vm management

README.md

@@ -4,6 +4,12 @@ This guide explains how to deploy **PVE HA Web Panel** on a Proxmox host or any
 
 ---
 
+## 0) Install python3-venv
+
+```bash
+apt install python3-venv
+```
+
 ## 1) Create directory
 
 ```bash

app.py

@@ -21,14 +21,14 @@ app = Flask(__name__, template_folder="templates", static_folder="static")
 def run(cmd: List[str], timeout: int = 25) -> subprocess.CompletedProcess:
     return subprocess.run(cmd, check=False, text=True, capture_output=True, timeout=timeout)
 
-def get_text(cmd: List[str]) -> str:
+def get_text(cmd: List[str], timeout: Optional[int] = None) -> str:
-    r = run(cmd)
+    r = run(cmd, timeout=timeout or 25)
     return r.stdout if r.returncode == 0 else ""
 
-def get_json(cmd: List[str]) -> Any:
+def get_json(cmd: List[str], timeout: Optional[int] = None) -> Any:
     if cmd and cmd[0] == "pvesh" and "--output-format" not in cmd:
         cmd = cmd + ["--output-format", "json"]
-    r = run(cmd)
+    r = run(cmd, timeout=timeout or 25)
     if r.returncode != 0 or not r.stdout.strip():
         return None
     try:
@@ -36,11 +36,11 @@ def get_json(cmd: List[str]) -> Any:
     except Exception:
         return None
 
-def post_json(cmd: List[str]) -> Any:
+def post_json(cmd: List[str], timeout: Optional[int] = None) -> Any:
     # force "create" for POST-like agent calls
     if cmd and cmd[0] == "pvesh" and len(cmd) > 2 and cmd[1] != "create":
         cmd = ["pvesh", "create"] + cmd[1:]
-    r = run(cmd)
+    r = run(cmd, timeout=timeout or 25)
     if r.returncode != 0 or not r.stdout.strip():
         return None
     try:
@@ -64,7 +64,7 @@ def stop_if_running(unit: str, out: List[str]) -> None:
 def ha_node_maint(enable: bool, node: str, out: List[str]) -> None:
     cmd = ["ha-manager", "crm-command", "node-maintenance", "enable" if enable else "disable", node]
     out.append("$ " + " ".join(shlex.quote(x) for x in cmd))
-    r = run(cmd)
+    r = run(cmd, timeout=timeout or 25)
     if r.returncode != 0:
         out.append(f"ERR: {r.stderr.strip()}")
 
@@ -431,6 +431,109 @@ def api_disable():
     ha_node_maint(False, node, log)
     return jsonify(ok=True, log=log)
 
+
+# --- VM/CT admin actions API ---
+
+def vm_locked(typ: str, node: str, vmid: int) -> bool:
+    base = f"/nodes/{node}/{typ}/{vmid}"
+    cur = get_json(["pvesh", "get", f"{base}/status/current"]) or {}
+    return bool(cur.get("lock"))
+
+def run_qm_pct(typ: str, vmid: int, subcmd: str) -> subprocess.CompletedProcess:
+    tool = "qm" if typ == "qemu" else "pct"
+    return run([tool, subcmd, str(vmid)], timeout=120)
+
+@app.get("/api/list-all-vmct")
+def api_list_all_vmct():
+    meta = cluster_vmct_meta()
+    nodes = [n.get("node") for n in (api_cluster_data().get("nodes") or []) if n.get("node")]
+    return jsonify({"all": list(meta.values()), "nodes": sorted(set(nodes))})
+
+@app.post("/api/vm-action")
+def api_vm_action():
+    if os.geteuid() != 0:
+        return jsonify(ok=False, error="run as root"), 403
+    data = request.get_json(force=True, silent=True) or {}
+    sid = data.get("sid", "")
+    action = data.get("action", "")
+    target = data.get("target", "")
+
+    meta = cluster_vmct_meta()
+    tup = sid_to_tuple(sid, meta)
+    if not tup:
+        return jsonify(ok=False, error="bad sid"), 400
+    typ, vmid, node = tup
+    if not node:
+        return jsonify(ok=False, error="unknown node"), 400
+
+    if action == "migrate_offline":
+        action = "migrate"
+
+    try:
+        if action == "unlock":
+            if typ != "qemu":
+                return jsonify(ok=False, error="unlock only for qemu"), 400
+            if not vm_locked(typ, node, vmid):
+                return jsonify(ok=True, msg="not locked")
+            r = run(["qm", "unlock", str(vmid)])
+            return jsonify(ok=(r.returncode == 0), stdout=r.stdout, stderr=r.stderr)
+
+        elif action in ("start", "stop", "shutdown"):
+            r = run_qm_pct(typ, vmid, action)
+            return jsonify(ok=(r.returncode == 0), stdout=r.stdout, stderr=r.stderr)
