b22d785c18
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
484 lines
15 KiB
Rust
484 lines
15 KiB
Rust
//! Basic API types used by most of the PBS code.
|
|
|
|
use serde::{Deserialize, Serialize};
|
|
|
|
pub mod common_regex;
|
|
pub mod percent_encoding;
|
|
|
|
use proxmox_schema::{
|
|
api, const_regex, ApiStringFormat, ApiType, ArraySchema, ReturnType, Schema, StringSchema,
|
|
};
|
|
use proxmox_time::parse_daily_duration;
|
|
|
|
#[rustfmt::skip]
|
|
#[macro_export]
|
|
macro_rules! PROXMOX_SAFE_ID_REGEX_STR { () => { r"(?:[A-Za-z0-9_][A-Za-z0-9._\-]*)" }; }
|
|
|
|
#[rustfmt::skip]
|
|
#[macro_export]
|
|
macro_rules! BACKUP_ID_RE { () => (r"[A-Za-z0-9_][A-Za-z0-9._\-]*") }
|
|
|
|
#[rustfmt::skip]
|
|
#[macro_export]
|
|
macro_rules! BACKUP_TYPE_RE { () => (r"(?:host|vm|ct)") }
|
|
|
|
#[rustfmt::skip]
|
|
#[macro_export]
|
|
macro_rules! BACKUP_TIME_RE { () => (r"[0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}Z") }
|
|
|
|
#[rustfmt::skip]
|
|
#[macro_export]
|
|
macro_rules! SNAPSHOT_PATH_REGEX_STR {
|
|
() => (
|
|
concat!(r"(", BACKUP_TYPE_RE!(), ")/(", BACKUP_ID_RE!(), ")/(", BACKUP_TIME_RE!(), r")")
|
|
);
|
|
}
|
|
|
|
mod acl;
|
|
pub use acl::*;
|
|
|
|
mod datastore;
|
|
pub use datastore::*;
|
|
|
|
mod human_byte;
|
|
pub use human_byte::HumanByte;
|
|
|
|
mod jobs;
|
|
pub use jobs::*;
|
|
|
|
mod key_derivation;
|
|
pub use key_derivation::{Kdf, KeyInfo};
|
|
|
|
mod network;
|
|
pub use network::*;
|
|
|
|
#[macro_use]
|
|
mod userid;
|
|
pub use userid::Authid;
|
|
pub use userid::Userid;
|
|
pub use userid::{Realm, RealmRef};
|
|
pub use userid::{Tokenname, TokennameRef};
|
|
pub use userid::{Username, UsernameRef};
|
|
pub use userid::{PROXMOX_GROUP_ID_SCHEMA, PROXMOX_TOKEN_ID_SCHEMA, PROXMOX_TOKEN_NAME_SCHEMA};
|
|
|
|
#[macro_use]
|
|
mod user;
|
|
pub use user::*;
|
|
|
|
pub use proxmox_schema::upid::*;
|
|
|
|
mod crypto;
|
|
pub use crypto::{bytes_as_fingerprint, CryptMode, Fingerprint};
|
|
|
|
pub mod file_restore;
|
|
|
|
mod openid;
|
|
pub use openid::*;
|
|
|
|
mod remote;
|
|
pub use remote::*;
|
|
|
|
mod tape;
|
|
pub use tape::*;
|
|
|
|
mod traffic_control;
|
|
pub use traffic_control::*;
|
|
|
|
mod zfs;
|
|
pub use zfs::*;
|
|
|
|
#[rustfmt::skip]
|
|
