Содержание API

REST API AlertWeb

Control plane API для автоматизации панели. За nginx браузер и скрипты ходят на префикс /api; бэкенд видит пути без префикса (/vms, не /api/vms).

Введение

# Базовый URL (через nginx)
export API=https://panel.example.ru/api
export TOKEN=<access_token>
  • Формат: JSON, UTF-8
  • Авторизация: Authorization: Bearer <access_token> (кроме login/health)
  • OpenAPI: GET $API/openapi.yaml на вашей установке
  • Permissions: RBAC — каждый endpoint требует scope (см. роли в панели)

Аутентификация

POST /auth/login

Логин email/password → access + refresh token.

curl -sS -X POST "$API/auth/login" \
  -H 'Content-Type: application/json' \
  -d '{"email":"admin@example.ru","password":"your-password"}'
{
  "access_token": "eyJhbG...",
  "refresh_token": "eyJhbG...",
  "expires_in": 3600
}
POST /auth/refresh
curl -sS -X POST "$API/auth/refresh" \
  -H 'Content-Type: application/json' \
  -d '{"refresh_token":"'"$REFRESH"'"}'
GET /auth/me
curl -sS "$API/auth/me" -H "Authorization: Bearer $TOKEN"
POST /auth/ldap/login

Если LDAP включён в настройках платформы.

Дашборд и аудит

МетодПутьPermission
GET/dashboard/statsvms.read
GET/dashboard/chartsvms.read
GET/auditplatform.audit.read
curl -sS "$API/dashboard/stats" -H "Authorization: Bearer $TOKEN"

Пользователи и RBAC

МетодПуть
GET/POST/users
PATCH/users/{uuid}
GET/POST/DELETE/users/{uuid}/roles
GET/roles
GET/DELETE/sessions, /sessions/{uuid}
curl -sS "$API/users" -H "Authorization: Bearer $TOKEN"
curl -sS -X POST "$API/users" -H "Authorization: Bearer $TOKEN" \
  -H 'Content-Type: application/json' \
  -d '{"email":"ops@example.ru","password":"...","first_name":"Ops","role_ids":[2]}'

Инфраструктура

Локации, кластеры, ноды

МетодПутьЗаметки
GET/POST/locationsГеография
GET/POST/clusters
PATCH/clusters/{id}/migration-settingsconcurrency
PATCH/clusters/{id}/storage-settingsCeph/NAS JSON
POST/clusters/{id}/rebalancebatch migrate
GET/POST/nodesbootstrap_token при создании
PATCH/nodes/{uuid}/statusenable/disable
POST/nodes/{uuid}/drainэвакуация VM
GET/nodes/{uuid}/metricsCPU/RAM/disk
GET/POST/networksфизические сети
# Создать ноду
curl -sS -X POST "$API/nodes" -H "Authorization: Bearer $TOKEN" \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "node-msk-01",
    "cluster_id": 1,
    "address": "10.0.0.11",
    "ssh_port": 22
  }'
# Ответ содержит bootstrap_token для agent.env

Виртуальные машины

МетодПутьЭффект
GET/vmsСписок (+ фильтры query)
POST/vmsjob vm.create
POST/vms/schedule-previewразмещение на ноде
GET/PATCH/DELETE/vms/{uuid}destroy → vm.destroy
POST/vms/{uuid}/actions/start|stop|restart
POST/vms/{uuid}/resizeCPU/RAM
POST/vms/{uuid}/boot-disk/resizeдиск
POST/vms/{uuid}/reinstallпереустановка ОС
POST/vms/{uuid}/cloneполный/linked clone
POST/vms/{uuid}/migratelive migrate
POST/vms/{uuid}/consoleVNC token
POST/vms/batch-actionsstart/stop/destroy…
POST/vms/batch-migrate
GET/POST/vms/{uuid}/snapshots
GET/POST/vms/{uuid}/backups
GET/POST/vms/{uuid}/nicsсетевые интерфейсы
GET/POST/vms/{uuid}/isoподключение ISO
POST/vms/{uuid}/allocate-ipиз IPAM
POST/vms/{uuid}/abort-operationсброс зависшей операции
POST /vms

