5
0
mirror of git://git.proxmox.com/git/proxmox-backup.git synced 2024-12-22 13:34:16 +03:00
Commit Graph

118 Commits

Author SHA1 Message Date
Stefan Lendl
405ad7c825 config: remove unnecessary pub in various methods in NetworkConfig
Signed-off-by: Stefan Lendl <s.lendl@proxmox.com>
Tested-by: Lukas Wagner <l.wagner@proxmox.com>
Reviewed-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-by: Folke Gleumes <f.gleumes@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-04-24 21:48:58 +02:00
Stefan Lendl
b276acf7ba config: parse vlan interface from config
Support three types of vlan configurations defined in interfaces,
conforming to the PVE configurations:

iface nic.<vlan-id> inet

iface vlan<vlan-id> inet
	vlan-raw-device <nic>

iface <arbitraty-name> inet
	vlan-id <vlan-id>
	vlan-raw-device <nic>

* Add lexer Token enum variants for vlan-id and vlan-raw-device and parse
  them in parse_iface_attributes.
* Add tests to verify this works in the above scenarios

Signed-off-by: Stefan Lendl <s.lendl@proxmox.com>
Tested-by: Lukas Wagner <l.wagner@proxmox.com>
Reviewed-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-by: Folke Gleumes <f.gleumes@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-04-24 21:48:54 +02:00
Stefan Lendl
5f14a0a2ab config: write vlan network interface
* Add vlan_id and vlan_raw_device fields to the Interface api type
* Write to the network config the vlan specific properties for vlan
  interface type
* Add several tests to verify the functionally

Signed-off-by: Stefan Lendl <s.lendl@proxmox.com>
Tested-by: Lukas Wagner <l.wagner@proxmox.com>
Reviewed-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-by: Folke Gleumes <f.gleumes@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-04-24 21:48:50 +02:00
Stefan Lendl
160948c9c1 tests: simple tests for writing the network config
Simple tests for manual and static configurations.

Signed-off-by: Stefan Lendl <s.lendl@proxmox.com>
Tested-by: Lukas Wagner <l.wagner@proxmox.com>
Reviewed-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-by: Folke Gleumes <f.gleumes@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-04-24 21:48:45 +02:00
Stefan Lendl
274c03e297 tests: move network tests to parser.rs
All current tests in network/mod.rs only test parser functionality and
  should therefore live in the parser module.

Signed-off-by: Stefan Lendl <s.lendl@proxmox.com>
Tested-by: Lukas Wagner <l.wagner@proxmox.com>
Reviewed-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-by: Folke Gleumes <f.gleumes@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-04-24 21:48:41 +02:00
Christoph Heiss
1819989bd0 manager: add subcommand for managing AD realms
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
Reviewed-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-by: Lukas Wagner <l.wagner@proxmox.com>
2024-04-24 21:06:14 +02:00
Christoph Heiss
d07013a46c config: domains: add new "ad" section type for AD realms
Signed-off-by: Christoph Heiss <c.heiss@proxmox.com>
Reviewed-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-by: Lukas Wagner <l.wagner@proxmox.com>
2024-04-24 21:06:14 +02:00
Lukas Wagner
fb0c163789 pbs-config: acl: add /system/notifications as known ACL path
This one will be used for configuring the new notification stack.

Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-by: Gabriel Goller <g.goller@proxmox.com>
Reviewed-by: Gabriel Goller <g.goller@proxmox.com>
Tested-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-04-23 23:14:46 +02:00
Lukas Wagner
34ab74a0c9 pbs-config: add module for loading notification config
Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
Tested-by: Gabriel Goller <g.goller@proxmox.com>
Reviewed-by: Gabriel Goller <g.goller@proxmox.com>
Tested-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2024-04-23 23:14:46 +02:00
Wolfgang Bumiller
b0cd6f0f6d compile fixup for previous commit by using concatcp
restoring the old code does not work since we now don't have the
components as macros anymore, switch to concatcp for it

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-03-20 12:20:55 +01:00
Wolfgang Bumiller
d57de56526 restore CIDR regexes in network parser
Commit 2416aea8d4 accidentally removed this since they looked the
same as the ones we already have in proxmox-schema now. However, we
make use of the *capture groups* here.
Added a comment to the code to avoid this in the future.