#[macro_use]
|
|
mod local_macros {
|
|
macro_rules! DNS_LABEL { () => (r"(?:[a-zA-Z0-9](?:[a-zA-Z0-9\-]*[a-zA-Z0-9])?)") }
|
|
macro_rules! DNS_NAME { () => (concat!(r"(?:(?:", DNS_LABEL!() , r"\.)*", DNS_LABEL!(), ")")) }
|
|
macro_rules! CIDR_V4_REGEX_STR { () => (concat!(r"(?:", IPV4RE!(), r"/\d{1,2})$")) }
|
|
macro_rules! CIDR_V6_REGEX_STR { () => (concat!(r"(?:", IPV6RE!(), r"/\d{1,3})$")) }
|
|
macro_rules! DNS_ALIAS_LABEL { () => (r"(?:[a-zA-Z0-9_](?:[a-zA-Z0-9\-]*[a-zA-Z0-9])?)") }
|
|
macro_rules! DNS_ALIAS_NAME {
|
|
() => (concat!(r"(?:(?:", DNS_ALIAS_LABEL!() , r"\.)*", DNS_ALIAS_LABEL!(), ")"))
|
|
}
|
|
}
|
|
|
|
const_regex! {
|
|
pub IP_V4_REGEX = concat!(r"^", IPV4RE!(), r"$");
|
|
pub IP_V6_REGEX = concat!(r"^", IPV6RE!(), r"$");
|
|
pub IP_REGEX = concat!(r"^", IPRE!(), r"$");
|
|
pub CIDR_V4_REGEX = concat!(r"^", CIDR_V4_REGEX_STR!(), r"$");
|
|
pub CIDR_V6_REGEX = concat!(r"^", CIDR_V6_REGEX_STR!(), r"$");
|
|
pub CIDR_REGEX = concat!(r"^(?:", CIDR_V4_REGEX_STR!(), "|", CIDR_V6_REGEX_STR!(), r")$");
|
|
pub HOSTNAME_REGEX = r"^(?:[a-zA-Z0-9](?:[a-zA-Z0-9\-]*[a-zA-Z0-9])?)$";
|
|
pub DNS_NAME_REGEX = concat!(r"^", DNS_NAME!(), r"$");
|
|
pub DNS_ALIAS_REGEX = concat!(r"^", DNS_ALIAS_NAME!(), r"$");
|
|
pub DNS_NAME_OR_IP_REGEX = concat!(r"^(?:", DNS_NAME!(), "|", IPRE!(), r")$");
|
|
|
|
pub SHA256_HEX_REGEX = r"^[a-f0-9]{64}$"; // fixme: define in common_regex ?
|
|
|
|
pub PASSWORD_REGEX = r"^[[:^cntrl:]]*$"; // everything but control characters
|
|
|
|
pub UUID_REGEX = r"^[0-9a-f]{8}(?:-[0-9a-f]{4}){3}-[0-9a-f]{12}$";
|
|
|
|
pub SYSTEMD_DATETIME_REGEX = r"^\d{4}-\d{2}-\d{2}( \d{2}:\d{2}(:\d{2})?)?$"; // fixme: define in common_regex ?
|
|
|
|
pub FINGERPRINT_SHA256_REGEX = r"^(?:[0-9a-fA-F][0-9a-fA-F])(?::[0-9a-fA-F][0-9a-fA-F]){31}$";
|
|
|
|
// just a rough check - dummy acceptor is used before persisting
|
|
pub OPENSSL_CIPHERS_REGEX = r"^[0-9A-Za-z_:, +!\-@=.]+$";
|
|
|
|
/// Regex for safe identifiers.
|
|
///
|
|
/// This
|
|
/// [article](https://dwheeler.com/essays/fixing-unix-linux-filenames.html)
|
|
/// contains further information why it is reasonable to restict
|
|
/// names this way. This is not only useful for filenames, but for
|
|
/// any identifier command line tools work with.