Создание VM из шаблона (асинхронно, результат в jobs).

curl -sS -X POST "$API/vms" -H "Authorization: Bearer $TOKEN" \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "web-prod-01",
    "cluster_id": 1,
    "template_id": 3,
    "vcpu": 4,
    "ram_mb": 8192,
    "disk_gb": 40,
    "ip_pool_id": 1,
    "root_password": "ChangeMe123!",
    "ssh_public_key": "ssh-ed25519 AAAA..."
  }'
POST /vms/{uuid}/actions/start
curl -sS -X POST "$API/vms/$VM_UUID/actions/start" \
  -H "Authorization: Bearer $TOKEN"
POST /vms/{uuid}/console

WebSocket: GET /api/console/ws?vm={uuid}&token=...

curl -sS -X POST "$API/vms/$VM_UUID/console" \
  -H "Authorization: Bearer $TOKEN"

IPAM

МетодПуть
GET/POST/ipam/pools
GET/PATCH/ipam/pools/{id}
GET/ipam/pools/{id}/stats
GET/ipam/pools/{id}/addresses
PATCH/ipam/pools/{id}/addresses/{address}
curl -sS -X POST "$API/ipam/pools" -H "Authorization: Bearer $TOKEN" \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "public-ipv4",
    "cidr": "203.0.113.0/24",
    "gateway": "203.0.113.1",
    "dns_servers": ["8.8.8.8","1.1.1.1"]
  }'

Шаблоны ОС

МетодПуть
GET/POST/templates
DELETE/templates/{id}
POST/templates/sync-repo
POST/templates/{id}/distribute
GET/templates/ready, /cache-overview

ISO-образы

МетодПуть
GET/POST/iso/repositories
GET/POST/iso/images
POST/iso/uploadmultipart, до GB
POST/iso/upload-urlзагрузка по URL
POST/iso/images/{id}/distribute
curl -sS -X POST "$API/iso/upload" -H "Authorization: Bearer $TOKEN" \
  -F "name=debian-12" -F "os_type=linux" -F "file=@debian.iso"

Фоновые задачи (jobs)

МетодПуть
GET/jobs
GET/jobs/{uuid}
GET/jobs/{uuid}/logs
GET/jobs/{uuid}/steps
POST/jobs/{uuid}/cancel
curl -sS "$API/jobs/$JOB_UUID/logs" -H "Authorization: Bearer $TOKEN"

Миграции

МетодПуть
GET/migrations
GET/migration-queue
GET/migration-batches
GET/unknown-vms
POST/unknown-vms/import

Webhooks

curl -sS -X POST "$API/webhooks" -H "Authorization: Bearer $TOKEN" \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "slack-migrations",
    "url": "https://hooks.example.com/alertweb",
    "events": ["migration.completed", "migration.failed"],
    "secret": "whsec_..."
  }'

Firewall

МетодПуть
GET/POST/firewall/policies
POST/firewall/policies/{uuid}/apply

Marketplace

МетодПуть
GET/POST/marketplace/items
POST/vms/{uuid}/marketplace/install

API-ключи

Ключи вида alertweb_* с ограничением scopes — альтернатива JWT для автоматизации.

curl -sS -X POST "$API/api-keys" -H "Authorization: Bearer $TOKEN" \
  -H 'Content-Type: application/json' \
  -d '{"name":"terraform","scopes":["vms.read","vms.write","nodes.read"]}'
curl -sS "$API/vms" -H "Authorization: Bearer alertweb_xxxx..."

Платформа и лицензия

МетодПуть
GET/PATCH/platform/settings
GET/PATCH/platform/auth/ldap
GET/PATCH/platform/settings/licenseключ, статус
GET/platform/settings/security/nginxгенерация конфига

Ошибки и коды

  • 401 — невалидный или просроченный token
  • 403 — нет permission (RBAC)
  • 404 — объект не найден
  • 409 — конфликт состояния (VM busy, нода drained)
  • 422 — валидация тела запроса
{
  "error": "permission denied",
  "code": "forbidden"
}
Установка панелируководство по установке. Актуальная схема всех полей — OpenAPI на вашем инстансе.