tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
4,351 Commits 2 Branches 54 Tags
b03ec281bf3ca68ee67bb835b0f877f16de72db6
Commit Graph

149 Commits

Author SHA1 Message Date
Dominik Csapak
b03ec281bf api2/config/{drive, changer}: prevent adding same device multiple times 
this check is not perfect since there are often multiple device
nodes per drive/changer, but from the scan api we should return always
the same, so for an api user this should be enough

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2021-01-28 15:03:56 +01:00
Dietmar Maurer
d737adc6be tape: rename changer_drive_id to changer_drivenum 2021-01-28 11:29:59 +01:00
Dominik Csapak
5fdaecf6f4 api2/tape/drive: reorganize drive api 
similar to the changers, create a listing at /tape/drive and put
the specific api calls below that

move the scan api call up one level

remove the status info from the config listing

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2021-01-28 11:15:17 +01:00
Dominik Csapak
d8792b88ef api2/types/tape/drive: add changer_drivenum 
so that an api user can see which drive belongs to which drivenum of a changer
for ones with multiple drives

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2021-01-28 11:14:28 +01:00
Dominik Csapak
740dc9d1d4 api2/tape/changer: reorganize api 
add a changer listing here (copied from api2/config/changer)
and put the status and transfer api calls below that

puts the changer scan into the top level tape api
and removes the (now redundant) info from the config api path

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2021-01-26 12:47:34 +01:00
Dominik Csapak
bbf01b644c tape: fix typos 
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2021-01-26 12:39:54 +01:00
Fabian Grünbichler
367c0ff7c6 clippy: allow api functions with many arguments 
some of those can be reduced/cleaned up when we have updater support in
the api macro.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2021-01-26 09:54:52 +01:00
Fabian Grünbichler
93e3581ce7 derive/impl and use Default for some structs 
and revamp HttpClientOptions with two constructors for the common use
cases

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2021-01-26 09:54:45 +01:00
Dietmar Maurer
645a044bf6 tape: further hierarchy improvements 2021-01-21 17:25:32 +01:00
Dietmar Maurer
37796ff73f tape: change code hierarchy to improve docs 2021-01-21 17:12:01 +01:00
Dietmar Maurer
1c86893d95 cleanup: always compute fingerprint in KeyConfig constructors 2021-01-21 11:56:54 +01:00
Dietmar Maurer
d543587d34 Merge branch 'master' of ssh://proxdev.maurer-it.com/rust/proxmox-backup 2021-01-21 10:56:52 +01:00
Dietmar Maurer
18bd6ba13d tape: restore_key - always update key, even if there is already an entry 2021-01-21 10:31:49 +01:00
Dietmar Maurer
4dafc513cc tape: fix file permissions for tape encryptiuon keys 2021-01-21 10:31:49 +01:00
Fabian Grünbichler
3984a5fd77 clippy: is_some/none/ok/err/empty 
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2021-01-20 16:23:54 +01:00
Fabian Grünbichler
4428818412 clippy: remove unnecessary clones 
and from::<T>(T)

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2021-01-20 16:22:59 +01:00
Dietmar Maurer
69b8bc3bfa tape: implemenmt show key 
Moved API types Kdf and KeyInfo to src/api2/types/mod.rs.
 2021-01-20 15:43:19 +01:00
Dietmar Maurer
301b8aa0a5 tape: implement change-passphrase for tape encryption keys 2021-01-20 15:43:19 +01:00
Dietmar Maurer
e5b6c93323 tape: add --kdf parameter to create key api 2021-01-20 15:43:19 +01:00
Dietmar Maurer
82a103c8f9 add "password hint" to KeyConfig 2021-01-20 15:43:19 +01:00
Dietmar Maurer
feb1645f37 tape: generate random encryptions keys and store key_config on media 2021-01-19 11:20:07 +01:00
Dietmar Maurer
1e93fbb5c1 tape: add encrypt property to media pool configuration 2021-01-18 13:38:22 +01:00
Dietmar Maurer
d5a48b5ce4 tape: add hardware encryption key managenent api 2021-01-18 13:38:22 +01:00
Wolfgang Bumiller
a670b99db1 tfa: add webauthn configuration API entry points 
Currently there's not yet a node config and the WA config is
somewhat "tightly coupled" to the user entries in that
changing it can lock them all out, so for now I opted for
fewer reorganization and just use a digest of the
canonicalized config here, and keep it all in the tfa.json
file.

