[pve-container.git] / src / PVE / API2 / LXC / Config.pm

package PVE::API2::LXC::Config;

use strict;
use warnings;

use PVE::SafeSyslog;
use PVE::Tools qw(extract_param run_command);
use PVE::Exception qw(raise raise_param_exc);
use PVE::INotify;
use PVE::Cluster qw(cfs_read_file);
use PVE::AccessControl;
use PVE::Firewall;
use PVE::Storage;
use PVE::RESTHandler;
use PVE::RPCEnvironment;
use PVE::LXC;
use PVE::LXC::Create;
use PVE::JSONSchema qw(get_standard_option);
use base qw(PVE::RESTHandler);

use Data::Dumper; # fixme: remove

__PACKAGE__->register_method({
    name => 'vm_config',
    path => '',
    method => 'GET',
    proxyto => 'node',
    description => "Get container configuration.",
    permissions => {
	check => ['perm', '/vms/{vmid}', [ 'VM.Audit' ]],
    },
    parameters => {
    	additionalProperties => 0,
	properties => {
	    node => get_standard_option('pve-node'),
	    vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
	},
    },
    returns => {
	type => "object",
	properties => {
	    digest => {
		type => 'string',
		description => 'SHA1 digest of configuration file. This can be used to prevent concurrent modifications.',
	    }
	},
    },
    code => sub {
	my ($param) = @_;

	my $conf = PVE::LXC::Config->load_config($param->{vmid});

	delete $conf->{snapshots};

	return $conf;
    }});

my $vm_config_perm_list = [
	    'VM.Config.Disk',
	    'VM.Config.CPU',
	    'VM.Config.Memory',
	    'VM.Config.Network',
	    'VM.Config.Options',
    ];

__PACKAGE__->register_method({
    name => 'update_vm',
    path => '',
    method => 'PUT',
    protected => 1,
    proxyto => 'node',
    description => "Set container options.",
    permissions => {
	check => ['perm', '/vms/{vmid}', $vm_config_perm_list, any => 1],
	description => 'non-volume mount points in rootfs and mp[n] are restricted to root@pam',
    },
    parameters => {
    	additionalProperties => 0,
	properties => PVE::LXC::Config->json_config_properties(
	    {
		node => get_standard_option('pve-node'),
		vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
		delete => {
		    type => 'string', format => 'pve-configid-list',
		    description => "A list of settings you want to delete.",
		    optional => 1,
		},
		digest => {
		    type => 'string',
		    description => 'Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.',
		    maxLength => 40,
		    optional => 1,
		}
	    }),
    },
    returns => { type => 'null'},
    code => sub {
	my ($param) = @_;

	my $rpcenv = PVE::RPCEnvironment::get();

	my $authuser = $rpcenv->get_user();

	my $node = extract_param($param, 'node');

	my $vmid = extract_param($param, 'vmid');

	my $digest = extract_param($param, 'digest');

	die "no options specified\n" if !scalar(keys %$param);

	my $delete_str = extract_param($param, 'delete');
	my @delete = PVE::Tools::split_list($delete_str);

	PVE::LXC::check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, {}, [@delete]);

	foreach my $opt (@delete) {
	    raise_param_exc({ delete => "you can't use '-$opt' and " .
				  "-delete $opt' at the same time" })
		if defined($param->{$opt});

	    if (!PVE::LXC::Config->option_exists($opt)) {
		raise_param_exc({ delete => "unknown option '$opt'" });
	    }
	}

	PVE::LXC::check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, $param, []);

	my $storage_cfg = cfs_read_file("storage.cfg");

	my $code = sub {

	    my $conf = PVE::LXC::Config->load_config($vmid);
	    PVE::LXC::Config->check_lock($conf);

	    PVE::Tools::assert_if_modified($digest, $conf->{digest});

	    my $running = PVE::LXC::check_running($vmid);

	    PVE::LXC::Config->update_pct_config($vmid, $conf, $running, $param, \@delete);

	    PVE::LXC::Config->write_config($vmid, $conf);
	    PVE::LXC::update_lxc_config($vmid, $conf);
	};

	PVE::LXC::Config->lock_config($vmid, $code);

	return undef;
    }});

