docs: Update for new features/functionality

Update GUI section and GUI instructions to reflect current layout and features List OpenID connect in possible realms (user management) Link Access Control section when referring to it (user management) Include Tape roles in access control section Minor formatting changes Signed-off-by: Dylan Whyte <d.whyte@proxmox.com>
2021-10-11 13:11:44 +02:00 · 2021-10-11 13:11:44 +02:00 · 60589e6066
parent 717ce40612
commit 60589e6066
3 changed files with 57 additions and 26 deletions
--- a/docs/gui.rst
+++ b/docs/gui.rst
@ -49,12 +49,13 @@ GUI Overview
 The Proxmox Backup Server web interface consists of 3 main sections:
-* **Header**: At the top. This shows version information, and contains buttons to view
+* **Header**: At the top. This shows version information and contains buttons to
-  documentation, monitor running tasks, set the language and logout.
+  view documentation, monitor running tasks, set the language, configure various
-* **Sidebar**: On the left. This contains the configuration options for
+  display settings, and logout.
 * **Sidebar**: On the left. This contains the administration options for
  the server.
-* **Configuration Panel**: In the center. This contains the control interface for the
+* **Configuration Panel**: In the center. This contains the respective control
-  configuration options in the *Sidebar*.
+  interfaces for the administration options in the *Sidebar*.
 Sidebar
@ -75,12 +76,14 @@ previous and currently running tasks, and subscription information.
 Configuration
 ^^^^^^^^^^^^^
-The Configuration section contains some system configuration options, such as
+The Configuration section contains some system options, such as time, network,
-time and network configuration. It also contains the following subsections:
+WebAuthn, and HTTP proxy configuration. It also contains the following
 subsections:
 * **Access Control**: Add and manage users, API tokens, and the permissions
  associated with these items
 * **Remotes**: Add, edit and remove remotes (see :term:`Remote`)
 * **Certificates**: Manage ACME accounts and create SSL certificates.
 * **Subscription**: Upload a subscription key, view subscription status and
  access a text-based system report.
@ -99,6 +102,7 @@ tasks and information. These are:
  resource usage statistics
 * **Services**: Manage and monitor system services
 * **Updates**: An interface for upgrading packages
 * **Repositories**: An interface for configuring APT repositories
 * **Syslog**: View log messages from the server
 * **Tasks**: Task history with multiple filter options
@ -120,11 +124,20 @@ Tape Backup
  :align: right
  :alt: Tape Backup: Tape changer overview
-The `Tape Backup`_ section contains a top panel, managing tape media sets,
+The `Tape Backup`_ section contains a top panel, with options for managing tape
-inventories, drives, changers and the tape backup jobs itself.
+media sets, inventories, drives, changers, encryption keys, and the tape backup
 jobs itself. The tabs are as follows:
-It also contains a subsection per standalone drive and per changer, with a
+* **Content**: Information on the contents of the tape backup
-status and management view for those devices.
+* **Inventory**: Manage the tapes attached to the system
 * **Changers**: Manage tape loading devices
 * **Drives**: Manage drives used for reading and writing to tapes
 * **Media Pools**: Manage logical pools of tapes
 * **Encryption Keys**: Manage tape backup encryption keys
 * **Backup Jobs**: Manage tape backup jobs
 The section also contains a subsection per standalone drive and per changer,
 with a status and management view for those devices.
 Datastore
 ^^^^^^^^^
@ -145,5 +158,7 @@ can use the top panel to view:
  collection <client_garbage-collection>` operations, and run garbage collection
  manually
 * **Sync Jobs**: Create, manage and run :ref:`syncjobs` from remote servers
-* **Verify Jobs**: Create, manage and run :ref:`maintenance_verification` jobs on the
+* **Verify Jobs**: Create, manage and run :ref:`maintenance_verification` jobs
-  datastore
+  on the datastore
 * **Options**: Configure notification and verification settings
 * **Permissions**: Manage permissions on the datastore
--- a/docs/storage.rst
+++ b/docs/storage.rst
@ -15,7 +15,7 @@ accessed using the ``disk`` subcommand. This subcommand allows you to initialize
 disks, create various filesystems, and get information about the disks.
