
,
%
daemon_options
);
sub
init
{
my
(
$self
)
=
@_
;
# we use same ALLOW/DENY/POLICY as pveproxy
my
$proxyconf
=
PVE::API2Tools::
read_proxy_config
();
my
$accept_lock_fn
=
"
/var/lock/spiceproxy.lck
";
my
$lockfh
=
IO::
File
->
new
("
>>
${accept_lock_fn}
")
||
die
"
unable to open lock file '
${accept_lock_fn}
' - $!
\n
";
my
$family
=
PVE::Tools::
get_host_address_family
(
$self
->
{
nodename
});
my
$socket
=
$self
->
create_reusable_socket
(
3128
,
undef
,
$family
);
$self
->
{
server_config
}
=
{
base_handler_class
=>
'
PVE::API2
',
keep_alive
=>
0
,
max_conn
=>
500
,
lockfile
=>
$accept_lock_fn
,
socket
=>
$socket
,
lockfh
=>
$lockfh
,
debug
=>
$self
->
{
debug
},
spiceproxy
=>
1
,
trusted_env
=>
0
,
logfile
=>
'
/var/log/pveproxy/access.log
',
allow_from
=>
$proxyconf
->
{
ALLOW_FROM
},
deny_from
=>
$proxyconf
->
{
DENY_FROM
},
policy
=>
$proxyconf
->
{
POLICY
},
};
}
sub
run
{
my
(
$self
)
=
@_
;
my
$server
=
PVE::
HTTPServer
->
new
(
%
{
$self
->
{
server_config
}});
$server
->
run
();
}
$daemon
->
register_start_command
();
$daemon
->
register_restart_command
(
1
);
$daemon
->
register_stop_command
();
$daemon
->
register_status_command
();
our
$cmddef
=
{
start
=>
[
__PACKAGE__
,
'
start
',
[]
],
restart
=>
[
__PACKAGE__
,
'
restart
',
[]
],
stop
=>
[
__PACKAGE__
,
'
stop
',
[]
],
status
=>
[
__PACKAGE__
,
'
status
',
[]
,
undef
,
sub
{
print
shift
.
"
\n
";}
],
};
1
;
__END__
=head1 NAME
spiceproxy - SPICE proxy server for Proxmox VE
=head1 SYNOPSIS
=include synopsis
=head1 DESCRIPTION
SPICE proxy server for Proxmox VE. Listens on port 3128.
=head1 Host based access control
It is possible to configure apache2 like access control lists. Values are read
from file /etc/default/pveproxy (see 'pveproxy' for details).
=head1 FILES
/etc/default/pveproxy
=include pve_copyright
bin/Makefile
View file @
a50345c8
...
...
@@ -2,7 +2,7 @@ include ../defines.mk
SUBDIRS
=
init.d ocf
test
SERVICES
=
pvestatd pveproxy pvedaemon
SERVICES
=
pvestatd pveproxy pvedaemon
spiceproxy
CLITOOLS
=
vzdump pvesubscription
SCRIPTS
=
\
...
...
@@ -12,7 +12,6 @@ SCRIPTS = \
pvesh
\
pveam
\
pvebanner
\
spiceproxy
\
pveversion
\
pvemailforward.pl
\
pveupgrade
\
...
...
@@ -24,7 +23,6 @@ SERVICE_MANS = $(addsuffix .8, ${SERVICES})
CLI_MANS
=
\
$
(
addsuffix .1,
${
CLITOOLS
}
)
\
pveceph.1
\
spiceproxy.1
\
pveversion.1
\
pveupgrade.1
\
pveperf.1
...
...
@@ -69,9 +67,6 @@ pveperf.1.pod: pveperf
perl
-I
..
-T
-e
"use PVE::CLI::
$*
; PVE::CLI::
$*
->generate_bash_completions();"
>
$@
.tmp
mv
$@
.tmp
$@
spiceproxy.1.pod
:
spiceproxy
perl
-I
..
-T
./spiceproxy printmanpod
>
$@
pvectl.1.pod
:
pvectl
perl
-I
.. ./pvectl printmanpod
>
$@
...
...
bin/spiceproxy
View file @
a50345c8
#!/usr/bin/perl -T
# Note: In theory, all this can be done by 'pveproxy' daemon. But some
# API call still have blocking code, so we use a separate daemon to avoid
# that the console gets blocked.
$ENV
{'
PATH
'}
=
'
/sbin:/bin:/usr/sbin:/usr/bin
';
delete
@ENV
{
qw(IFS CDPATH ENV BASH_ENV)
};
use
strict
;
use
warnings
;
use
PVE::
SafeSyslog
;
use
PVE::
Daemon
;
use
PVE::
API2Tools
;
use
PVE::
API2
;
use
PVE::
HTTPServer
;
use
base
qw(PVE::Daemon)
;
use
PVE::Service::
spiceproxy
;
$SIG
{'
__WARN__
'}
=
sub
{
my
$err
=
$@
;
...
