},
"schedule" : {
"default" : "*/15",
- "description" : "Storage replication schedule. The format is a subset of `systemd` calender events.",
+ "description" : "Storage replication schedule. The format is a subset of `systemd` calendar events.",
"format" : "pve-calendar-event",
"maxLength" : 128,
"optional" : 1,
},
"schedule" : {
"default" : "*/15",
- "description" : "Storage replication schedule. The format is a subset of `systemd` calender events.",
+ "description" : "Storage replication schedule. The format is a subset of `systemd` calendar events.",
"format" : "pve-calendar-event",
"maxLength" : 128,
"optional" : 1,
},
{
"children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Return the version of the cluster join API available on this node.",
+ "method" : "GET",
+ "name" : "join_api_version",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "description" : "Cluster Join API version, currently 1",
+ "minimum" : 0,
+ "type" : "integer"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/config/apiversion",
+ "text" : "apiversion"
+ },
{
"children" : [
{
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "apiversion" : {
+ "description" : "The JOIN_API_VERSION of the new node.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
"force" : {
"description" : "Do not throw error if node already exists.",
"optional" : 1,
"typetext" : "<boolean>"
},
"link[n]" : {
- "description" : "Address and priority information of a single corosync link.",
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
"format" : {
"address" : {
"default_key" : 1,
},
"priority" : {
"default" : 0,
- "description" : "The priority for the link when knet is used in 'passive' mode. Lower value means higher priority.",
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
"maximum" : 255,
"minimum" : 0,
"optional" : 1,
"type" : "string",
"typetext" : "[address=]<IP> [,priority=<integer>]"
},
+ "new_node_ip" : {
+ "description" : "IP Address of node to add. Used as fallback if no links are given.",
+ "format" : "ip",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
},
"corosync_conf" : {
"type" : "string"
+ },
+ "warnings" : {
+ "items" : {
+ "type" : "string"
+ },
+ "type" : "array"
}
},
"type" : "object"
"type" : "integer"
},
"ring0_addr" : {
- "description" : "Address and priority information of a single corosync link.",
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
"format" : {
"address" : {
"default_key" : 1,
},
"priority" : {
"default" : 0,
- "description" : "The priority for the link when knet is used in 'passive' mode. Lower value means higher priority.",
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
"maximum" : 255,
"minimum" : 0,
"optional" : 1,
},
"POST" : {
"allowtoken" : 1,
- "description" : "Joins this node into an existing cluster.",
+ "description" : "Joins this node into an existing cluster. If no links are given, default to IP resolved by node's hostname on single link (fallback fails for clusters with multiple links).",
"method" : "POST",
"name" : "join",
"parameters" : {
"typetext" : "<string>"
},
"link[n]" : {
- "default" : "IP resolved by node's hostname",
- "description" : "Address and priority information of a single corosync link.",
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
"format" : {
"address" : {
"default_key" : 1,
},
"priority" : {
"default" : 0,
- "description" : "The priority for the link when knet is used in 'passive' mode. Lower value means higher priority.",
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
"maximum" : 255,
"minimum" : 0,
"optional" : 1,
},
"POST" : {
"allowtoken" : 1,
- "description" : "Generate new cluster configuration.",
+ "description" : "Generate new cluster configuration. If no links given, default to local IP address as link0.",
"method" : "POST",
"name" : "create",
"parameters" : {
"typetext" : "<string>"
},
"link[n]" : {
- "description" : "Address and priority information of a single corosync link.",
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
"format" : {
"address" : {
"default_key" : 1,
},
"priority" : {
"default" : 0,
- "description" : "The priority for the link when knet is used in 'passive' mode. Lower value means higher priority.",
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
"maximum" : 255,
"minimum" : 0,
"optional" : 1,
{
"children" : [
{
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Returns included guests and the backup status of their disks. Optimized to be used in ExtJS tree views.",
+ "method" : "GET",
+ "name" : "get_volume_backup_included",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "description" : "The job ID.",
+ "maxLength" : 50,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "Root node of the tree object. Children represent guests, grandchildren represent volumes of that guest.",
+ "properties" : {
+ "children" : {
+ "items" : {
+ "properties" : {
+ "children" : {
+ "description" : "The volumes of the guest with the information if they will be included in backups.",
+ "items" : {
+ "properties" : {
+ "id" : {
+ "description" : "Configuration key of the volume.",
+ "type" : "string"
+ },
+ "included" : {
+ "description" : "Whether the volume is included in the backup or not.",
+ "type" : "boolean"
+ },
+ "name" : {
+ "description" : "Name of the volume.",
+ "type" : "string"
+ },
+ "reason" : {
+ "description" : "The reason why the volume is included (or excluded).",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "id" : {
+ "description" : "VMID of the guest.",
+ "type" : "integer"
+ },
+ "name" : {
+ "description" : "Name of the guest",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "Type of the guest, VM, CT or unknown for removed but not purged guests.",
+ "enum" : [
+ "qemu",
+ "lxc",
+ "unknown"
+ ],
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/backup/{id}/included_volumes",
+ "text" : "included_volumes"
+ }
+ ],
"info" : {
"DELETE" : {
"allowtoken" : 1,
"0",
"1",
"gzip",
- "lzo"
+ "lzo",
+ "zstd"
],
"optional" : 1,
"type" : "string"
"type" : "string",
"typetext" : "<string>"
},
+ "prune-backups" : {
+ "description" : "Use these retention options instead of those from the storage configuration.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
"quiet" : {
"default" : 0,
"description" : "Be quiet.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
+ },
+ "zstd" : {
+ "default" : 1,
+ "description" : "Zstd threads. N=0 uses half of the available cores, N>0 uses N as thread count.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
}
}
},
[
"Sys.Modify"
]
- ]
+ ],
+ "description" : "The 'tmpdir', 'dumpdir' and 'script' parameters are additionally restricted to the 'root@pam' user."
