tape: add encrypt property to media pool configuration

This commit is contained in:
Dietmar Maurer 2021-01-18 08:16:44 +01:00
parent 619554af2b
commit 1e93fbb5c1
3 changed files with 44 additions and 3 deletions

View File

@ -16,6 +16,7 @@ use crate::{
MEDIA_SET_NAMING_TEMPLATE_SCHEMA, MEDIA_SET_NAMING_TEMPLATE_SCHEMA,
MEDIA_SET_ALLOCATION_POLICY_SCHEMA, MEDIA_SET_ALLOCATION_POLICY_SCHEMA,
MEDIA_RETENTION_POLICY_SCHEMA, MEDIA_RETENTION_POLICY_SCHEMA,
TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA,
MediaPoolConfig, MediaPoolConfig,
}, },
config::{ config::{
@ -47,6 +48,10 @@ use crate::{
schema: MEDIA_SET_NAMING_TEMPLATE_SCHEMA, schema: MEDIA_SET_NAMING_TEMPLATE_SCHEMA,
optional: true, optional: true,
}, },
encrypt: {
schema: TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA,
optional: true,
},
}, },
}, },
)] )]
@ -57,6 +62,7 @@ pub fn create_pool(
allocation: Option<String>, allocation: Option<String>,
retention: Option<String>, retention: Option<String>,
template: Option<String>, template: Option<String>,
encrypt: Option<String>,
) -> Result<(), Error> { ) -> Result<(), Error> {
let _lock = config::media_pool::lock()?; let _lock = config::media_pool::lock()?;
@ -76,6 +82,7 @@ pub fn create_pool(
allocation, allocation,
retention, retention,
template, template,
encrypt,
}; };
config.set_data(&name, "pool", &item)?; config.set_data(&name, "pool", &item)?;
@ -141,6 +148,8 @@ pub enum DeletableProperty {
retention, retention,
/// Delete media set naming template /// Delete media set naming template
template, template,
/// Delete encryption fingerprint
encrypt,
} }
#[api( #[api(
@ -165,6 +174,10 @@ pub enum DeletableProperty {
schema: MEDIA_SET_NAMING_TEMPLATE_SCHEMA, schema: MEDIA_SET_NAMING_TEMPLATE_SCHEMA,
optional: true, optional: true,
}, },
encrypt: {
schema: TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA,
optional: true,
},
delete: { delete: {
description: "List of properties to delete.", description: "List of properties to delete.",
type: Array, type: Array,
@ -183,6 +196,7 @@ pub fn update_pool(
allocation: Option<String>, allocation: Option<String>,
retention: Option<String>, retention: Option<String>,
template: Option<String>, template: Option<String>,
encrypt: Option<String>,
delete: Option<Vec<DeletableProperty>>, delete: Option<Vec<DeletableProperty>>,
) -> Result<(), Error> { ) -> Result<(), Error> {
@ -198,6 +212,7 @@ pub fn update_pool(
DeletableProperty::allocation => { data.allocation = None; }, DeletableProperty::allocation => { data.allocation = None; },
DeletableProperty::retention => { data.retention = None; }, DeletableProperty::retention => { data.retention = None; },
DeletableProperty::template => { data.template = None; }, DeletableProperty::template => { data.template = None; },
DeletableProperty::encrypt => { data.encrypt = None; },
} }
} }
} }
@ -206,6 +221,7 @@ pub fn update_pool(
if allocation.is_some() { data.allocation = allocation; } if allocation.is_some() { data.allocation = allocation; }
if retention.is_some() { data.retention = retention; } if retention.is_some() { data.retention = retention; }
if template.is_some() { data.template = template; } if template.is_some() { data.template = template; }
if encrypt.is_some() { data.encrypt = encrypt; }
config.set_data(&name, "pool", &data)?; config.set_data(&name, "pool", &data)?;