...
@@ -28,106 +17,13 @@ $SIG{'__WARN__'} = sub {
$@
=
$err
;
};
my
$cmdline
=
[
$0
,
@ARGV
];
my
%
daemon_options
=
(
max_workers
=>
1
,
# todo: do we need more?
restart_on_error
=>
5
,
stop_wait_time
=>
15
,
leave_children_open_on_reload
=>
1
,
setuid
=>
'
www-data
',
setgid
=>
'
www-data
',
pidfile
=>
'
/var/run/pveproxy/spiceproxy.pid
',
);
my
$daemon
=
__PACKAGE__
->
new
('
spiceproxy
',
$cmdline
,
%
daemon_options
);
sub
prepare
{
my
$prepare
=
sub
{
my
$rundir
=
"
/var/run/pveproxy
";
if
(
mkdir
(
$rundir
,
0700
))
{
# only works at first start if we are root)
my
$gid
=
getgrnam
('
www-data
')
||
die
"
getgrnam failed - $!
\n
";
my
$uid
=
getpwnam
('
www-data
')
||
die
"
getpwnam failed - $!
\n
";
chown
(
$uid
,
$gid
,
$rundir
);
}
}
sub
init
{
my
(
$self
)
=
@_
;
# we use same ALLOW/DENY/POLICY as pveproxy
my
$proxyconf
=
PVE::API2Tools::
read_proxy_config
();
my
$accept_lock_fn
=
"
/var/lock/spiceproxy.lck
";
my
$lockfh
=
IO::
File
->
new
("
>>
${accept_lock_fn}
")
||
die
"
unable to open lock file '
${accept_lock_fn}
' - $!
\n
";
my
$family
=
PVE::Tools::
get_host_address_family
(
$self
->
{
nodename
});
my
$socket
=
$self
->
create_reusable_socket
(
3128
,
undef
,
$family
);
$self
->
{
server_config
}
=
{
base_handler_class
=>
'
PVE::API2
',
keep_alive
=>
0
,
max_conn
=>
500
,
lockfile
=>
$accept_lock_fn
,
socket
=>
$socket
,
lockfh
=>
$lockfh
,
debug
=>
$self
->
{
debug
},
spiceproxy
=>
1
,
trusted_env
=>
0
,
logfile
=>
'
/var/log/pveproxy/access.log
',
allow_from
=>
$proxyconf
->
{
ALLOW_FROM
},
deny_from
=>
$proxyconf
->
{
DENY_FROM
},
policy
=>
$proxyconf
->
{
POLICY
},
};
}
sub
run
{
my
(
$self
)
=
@_
;
my
$server
=
PVE::
HTTPServer
->
new
(
%
{
$self
->
{
server_config
}});
$server
->
run
();
}
$daemon
->
register_start_command
();
$daemon
->
register_restart_command
(
1
);
$daemon
->
register_stop_command
();
$daemon
->
register_status_command
();
my
$cmddef
=
{
start
=>
[
__PACKAGE__
,
'
start
',
[]
],
restart
=>
[
__PACKAGE__
,
'
restart
',
[]
],
stop
=>
[
__PACKAGE__
,
'
stop
',
[]
],
status
=>
[
__PACKAGE__
,
'
status
',
[]
,
undef
,
sub
{
print
shift
.
"
\n
";}
],
};
my
$cmd
=
shift
;
PVE::CLIHandler::
handle_cmd
(
$cmddef
,
$0
,
$cmd
,
\
@ARGV
,
undef
,
$0
,
\&
prepare
);
exit
(
0
);
__END__
=head1 NAME
spiceproxy - SPICE proxy server for Proxmox VE
=head1 SYNOPSIS
=include synopsis
=head1 DESCRIPTION
SPICE proxy server for Proxmox VE. Listens on port 3128.
=head1 Host based access control
It is possible to configure apache2 like access control lists. Values are read
from file /etc/default/pveproxy (see 'pveproxy' for details).
=head1 FILES
/etc/default/pveproxy
=include pve_copyright
PVE::Service::
spiceproxy
->
run_cli
(
undef
,
undef
,
$prepare
);
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment