47ea98e0e3
clippy: collapse/rework nested ifs
...
no semantic changes (intended).
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-20 16:22:59 +01:00
69b8bc3bfa
tape: implemenmt show key
...
Moved API types Kdf and KeyInfo to src/api2/types/mod.rs.
2021-01-20 15:43:19 +01:00
301b8aa0a5
tape: implement change-passphrase for tape encryption keys
2021-01-20 15:43:19 +01:00
e5b6c93323
tape: add --kdf parameter to create key api
2021-01-20 15:43:19 +01:00
9a045790ed
cleanup KeyConfig
2021-01-20 15:43:19 +01:00
82a103c8f9
add "password hint" to KeyConfig
2021-01-20 15:43:19 +01:00
feb1645f37
tape: generate random encryptions keys and store key_config on media
2021-01-19 11:20:07 +01:00
ad5cee1d22
tfa: add 'created' timestamp to entries
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-18 14:06:12 +01:00
8a0046f519
tape: implement encrypted backup - simple version
...
This is just a proof of concept, only storing the encryption key fingerprint
inside the media-set label.
2021-01-18 13:38:22 +01:00
1e93fbb5c1
tape: add encrypt property to media pool configuration
2021-01-18 13:38:22 +01:00
d5a48b5ce4
tape: add hardware encryption key managenent api
2021-01-18 13:38:22 +01:00
a670b99db1
tfa: add webauthn configuration API entry points
...
Currently there's not yet a node config and the WA config is
somewhat "tightly coupled" to the user entries in that
changing it can lock them all out, so for now I opted for
fewer reorganization and just use a digest of the
canonicalized config here, and keep it all in the tfa.json
file.
Experimentally using the flatten feature on the methods with
an`Updater` struct similar to what the api macro is supposed
to be able to derive on its own in the future.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-15 15:19:52 +01:00
6bbe49aa14
access: restrict password changes on @pam realm to superuser
...
for behavior consistency with `update_user`
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2021-01-15 08:49:22 +01:00
5aa1019010
access: limit editing pam credentials to superuser
...
modifying @pam users credentials should be only possible for root@pam,
otherwise it can have unintended consequences.
also enforce the same limit on user creation (except self_service check,
since it makes no sense during user creation)
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
2021-01-15 08:49:22 +01:00
89e9134a3f
hyper: use new hyper::upgrade
...
the old Body::on_upgrade method is no more
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-14 16:01:33 +01:00
7c66701366
tokio 1.0: use ReceiverStream from tokio-stream
...
to wrap a Receiver in a Stream. this will likely move back into tokio
proper once we have a std Stream..
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-14 16:01:33 +01:00
585e90c0de
tokio: adapt to 1.0 process:Child changes
...
Child itself is no longer a Future, but it has a new wait() async fn
that does the same thing
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2021-01-14 16:01:33 +01:00
781da7f6f0
tape: add --inventorize flag to read-label API/CLI
2021-01-14 11:51:23 +01:00
8446fbca85
tape: rename changer_id to label_text
2021-01-13 13:26:59 +01:00
0bce2118e7
tape: improve docu
2021-01-12 16:37:23 +01:00
6543214dde
tape: MediaListEntry - add ctime
2021-01-12 12:01:21 +01:00
5654d8ceba
tape: make eject/export more reliable, improve logging
2021-01-12 09:16:16 +01:00
31cf625af5
tape: improve backup logs
2021-01-11 13:23:12 +01:00
ad0ed40a59
api: return "invalid" as CSRF token for partial tickets
...