|
|
pub PROXMOX_SAFE_ID_REGEX = concat!(r"^", PROXMOX_SAFE_ID_REGEX_STR!(), r"$");
|
|
|
|
pub SINGLE_LINE_COMMENT_REGEX = r"^[[:^cntrl:]]*$";
|
|
|
|
pub MULTI_LINE_COMMENT_REGEX = r"(?m)^([[:^cntrl:]]*)$";
|
|
|
|
pub BACKUP_REPO_URL_REGEX = concat!(
|
|
r"^^(?:(?:(",
|
|
USER_ID_REGEX_STR!(), "|", APITOKEN_ID_REGEX_STR!(),
|
|
")@)?(",
|
|
DNS_NAME!(), "|", IPRE_BRACKET!(),
|
|
"):)?(?:([0-9]{1,5}):)?(", PROXMOX_SAFE_ID_REGEX_STR!(), r")$"
|
|
);
|
|
|
|
pub BLOCKDEVICE_NAME_REGEX = r"^(:?(:?h|s|x?v)d[a-z]+)|(:?nvme\d+n\d+)$";
|
|
pub SUBSCRIPTION_KEY_REGEX = concat!(r"^pbs(?:[cbsp])-[0-9a-f]{10}$");
|
|
}
|
|
|
|
pub const IP_V4_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&IP_V4_REGEX);
|
|
pub const IP_V6_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&IP_V6_REGEX);
|
|
pub const IP_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&IP_REGEX);
|
|
pub const CIDR_V4_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&CIDR_V4_REGEX);
|
|
pub const CIDR_V6_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&CIDR_V6_REGEX);
|
|
pub const CIDR_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&CIDR_REGEX);
|
|
pub const PVE_CONFIG_DIGEST_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&SHA256_HEX_REGEX);
|
|
pub const PASSWORD_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&PASSWORD_REGEX);
|
|
pub const UUID_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&UUID_REGEX);
|
|
pub const BLOCKDEVICE_NAME_FORMAT: ApiStringFormat =
|
|
ApiStringFormat::Pattern(&BLOCKDEVICE_NAME_REGEX);
|
|
pub const SUBSCRIPTION_KEY_FORMAT: ApiStringFormat =
|
|
ApiStringFormat::Pattern(&SUBSCRIPTION_KEY_REGEX);
|
|
pub const SYSTEMD_DATETIME_FORMAT: ApiStringFormat =
|
|
ApiStringFormat::Pattern(&SYSTEMD_DATETIME_REGEX);
|
|
pub const HOSTNAME_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&HOSTNAME_REGEX);
|
|
pub const OPENSSL_CIPHERS_TLS_FORMAT: ApiStringFormat =
|
|
ApiStringFormat::Pattern(&OPENSSL_CIPHERS_REGEX);
|
|
|
|
pub const DNS_ALIAS_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&DNS_ALIAS_REGEX);
|
|
|
|
pub const DAILY_DURATION_FORMAT: ApiStringFormat =
|
|
ApiStringFormat::VerifyFn(|s| parse_daily_duration(s).map(drop));
|
|
|
|
pub const SEARCH_DOMAIN_SCHEMA: Schema =
|
|
StringSchema::new("Search domain for host-name lookup.").schema();
|
|
|
|
pub const FIRST_DNS_SERVER_SCHEMA: Schema = StringSchema::new("First name server IP address.")
|
|
.format(&IP_FORMAT)
|
|
.schema();
|
|
|
|
pub const SECOND_DNS_SERVER_SCHEMA: Schema = StringSchema::new("Second name server IP address.")
|
|
.format(&IP_FORMAT)
|
|
.schema();
|
|
|
|
pub const THIRD_DNS_SERVER_SCHEMA: Schema = StringSchema::new("Third name server IP address.")
|
|
.format(&IP_FORMAT)
|
|
.schema();
|
|
|
|
pub const HOSTNAME_SCHEMA: Schema = StringSchema::new("Hostname (as defined in RFC1123).")