+
+        elif action == "migrate":
+            if not target or target == node:
+                return jsonify(ok=False, error="target required and must differ from source"), 400
+            base = f"/nodes/{node}/{typ}/{vmid}/migrate"
+            cmd = ["pvesh", "create", base, "-target", target, "-online", "0"]
+            res = post_json(cmd, timeout=120)
+            upid = None
+            if isinstance(res, dict):
+                upid = res.get("data") or res.get("upid")
+            return jsonify(ok=True, result=res or {}, upid=upid, source_node=node)
+
+        else:
+            return jsonify(ok=False, error="unknown action"), 400
+
+    except Exception as e:
+        return jsonify(ok=False, error=str(e)), 500
+
+
+
+@app.get("/api/task-status")
+def api_task_status():
+    upid = request.args.get("upid", "").strip()
+    node = request.args.get("node", "").strip()
+    if not upid or not node:
+        return jsonify(ok=False, error="upid and node required"), 400
+    st = get_json(["pvesh", "get", f"/nodes/{node}/tasks/{upid}/status"]) or {}
+    return jsonify(ok=True, status=st)
+
+
+@app.get("/api/task-log")
+def api_task_log():
+    upid = request.args.get("upid", "").strip()
+    node = request.args.get("node", "").strip()
+    start = request.args.get("start", "0").strip()
+    try:
+        start_i = int(start)
+    except Exception:
+        start_i = 0
+    if not upid or not node:
+        return jsonify(ok=False, error="upid and node required"), 400
+    # Returns a list of {n: <line_no>, t: <text>}
+    lines = get_json(["pvesh", "get", f"/nodes/{node}/tasks/{upid}/log", "-start", str(start_i)]) or []
+    # Compute next start
+    next_start = start_i
+    if isinstance(lines, list) and lines:
+        # find max n
+        try:
+            next_start = max((int(x.get("n", start_i)) for x in lines if isinstance(x, dict)), default=start_i) + 1
+        except Exception:
+            next_start = start_i
+    return jsonify(ok=True, lines=lines or [], next_start=next_start)
+
 if __name__ == "__main__":
     import argparse
     p = argparse.ArgumentParser()
@@ -439,4 +542,4 @@ if __name__ == "__main__":
     args = p.parse_args()
     DEFAULT_NODE = args.node
     host, port = args.bind.split(":")
-    app.run(host=host, port=int(port), debug=False, threaded=True)
+    app.run(host=host, port=int(port), debug=False, threaded=True)

static/main.js

@@ -1,4 +1,5 @@
 // ------ helpers ------
+const tblVmAdmin = document.querySelector("#vm-admin");
 const $ = (q) => document.querySelector(q);
 function safe(v) { return (v === undefined || v === null || v === '') ? '—' : String(v); }
 function ensureArr(a) { return Array.isArray(a) ? a : []; }
@@ -87,6 +88,7 @@ async function doRefresh() {
   const d = await fetchSnapshot();
   renderSnap(d);
   if (!doRefresh.didNonHA) { await renderNonHA(); doRefresh.didNonHA = true; }
+  if (!doRefresh.didAdmin) { await renderVMAdmin(); doRefresh.didAdmin = true; }
 }
 btnRefresh.onclick = doRefresh;
 btnAuto.onclick = () => {
@@ -291,7 +293,7 @@ function renderVmDetailCard(d) {
 
 // ------ Node detail card ------
 function renderNodeDetailCard(d) {
-  const st = d.status || {};
+  const st = d.status || {}; lastSt = st;
   const ver = d.version || {};
   const tm = d.time || {};
   const netcfg = ensureArr(d.network_cfg);
@@ -656,3 +658,243 @@ function renderSnap(d) {
 
 // initial one-shot load (auto refresh OFF by default)
 doRefresh().catch(console.error);
+
+
+// ------ VM Admin API/UI ------
+async function fetchAllVmct() {
+  const r = await fetch('/api/list-all-vmct');
+  return await r.json();
+}
+async function vmAction(sid, action, target) {
+  const body = { sid, action };
+  if (target) body.target = target;
+  const r = await fetch('/api/vm-action', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(body) });
+  const d = await r.json();
+  if (!d.ok) throw new Error(d.error || 'action failed');
+  return d;
+}
+
+async function renderVMAdmin() {
+  const data = await fetchAllVmct();