View File

@ -24,6 +24,7 @@ use crate::{
DRIVE_NAME_SCHEMA, DRIVE_NAME_SCHEMA,
PROXMOX_SAFE_ID_FORMAT, PROXMOX_SAFE_ID_FORMAT,
SINGLE_LINE_COMMENT_FORMAT, SINGLE_LINE_COMMENT_FORMAT,
TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA,
}, },
}; };
@ -130,7 +131,11 @@ impl std::str::FromStr for RetentionPolicy {
schema: MEDIA_SET_NAMING_TEMPLATE_SCHEMA, schema: MEDIA_SET_NAMING_TEMPLATE_SCHEMA,
optional: true, optional: true,
}, },
} encrypt: {
schema: TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA,
optional: true,
},
},
)] )]
#[derive(Serialize,Deserialize)] #[derive(Serialize,Deserialize)]
/// Media pool configuration /// Media pool configuration
@ -151,4 +156,9 @@ pub struct MediaPoolConfig {
/// format specifications. /// format specifications.
#[serde(skip_serializing_if="Option::is_none")] #[serde(skip_serializing_if="Option::is_none")]
pub template: Option<String>, pub template: Option<String>,
/// Encryption key fingerprint
///
/// If set, encrypt all data using the specified key.
#[serde(skip_serializing_if="Option::is_none")]
pub encrypt: Option<String>,
} }

View File

@ -20,10 +20,13 @@ use proxmox_backup::{
config::{ config::{
drive::{ drive::{
complete_drive_name, complete_drive_name,
}, },
media_pool::{ media_pool::{
complete_pool_name, complete_pool_name,
}, },
tape_encryption_keys:: {
complete_key_fingerprint,
},
}, },
}; };
@ -48,6 +51,7 @@ pub fn pool_commands() -> CommandLineInterface {
.arg_param(&["name"]) .arg_param(&["name"])
.completion_cb("name", complete_pool_name) .completion_cb("name", complete_pool_name)
.completion_cb("drive", complete_drive_name) .completion_cb("drive", complete_drive_name)
.completion_cb("encrypt", complete_key_fingerprint)
) )
.insert( .insert(
"update", "update",
@ -55,6 +59,7 @@ pub fn pool_commands() -> CommandLineInterface {
.arg_param(&["name"]) .arg_param(&["name"])
.completion_cb("name", complete_pool_name) .completion_cb("name", complete_pool_name)
.completion_cb("drive", complete_drive_name) .completion_cb("drive", complete_drive_name)
.completion_cb("encrypt", complete_key_fingerprint)
) )
; ;
@ -84,12 +89,21 @@ fn list_pools(
_ => unreachable!(), _ => unreachable!(),
}; };
let render_encryption = |value: &Value, _record: &Value| -> Result<String, Error> {
if value.as_str().is_some() {
Ok(String::from("yes"))
} else {
Ok(String::from("no"))
}
};
let options = default_table_format_options() let options = default_table_format_options()
.column(ColumnConfig::new("name")) .column(ColumnConfig::new("name"))
.column(ColumnConfig::new("drive")) .column(ColumnConfig::new("drive"))
.column(ColumnConfig::new("allocation")) .column(ColumnConfig::new("allocation"))
.column(ColumnConfig::new("retention")) .column(ColumnConfig::new("retention"))
.column(ColumnConfig::new("template")) .column(ColumnConfig::new("template"))
.column(ColumnConfig::new("encrypt").renderer(render_encryption))
; ;
format_and_print_result_full(&mut data, &info.returns, &output_format, &options); format_and_print_result_full(&mut data, &info.returns, &output_format, &options);
@ -129,6 +143,7 @@ fn get_config(
.column(ColumnConfig::new("allocation")) .column(ColumnConfig::new("allocation"))
.column(ColumnConfig::new("retention")) .column(ColumnConfig::new("retention"))
.column(ColumnConfig::new("template")) .column(ColumnConfig::new("template"))
.column(ColumnConfig::new("encrypt"))
; ;
format_and_print_result_full(&mut data, &info.returns, &output_format, &options); format_and_print_result_full(&mut data, &info.returns, &output_format, &options);