|
|
.format(&HOSTNAME_FORMAT)
|
|
.schema();
|
|
|
|
pub const OPENSSL_CIPHERS_TLS_1_2_SCHEMA: Schema =
|
|
StringSchema::new("OpenSSL cipher list used by the proxy for TLS <= 1.2")
|
|
.format(&OPENSSL_CIPHERS_TLS_FORMAT)
|
|
.schema();
|
|
|
|
pub const OPENSSL_CIPHERS_TLS_1_3_SCHEMA: Schema =
|
|
StringSchema::new("OpenSSL ciphersuites list used by the proxy for TLS 1.3")
|
|
.format(&OPENSSL_CIPHERS_TLS_FORMAT)
|
|
.schema();
|
|
|
|
pub const DNS_NAME_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&DNS_NAME_REGEX);
|
|
|
|
pub const DNS_NAME_OR_IP_FORMAT: ApiStringFormat = ApiStringFormat::Pattern(&DNS_NAME_OR_IP_REGEX);
|
|
|
|
pub const DNS_NAME_OR_IP_SCHEMA: Schema = StringSchema::new("DNS name or IP address.")
|
|
.format(&DNS_NAME_OR_IP_FORMAT)
|
|
.schema();
|
|
|
|
pub const NODE_SCHEMA: Schema = StringSchema::new("Node name (or 'localhost')")
|
|
.format(&HOSTNAME_FORMAT)
|
|
.schema();
|
|
|
|
pub const TIME_ZONE_SCHEMA: Schema = StringSchema::new(
|
|
"Time zone. The file '/usr/share/zoneinfo/zone.tab' contains the list of valid names.",
|
|
)
|
|
.format(&SINGLE_LINE_COMMENT_FORMAT)
|
|
.min_length(2)
|
|
.max_length(64)
|
|
.schema();
|
|
|
|
pub const BLOCKDEVICE_NAME_SCHEMA: Schema =
|
|
StringSchema::new("Block device name (/sys/block/<name>).")
|
|
.format(&BLOCKDEVICE_NAME_FORMAT)
|
|
.min_length(3)
|
|
.max_length(64)
|
|
.schema();
|
|
|
|
pub const DISK_ARRAY_SCHEMA: Schema =
|
|
ArraySchema::new("Disk name list.", &BLOCKDEVICE_NAME_SCHEMA).schema();
|
|
|
|
pub const DISK_LIST_SCHEMA: Schema = StringSchema::new("A list of disk names, comma separated.")
|
|
.format(&ApiStringFormat::PropertyString(&DISK_ARRAY_SCHEMA))
|
|
.schema();
|
|
|
|
pub const PASSWORD_SCHEMA: Schema = StringSchema::new("Password.")
|
|
.format(&PASSWORD_FORMAT)
|
|
.min_length(1)
|
|
.max_length(1024)
|
|
.schema();
|
|
|
|
pub const PBS_PASSWORD_SCHEMA: Schema = StringSchema::new("User Password.")
|
|
.format(&PASSWORD_FORMAT)
|
|
.min_length(5)
|
|
.max_length(64)
|
|
.schema();
|
|
|
|
pub const REALM_ID_SCHEMA: Schema = StringSchema::new("Realm name.")
|
|
.format(&PROXMOX_SAFE_ID_FORMAT)
|
|
.min_length(2)
|
|
.max_length(32)
|
|
.schema();
|
|
|
|
pub const FINGERPRINT_SHA256_FORMAT: ApiStringFormat =
|
|
ApiStringFormat::Pattern(&FINGERPRINT_SHA256_REGEX);
|
|
|
|
pub const CERT_FINGERPRINT_SHA256_SCHEMA: Schema =
|
|
StringSchema::new("X509 certificate fingerprint (sha256).")
|
|
.format(&FINGERPRINT_SHA256_FORMAT)
|
|
.schema();
|
|
|
|
pub const PROXMOX_SAFE_ID_FORMAT: ApiStringFormat =
|
|
ApiStringFormat::Pattern(&PROXMOX_SAFE_ID_REGEX);
|
|
|
|
pub const SINGLE_LINE_COMMENT_FORMAT: ApiStringFormat =
|
|
ApiStringFormat::Pattern(&SINGLE_LINE_COMMENT_REGEX);
|
|
|
|
pub const SINGLE_LINE_COMMENT_SCHEMA: Schema = StringSchema::new("Comment (single line).")