+  const arr = ensureArr(data.all);
+  const nodes = ensureArr(data.nodes);
+  const tbody = document.querySelector('#vm-admin tbody');
+  if (!arr.length) { setRows(tbody, [rowHTML(['Brak VM/CT'])]); return; }
+
+  const rows = arr.map(x => {
+    const sid = safe(x.sid), type = safe(x.type), name = safe(x.name), node = safe(x.node);
+    const st = /running/i.test(x.status || '') ? badge(x.status, 'ok') : badge(x.status || '—', 'dark');
+    const actions = `
+      <div class="btn-group btn-group-sm" role="group">
+        <button class="btn btn-outline-secondary act-unlock">Unlock</button>
+        <button class="btn btn-outline-success act-start">Start</button>
+        <button class="btn btn-outline-warning act-shutdown">Shutdown</button>
+        <button class="btn btn-outline-danger act-stop">Stop</button>
+      </div>`;
+    const sel = `<select class="form-select form-select-sm target-node" style="min-width:140px">
+      ${nodes.map(n => `<option value="${n}" ${n === x.node ? 'disabled' : ''}>${n}${n === x.node ? ' (src)' : ''}</option>`).join('')}
+    </select>`;
+    const migrateBtn = `<div class="d-flex align-items-center gap-2"><button class="btn btn-outline-primary btn-sm act-migrate">Migrate (offline)</button><button class="btn btn-outline-secondary btn-sm act-status">Status</button></div>`;
+    return rowHTML([sid, type.toUpperCase(), name, node, st, actions, sel, migrateBtn], `data-sid="${sid}"`);
+  });
+
+  setRows(tbody, rows);
+
+  Array.from(tbody.querySelectorAll('tr[data-sid]')).forEach(tr => {
+    const sid = tr.getAttribute('data-sid');
+    const getTarget = () => tr.querySelector('.target-node')?.value || '';
+    const colSpan = tr.children.length; // for status row width
+    const bind = (sel, action, needsTarget = false) => {
+      const btn = tr.querySelector(sel);
+      if (!btn) return;
+      btn.onclick = async () => {
+        setRowBusy(tr, true);
+        btn.disabled = true;
+        try {
+          if (action === 'migrate') {
+            const target = getTarget();
+            const resp = await vmAction(sid, action, target);
+            // show expandable status row (spinner already set via setRowBusy)
+            const row = ensureMigRow(tr, colSpan);
+            setMigRowVisible(row, true);
+            const log = row.querySelector('.mig-log');
+            const srcNode = resp.source_node;
+            const upid = resp.upid;
+            const stopSig = { done: false };
+            tailTaskLog(upid, srcNode, log, stopSig);
+
+            log.textContent = `Starting offline migrate to ${target} (UPID: ${upid || '—'})...`;
+            // update badge immediately
+            const badgeCell = tr.children[4];
+            if (badgeCell) badgeCell.innerHTML = badge('migrating', 'info');
+            // start background polling; update log on each tick
+            await pollTask(upid, srcNode, (st) => {
+              const lines = [];
+              for (const k of ['type', 'status', 'pid', 'starttime', 'user', 'node', 'endtime', 'exitstatus']) {
+                if (st && st[k] !== undefined) lines.push(`${k}: ${st[k]}`);
+              }
+              log.textContent = lines.join('\n') || '—';
+            }, async (finalSt) => {
+              stopSig.done = true;
+              const exit = (finalSt && finalSt.exitstatus) ? String(finalSt.exitstatus) : '';
+              const ok = exit.toUpperCase() === 'OK';
+              const badgeCell = tr.children[4];
+              if (badgeCell) badgeCell.innerHTML = ok ? badge('running', 'ok') : badge('migrate error', 'err');
+              log.textContent += (log.textContent ? '\n' : '') + (ok ? 'Migration finished successfully.' : ('Migration failed: ' + (exit || 'unknown error')));
+              setRowBusy(tr, false);
+              await doRefresh();
+              // auto-collapse on success after 2s
+              if (ok) { setTimeout(() => { const row = tr.nextElementSibling; if (row && row.classList.contains('mig-row')) setMigRowVisible(row, false); }, 2000); }
+            });