},
"protected" : 1,
"returns" : {
}
}
},
- "leaf" : 1,
+ "leaf" : 0,
"path" : "/cluster/backup/{id}",
"text" : "{id}"
}
"0",
"1",
"gzip",
- "lzo"
+ "lzo",
+ "zstd"
],
"optional" : 1,
"type" : "string"
"type" : "string",
"typetext" : "<string>"
},
+ "prune-backups" : {
+ "description" : "Use these retention options instead of those from the storage configuration.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
"quiet" : {
"default" : 0,
"description" : "Be quiet.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
+ },
+ "zstd" : {
+ "default" : 1,
+ "description" : "Zstd threads. N=0 uses half of the available cores, N>0 uses N as thread count.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
}
}
},
"path" : "/cluster/backup",
"text" : "backup"
},
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Shows all guests which are not covered by any backup job.",
+ "method" : "GET",
+ "name" : "get_guests_not_in_backup",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "Contains the guest objects.",
+ "items" : {
+ "properties" : {
+ "name" : {
+ "description" : "Name of the guest",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "Type of the guest.",
+ "enum" : [
+ "qemu",
+ "lxc"
+ ],
+ "type" : "string"
+ },
+ "vmid" : {
+ "description" : "VMID of the guest.",
+ "type" : "integer"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/backupinfo/not_backed_up",
+ "text" : "not_backed_up"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Stub, waits for future use.",
+ "method" : "GET",
+ "name" : "get_backupinfo",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "Shows stub message",
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/backupinfo",
+ "text" : "backupinfo"
+ },
{
"children" : [
{
},
{
"children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete ACME plugin configuration.",
+ "method" : "DELETE",
+ "name" : "delete_plugin",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "description" : "Unique identifier for ACME plugin instance.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get ACME plugin configuration.",
+ "method" : "GET",
+ "name" : "get_plugin_config",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "description" : "Unique identifier for ACME plugin instance.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update ACME plugin configuration.",
+ "method" : "PUT",
+ "name" : "update_plugin",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "api" : {
+ "description" : "API plugin name",
+ "enum" : [
+ "acmedns",
+ "acmeproxy",
+ "active24",
+ "ad",
+ "ali",
+ "autodns",
+ "aws",
+ "azure",
+ "cf",
+ "clouddns",
+ "cloudns",
+ "cn",
+ "conoha",
+ "constellix",
+ "cx",
+ "cyon",
+ "da",
+ "ddnss",
+ "desec",
+ "df",
+ "dgon",
+ "dnsimple",
+ "do",
+ "doapi",
+ "domeneshop",
+ "dp",
+ "dpi",
+ "dreamhost",
+ "duckdns",
+ "durabledns",
+ "dyn",
+ "dynu",
+ "dynv6",
+ "easydns",
+ "euserv",
+ "exoscale",
+ "freedns",
+ "gandi_livedns",
+ "gcloud",
+ "gd",
+ "gdnsdk",
+ "he",
+ "hexonet",
+ "hostingde",
+ "infoblox",
+ "internetbs",
+ "inwx",
+ "ispconfig",
+ "jd",
+ "kas",
+ "kinghost",
+ "knot",
+ "leaseweb",
+ "lexicon",
+ "linode",
+ "linode_v4",
+ "loopia",
+ "lua",
+ "maradns",
+ "me",
+ "miab",
+ "misaka",
+ "myapi",
+ "mydevil",
+ "mydnsjp",
+ "namecheap",
+ "namecom",
+ "namesilo",
+ "nederhost",
+ "neodigit",
+ "netcup",
+ "nic",
+ "nsd",
+ "nsone",
+ "nsupdate",
+ "nw",
+ "one",
+ "online",
+ "openprovider",
+ "opnsense",
+ "ovh",
+ "pdns",
+ "pleskxml",
+ "pointhq",
+ "rackspace",
+ "rcode0",
+ "regru",
+ "schlundtech",
+ "selectel",
+ "servercow",
+ "tele3",
+ "ultra",
+ "unoeuro",
+ "variomedia",
+ "vscale",
+ "vultr",
+ "yandex",
+ "zilore",
+ "zone",
+ "zonomi"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "data" : {
+ "description" : "DNS plugin data. (base64 encoded)",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "disable" : {
+ "description" : "Flag to disable the config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "id" : {
+ "description" : "ACME Plugin ID name",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "validation-delay" : {
+ "default" : 30,
+ "description" : "Extra delay in seconds to wait before requesting validation. Allows to cope with a long TTL of DNS records.",
+ "maximum" : 172800,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 172800)"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/acme/plugins/{id}",
+ "text" : "{id}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "ACME plugin index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "type" : {
+ "description" : "Only list ACME plugins of a specific type",
+ "enum" : [
+ "dns",
+ "standalone"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "plugin" : {
+ "description" : "Unique identifier for ACME plugin instance.",
+ "format" : "pve-configid",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{plugin}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Add ACME plugin configuration.",
+ "method" : "POST",
+ "name" : "add_plugin",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "api" : {
+ "description" : "API plugin name",
+ "enum" : [
+ "acmedns",
+ "acmeproxy",
+ "active24",
+ "ad",
+ "ali",
+ "autodns",
+ "aws",
+ "azure",
+ "cf",
+ "clouddns",
+ "cloudns",
+ "cn",
+ "conoha",
+ "constellix",
+ "cx",
+ "cyon",
+ "da",
+ "ddnss",
+ "desec",
+ "df",
+ "dgon",
+ "dnsimple",
+ "do",
+ "doapi",
+ "domeneshop",
+ "dp",
+ "dpi",
+ "dreamhost",
+ "duckdns",
+ "durabledns",
+ "dyn",
+ "dynu",
+ "dynv6",
+ "easydns",
+ "euserv",
+ "exoscale",
+ "freedns",
+ "gandi_livedns",
+ "gcloud",
+ "gd",
+ "gdnsdk",
+ "he",
+ "hexonet",
+ "hostingde",
+ "infoblox",
+ "internetbs",
+ "inwx",
+ "ispconfig",
+ "jd",
+ "kas",
+ "kinghost",
+ "knot",
+ "leaseweb",
+ "lexicon",
+ "linode",
+ "linode_v4",
+ "loopia",
+ "lua",
+ "maradns",
+ "me",
+ "miab",
+ "misaka",
+ "myapi",
+ "mydevil",
+ "mydnsjp",
+ "namecheap",
+ "namecom",
+ "namesilo",
+ "nederhost",
+ "neodigit",
+ "netcup",
+ "nic",
+ "nsd",
+ "nsone",
+ "nsupdate",
+ "nw",
+ "one",
+ "online",
+ "openprovider",
+ "opnsense",
+ "ovh",
+ "pdns",
+ "pleskxml",
+ "pointhq",
+ "rackspace",
+ "rcode0",
+ "regru",
+ "schlundtech",
+ "selectel",
+ "servercow",
+ "tele3",
+ "ultra",
+ "unoeuro",
+ "variomedia",
+ "vscale",
+ "vultr",
+ "yandex",
+ "zilore",
+ "zone",
+ "zonomi"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "data" : {
+ "description" : "DNS plugin data. (base64 encoded)",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "disable" : {
+ "description" : "Flag to disable the config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "id" : {
+ "description" : "ACME Plugin ID name",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "ACME challenge type.",
+ "enum" : [
+ "dns",
+ "standalone"
+ ],
+ "type" : "string"
+ },
+ "validation-delay" : {
+ "default" : 30,
+ "description" : "Extra delay in seconds to wait before requesting validation. Allows to cope with a long TTL of DNS records.",
+ "maximum" : 172800,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 172800)"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/acme/plugins",
+ "text" : "plugins"
+ },
{
"children" : [
{
"leaf" : 1,
"path" : "/cluster/acme/directories",
"text" : "directories"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get schema of ACME challenge types.",
+ "method" : "GET",
+ "name" : "challengeschema",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "Human readable name, falls back to id",
+ "type" : "string"
+ },
+ "schema" : {
+ "type" : "object"
+ },
+ "type" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/acme/challenge-schema",
+ "text" : "challenge-schema"
}
],
"info" : {
"method" : "GET",
"name" : "metadata",
"parameters" : {
- "additionalProperties" : 0
+ "additionalProperties" : 0,
+ "properties" : {
+ "scope" : {
+ "default" : "all",
+ "enum" : [
+ "all",
+ "versions"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
},
"permissions" : {
"check" : [
"path" : "/cluster/ceph",
"text" : "ceph"
},
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete sdn vnet object configuration.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/vnets",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read sdn vnet configuration.",
