REST API for ProxmoxAAS
Arthur Lu
485ba0120e
move localdb to config folder, consolidate vars.js with localdb, move service scripts to service folder |
||
---|---|---|
config | ||
service | ||
src | ||
.gitignore | ||
package.json | ||
README.md | ||
start.sh |
ProxmoxAAS API - Client REST API
ProxmoxAAS API provides functionality to the Client by both providing a proxy API for the Proxmox API, and an API for requesting resources within a defined quota.
Prerequisites
- ProxmoxAAS-Client
- Proxmox VE Cluster (v7.0+)
- Reverse proxy server which can proxy the client and API
- FQDN
- Server with NodeJS (v18.0+) and NPM installed
Configuring API Token and Permissions
In Proxmox VE, follow the following steps:
- Add a new user
proxmoxaas-api
to Proxmox VE - Create a new API token for the user
proxmoxaas-api
and copy the secret key to a safe location - Create a new role
proxmoxaas-api
with at least the following permissions:- VM.* except VM.Audit, VM.Backup, VM.Clone, VM.Console, VM.Monitor, VM.PowerMgmt, VM.Snapshot, VM.Snapshot.Rollback
- Datastore.Allocate, Datastore.AllocateSpace, Datastore.Audit
- User.Modify
- Add a new API Token Permission with path:
/
, select the API token created previously, and role:proxmoxaas-api
- Add a new User Permission with path:
/
, select theproxmoxaas-api
user, and role:proxmoxaas-api
Installation - API
- Clone this repo onto
Client Host
- Run
npm install
to initiaze the package requirements - Copy
localdb.json.template
aslocaldb.json
and modify the following values:- pveAPI - the URI to the Proxmox API, ie
<proxmoxhost>:8006/api2/json
or<proxmox URL>/api2/json
if Proxmox VE is behind a reverse proxy. - hostname - the ProxmoxAAS-Client URL, ie
host.domain.tld
- domain - the base domain for the client and proxmox, ie
domain.tld
- listenPort - the port you want the API to listen on, ie
8080
- pveAPIToken - the user(name), authentication realm, token id, and token secrey key (uuid)
- pveAPI - the URI to the Proxmox API, ie
- You may also wish to confuigure users at this point as well. An example user config is shown in the template.
- Start the service using
node .
, or call the provided shell script, or use the provided systemctl service script
Installation - Reverse Proxy
- Configure nginx or preferred reverse proxy to reverse proxy the client. The configuration should include at least the following:
server {
listen 443 ssl;
server_name client.<FQDN>;
location / {
proxy_pass http://<Client Host>:80;
}
location /api/ {
proxy_pass http://<Client Host>:8080;
}
}
- Start nginx with the new configurations by running
systemctl reload nginx
Result
After these steps, the ProxmoxAAS Client should be avaliable and fully functional at client.<FQDN>
.