+          } else {
+            await vmAction(sid, action, needsTarget ? getTarget() : undefined);
+            showToast('Success', `${action} executed for ${sid}`, 'success');
+            await doRefresh();
+            setRowBusy(tr, false);
+          }
+        } catch (e) { showToast('Error', 'ERROR: ' + e.message, 'danger'); }
+        btn.disabled = false;
+      };
+    };
+    bind('.act-unlock', 'unlock');
+    bind('.act-start', 'start');
+    bind('.act-stop', 'stop');
+    bind('.act-shutdown', 'shutdown');
+    bind('.act-migrate', 'migrate', true);
+    const statusBtn = tr.querySelector('.act-status');
+    if (statusBtn) {
+      statusBtn.onclick = () => {
+        const row = ensureMigRow(tr, colSpan);
+        setMigRowVisible(row, row.classList.contains('d-none'));
+      };
+    }
+  });
+}
+
+
+
+async function pollTask(upid, node, onUpdate, onDone) {
+  let lastSt = null;
+  if (!upid || !node) return;
+  const started = Date.now();
+  const maxMs = 5 * 60 * 1000;
+  const delay = (ms) => new Promise(r => setTimeout(r, ms));
+  while (Date.now() - started < maxMs) {
+    try {
+      const r = await fetch('/api/task-status?upid=' + encodeURIComponent(upid) + '&node=' + encodeURIComponent(node));
+      const d = await r.json();
+      if (d && d.ok) {
+        const st = d.status || {};
+        lastSt = st;
+        if (onUpdate) { try { onUpdate(st); } catch { } }
+        const s = (st.status || '').toLowerCase();
+        if (s === 'stopped' || st.exitstatus) break;
+      }
+    } catch (e) { }
+    await delay(2000);
+  }
+  try { if (onDone) onDone(lastSt); } catch { }
+}
+
+
+function ensureMigRow(mainTr, colSpan) {
+  let nxt = mainTr.nextElementSibling;
+  if (!nxt || !nxt.classList.contains('mig-row')) {
+    nxt = document.createElement('tr');
+    nxt.className = 'mig-row d-none';
+    const td = document.createElement('td');
+    td.colSpan = colSpan;
+    td.innerHTML = '<div class="p-3 border rounded bg-body-tertiary"><div class="fw-semibold mb-1">Migration status</div><pre class="small mb-0 mig-log">—</pre></div>';
+    nxt.appendChild(td);
+    mainTr.parentNode.insertBefore(nxt, mainTr.nextSibling);
+  }
+  return nxt;
+}
+function setMigRowVisible(row, vis) {
+  row.classList.toggle('d-none', !vis);
+}
+
+function setRowBusy(tr, busy) {
+  const nameCell = tr.children[2];
+  if (!nameCell) return;
+  let spin = nameCell.querySelector('.op-spin');
+  if (busy) {
+    if (!spin) {
+      const span = document.createElement('span');
+      span.className = 'op-spin spinner-border spinner-border-sm align-middle ms-2';
+      span.setAttribute('role', 'status');
+      span.setAttribute('aria-hidden', 'true');
+      nameCell.appendChild(span);
+    }
+  } else {
+    if (spin) spin.remove();
+  }
+}
+
+
+function showToast(title, body, variant) {
+  const cont = document.getElementById('toast-container');
+  if (!cont) { console.warn('toast container missing'); return; }
+  const id = 't' + Math.random().toString(36).slice(2);
+  const vcls = {
+    success: 'text-bg-success',
+    info: 'text-bg-info',
+    warning: 'text-bg-warning',
+    danger: 'text-bg-danger',
+    secondary: 'text-bg-secondary'
+  }[variant || 'secondary'];
+  const el = document.createElement('div');
+  el.className = 'toast align-items-center ' + vcls;
+  el.setAttribute('role', 'alert');
+  el.setAttribute('aria-live', 'assertive');
+  el.setAttribute('aria-atomic', 'true');
+  el.innerHTML = `
+    <div class="d-flex">
+      <div class="toast-body">
+        <strong>${title || ''}</strong>${title ? ': ' : ''}${body || ''}
+      </div>
+      <button type="button" class="btn-close btn-close-white me-2 m-auto" data-bs-dismiss="toast" aria-label="Close"></button>
+    </div>`;
+  cont.appendChild(el);
+  const t = new bootstrap.Toast(el, { delay: 5000 });
+  t.show();
+  el.addEventListener('hidden.bs.toast', () => el.remove());
+}
+
+
+async function tailTaskLog(upid, node, preEl, stopSignal) {
+  let start = 0;
+  const delay = (ms) => new Promise(r => setTimeout(r, ms));