+ "method" : "GET",
+ "name" : "read",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/vnets/{vnet}",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update sdn vnet object configuration.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "alias" : {
+ "description" : "alias name of the vnet",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ipv4" : {
+ "description" : "Anycast router ipv4 address.",
+ "format" : "CIDRv4",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ipv6" : {
+ "description" : "Anycast router ipv6 address.",
+ "format" : "CIDRv6",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mac" : {
+ "description" : "Anycast router mac address",
+ "format" : "mac-addr",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "tag" : {
+ "description" : "vlan or vxlan id",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "vlanaware" : {
+ "description" : "Allow vm VLANs to pass through this vnet.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zone" : {
+ "description" : "zone id",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/vnets",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/sdn/vnets/{vnet}",
+ "text" : "{vnet}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "SDN vnets index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "description" : "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/vnets/<vnet>'",
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{vnet}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create a new sdn vnet object.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "alias" : {
+ "description" : "alias name of the vnet",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ipv4" : {
+ "description" : "Anycast router ipv4 address.",
+ "format" : "CIDRv4",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ipv6" : {
+ "description" : "Anycast router ipv6 address.",
+ "format" : "CIDRv6",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mac" : {
+ "description" : "Anycast router mac address",
+ "format" : "mac-addr",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "tag" : {
+ "description" : "vlan or vxlan id",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "type" : {
+ "description" : "Type",
+ "enum" : [
+ "vnet"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vlanaware" : {
+ "description" : "Allow vm VLANs to pass through this vnet.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zone" : {
+ "description" : "zone id",
+ "optional" : 0,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/vnets",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/sdn/vnets",
+ "text" : "vnets"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete sdn zone object configuration.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read sdn zone configuration.",
+ "method" : "GET",
+ "name" : "read",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update sdn zone object configuration.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "bridge" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "controller" : {
+ "description" : "Frr router name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dp-id" : {
+ "description" : "Faucet dataplane id",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "mtu" : {
+ "description" : "MTU",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "peers" : {
+ "description" : "peers address list.",
+ "format" : "ip-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "tag" : {
+ "description" : "Service-VLAN Tag",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "vlan-protocol" : {
+ "default" : "802.1q",
+ "enum" : [
+ "802.1q",
+ "802.1ad"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vrf-vxlan" : {
+ "description" : "l3vni.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/sdn/zones/{zone}",
+ "text" : "{zone}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "SDN zones index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "type" : {
+ "description" : "Only list sdn zones of specific type",
+ "enum" : [
+ "evpn",
+ "faucet",
+ "qinq",
+ "simple",
+ "vlan",
+ "vxlan"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/zones/<zone>'",
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "type" : {
+ "type" : "string"
+ },
+ "zone" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{zone}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create a new sdn zone object.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "bridge" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "controller" : {
+ "description" : "Frr router name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dp-id" : {
+ "description" : "Faucet dataplane id",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "mtu" : {
+ "description" : "MTU",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "peers" : {
+ "description" : "peers address list.",
+ "format" : "ip-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "tag" : {
+ "description" : "Service-VLAN Tag",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "type" : {
+ "description" : "Plugin type.",
+ "enum" : [
+ "evpn",
+ "faucet",
+ "qinq",
+ "simple",
+ "vlan",
+ "vxlan"
+ ],
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "vlan-protocol" : {
+ "default" : "802.1q",
+ "enum" : [
+ "802.1q",
+ "802.1ad"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vrf-vxlan" : {
+ "description" : "l3vni.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/sdn/zones",
+ "text" : "zones"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete sdn controller object configuration.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "controller" : {
+ "description" : "The SDN controller object identifier.",
+ "format" : "pve-sdn-controller-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/controllers",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read sdn controller configuration.",
+ "method" : "GET",
+ "name" : "read",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "controller" : {
+ "description" : "The SDN controller object identifier.",
+ "format" : "pve-sdn-controller-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/controllers/{controller}",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update sdn controller object configuration.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "asn" : {
+ "description" : "autonomous system number",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "controller" : {
+ "description" : "The SDN controller object identifier.",
+ "format" : "pve-sdn-controller-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "gateway-external-peers" : {
+ "description" : "upstream bgp peers address list.",
+ "format" : "ip-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "gateway-nodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "peers" : {
+ "description" : "peers address list.",
+ "format" : "ip-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/controllers",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/sdn/controllers/{controller}",
+ "text" : "{controller}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "SDN controllers index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "type" : {
+ "description" : "Only list sdn controllers of specific type",
+ "enum" : [
+ "evpn",
+ "faucet"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/controllers/<controller>'",
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "controller" : {
+ "type" : "string"
+ },
+ "type" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{controller}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create a new sdn controller object.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "asn" : {
+ "description" : "autonomous system number",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "controller" : {
+ "description" : "The SDN controller object identifier.",
+ "format" : "pve-sdn-controller-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "gateway-external-peers" : {
+ "description" : "upstream bgp peers address list.",
+ "format" : "ip-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "gateway-nodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "peers" : {
+ "description" : "peers address list.",