So that old clients don't `unwrap` a `None` value.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-11 10:23:13 +01:00
7ad33e8052
tfa: use UNAUTHORIZED http status in password check
...
to trigger our 3s delay in the rest handler
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-11 10:23:13 +01:00
f22dfb5ece
tfa: remove tfa user when a user is deleted
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-11 10:23:10 +01:00
4bda51688b
tfa: improve user existence check
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-11 10:23:03 +01:00
eab25e2f33
tfa: allow deletion of entries of non-existent users
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-11 10:23:03 +01:00
759af9f00c
tfa api: return types and 'pub' structs/methods
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-11 10:23:03 +01:00
f58e5132aa
tfa: entry access/iteration cleanup
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-11 10:23:03 +01:00
d831846706
tfa: r#type parameter name
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-11 10:23:03 +01:00
1fc9ac0433
tfa: _entry api method name suffix consistency
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-11 10:23:03 +01:00
027ef213aa
api: tfa management and login
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2021-01-11 10:22:32 +01:00
6638c034d2
tape: remove unused eject_on_unload method
2021-01-10 16:20:18 +01:00
483da89d03
tape: improve export media to directly export from drive, add CLI
2021-01-10 13:44:44 +01:00
edb90f6afa
tape: backup - implement export-media-set option
2021-01-10 11:59:55 +01:00
6fe16039b9
tape: simplify media changer implementation - new struct MtxMediaChanger
2021-01-10 10:02:01 +01:00
42967bf185
tape: backup - implement --eject-media option
2021-01-09 15:17:03 +01:00
7273ba3de2
tape: change default media set naming template to "%c"
2021-01-09 10:51:51 +01:00
0bf1c314da
tape: show catalog status in media list
2021-01-09 10:24:48 +01:00
df69a4fc59
tape: implement drive clean
2021-01-08 11:32:56 +01:00
46a1863f88
tape: improve MediaChange trait
...
We expose the whole MtxStatus, and we can load/store from/to
specified slot numbers.
2021-01-07 14:26:43 +01:00
d5035c5600
tape: mtx_status - consider new export-slots property
2021-01-06 11:53:33 +01:00
38ae42b11a
tape: changer - add export-slot config
2021-01-06 11:06:50 +01:00
b40ab10d38
tape: add volume_mounts and medium_passes to LinuxDriveAndMediaStatus
2021-01-05 13:43:17 +01:00
470f1c798a
tape: status - show thape alert flags
2021-01-04 13:15:30 +01:00
cfae8f0656
tape: merge MediaStateDatabase into Inventory
2021-01-01 16:15:13 +01:00
54f4ecd46a
tape: implement MediaPool flag to consider offline media
...
For standalone tape drives.
2021-01-01 10:03:59 +01:00
b9b4b31284
tape: add basic restore api/command
2020-12-31 10:26:48 +01:00
08ac90f920
api: allow tokens to list users
...
their owner, or all if they have the appropriate privileges.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2020-12-31 08:29:49 +01:00
13f5863561
api: improve error messages for restricted endpoints
...
the old variant attempted to parse a tokenid as userid and returned the
cryptic parsing error to the client, which is rather confusing.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2020-12-31 08:29:09 +01:00
cb022525ff
tape: only log to stdout in CLI environment
2020-12-30 19:01:39 +01:00
284eb5daff
tape: cleanup/simplify media_change code
2020-12-30 17:16:57 +01:00
ff58c51919
tape: improve media request/load
2020-12-30 13:09:28 +01:00
12299b333b
tape: set minimal media label length to 2
2020-12-30 10:15:02 +01:00
b017bbc441
tape: add restore code, implement catalog api/command
2020-12-30 09:48:18 +01:00
250c29edd2
tape: correctly sort media api entries
2020-12-29 12:09:51 +01:00
a33389c391
tape: implement media content list api
2020-12-29 11:58:26 +01:00
3460565414
tape: create the MediaCatalog when we label a tape
2020-12-29 10:55:20 +01:00
afb0220642
tape: cleanup LinuxDriveStatus - make density optional
2020-12-29 09:10:30 +01:00
0993923ed5
tape: factor out get_drive_and_media_status
2020-12-29 08:39:06 +01:00
e0362b0d0f
tape: correctly parse mtx import/export slots
2020-12-28 13:32:56 +01:00
eb8feb1281
tape: add LTO1 to TapeDensity
2020-12-26 10:48:32 +01:00
5ae86dfaa1
tape: return media usage info with status command
2020-12-23 11:24:34 +01:00
dbe7e556b0
tape: implement binding for libsgutils2
...
So that we can read cartridge memory without calling "sg_raw". In future,
we may need further low level command to control the tape..