|
|
.format(&SINGLE_LINE_COMMENT_FORMAT)
|
|
.schema();
|
|
|
|
pub const MULTI_LINE_COMMENT_FORMAT: ApiStringFormat =
|
|
ApiStringFormat::Pattern(&MULTI_LINE_COMMENT_REGEX);
|
|
|
|
pub const MULTI_LINE_COMMENT_SCHEMA: Schema = StringSchema::new("Comment (multiple lines).")
|
|
.format(&MULTI_LINE_COMMENT_FORMAT)
|
|
.schema();
|
|
|
|
pub const SUBSCRIPTION_KEY_SCHEMA: Schema =
|
|
StringSchema::new("Proxmox Backup Server subscription key.")
|
|
.format(&SUBSCRIPTION_KEY_FORMAT)
|
|
.min_length(15)
|
|
.max_length(16)
|
|
.schema();
|
|
|
|
pub const SERVICE_ID_SCHEMA: Schema = StringSchema::new("Service ID.").max_length(256).schema();
|
|
|
|
pub const PROXMOX_CONFIG_DIGEST_SCHEMA: Schema = StringSchema::new(
|
|
"Prevent changes if current configuration file has different \
|
|
SHA256 digest. This can be used to prevent concurrent \
|
|
modifications.",
|
|
)
|
|
.format(&PVE_CONFIG_DIGEST_FORMAT)
|
|
.schema();
|
|
|
|
/// API schema format definition for repository URLs
|
|
pub const BACKUP_REPO_URL: ApiStringFormat = ApiStringFormat::Pattern(&BACKUP_REPO_URL_REGEX);
|
|
|
|
// Complex type definitions
|
|
|
|
#[api()]
|
|
#[derive(Default, Serialize, Deserialize)]
|
|
/// Storage space usage information.
|
|
pub struct StorageStatus {
|
|
/// Total space (bytes).
|
|
pub total: u64,
|
|
/// Used space (bytes).
|
|
pub used: u64,
|
|
/// Available space (bytes).
|
|
pub avail: u64,
|
|
}
|
|
|
|
pub const PASSWORD_HINT_SCHEMA: Schema = StringSchema::new("Password hint.")
|
|
.format(&SINGLE_LINE_COMMENT_FORMAT)
|
|
.min_length(1)
|
|
.max_length(64)
|
|
.schema();
|
|
|
|
#[api()]
|
|
#[derive(Debug, Clone, Serialize, Deserialize)]
|
|
#[serde(rename_all = "PascalCase")]
|
|
/// Describes a package for which an update is available.
|
|
pub struct APTUpdateInfo {
|
|
/// Package name
|
|
pub package: String,
|
|
/// Package title
|
|
pub title: String,
|
|
/// Package architecture
|
|
pub arch: String,
|
|
/// Human readable package description
|
|
pub description: String,
|
|
/// New version to be updated to
|
|
pub version: String,
|
|
/// Old version currently installed
|
|
pub old_version: String,
|
|
/// Package origin
|
|
pub origin: String,
|
|
/// Package priority in human-readable form
|
|
pub priority: String,
|
|
/// Package section
|
|
pub section: String,
|
|
/// URL under which the package's changelog can be retrieved
|
|
pub change_log_url: String,
|
|
/// Custom extra field for additional package information
|
|
#[serde(skip_serializing_if = "Option::is_none")]
|
|
pub extra_info: Option<String>,
|
|
}
|
|
|
|
#[api()]
|
|
#[derive(Debug, Copy, Clone, PartialEq, Serialize, Deserialize)]
|
|
#[serde(rename_all = "lowercase")]
|
|
/// Node Power command type.