+ "format" : "ip-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "Plugin type.",
+ "enum" : [
+ "evpn",
+ "faucet"
+ ],
+ "format" : "pve-configid",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/controllers",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/sdn/controllers",
+ "text" : "controllers"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Directory index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "SDN.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "id" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{id}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Apply sdn controller changes && reload.",
+ "method" : "PUT",
+ "name" : "reload",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/sdn",
+ "text" : "sdn"
+ },
{
"info" : {
"GET" : {
"command" : {
"description" : "The command as a list of program + arguments",
"format" : "string-alist",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "input-data" : {
+ "description" : "Data to pass as 'input-data' to the guest. Usually treated as STDIN to 'command'.",
+ "maxLength" : 65536,
+ "optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
},
"cpu" : {
"description" : "Emulated CPU type.",
- "format" : {
- "cputype" : {
- "default" : "kvm64",
- "default_key" : 1,
- "description" : "Emulated CPU type.",
- "enum" : [
- "486",
- "athlon",
- "Broadwell",
- "Broadwell-IBRS",
- "Broadwell-noTSX",
- "Broadwell-noTSX-IBRS",
- "Cascadelake-Server",
- "Conroe",
- "core2duo",
- "coreduo",
- "EPYC",
- "EPYC-IBPB",
- "Haswell",
- "Haswell-IBRS",
- "Haswell-noTSX",
- "Haswell-noTSX-IBRS",
- "host",
- "IvyBridge",
- "IvyBridge-IBRS",
- "KnightsMill",
- "kvm32",
- "kvm64",
- "max",
- "Nehalem",
- "Nehalem-IBRS",
- "Opteron_G1",
- "Opteron_G2",
- "Opteron_G3",
- "Opteron_G4",
- "Opteron_G5",
- "Penryn",
- "pentium",
- "pentium2",
- "pentium3",
- "phenom",
- "qemu32",
- "qemu64",
- "SandyBridge",
- "SandyBridge-IBRS",
- "Skylake-Client",
- "Skylake-Client-IBRS",
- "Skylake-Server",
- "Skylake-Server-IBRS",
- "Westmere",
- "Westmere-IBRS"
- ],
- "type" : "string"
- },
- "flags" : {
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: pcid, spec-ctrl, ibpb, ssbd, virt-ssbd, amd-ssbd, amd-no-ssb, pdpe1gb, md-clear, hv-tlbflush, hv-evmcs, aes.",
- "format_description" : "+FLAG[;-FLAG...]",
- "optional" : 1,
- "pattern" : "(?^:(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb|md-clear|hv-tlbflush|hv-evmcs|aes))(;(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb|md-clear|hv-tlbflush|hv-evmcs|aes)))*)",
- "type" : "string"
- },
- "hidden" : {
- "default" : 0,
- "description" : "Do not identify as a KVM virtual machine.",
- "optional" : 1,
- "type" : "boolean"
- },
- "hv-vendor-id" : {
- "description" : "The Hyper-V vendor ID. Some drivers or programs inside Windows guests need a specific ID.",
- "format_description" : "vendor-id",
- "optional" : 1,
- "pattern" : "(?^:[a-zA-Z0-9]{1,12})",
- "type" : "string"
- }
- },
+ "format" : "pve-vm-cpu-conf",
"optional" : 1,
"type" : "string"
},
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
"format_description" : "bridge",
"optional" : 1,
+ "pattern" : "[-_.\\w\\d]+",
"type" : "string"
},
"e1000" : {
],
"type" : "string"
},
+ "mtu" : {
+ "description" : "Force MTU, for VirtIO only. Set to '1' to use the bridge MTU",
+ "maximum" : 65520,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer"
+ },
"ne2k_isa" : {
"alias" : "macaddr",
"keyAlias" : "model"
"optional" : 1,
"type" : "boolean"
},
+ "rng0" : {
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy injected into the guest every 'period' milliseconds. Prefer a lower value when using /dev/random as source. Use 0 to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases /dev/urandom should be preferred over /dev/random to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. /dev/hwrng can be used to pass through a hardware RNG from the host.",
+ "enum" : [
+ "/dev/urandom",
+ "/dev/random",
+ "/dev/hwrng"
+ ],
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ },
"sata[n]" : {
"description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5).",
"format" : {
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
"optional" : 1,
"type" : "string"
},
},
"cpu" : {
"description" : "Emulated CPU type.",
- "format" : {
- "cputype" : {
- "default" : "kvm64",
- "default_key" : 1,
- "description" : "Emulated CPU type.",
- "enum" : [
- "486",
- "athlon",
- "Broadwell",
- "Broadwell-IBRS",
- "Broadwell-noTSX",
- "Broadwell-noTSX-IBRS",
- "Cascadelake-Server",
- "Conroe",
- "core2duo",
- "coreduo",
- "EPYC",
- "EPYC-IBPB",
- "Haswell",
- "Haswell-IBRS",
- "Haswell-noTSX",
- "Haswell-noTSX-IBRS",
- "host",
- "IvyBridge",
- "IvyBridge-IBRS",
- "KnightsMill",
- "kvm32",
- "kvm64",
- "max",
- "Nehalem",
- "Nehalem-IBRS",
- "Opteron_G1",
- "Opteron_G2",
- "Opteron_G3",
- "Opteron_G4",
- "Opteron_G5",
- "Penryn",
- "pentium",
- "pentium2",
- "pentium3",
- "phenom",
- "qemu32",
- "qemu64",
- "SandyBridge",
- "SandyBridge-IBRS",
- "Skylake-Client",
- "Skylake-Client-IBRS",
- "Skylake-Server",
- "Skylake-Server-IBRS",
- "Westmere",
- "Westmere-IBRS"
- ],
- "type" : "string"
- },
- "flags" : {
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: pcid, spec-ctrl, ibpb, ssbd, virt-ssbd, amd-ssbd, amd-no-ssb, pdpe1gb, md-clear, hv-tlbflush, hv-evmcs, aes.",
- "format_description" : "+FLAG[;-FLAG...]",
- "optional" : 1,
- "pattern" : "(?^:(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb|md-clear|hv-tlbflush|hv-evmcs|aes))(;(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb|md-clear|hv-tlbflush|hv-evmcs|aes)))*)",
- "type" : "string"
- },
- "hidden" : {
- "default" : 0,
- "description" : "Do not identify as a KVM virtual machine.",
- "optional" : 1,
- "type" : "boolean"
- },
- "hv-vendor-id" : {
- "description" : "The Hyper-V vendor ID. Some drivers or programs inside Windows guests need a specific ID.",
- "format_description" : "vendor-id",
- "optional" : 1,
- "pattern" : "(?^:[a-zA-Z0-9]{1,12})",
- "type" : "string"
- }
- },
+ "format" : "pve-vm-cpu-conf",
"optional" : 1,
"type" : "string",
- "typetext" : "[cputype=]<enum> [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>] [,hv-vendor-id=<vendor-id>]"
+ "typetext" : "[[cputype=]<string>] [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>] [,hv-vendor-id=<vendor-id>] [,phys-bits=<8-64|host>] [,reported-model=<enum>]"
},
"cpulimit" : {
"default" : 0,
"format" : "pve-qm-hostpci",
"optional" : 1,
"type" : "string",
- "typetext" : "[host=]<HOSTPCIID[;HOSTPCIID2...]> [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,x-vga=<1|0>]",
+ "typetext" : "[host=]<HOSTPCIID[;HOSTPCIID2...]> [,legacy-igd=<1|0>] [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,x-vga=<1|0>]",
"verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"hotplug" : {
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
"format_description" : "bridge",
"optional" : 1,
+ "pattern" : "[-_.\\w\\d]+",
"type" : "string"
},
"e1000" : {
],
"type" : "string"
},
+ "mtu" : {
+ "description" : "Force MTU, for VirtIO only. Set to '1' to use the bridge MTU",
+ "maximum" : 65520,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer"
+ },
"ne2k_isa" : {
"alias" : "macaddr",
"keyAlias" : "model"
},
"optional" : 1,
"type" : "string",
- "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
+ "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,mtu=<integer>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
},
"node" : {
"description" : "The cluster node name.",
"type" : "string",
"typetext" : "<string>"
},
+ "rng0" : {
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy injected into the guest every 'period' milliseconds. Prefer a lower value when using /dev/random as source. Use 0 to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases /dev/urandom should be preferred over /dev/random to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. /dev/hwrng can be used to pass through a hardware RNG from the host.",
+ "enum" : [
+ "/dev/urandom",
+ "/dev/random",
+ "/dev/hwrng"
+ ],
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[source=]</dev/urandom|/dev/random|/dev/hwrng> [,max_bytes=<integer>] [,period=<integer>]"
+ },
"sata[n]" : {
"description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5).",