Fixes 2416aea8d4 ("pbs-api-types: use const_format and new api-types from proxmox-schema")
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-03-20 12:18:12 +01:00
Dietmar Maurer
2416aea8d4 pbs-api-types: use const_format and new api-types from proxmox-schema
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
2024-03-20 11:09:26 +01:00
Maximiliano Sandoval
4afe221df1 config: Remove unused hex dependency
Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
2024-02-13 10:35:09 +01:00
Maximiliano Sandoval
b0a8752edd use or_default instead of or_insert_with(Default::default)
We need to annotate some cases to allow the compile to infer the types.

Fixes the clippy lint:

```
warning: use of `or_insert_with` to construct default value
   --> src/api2/tape/restore.rs:750:18
    |
750 |                 .or_insert_with(Vec::new);
    |                  ^^^^^^^^^^^^^^^^^^^^^^^^ help: try: `or_default()`
    |
    = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#unwrap_or_default
    = note: `#[warn(clippy::unwrap_or_default)]` on by default
```

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
2024-02-13 10:08:53 +01:00
Maximiliano Sandoval
f1fabbe899 docs: remove redundant explicit link target
Fixes:

```
warning: redundant explicit link target
  --> src/tools/mod.rs:47:42
   |
47 | /// Returns a new instance of [`Client`](proxmox_http::client::Client) configured for PBS usage.
   |                                --------  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ explicit target is redundant
   |                                |
   |                                because label contains path that resolves to same destination
   |
   = note: when a link's destination is not specified,
           the label is used to resolve intra-doc links
   = note: `#[warn(rustdoc::redundant_explicit_links)]` on by default
help: remove explicit link target
   |
47 | /// Returns a new instance of [`Client`] configured for PBS usage.
   |                               ~~~~~~~~~~
```

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
2024-02-13 10:01:51 +01:00
Wolfgang Bumiller
1565ff951e tape: silence some warnings
Nightly rustc now warns about unused private fields in the case of a
non-pub newtype struct, so use an underscore-prefixed dummy field name
to get rid of the warning.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2024-02-01 13:56:28 +01:00
Thomas Lamprecht
82c0194efd pbs-config: clippy fixes
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-05-17 17:43:17 +02:00
Fabian Grünbichler
d5c03df552 fix #4722: allow all netmask values for reverse lookup
the only place this is used (parsing a 'netmask XXX' directive in an interfaces
file) allows any integer as value both when parsing and when validating, so
there is no reason to restrict this to only allow string netmasks >=
8/255.0.0.0 as far as I can tell..

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2023-05-17 11:02:46 +02:00
Lukas Wagner
2b75fbaa33 manager: add commands for managing LDAP realms
Adds commands for managing LDAP realms, including user sync, to
`proxmox-backup-manager`.

Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
2023-02-10 12:46:19 +01:00
Lukas Wagner
3f22f650a9 api: add routes for managing LDAP realms
Note: bind-passwords set via the API  are not stored in `domains.cfg`,
but in a separate `ldap_passwords.json` file located in
`/etc/proxmox-backup/`.
Similar to the already existing `shadow.json`, the file is
stored with 0600 permissions and is owned by root.

Signed-off-by: Lukas Wagner <l.wagner@proxmox.com>
2023-02-10 12:46:19 +01:00
Hannes Laimer
f088fbb1f1 pbs-config: add delete_authid to ACL-tree
... allows the deletion of an authid from the whole tree. Needed
for removing deleted users/tokens.

Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
2023-02-10 12:46:19 +01:00
Wolfgang Bumiller
d842189959 move metrics connection from pbs-config to proxy
it's the only user and pbs-config shouldn't depend on the metric client

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-01-20 10:59:55 +01:00
Wolfgang Bumiller
a2055c38fe fix non-camel-case enums
This should have never been started to begin with...
2023-01-05 11:13:46 +01:00
Wolfgang Bumiller
35869de526 fixup doc string formatting and line-wrap comments
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-12-20 10:35:11 +01:00
Hannes Laimer
3cba7a9bdd pbs-config: add delete_node for ACL-tree
... needed for the deletion of datastore ACL-nodes when the datastore
is removed.

Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
2022-12-20 10:09:08 +01:00
Wolfgang Bumiller
8ebb984fbe move pbs_config::tape_encryption_keys to pbs crate lib
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-12-12 14:26:02 +01:00
Wolfgang Bumiller
1104d2a268 move pbs_config::key_config to pbs-key-config
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-12-12 14:19:52 +01:00
Fabian Grünbichler
781294e4b5 switch regular dependencies to workspace ones
where applicable.

notable changes:
- serde now uses 'derive' feature across the board
- serde removed from pbs-tools (not used)
- openssl bumped to 0.40 (and patched comment removed)
- removed invalid zstd comment

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-12-12 09:07:12 +01:00
Fabian Grünbichler
1fbdf8ef79 switch proxmox dependencies to workspace
besides harmonizing versions, the only global change is that the tokio-io
feature of pxar is now implied since its default anyway, instead of being
spelled out.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-12-12 09:05:27 +01:00
Fabian Grünbichler
cb33ed9ca5 workspace: inherit metadata
pbs-buildcfg is the only one that needs to inherit the version as well, since
it stores it in the compiled crate.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-12-12 09:05:27 +01:00
Wolfgang Bumiller
d9f1ca9a46 tree-wide: bump edition to 2021
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-12-06 13:31:01 +01:00
Fabian Grünbichler
16f6766a68 clippy 1.65 fixes
and rustfmt

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-12-05 11:40:02 +01:00
Wolfgang Bumiller
5c7ff2afd2 bump sys dep to 0.4.1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-10-19 14:26:00 +02:00
Wolfgang Bumiller
61dd5af5aa config: drop deprecated Fd usage
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-10-19 13:45:53 +02:00
Fabian Grünbichler
f3cfeb20a1 update proxmox-router to 1.3.0
no real change for PBS usage - the ApiHandler enum is marked
non_exhaustive now because it has extra values if the new (enabled by
default) "server" feature is enabled.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-09-07 14:17:12 +02:00
Fabian Grünbichler
180585a273 pbs-config: add missing proxmox-sys/timer feature
else building pbs-config directly (not from the workspace root with `-p
pbs-config`) fails (and so do similar dep chains that don't pull in the
feature via another way, like `cd proxmox-backup-client; cargo build`).

Reported-by: Dominiki Csapak <d.csapak@proxmox.com>

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-09-05 12:18:00 +02:00
Wolfgang Bumiller
5574114a2a more stable clippy fixups
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-08-17 09:22:32 +02:00
Wolfgang Bumiller
135aaee2d9 bump proxmox-sys dep to 0.4
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-28 13:47:37 +02:00
Wolfgang Bumiller
4597eedf13 config: clippy fixes
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-07-27 15:22:09 +02:00
Fabian Grünbichler
3be9106f1c clippy fixes
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-07-25 16:03:34 +02:00
Wolfgang Bumiller
04dffc3ad7 bump proxmox-sys dep to 0.3.1
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-06-29 09:45:11 +02:00
Wolfgang Bumiller
a3593c890e bump proxmox-router dep to 1.2.4
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-06-21 10:43:19 +02:00
Dominik Csapak
9f30a31e53 pbs-config: add metrics config class
a section config like in pve

also adds a helper to get Metrics structs for all configured servers

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2022-06-13 10:01:05 +02:00
Stefan Sterz
3a8d54e81f config: remove duplicate privilege lookup in cached_user_info
`lookup_privs` just uses `lookup_privs_details` but ignores the
propagated privileges it returns. thus, the lookup here is redundant
as it is immediately followed by a call to `lookup_privs_details` with
the same parameters.

Signed-off-by: Stefan Sterz <s.sterz@proxmox.com>
2022-06-10 11:30:40 +02:00
Thomas Lamprecht
b4bda79ac5 config: acl get child paths: make tests more specific
to avoid that extra paths "sneak" in in some regression

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-06-08 14:04:36 +02:00
Thomas Lamprecht
2d7ec3578b config: re-enable efficient mixed acl path/slice support
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-06-08 14:01:53 +02:00
Fabian Grünbichler
d8ec2a25ba acl: fix any_priv_below when used with API tokens
The previous implementation had one issue with not handling API
tokens correctly.

In general, AclTree(Node) operates on the role level, not the priv
level - the latter is handled by cached_user_info.rs

Accordingly, the ACL tree helpers now return a list of paths where *any*
role is defined for the given AuthId, and any_priv_below then maps those
paths to privs via the regular helpers for priv lookup/checking. this
approach should also be robust if groups and group ACLs are ever
introduced.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-06-08 13:38:02 +02:00
Fabian Grünbichler
663165d662 acl: rename get_node to get_node_mut
get_node will be re-introduced with the next patch, which requires a
non-mut accessor.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2022-06-08 11:26:36 +02:00
Thomas Lamprecht
74cad4a8bd tree wide: typo fixes through codespell
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-06-07 14:08:09 +02:00
Thomas Lamprecht
a40ffb92ac code formatting fixups
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-06-05 10:38:33 +02:00