Experimentally using the flatten feature on the methods with
an`Updater` struct similar to what the api macro is supposed
to be able to derive on its own in the future.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2021-01-15 15:19:52 +01:00
Dietmar Maurer
38ae42b11a tape: changer - add export-slot config 2021-01-06 11:06:50 +01:00
Dietmar Maurer
7e1d4712b8 tape: rename CHANGER_ID_SCHEMA to CHANGER_NAME_SCHEMA 2020-12-13 09:22:08 +01:00
Dietmar Maurer
49c965a497 tape: rename DRIVE_ID_SCHEMA to DRIVE_NAME_SCHEMA 2020-12-13 09:18:16 +01:00
Dietmar Maurer
9700d5374a tape: add media pool cli 2020-12-10 11:13:12 +01:00
Dietmar Maurer
05e90d6463 tape: add media pool config api 2020-12-10 10:52:27 +01:00
Dietmar Maurer
f70d8091d3 tape: implement option changer-drive-id 2020-12-10 09:09:06 +01:00
Dietmar Maurer
4917f1e2d4 tape: implement delete property for drive update command 2020-12-10 08:25:46 +01:00
Dietmar Maurer
43cfb3c35a tape: do not remove changer while still used 2020-12-09 12:55:54 +01:00
Dietmar Maurer
8a16c571d2 tape: add changer property to drive create api 2020-12-09 12:55:10 +01:00
Dietmar Maurer
314652a499 tape: set protected flag for configuration change api methods 2020-12-09 12:02:55 +01:00
Wolfgang Bumiller
9b93c62044 remove unused descriptions from api macros 
these are now a hard error in the api macro

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-12-09 10:55:18 +01:00
Dietmar Maurer
5d90860688 tape: expose basic tape/changer functionality at api2/tape/ 2020-12-08 15:42:50 +01:00
Dietmar Maurer
5ba83ed099 tape: check digest on config update 2020-12-08 11:24:38 +01:00
Dietmar Maurer
50bf10ad56 tape: add changer configuration API 2020-12-08 09:04:56 +01:00
Dietmar Maurer
16d444c979 tape: add tape drive configuration API 2020-12-07 13:04:32 +01:00
Fabian Grünbichler
10052ea644 remote.cfg: rename userid to 'auth-id' 
and fixup config file on upgrades accordingly

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-10 13:25:24 +01:00
Dietmar Maurer
2791318ff1 fix bug #3121: forbid removing used reemotes 2020-11-09 12:48:29 +01:00
Thomas Lamprecht
ad53c1d6dd api: datastore: allow to set "verify-new" option over API 
Until now, one could only set this by editing the configuration file
manually.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-06 17:24:14 +01:00
Fabian Grünbichler
35c80d696f verify: fix unprivileged verification jobs 
since the store is not a path parameter, we need to do manual instead of
schema checks. also dropping Datastore.Backup here

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-06 12:39:06 +01:00
Dietmar Maurer
ad54df3178 get rid of backup@pam 2020-11-06 08:39:30 +01:00
Fabian Grünbichler
e0100d618e api: refactor remote client and add remote scan 
to allow on-demand scanning of remote datastores accessible for the
configured remote user.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-05 12:56:20 +01:00
Dietmar Maurer
c26c9390ff config: make notify a property string 
For example "gc=never,verify=always,sync=error".
 2020-11-05 11:35:14 +01:00
Dietmar Maurer
6e545d0058 config: allow to configure who receives job notify emails 2020-11-04 11:54:29 +01:00
Fabian Grünbichler
aa64e06540 sync: add access check tests 
should cover all the current scenarios. remote server-side checks can't
be meaningfully unit-tested, but they are simple enough so should
hopefully never break.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-02 21:13:24 +01:00
Fabian Grünbichler
59af9ca98e sync: allow sync for non-superusers 
by requiring
- Datastore.Backup permission for target datastore
- Remote.Read permission for source remote/datastore
- Datastore.Prune if vanished snapshots should be removed
- Datastore.Modify if another user should own the freshly synced
snapshots

reading a sync job entry only requires knowing about both the source
remote and the target datastore.

note that this does not affect the Authid used to authenticate with the
remote, which of course also needs permissions to access the source
datastore.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-02 07:10:12 +01:00
Fabian Grünbichler
f1694b062d fix #2864: add owner option to sync 
instead of hard-coding 'backup@pam'. this allows a bit more flexibility
(e.g., syncing to a datastore that can directly be used as restore
source) without overly complicating things.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-02 07:08:05 +01:00