"format" : {
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[file=]<volume>"
},
"usb[n]" : {
"description" : "Configure an USB device (n is 0 to 4).",
"VM.Config.Memory",
"VM.Config.Network",
"VM.Config.HWType",
- "VM.Config.Options"
+ "VM.Config.Options",
+ "VM.Config.Cloudinit"
],
"any",
1
},
"cpu" : {
"description" : "Emulated CPU type.",
- "format" : {
- "cputype" : {
- "default" : "kvm64",
- "default_key" : 1,
- "description" : "Emulated CPU type.",
- "enum" : [
- "486",
- "athlon",
- "Broadwell",
- "Broadwell-IBRS",
- "Broadwell-noTSX",
- "Broadwell-noTSX-IBRS",
- "Cascadelake-Server",
- "Conroe",
- "core2duo",
- "coreduo",
- "EPYC",
- "EPYC-IBPB",
- "Haswell",
- "Haswell-IBRS",
- "Haswell-noTSX",
- "Haswell-noTSX-IBRS",
- "host",
- "IvyBridge",
- "IvyBridge-IBRS",
- "KnightsMill",
- "kvm32",
- "kvm64",
- "max",
- "Nehalem",
- "Nehalem-IBRS",
- "Opteron_G1",
- "Opteron_G2",
- "Opteron_G3",
- "Opteron_G4",
- "Opteron_G5",
- "Penryn",
- "pentium",
- "pentium2",
- "pentium3",
- "phenom",
- "qemu32",
- "qemu64",
- "SandyBridge",
- "SandyBridge-IBRS",
- "Skylake-Client",
- "Skylake-Client-IBRS",
- "Skylake-Server",
- "Skylake-Server-IBRS",
- "Westmere",
- "Westmere-IBRS"
- ],
- "type" : "string"
- },
- "flags" : {
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: pcid, spec-ctrl, ibpb, ssbd, virt-ssbd, amd-ssbd, amd-no-ssb, pdpe1gb, md-clear, hv-tlbflush, hv-evmcs, aes.",
- "format_description" : "+FLAG[;-FLAG...]",
- "optional" : 1,
- "pattern" : "(?^:(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb|md-clear|hv-tlbflush|hv-evmcs|aes))(;(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb|md-clear|hv-tlbflush|hv-evmcs|aes)))*)",
- "type" : "string"
- },
- "hidden" : {
- "default" : 0,
- "description" : "Do not identify as a KVM virtual machine.",
- "optional" : 1,
- "type" : "boolean"
- },
- "hv-vendor-id" : {
- "description" : "The Hyper-V vendor ID. Some drivers or programs inside Windows guests need a specific ID.",
- "format_description" : "vendor-id",
- "optional" : 1,
- "pattern" : "(?^:[a-zA-Z0-9]{1,12})",
- "type" : "string"
- }
- },
+ "format" : "pve-vm-cpu-conf",
"optional" : 1,
"type" : "string",
- "typetext" : "[cputype=]<enum> [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>] [,hv-vendor-id=<vendor-id>]"
+ "typetext" : "[[cputype=]<string>] [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>] [,hv-vendor-id=<vendor-id>] [,phys-bits=<8-64|host>] [,reported-model=<enum>]"
},
"cpulimit" : {
"default" : 0,
"format" : "pve-qm-hostpci",
"optional" : 1,
"type" : "string",
- "typetext" : "[host=]<HOSTPCIID[;HOSTPCIID2...]> [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,x-vga=<1|0>]",
+ "typetext" : "[host=]<HOSTPCIID[;HOSTPCIID2...]> [,legacy-igd=<1|0>] [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,x-vga=<1|0>]",
"verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"hotplug" : {
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
"format_description" : "bridge",
"optional" : 1,
+ "pattern" : "[-_.\\w\\d]+",
"type" : "string"
},
"e1000" : {
],
"type" : "string"
},
+ "mtu" : {
+ "description" : "Force MTU, for VirtIO only. Set to '1' to use the bridge MTU",
+ "maximum" : 65520,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer"
+ },
"ne2k_isa" : {
"alias" : "macaddr",
"keyAlias" : "model"
},
"optional" : 1,
"type" : "string",
- "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
+ "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,mtu=<integer>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
},
"node" : {
"description" : "The cluster node name.",
"type" : "string",
"typetext" : "<string>"
},
+ "rng0" : {
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy injected into the guest every 'period' milliseconds. Prefer a lower value when using /dev/random as source. Use 0 to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases /dev/urandom should be preferred over /dev/random to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. /dev/hwrng can be used to pass through a hardware RNG from the host.",
+ "enum" : [
+ "/dev/urandom",
+ "/dev/random",
+ "/dev/hwrng"
+ ],
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[source=]</dev/urandom|/dev/random|/dev/hwrng> [,max_bytes=<integer>] [,period=<integer>]"
+ },
"sata[n]" : {
"description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5).",
"format" : {
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[file=]<volume>"
},
"usb[n]" : {
"description" : "Configure an USB device (n is 0 to 4).",
"VM.Config.Memory",
"VM.Config.Network",
"VM.Config.HWType",
- "VM.Config.Options"
+ "VM.Config.Options",
+ "VM.Config.Cloudinit"
],
"any",
1
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "generate-password" : {
+ "default" : 0,
+ "description" : "Generates a random password to be used as ticket instead of the API ticket.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"cert" : {
"type" : "string"
},
+ "password" : {
+ "description" : "Returned if requested with 'generate-password' param. Consists of printable ASCII characters ('!' .. '~').",
+ "optional" : 1,
+ "type" : "string"
+ },
"port" : {
"type" : "integer"
},
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "force-cpu" : {
+ "description" : "Override QEMU's -cpu argument with the given string.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"machine" : {
"description" : "Specifies the Qemu machine type.",
"maxLength" : 40,
"typetext" : "<string>"
},
"targetstorage" : {
- "description" : "Target storage for the migration. (Can be '1' to use the same storage id as on the source node.)",
+ "description" : "Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself.",
+ "format" : "storagepair-list",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"typetext" : "<string>"
},
"targetstorage" : {
- "description" : "Default target storage.",
- "format" : "pve-storage-id",
+ "description" : "Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself.",
+ "format" : "storagepair-list",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"type" : "string"
},
"archive" : {
- "description" : "The backup file.",
+ "description" : "The backup archive. Either the file system path to a .tar or .vma file (use '-' to pipe data from stdin) or a proxmox storage backup volume identifier.",
"maxLength" : 255,
"optional" : 1,
"type" : "string",
},
"cpu" : {
"description" : "Emulated CPU type.",
- "format" : {
- "cputype" : {
- "default" : "kvm64",
- "default_key" : 1,
- "description" : "Emulated CPU type.",
- "enum" : [
- "486",
- "athlon",
- "Broadwell",
- "Broadwell-IBRS",
- "Broadwell-noTSX",
- "Broadwell-noTSX-IBRS",
- "Cascadelake-Server",
- "Conroe",
- "core2duo",
- "coreduo",
- "EPYC",
- "EPYC-IBPB",
- "Haswell",
- "Haswell-IBRS",
- "Haswell-noTSX",
- "Haswell-noTSX-IBRS",
- "host",
- "IvyBridge",
- "IvyBridge-IBRS",
- "KnightsMill",
- "kvm32",
- "kvm64",
- "max",
- "Nehalem",
- "Nehalem-IBRS",
- "Opteron_G1",
- "Opteron_G2",
- "Opteron_G3",
- "Opteron_G4",
- "Opteron_G5",
- "Penryn",
- "pentium",
- "pentium2",
- "pentium3",
- "phenom",
- "qemu32",
- "qemu64",
- "SandyBridge",
- "SandyBridge-IBRS",
- "Skylake-Client",
- "Skylake-Client-IBRS",
- "Skylake-Server",
- "Skylake-Server-IBRS",
- "Westmere",
- "Westmere-IBRS"
- ],
- "type" : "string"
- },
- "flags" : {
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: pcid, spec-ctrl, ibpb, ssbd, virt-ssbd, amd-ssbd, amd-no-ssb, pdpe1gb, md-clear, hv-tlbflush, hv-evmcs, aes.",
- "format_description" : "+FLAG[;-FLAG...]",
- "optional" : 1,
- "pattern" : "(?^:(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb|md-clear|hv-tlbflush|hv-evmcs|aes))(;(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb|md-clear|hv-tlbflush|hv-evmcs|aes)))*)",
- "type" : "string"
- },
- "hidden" : {
- "default" : 0,
- "description" : "Do not identify as a KVM virtual machine.",
- "optional" : 1,
- "type" : "boolean"
- },
- "hv-vendor-id" : {
- "description" : "The Hyper-V vendor ID. Some drivers or programs inside Windows guests need a specific ID.",
- "format_description" : "vendor-id",
- "optional" : 1,
- "pattern" : "(?^:[a-zA-Z0-9]{1,12})",
- "type" : "string"
- }
- },
+ "format" : "pve-vm-cpu-conf",
"optional" : 1,
"type" : "string",
