2023-03-01 05:15:17 +00:00
# ProxmoxAAS API - Client REST API
ProxmoxAAS API provides functionality to the Client by both providing a proxy API for the Proxmox API, and an API for requesting resources within a defined quota.
## Prerequisites
2023-10-05 20:30:25 +00:00
- [ProxmoxAAS-Client ](https://git.tronnet.net/tronnet/ProxmoxAAS-Dashboard )
2023-03-01 05:15:17 +00:00
- Proxmox VE Cluster (v7.0+)
2023-04-19 05:54:18 +00:00
- Reverse proxy server which can proxy the client and API
- FQDN
2023-04-26 02:38:46 +00:00
- Server with NodeJS (v18.0+) and NPM installed
2023-01-19 19:50:01 +00:00
2023-03-01 05:15:17 +00:00
## Configuring API Token and Permissions
2023-04-19 05:54:18 +00:00
In Proxmox VE, follow the following steps:
1. Add a new user `proxmoxaas-api` to Proxmox VE
2023-01-19 19:50:01 +00:00
2. Create a new API token for the user `proxmoxaas-api` and copy the secret key to a safe location
3. Create a new role `proxmoxaas-api` with at least the following permissions:
2023-03-01 05:15:17 +00:00
- VM.* except VM.Audit, VM.Backup, VM.Clone, VM.Console, VM.Monitor, VM.PowerMgmt, VM.Snapshot, VM.Snapshot.Rollback
- Datastore.Allocate, Datastore.AllocateSpace, Datastore.Audit
- User.Modify
2023-07-14 21:48:06 +00:00
- Pool.Audit
2023-02-28 00:07:24 +00:00
4. Add a new API Token Permission with path: `/` , select the API token created previously, and role: `proxmoxaas-api`
2023-03-01 05:15:17 +00:00
5. Add a new User Permission with path: `/` , select the `proxmoxaas-api` user, and role: `proxmoxaas-api`
## Installation - API
1. Clone this repo onto `Client Host`
2. Run `npm install` to initiaze the package requirements
2023-07-05 23:14:45 +00:00
3. Copy `template.localdb.json` as `localdb.json` and modify the following values under `pveAPIToken` :
2023-04-19 05:54:18 +00:00
- pveAPI - the URI to the Proxmox API, ie `<proxmoxhost>:8006/api2/json` or `<proxmox URL>/api2/json` if Proxmox VE is behind a reverse proxy.
2023-05-13 07:36:13 +00:00
- hostname - the ProxmoxAAS-Client URL, ie `host.domain.tld`
- domain - the base domain for the client and proxmox, ie `domain.tld`
2023-03-01 05:15:17 +00:00
- listenPort - the port you want the API to listen on, ie `8080`
- pveAPIToken - the user(name), authentication realm, token id, and token secrey key (uuid)
2023-06-22 00:23:34 +00:00
4. (Optional) In order to allow users to customize instance pcie devices, the API must use the root credentials for privilege elevation. Modify the following values under `pveroot` in order to use this feature:
- username: root user, typically `root@pam`
- password: root user password
5. You may also wish to configure users at this point as well. An example user config is shown in the template.
6. Start the service using `node .` , or call the provided shell script, or use the provided systemctl service script
2023-03-01 05:15:17 +00:00
2023-04-19 05:54:18 +00:00
## Installation - Reverse Proxy
2023-04-26 23:38:04 +00:00
1. Configure nginx or preferred reverse proxy to reverse proxy the client. The configuration should include at least the following:
2023-04-19 05:54:18 +00:00
```
server {
listen 443 ssl;
server_name client.< FQDN > ;
location / {
proxy_pass http://< Client Host > :80;
}
location /api/ {
proxy_pass http://< Client Host > :8080;
}
}
```
2. Start nginx with the new configurations by running `systemctl reload nginx`
2023-03-01 05:15:17 +00:00
## Result
2023-06-21 05:06:38 +00:00
After these steps, the ProxmoxAAS Client should be available and fully functional at `client.<FQDN>` .