|
|
pub enum NodePowerCommand {
|
|
/// Restart the server
|
|
Reboot,
|
|
/// Shutdown the server
|
|
Shutdown,
|
|
}
|
|
|
|
#[api()]
|
|
#[derive(Eq, PartialEq, Debug, Serialize, Deserialize)]
|
|
#[serde(rename_all = "lowercase")]
|
|
pub enum TaskStateType {
|
|
/// Ok
|
|
OK,
|
|
/// Warning
|
|
Warning,
|
|
/// Error
|
|
Error,
|
|
/// Unknown
|
|
Unknown,
|
|
}
|
|
|
|
#[api(
|
|
properties: {
|
|
upid: { schema: UPID::API_SCHEMA },
|
|
},
|
|
)]
|
|
#[derive(Serialize, Deserialize)]
|
|
/// Task properties.
|
|
pub struct TaskListItem {
|
|
pub upid: String,
|
|
/// The node name where the task is running on.
|
|
pub node: String,
|
|
/// The Unix PID
|
|
pub pid: i64,
|
|
/// The task start time (Epoch)
|
|
pub pstart: u64,
|
|
/// The task start time (Epoch)
|
|
pub starttime: i64,
|
|
/// Worker type (arbitrary ASCII string)
|
|
pub worker_type: String,
|
|
/// Worker ID (arbitrary ASCII string)
|
|
pub worker_id: Option<String>,
|
|
/// The authenticated entity who started the task
|
|
pub user: String,
|
|
/// The task end time (Epoch)
|
|
#[serde(skip_serializing_if = "Option::is_none")]
|
|
pub endtime: Option<i64>,
|
|
/// Task end status
|
|
#[serde(skip_serializing_if = "Option::is_none")]
|
|
pub status: Option<String>,
|
|
}
|
|
|
|
pub const NODE_TASKS_LIST_TASKS_RETURN_TYPE: ReturnType = ReturnType {
|
|
optional: false,
|
|
schema: &ArraySchema::new("A list of tasks.", &TaskListItem::API_SCHEMA).schema(),
|
|
};
|
|
|
|
#[api()]
|
|
#[derive(Copy, Clone, Serialize, Deserialize)]
|
|
#[serde(rename_all = "UPPERCASE")]
|
|
/// RRD consolidation mode
|
|
pub enum RRDMode {
|
|
/// Maximum
|
|
Max,
|
|
/// Average
|
|
Average,
|
|
}
|
|
|
|
#[api()]
|
|
#[derive(Copy, Clone, Serialize, Deserialize)]
|
|
#[serde(rename_all = "lowercase")]
|
|
/// RRD time frame
|
|
pub enum RRDTimeFrame {
|
|
/// Hour
|
|
Hour,
|
|
/// Day
|
|
Day,
|
|
/// Week
|
|
Week,
|
|
/// Month
|
|
Month,
|
|
/// Year
|
|
Year,
|
|
/// Decade (10 years)
|
|
Decade,
|
|
}
|
|
|
|
#[api]
|
|
#[derive(Deserialize, Serialize, PartialEq, Eq)]
|
|
#[serde(rename_all = "lowercase")]
|
|
/// type of the realm
|
|
pub enum RealmType {
|
|
/// The PAM realm
|
|
Pam,
|
|
/// The PBS realm
|
|
Pbs,
|
|
/// An OpenID Connect realm
|
|
OpenId,
|
|
}
|
|
|
|
#[api(
|
|
properties: {
|
|
realm: {
|
|
schema: REALM_ID_SCHEMA,
|
|
},
|
|
"type": {
|
|
type: RealmType,
|
|
},
|
|
comment: {
|
|
optional: true,
|
|
schema: SINGLE_LINE_COMMENT_SCHEMA,
|
|
},
|
|
},
|
|
)]
|
|
#[derive(Deserialize, Serialize)]
|
|
#[serde(rename_all = "kebab-case")]
|
|
/// Basic Information about a realm
|
|
pub struct BasicRealmInfo {
|
|
pub realm: String,
|
|
#[serde(rename = "type")]
|
|
pub ty: RealmType,
|
|
/// True if it is the default realm
|
|
#[serde(skip_serializing_if = "Option::is_none")]
|
|
pub default: Option<bool>,
|
|
#[serde(skip_serializing_if = "Option::is_none")]
|
|
pub comment: Option<String>,
|
|
}
|