- "typetext" : "[cputype=]<enum> [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>] [,hv-vendor-id=<vendor-id>]"
+ "typetext" : "[[cputype=]<string>] [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>] [,hv-vendor-id=<vendor-id>] [,phys-bits=<8-64|host>] [,reported-model=<enum>]"
},
"cpulimit" : {
"default" : 0,
"format" : "pve-qm-hostpci",
"optional" : 1,
"type" : "string",
- "typetext" : "[host=]<HOSTPCIID[;HOSTPCIID2...]> [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,x-vga=<1|0>]",
+ "typetext" : "[host=]<HOSTPCIID[;HOSTPCIID2...]> [,legacy-igd=<1|0>] [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,x-vga=<1|0>]",
"verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"hotplug" : {
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
"format_description" : "bridge",
"optional" : 1,
+ "pattern" : "[-_.\\w\\d]+",
"type" : "string"
},
"e1000" : {
],
"type" : "string"
},
+ "mtu" : {
+ "description" : "Force MTU, for VirtIO only. Set to '1' to use the bridge MTU",
+ "maximum" : 65520,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer"
+ },
"ne2k_isa" : {
"alias" : "macaddr",
"keyAlias" : "model"
},
"optional" : 1,
"type" : "string",
- "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
+ "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,mtu=<integer>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
},
"node" : {
"description" : "The cluster node name.",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "rng0" : {
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy injected into the guest every 'period' milliseconds. Prefer a lower value when using /dev/random as source. Use 0 to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases /dev/urandom should be preferred over /dev/random to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. /dev/hwrng can be used to pass through a hardware RNG from the host.",
+ "enum" : [
+ "/dev/urandom",
+ "/dev/random",
+ "/dev/hwrng"
+ ],
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[source=]</dev/urandom|/dev/random|/dev/hwrng> [,max_bytes=<integer>] [,period=<integer>]"
+ },
"sata[n]" : {
"description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5).",
"format" : {
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[file=]<volume>"
},
"usb[n]" : {
"description" : "Configure an USB device (n is 0 to 4).",
"path" : "/nodes/{node}/qemu",
"text" : "qemu"
},
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List all custom and default CPU models.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Only returns custom models when the current user has Sys.Audit on /nodes.",
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "custom" : {
+ "description" : "True if this is a custom CPU model.",
+ "type" : "boolean"
+ },
+ "name" : {
+ "description" : "Name of the CPU model. Identifies it for subsequent API calls. Prefixed with 'custom-' for custom models.",
+ "type" : "string"
+ },
+ "vendor" : {
+ "description" : "CPU vendor visible to the guest when this model is selected. Vendor of 'reported-model' in case of custom models.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/cpu",
+ "text" : "cpu"
+ },
{
"children" : [
{
"optional" : 1,
"type" : "integer"
},
+ "debug" : {
+ "default" : 0,
+ "description" : "Try to be more verbose. For now this only enables debug log-level on start.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"description" : {
"description" : "Container description. Only used on the configuration web interface.",
"optional" : 1,
"features" : {
"description" : "Allow containers access to advanced features.",
"format" : {
+ "force_rw_sys" : {
+ "default" : 0,
+ "description" : "Mount /sys in unprivileged containers as `rw` instead of `mixed`. This can break networking under newer (>= v245) systemd-network use.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"fuse" : {
"default" : 0,
"description" : "Allow using 'fuse' file systems in a container. Note that interactions between fuse and the freezer cgroup can potentially cause I/O deadlocks.",
"optional" : 1,
"type" : "boolean"
},
+ "mknod" : {
+ "default" : 0,
+ "description" : "Allow unprivileged containers to use mknod() to add certain device nodes. This requires a kernel with seccomp trap to user space support (5.3 or newer). This is experimental.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mount" : {
"description" : "Allow mounting file systems of specific types. This should be a list of file system types as used with the mount command. Note that this can have negative effects on the container's security. With access to a loop device, mounting a file can circumvent the mknod permission of the devices cgroup, mounting an NFS file system can block the host's I/O completely and prevent it from rebooting, etc.",
"format_description" : "fstype;fstype;...",
"optional" : 1,
"type" : "boolean"
},
+ "timezone" : {
+ "description" : "Time zone to use in the container. If option isn't set, then nothing will be done. Can be set to 'host' to match the host time zone, or an arbitrary time zone option from /usr/share/zoneinfo/zone.tab",
+ "format" : "pve-ct-timezone",
+ "optional" : 1,
+ "type" : "string"
+ },
"tty" : {
"default" : 2,
"description" : "Specify the number of tty available to the container",
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "volume" : {
+ "default_key" : 1,
+ "description" : "The volume that is not used currently.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ }
+ },
"optional" : 1,
"type" : "string"
}
"type" : "integer",
"typetext" : "<integer> (0 - 500000)"
},
+ "debug" : {
+ "default" : 0,
+ "description" : "Try to be more verbose. For now this only enables debug log-level on start.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"delete" : {
"description" : "A list of settings you want to delete.",
"format" : "pve-configid-list",
"features" : {
"description" : "Allow containers access to advanced features.",
"format" : {
+ "force_rw_sys" : {
+ "default" : 0,
+ "description" : "Mount /sys in unprivileged containers as `rw` instead of `mixed`. This can break networking under newer (>= v245) systemd-network use.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"fuse" : {
"default" : 0,
"description" : "Allow using 'fuse' file systems in a container. Note that interactions between fuse and the freezer cgroup can potentially cause I/O deadlocks.",
"optional" : 1,
"type" : "boolean"
},
+ "mknod" : {
+ "default" : 0,
+ "description" : "Allow unprivileged containers to use mknod() to add certain device nodes. This requires a kernel with seccomp trap to user space support (5.3 or newer). This is experimental.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mount" : {
"description" : "Allow mounting file systems of specific types. This should be a list of file system types as used with the mount command. Note that this can have negative effects on the container's security. With access to a loop device, mounting a file can circumvent the mknod permission of the devices cgroup, mounting an NFS file system can block the host's I/O completely and prevent it from rebooting, etc.",
"format_description" : "fstype;fstype;...",
},
"optional" : 1,
"type" : "string",
- "typetext" : "[fuse=<1|0>] [,keyctl=<1|0>] [,mount=<fstype;fstype;...>] [,nesting=<1|0>]"
+ "typetext" : "[force_rw_sys=<1|0>] [,fuse=<1|0>] [,keyctl=<1|0>] [,mknod=<1|0>] [,mount=<fstype;fstype;...>] [,nesting=<1|0>]"
},
"hookscript" : {
"description" : "Script that will be exectued during various steps in the containers lifetime.",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "timezone" : {
+ "description" : "Time zone to use in the container. If option isn't set, then nothing will be done. Can be set to 'host' to match the host time zone, or an arbitrary time zone option from /usr/share/zoneinfo/zone.tab",
+ "format" : "pve-ct-timezone",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"tty" : {
"default" : 2,
"description" : "Specify the number of tty available to the container",
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "volume" : {
+ "default_key" : 1,
+ "description" : "The volume that is not used currently.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ }
+ },
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[volume=]<volume>"