 To view the disks connected to the system, navigate to **Administration ->
-Disks** in the web interface or use the ``list`` subcommand of
+Storage/Disks** in the web interface or use the ``list`` subcommand of
 ``disk``:
 .. code-block:: console
@ -42,9 +42,9 @@ To initialize a disk with a new GPT, use the ``initialize`` subcommand:
  :alt: Create a directory
 You can create an ``ext4`` or ``xfs`` filesystem on a disk using ``fs
-create``, or by navigating to **Administration -> Disks -> Directory** in the
+create``, or by navigating to **Administration -> Storage/Disks -> Directory**
-web interface and creating one from there. The following command creates an
+in the web interface and creating one from there. The following command creates
-``ext4`` filesystem and passes the ``--add-datastore`` parameter, in order to
+an ``ext4`` filesystem and passes the ``--add-datastore`` parameter, in order to
 automatically create a datastore on the disk (in this case ``sdd``). This will
 create a datastore at the location ``/mnt/datastore/store1``:
@ -57,7 +57,7 @@ create a datastore at the location ``/mnt/datastore/store1``:
  :alt: Create ZFS
 You can also create a ``zpool`` with various raid levels from **Administration
-> Disks -> Zpool** in the web interface, or by using ``zpool create``. The command
+-> Storage/Disks -> ZFS** in the web interface, or by using ``zpool create``. The command
 below creates a mirrored ``zpool`` using two disks (``sdb`` & ``sdc``) and
 mounts it under ``/mnt/datastore/zpool1``:
--- a/docs/user-management.rst
+++ b/docs/user-management.rst
@ -21,11 +21,13 @@ choose the realm when you add a new user. Possible realms are:
 :pbs: Proxmox Backup Server realm. This type stores hashed passwords in
      ``/etc/proxmox-backup/shadow.json``.
-After installation, there is a single user ``root@pam``, which
+:openid: OpenID Connect server. Users can authenticate against an external
-corresponds to the Unix superuser. User configuration information is stored in the file
+         OpenID Connect server.
-``/etc/proxmox-backup/user.cfg``. You can use the
+
-``proxmox-backup-manager`` command line tool to list or manipulate
+After installation, there is a single user, ``root@pam``, which corresponds to
-users:
+the Unix superuser. User configuration information is stored in the file
 ``/etc/proxmox-backup/user.cfg``. You can use the ``proxmox-backup-manager``
 command line tool to list or manipulate users:
 .. code-block:: console
@ -71,7 +73,7 @@ The resulting user list looks like this:
  │ root@pam │      1 │        │           │          │                  │ Superuser        │
  └──────────┴────────┴────────┴───────────┴──────────┴──────────────────┴──────────────────┘
-Newly created users do not have any permissions. Please read the Access Control
+Newly created users do not have any permissions. Please read the :ref:`user_acl`
 section to learn how to set access permissions.
 You can disable a user account by setting ``--enable`` to ``0``:
@ -193,6 +195,18 @@ following roles exist:
 **RemoteSyncOperator**
  Is allowed to read data from a remote.
 **TapeAudit**
  Can view tape related configuration and status
 **TapeAdministrat**
  Can do anything related to tape backup
 **TapeOperator**
  Can do tape backup and restore (but no configuration changes)
 **TapeReader**
  Can read and inspect tape configuration and media content
 .. image:: images/screenshots/pbs-gui-user-management-add-user.png
  :align: right
  :alt: Add permissions for user
@ -370,7 +384,8 @@ For WebAuthn to work, you need to have two things:
  setups.
 Once you have fulfilled both of these requirements, you can add a WebAuthn
-configuration in the *Access Control* panel.
+configuration in the **Two Factor Authentication** tab of the **Access Control**
 panel.
 .. _user_tfa_setup_recovery_keys:
@ -382,7 +397,8 @@ Recovery Keys
  :alt: Add a new user
 Recovery key codes do not need any preparation; you can simply create a set of
-recovery keys in the *Access Control* panel.
+recovery keys in the **Two Factor Authentication** tab of the **Access Control**
 panel.
 .. note:: There can only be one set of single-use recovery keys per user at any
 time.