2020-12-23 09:44:53 +01:00
cb80d900b3
tape: add drive status api
2020-12-22 10:42:22 +01:00
ee01737e87
tape: rename 'mam' api to 'cartridge-memory'
2020-12-22 09:27:34 +01:00
b2362a1207
adaptions for proxmox 0.9 and proxmox-api-macro 0.3
...
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2020-12-22 07:31:05 +01:00
1e20f819d5
tape: add command to read cartridge memory (MAM)
...
Thsi add an additional dependency to sg3-utils (small).
2020-12-21 12:12:33 +01:00
8835664653
tape: add tape backup api
2020-12-18 15:32:12 +01:00
2afdc7f27d
tape: MediaPool::with_config() - remove name parameter
...
Not required, because config already contains the pool name.
2020-12-18 08:14:24 +01:00
fe6c19383b
tape: remove MediaLabelInfo, use MediaId instead
...
The additional content_uuid was quite useless...
2020-12-16 13:31:32 +01:00
c1c2c8f635
tape: cleanup MediaLocation type for direct use with API
2020-12-16 10:49:01 +01:00
a78348acbb
tape: rename DriveLabel to MediaLabel
2020-12-14 17:37:16 +01:00
fb657d8ee5
tape: implement destroy_media
2020-12-14 08:58:40 +01:00
fba0b77469
tape: add media api
2020-12-14 07:55:57 +01:00
065df12872
tape: split api type definitions for changers into extra file
2020-12-13 09:31:02 +01:00
7e1d4712b8
tape: rename CHANGER_ID_SCHEMA to CHANGER_NAME_SCHEMA
2020-12-13 09:22:08 +01:00
49c965a497
tape: rename DRIVE_ID_SCHEMA to DRIVE_NAME_SCHEMA
2020-12-13 09:18:16 +01:00
42cb9bd6a5
tape: avoid executor blocking in changer api
2020-12-12 09:45:08 +01:00
66dbe5639e
tape: avoid executor blocking in drive API
...
By using tokio::task::spawn_blocking().
2020-12-12 09:20:04 +01:00
663ef85992
tape: use WorkerTask for erase and rewind
2020-12-11 11:19:33 +01:00
e92c75815b
tape: split inventory api
...
inventory: sync, list labels with uuids,
update_inventory: WorkerTask, updates database
2020-12-11 10:42:29 +01:00
6dbad5b4b5
tape: run label commands as WorkerTask (threads)
2020-12-11 09:10:22 +01:00
bff7e3f3e4
tape: implement barcode-label-mdedia
2020-12-11 07:50:19 +01:00
83abc7497d
tape: implement inventory command
2020-12-11 07:39:28 +01:00
be1a8c94ae
fix build: add missing file
2020-12-10 13:40:20 +01:00
4606f34353
tape: implement read-label command
2020-12-10 13:20:39 +01:00
7bb720cb4d
tape: implement label command
2020-12-10 12:30:27 +01:00
9700d5374a
tape: add media pool cli
2020-12-10 11:13:12 +01:00
05e90d6463
tape: add media pool config api
2020-12-10 10:52:27 +01:00
55118ca18e
tape: correctly sort drive api subdir
2020-12-10 10:09:12 +01:00
f70d8091d3
tape: implement option changer-drive-id
2020-12-10 09:09:06 +01:00
a3c709ef21
tape: cli cleanup - avoid api redefinition
2020-12-10 08:35:11 +01:00
4917f1e2d4
tape: implement delete property for drive update command
2020-12-10 08:25:46 +01:00
93829fc680
tape: cleanup load-slot api
2020-12-10 08:04:55 +01:00
e49f0c03d9
tape: implement load-media command
2020-12-10 07:52:56 +01:00
0098b712a5
tape: implement eject
2020-12-09 17:50:48 +01:00
5fb694e8c0
tape: implement rewind
2020-12-09 17:43:38 +01:00
583a68a446
tape: implement erase media
2020-12-09 17:35:31 +01:00
Fabian Grünbichler
Dietmar Maurer
Wolfgang Bumiller
Oguz Bektas