},
"vmid" : {
"description" : "The (unique) ID of the VM.",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "debug" : {
+ "default" : 0,
+ "description" : "If set, enables very verbose debug log-level on start.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"/vms/{vmid}",
[
"VM.Snapshot",
- "VM.Snapshot.Rollback"
+ "VM.Snapshot.Rollback",
+ "VM.Audit"
],
"any",
1
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "force" : {
+ "default" : 0,
+ "description" : "Force destroy, even if running.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"typetext" : "<string>"
},
"purge" : {
- "description" : "Remove vmid from backup cron jobs.",
+ "default" : 0,
+ "description" : "Remove container from all related configurations. For example, backup jobs, replication jobs or HA. Related ACLs and Firewall entries will *always* be removed.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"type" : "integer",
"typetext" : "<integer> (0 - 500000)"
},
+ "debug" : {
+ "default" : 0,
+ "description" : "Try to be more verbose. For now this only enables debug log-level on start.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"description" : {
"description" : "Container description. Only used on the configuration web interface.",
"optional" : 1,
"features" : {
"description" : "Allow containers access to advanced features.",
"format" : {
+ "force_rw_sys" : {
+ "default" : 0,
+ "description" : "Mount /sys in unprivileged containers as `rw` instead of `mixed`. This can break networking under newer (>= v245) systemd-network use.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"fuse" : {
"default" : 0,
"description" : "Allow using 'fuse' file systems in a container. Note that interactions between fuse and the freezer cgroup can potentially cause I/O deadlocks.",
"optional" : 1,
"type" : "boolean"
},
+ "mknod" : {
+ "default" : 0,
+ "description" : "Allow unprivileged containers to use mknod() to add certain device nodes. This requires a kernel with seccomp trap to user space support (5.3 or newer). This is experimental.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mount" : {
"description" : "Allow mounting file systems of specific types. This should be a list of file system types as used with the mount command. Note that this can have negative effects on the container's security. With access to a loop device, mounting a file can circumvent the mknod permission of the devices cgroup, mounting an NFS file system can block the host's I/O completely and prevent it from rebooting, etc.",
"format_description" : "fstype;fstype;...",
},
"optional" : 1,
"type" : "string",
- "typetext" : "[fuse=<1|0>] [,keyctl=<1|0>] [,mount=<fstype;fstype;...>] [,nesting=<1|0>]"
+ "typetext" : "[force_rw_sys=<1|0>] [,fuse=<1|0>] [,keyctl=<1|0>] [,mknod=<1|0>] [,mount=<fstype;fstype;...>] [,nesting=<1|0>]"
},
"force" : {
"description" : "Allow to overwrite existing container.",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "timezone" : {
+ "description" : "Time zone to use in the container. If option isn't set, then nothing will be done. Can be set to 'host' to match the host time zone, or an arbitrary time zone option from /usr/share/zoneinfo/zone.tab",
+ "format" : "pve-ct-timezone",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"tty" : {
"default" : 2,
"description" : "Specify the number of tty available to the container",
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "volume" : {
+ "default_key" : 1,
+ "description" : "The volume that is not used currently.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ }
+ },
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[volume=]<volume>"
},
"vmid" : {
"description" : "The (unique) ID of the VM.",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "crush-device-class" : {
+ "description" : "Set the device class of the OSD in crush.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"db_dev" : {
"description" : "Block device name for block.db.",
"optional" : 1,
"name" : {
"default" : "nodename",
"description" : "The ID for the mds, when omitted the same as the nodename",
+ "maxLength" : 200,
"optional" : 1,
"pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
"type" : "string"
"properties" : {
"id" : {
"description" : "The ID for the manager, when omitted the same as the nodename",
+ "maxLength" : 200,
"optional" : 1,
"pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
"type" : "string"
},
"monid" : {
"description" : "The ID for the monitor, when omitted the same as the nodename",
+ "maxLength" : 200,
"optional" : 1,
"pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
"type" : "string"
"default" : "ceph.target",
"description" : "Ceph service name.",
"optional" : 1,
- "pattern" : "(ceph|mon|mds|osd|mgr)\\.[A-Za-z0-9\\-]{1,32}",
+ "pattern" : "(ceph|mon|mds|osd|mgr)(\\.[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?)?",
"type" : "string"
}
}
"default" : "ceph.target",
"description" : "Ceph service name.",
"optional" : 1,
- "pattern" : "(ceph|mon|mds|osd|mgr)\\.[A-Za-z0-9\\-]{1,32}",
+ "pattern" : "(ceph|mon|mds|osd|mgr)(\\.[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?)?",
"type" : "string"
}
}
"default" : "ceph.target",
"description" : "Ceph service name.",
"optional" : 1,
- "pattern" : "(mon|mds|osd|mgr)\\.[A-Za-z0-9\\-]{1,32}",
+ "pattern" : "(mon|mds|osd|mgr)(\\.[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?)?",
"type" : "string"
}
}
"returns" : {
"items" : {
"properties" : {
+ "bytes_used" : {
+ "title" : "Used",
+ "type" : "integer"
+ },
+ "crush_rule" : {
+ "title" : "Crush Rule",
+ "type" : "integer"
+ },
+ "crush_rule_name" : {
+ "title" : "Crush Rule Name",
+ "type" : "string"
+ },
+ "min_size" : {
+ "title" : "Min Size",
+ "type" : "integer"
+ },
+ "percent_used" : {
+ "title" : "%-Used",
+ "type" : "number"
+ },
+ "pg_autoscale_mode" : {
+ "optional" : 1,
+ "title" : "PG Autoscale Mode",
+ "type" : "string"
+ },
+ "pg_num" : {
+ "title" : "PG Num",
+ "type" : "integer"
+ },
"pool" : {
+ "title" : "ID",
"type" : "integer"
},
"pool_name" : {
+ "title" : "Name",
"type" : "string"
},
"size" : {
+ "title" : "Size",
"type" : "integer"
}
},
"0",
"1",
"gzip",
- "lzo"
+ "lzo",
+ "zstd"
],
"optional" : 1,
"type" : "string"
"type" : "string",
"typetext" : "<string>"
},
+ "prune-backups" : {
+ "description" : "Use these retention options instead of those from the storage configuration.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
"quiet" : {
"default" : 0,
"description" : "Be quiet.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
+ },
+ "zstd" : {
+ "default" : 1,
+ "description" : "Zstd threads. N=0 uses half of the available cores, N>0 uses N as thread count.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
}
}
},
"info" : {
"POST" : {
"allowtoken" : 1,
- "description" : "Restart service.",
+ "description" : "Hard restart service. Use reload if you want to reduce interruptions.",
"method" : "POST",
"name" : "service_restart",
"parameters" : {
"info" : {
"POST" : {
"allowtoken" : 1,
- "description" : "Reload service.",
+ "description" : "Reload service. Falls back to restart if service cannot be reloaded.",
"method" : "POST",
"name" : "service_reload",
"parameters" : {
},
{
"info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete subscription key of this node.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "null"
+ }
+ },
"GET" : {
"allowtoken" : 1,
"description" : "Read subscription info.",
"children" : [
{
"children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Prune backups. Only those using the standard naming scheme are considered.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "prune-backups" : {
+ "description" : "Use these retention options instead of those from the storage configuration.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
+ "storage" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "Either 'qemu' or 'lxc'. Only consider backups for guests of this type.",
+ "enum" : [
+ "qemu",
+ "lxc"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vmid" : {
+ "description" : "Only prune backups for this VM.",