1;
Commit	Line	Data
52389a07 DM	1	package PVE::API2::LXC::Config;
	2
	3	use strict;
	4	use warnings;
	5
	6	use PVE::SafeSyslog;
	7	use PVE::Tools qw(extract_param run_command);
	8	use PVE::Exception qw(raise raise_param_exc);
	9	use PVE::INotify;
	10	use PVE::Cluster qw(cfs_read_file);
	11	use PVE::AccessControl;
	12	use PVE::Firewall;
	13	use PVE::Storage;
	14	use PVE::RESTHandler;
	15	use PVE::RPCEnvironment;
	16	use PVE::LXC;
	17	use PVE::LXC::Create;
52389a07 DM	18	use PVE::JSONSchema qw(get_standard_option);
	19	use base qw(PVE::RESTHandler);
	20
	21	use Data::Dumper; # fixme: remove
	22
	23	__PACKAGE__->register_method({
	24	name => 'vm_config',
	25	path => '',
	26	method => 'GET',
	27	proxyto => 'node',
	28	description => "Get container configuration.",
	29	permissions => {
	30	check => ['perm', '/vms/{vmid}', [ 'VM.Audit' ]],
	31	},
	32	parameters => {
	33	additionalProperties => 0,
	34	properties => {
	35	node => get_standard_option('pve-node'),
68e8f3c5	36	vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
52389a07 DM	37	},
	38	},
	39	returns => {
	40	type => "object",
	41	properties => {
	42	digest => {
	43	type => 'string',
	44	description => 'SHA1 digest of configuration file. This can be used to prevent concurrent modifications.',
	45	}
	46	},
	47	},
	48	code => sub {
	49	my ($param) = @_;
	50
67afe46e	51	my $conf = PVE::LXC::Config->load_config($param->{vmid});
52389a07 DM	52
52389a07 DM	53	delete $conf->{snapshots};
52389a07 DM	54
	55	return $conf;
	56	}});
	57
	58	my $vm_config_perm_list = [
	59	'VM.Config.Disk',
	60	'VM.Config.CPU',
	61	'VM.Config.Memory',
	62	'VM.Config.Network',
	63	'VM.Config.Options',
	64	];
	65
	66	__PACKAGE__->register_method({
	67	name => 'update_vm',
	68	path => '',
	69	method => 'PUT',
	70	protected => 1,
	71	proxyto => 'node',
	72	description => "Set container options.",
	73	permissions => {
	74	check => ['perm', '/vms/{vmid}', $vm_config_perm_list, any => 1],
9d294016	75	description => 'non-volume mount points in rootfs and mp[n] are restricted to root@pam',
52389a07 DM	76	},
	77	parameters => {
	78	additionalProperties => 0,
1b4cf758	79	properties => PVE::LXC::Config->json_config_properties(
52389a07 DM	80	{
52389a07 DM	81	node => get_standard_option('pve-node'),
68e8f3c5	82	vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
52389a07 DM	83	delete => {
	84	type => 'string', format => 'pve-configid-list',
	85	description => "A list of settings you want to delete.",
	86	optional => 1,
	87	},
	88	digest => {
	89	type => 'string',
	90	description => 'Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.',
	91	maxLength => 40,
	92	optional => 1,
	93	}
	94	}),
	95	},
	96	returns => { type => 'null'},
	97	code => sub {
	98	my ($param) = @_;
	99
	100	my $rpcenv = PVE::RPCEnvironment::get();
	101
	102	my $authuser = $rpcenv->get_user();
	103
	104	my $node = extract_param($param, 'node');
	105
	106	my $vmid = extract_param($param, 'vmid');
	107
	108	my $digest = extract_param($param, 'digest');
	109
	110	die "no options specified\n" if !scalar(keys %$param);
	111
	112	my $delete_str = extract_param($param, 'delete');
	113	my @delete = PVE::Tools::split_list($delete_str);
	114
f1ba1a4b	115	PVE::LXC::check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, {}, [@delete]);
52389a07 DM	116
	117	foreach my $opt (@delete) {
	118	raise_param_exc({ delete => "you can't use '-$opt' and " .
	119	"-delete $opt' at the same time" })
	120	if defined($param->{$opt});
	121
1b4cf758	122	if (!PVE::LXC::Config->option_exists($opt)) {
52389a07 DM	123	raise_param_exc({ delete => "unknown option '$opt'" });
	124	}
	125	}
	126
f1ba1a4b	127	PVE::LXC::check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, $param, []);
52389a07 DM	128
	129	my $storage_cfg = cfs_read_file("storage.cfg");
	130
	131	my $code = sub {
	132
67afe46e FG	133	my $conf = PVE::LXC::Config->load_config($vmid);
67afe46e FG	134	PVE::LXC::Config->check_lock($conf);
52389a07 DM	135
	136	PVE::Tools::assert_if_modified($digest, $conf->{digest});
	137
	138	my $running = PVE::LXC::check_running($vmid);
	139
1b4cf758	140	PVE::LXC::Config->update_pct_config($vmid, $conf, $running, $param, \@delete);
52389a07	141
67afe46e	142	PVE::LXC::Config->write_config($vmid, $conf);
f91f3669	143	PVE::LXC::update_lxc_config($vmid, $conf);
52389a07 DM	144	};
52389a07 DM	145
67afe46e	146	PVE::LXC::Config->lock_config($vmid, $code);
52389a07 DM	147
	148	return undef;
	149	}});
	150
	151	1;