29 lines
1.1 KiB
JavaScript
29 lines
1.1 KiB
JavaScript
import { Agent } from 'undici';
|
|
|
|
// PVE uses a self-signed cert on the LAN; opt into skipping verification with
|
|
// PROXMOX_INSECURE_TLS=1 (homelab). Cached dispatcher; tests inject fetchImpl.
|
|
let insecure;
|
|
function tlsDispatcher() {
|
|
if (process.env.PROXMOX_INSECURE_TLS !== '1') return undefined;
|
|
insecure ??= new Agent({ connect: { rejectUnauthorized: false } });
|
|
return insecure;
|
|
}
|
|
|
|
// Proxmox guest power via a SCOPED PVEAPIToken (VM.PowerMgmt on whitelisted guests
|
|
// only). PVE enforces permissions server-side; this adapter never builds shell commands.
|
|
export async function powerGuest({ node, vmid, op, kindPath = 'lxc' }, {
|
|
apiUrl = process.env.PROXMOX_API_URL,
|
|
token = process.env.PROXMOX_API_TOKEN,
|
|
fetchImpl = fetch
|
|
} = {}) {
|
|
const url = `${apiUrl}/api2/json/nodes/${node}/${kindPath}/${vmid}/status/${op}`;
|
|
const res = await fetchImpl(url, {
|
|
method: 'POST',
|
|
headers: { Authorization: `PVEAPIToken=${token}` },
|
|
dispatcher: tlsDispatcher()
|
|
});
|
|
if (!res.ok) throw new Error(`proxmox ${op} ${vmid} → ${res.status} ${await res.text?.() ?? ''}`);
|
|
const body = await res.json();
|
|
return { ok: true, upid: body?.data ?? null };
|
|
}
|