basic implementation of create/delete pool

2026-03-02 21:45:39 +00:00
parent 75dd027c59
commit 322f233718
16 changed files with 922 additions and 162 deletions
--- a/app/pve/pve.go
+++ b/app/pve/pve.go
@@ -0,0 +1,117 @@
+package pve
+
+import (
+	"context"
+	"crypto/tls"
+	"net/http"
+
+	common "user-manager-api/app/common"
+
+	"github.com/luthermonson/go-proxmox"
+)
+
+type ProxmoxClient struct {
+	client *proxmox.Client
+}
+
+func NewClientFromCredentials(config common.PVEConfig, username common.Username, password string) (*ProxmoxClient, int, error) {
+	HTTPClient := http.Client{
+		Transport: &http.Transport{
+			TLSClientConfig: &tls.Config{
+				InsecureSkipVerify: true,
+			},
+		},
+	}
+
+	client := proxmox.NewClient(config.URL,
+		proxmox.WithHTTPClient(&HTTPClient),
+		proxmox.WithCredentials(&proxmox.Credentials{Username: username.ToString(), Password: password}),
+	)
+
+	// todo this should return an error code if the binding failed (ie fetch version to check if the auth was actually ok)
+
+	return &ProxmoxClient{client: client}, http.StatusOK, nil
+}
+
+func (pve ProxmoxClient) SyncRealms() (int, error) {
+	domains, err := pve.client.Domains(context.Background())
+	if proxmox.IsNotAuthorized(err) {
+		return 401, err
+	} else if err != nil {
+		return 500, err
+	}
+	for _, domain := range domains {
+		if domain.Type != "pam" && domain.Type != "pve" { // pam and pve are not external realm types that require sync
+			err := domain.Sync(context.Background(), proxmox.DomainSyncOptions{
+				DryRun:         false,                  // we want to make modifications
+				EnableNew:      true,                   // allow new users and groups
+				Scope:          "both",                 // allow new users and groups
+				RemoveVanished: "acl;entry;properties", // remove deleted objects from ACL, entry in pve, and remove properties (probably not necessary)
+			})
+			if proxmox.IsNotAuthorized(err) {
+				return 401, err
+			} else if err != nil {
+				return 500, err
+			}
+		}
+	}
+	return 200, nil
+}
+
+func (pve ProxmoxClient) NewPool(poolname string) (int, error) {
+	err := pve.client.NewPool(context.Background(), poolname, "")
+	if proxmox.IsNotAuthorized(err) {
+		return 401, err
+	} else if err != nil {
+		return 500, err
+	} else {
+		return 200, nil
+	}
+}
+
+func (pve ProxmoxClient) DelPool(poolname string) (int, error) {
+	pvepool, err := pve.client.Pool(context.Background(), poolname)
+	if proxmox.IsNotFound(err) { // errors if pool does not exist
+		return 404, err
+	} else if err != nil {
+		return 500, err
+	}
+
+	err = pvepool.Delete(context.Background())
+	if proxmox.IsNotAuthorized(err) { // not authorized to delete
+		return 401, err
+	} else if err != nil {
+		return 500, err
+	} else {
+		return 200, nil
+	}
+}
+
+func (pve ProxmoxClient) NewGroup(groupname common.Groupname) (int, error) {
+	err := pve.client.NewGroup(context.Background(), groupname.ToString(), "")
+	if proxmox.IsNotAuthorized(err) {
+		return 401, err
+	} else if err != nil {
+		return 500, err
+	} else {
+		return 200, nil
+	}
+}
+
+func (pve ProxmoxClient) DelGroup(groupname common.Groupname) (int, error) {
+	pvegroup, err := pve.client.Group(context.Background(), groupname.ToString())
+	if proxmox.IsNotFound(err) { // errors if group does not exist
+		return 404, err
+	} else if err != nil {
+		return 500, err
+	}
+
+	err = pvegroup.Delete(context.Background())
+	if proxmox.IsNotAuthorized(err) { // not authorized to delete
+		return 401, err
+	} else if err != nil {
+		return 500, err
+	} else {
+		return 200, nil
+	}
+}