+  const append = (txt) => {
+    if (!preEl) return;
+    preEl.textContent = (preEl.textContent ? preEl.textContent + '\n' : '') + txt;
+    trimLogEl(preEl);
+    preEl.scrollTop = preEl.scrollHeight;
+  };
+  while (!stopSignal.done) {
+    try {
+      const r = await fetch('/api/task-log?upid=' + encodeURIComponent(upid) + '&node=' + encodeURIComponent(node) + '&start=' + start);
+      const d = await r.json();
+      if (d && d.ok) {
+        const lines = Array.isArray(d.lines) ? d.lines : [];
+        for (const ln of lines) {
+          if (ln && typeof ln.t === 'string') append(ln.t);
+        }
+        start = d.next_start ?? start;
+      }
+    } catch (e) {
+      // transient errors ignored
+    }
+    await delay(1500);
+  }
+}
+
+
+const LOG_MAX_CHARS = 64 * 1024; // 64KB cap for log panel
+function trimLogEl(preEl) {
+  if (!preEl) return;
+  const txt = preEl.textContent || '';
+  if (txt.length > LOG_MAX_CHARS) {
+    preEl.textContent = txt.slice(-LOG_MAX_CHARS);
+  }
+}

static/styles.css

@@ -69,4 +69,32 @@ footer.site-footer a {
 
 footer.site-footer a:hover {
   text-decoration: underline;
+}
+
+/* Toast container constraints */
+#toast-container .toast {
+  max-width: min(420px, 90vw);
+  word-wrap: break-word;
+}
+
+#toast-container {
+  max-width: 92vw;
+}
+
+
+#toast-container {
+  width: min(480px, 96vw);
+  max-width: min(480px, 96vw);
+}
+
+#toast-container .toast {
+  max-width: 100%;
+  overflow-wrap: anywhere;
+  word-break: break-word;
+  white-space: normal;
+}
+
+.position-fixed.bottom-0.end-0.p-3 {
+  right: max(env(safe-area-inset-right), 1rem);
+  bottom: max(env(safe-area-inset-bottom), 1rem);
 }

templates/index.html

@@ -65,6 +65,9 @@
       <li class="nav-item" role="presentation">
         <button class="nav-link" data-bs-toggle="tab" data-bs-target="#tab-nonha" type="button">VM/CT (non-HA)</button>
       </li>
+      <li class="nav-item" role="presentation">
+        <button class="nav-link" data-bs-toggle="tab" data-bs-target="#tab-admin" type="button">VM Admin</button>
+      </li>
       <li class="nav-item" role="presentation">
         <button class="nav-link" data-bs-toggle="tab" data-bs-target="#tab-nodes" type="button">Nodes</button>
       </li>
@@ -227,6 +230,34 @@
         </div>
       </div>
 
+      <!-- TAB: VM Admin -->
+      <div class="tab-pane fade" id="tab-admin">
+        <div class="card border-0">
+          <div class="card-body table-responsive">
+            <table class="table table-sm table-striped align-middle table-nowrap" id="vm-admin">
+              <thead>
+                <tr>
+                  <th>SID</th>
+                  <th>Type</th>
+                  <th>Name</th>
+                  <th>Node</th>
+                  <th>Status</th>
+                  <th>Actions</th>
+                  <th>Target</th>
+                  <th>Migrate</th>
+                </tr>
+              </thead>
+              <tbody>
+                <tr>
+                  <td colspan="8" class="text-muted">Loading…</td>
+                </tr>
+              </tbody>
+            </table>
+            <div class="small text-muted">Akcje: Unlock (qm), Start/Stop/Shutdown, Offline migrate.</div>
+          </div>
+        </div>
+      </div>
+
       <!-- TAB: Nodes (expandable) -->
       <div class="tab-pane fade" id="tab-nodes">
         <div class="card border-0">
@@ -245,7 +276,7 @@
               </thead>
               <tbody>
                 <tr>
-                  <td colspan="7" class="text-muted">Loading…</td>
+                  <td colspan="8" class="text-muted">Loading…</td>
                 </tr>
               </tbody>
             </table>
@@ -273,6 +304,11 @@
 
   </div>
 
+  <!-- Toasts -->
+  <div aria-live="polite" aria-atomic="true" class="position-fixed bottom-0 end-0 p-3" style="z-index: 1080">
+    <div id="toast-container" class="toast-container"></div>
+  </div>
+
   <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
   <script src="{{ url_for('static', filename='main.js') }}"></script>
 </body>