+ "format" : "pve-vmid",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "You need the 'Datastore.Allocate' privilege on the storage (or if a VM ID is specified, 'Datastore.AllocateSpace' and 'VM.Backup' for the VM).",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get prune information for backups. NOTE: this is only a preview and might not be exactly what a subsequent prune call does, if the hour changes or if backups are removed/added in the meantime.",
+ "method" : "GET",
+ "name" : "dryrun",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "prune-backups" : {
+ "description" : "Use these retention options instead of those from the storage configuration.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
+ "storage" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "Either 'qemu' or 'lxc'. Only consider backups for guests of this type.",
+ "enum" : [
+ "qemu",
+ "lxc"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vmid" : {
+ "description" : "Only consider backups for this guest.",
+ "format" : "pve-vmid",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/storage/{storage}",
+ [
+ "Datastore.Audit",
+ "Datastore.AllocateSpace"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "ctime" : {
+ "description" : "Creation time of the backup (seconds since the UNIX epoch).",
+ "type" : "integer"
+ },
+ "mark" : {
+ "description" : "Whether the backup would be kept or removed. For backups that don't use the standard naming scheme, it's 'protected'.",
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "One of 'qemu', 'lxc', 'openvz' or 'unknown'.",
+ "type" : "string"
+ },
+ "vmid" : {
+ "description" : "The VM the backup belongs to.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "volid" : {
+ "description" : "Backup volume ID.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/storage/{storage}/prunebackups",
+ "text" : "prunebackups"
+ },
{
"children" : [
{
"returns" : {
"items" : {
"properties" : {
+ "ctime" : {
+ "description" : "Creation time (seconds since the UNIX Epoch).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
"format" : {
"description" : "Format identifier ('raw', 'qcow2', 'subvol', 'iso', 'tgz' ...)",
"type" : "string"
"type" : "integer"
},
"used" : {
- "description" : "Used space. Please note that most storage plugins does not report anything useful here.",
+ "description" : "Used space. Please note that most storage plugins do not report anything useful here.",
"optional" : 1,
"renderer" : "bytes",
"type" : "integer"
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"proxyto" : "node",
"returns" : {
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"proxyto" : "node",
"returns" : {
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"proxyto" : "node",
"returns" : {
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"proxyto" : "node",
"returns" : {
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"proxyto" : "node",
"returns" : {
}
},
"leaf" : 0,
- "path" : "/nodes/{node}/certificates",
- "text" : "certificates"
- },
- {
- "info" : {
- "GET" : {
- "allowtoken" : 1,
- "description" : "Get node configuration options.",
- "method" : "GET",
- "name" : "get_config",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- },
- "property" : {
- "default" : "all",
- "description" : "Return only a specific property from the node configuration.",
- "enum" : [
- "acme",
- "description",
- "startall-onboot-delay",
- "wakeonlan"
- ],
- "optional" : 1,
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
- },
- "proxyto" : "node",
- "returns" : {
- "type" : "object"
- }
- },
- "PUT" : {
- "allowtoken" : 1,
- "description" : "Set node configuration options.",
- "method" : "PUT",
- "name" : "set_options",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "acme" : {
- "description" : "Node specific ACME settings.",
- "format" : {
- "account" : {
- "default" : "default",
- "description" : "ACME account config file name.",
- "format" : "pve-configid",
- "format_description" : "name",
- "optional" : 1,
- "type" : "string"
- },
- "domains" : {
- "description" : "List of domains for this node's ACME certificate",
- "format" : "pve-acme-domain-list",
- "format_description" : "domain[;domain;...]",
- "type" : "string"
- }
- },
- "optional" : 1,
- "type" : "string",
- "typetext" : "domains=<domain[;domain;...]> [,account=<name>]"
- },
- "delete" : {
- "description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "description" : {
- "description" : "Node description/comment.",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- },
- "startall-onboot-delay" : {
- "default" : 0,
- "description" : "Initial delay in seconds, before starting all the Virtual Guests with on-boot enabled.",
- "maximum" : 300,
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - 300)"
- },
- "wakeonlan" : {
- "description" : "MAC address for wake on LAN",
- "format" : "mac-addr",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 1,
- "path" : "/nodes/{node}/config",
- "text" : "config"
+ "path" : "/nodes/{node}/certificates",
+ "text" : "certificates"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get node configuration options.",
+ "method" : "GET",
+ "name" : "get_config",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "property" : {
+ "default" : "all",
+ "description" : "Return only a specific property from the node configuration.",
+ "enum" : [
+ "acme",
+ "acmedomain0",
+ "acmedomain1",
+ "acmedomain2",
+ "acmedomain3",
+ "acmedomain4",
+ "acmedomain5",
+ "description",
+ "startall-onboot-delay",
+ "wakeonlan"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Set node configuration options.",
+ "method" : "PUT",
+ "name" : "set_options",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "acme" : {
+ "description" : "Node specific ACME settings.",
+ "format" : {
+ "account" : {
+ "default" : "default",
+ "description" : "ACME account config file name.",
+ "format" : "pve-configid",
+ "format_description" : "name",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "domains" : {
+ "description" : "List of domains for this node's ACME certificate",
+ "format" : "pve-acme-domain-list",
+ "format_description" : "domain[;domain;...]",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[account=<name>] [,domains=<domain[;domain;...]>]"
+ },
+ "acmedomain[n]" : {
+ "description" : "ACME domain and validation plugin",
+ "format" : {
+ "alias" : {
+ "description" : "Alias for the Domain to verify ACME Challenge over DNS",
+ "format" : "pve-acme-alias",
+ "format_description" : "domain",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "domain" : {
+ "default_key" : 1,
+ "description" : "domain for this node's ACME certificate",
+ "format" : "pve-acme-domain",
+ "format_description" : "domain",
+ "type" : "string"
+ },
+ "plugin" : {
+ "default" : "standalone",
+ "description" : "The ACME plugin ID",
+ "format" : "pve-configid",
+ "format_description" : "name of the plugin configuration",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[domain=]<domain> [,alias=<domain>] [,plugin=<name of the plugin configuration>]"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "description" : {
+ "description" : "Node description/comment.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "startall-onboot-delay" : {
+ "default" : 0,
+ "description" : "Initial delay in seconds, before starting all the Virtual Guests with on-boot enabled.",
+ "maximum" : 300,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 300)"
+ },
+ "wakeonlan" : {
+ "description" : "MAC address for wake on LAN",
+ "format" : "mac-addr",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/config",
+ "text" : "config"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List zone content.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}",
+ [
+ "SDN.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "status" : {
+ "description" : "Status.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "statusmsg" : {
+ "description" : "Status details",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vnet" : {
+ "description" : "Vnet identifier.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{vnet}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/sdn/zones/{zone}/content",
+ "text" : "content"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "",
+ "method" : "GET",
+ "name" : "diridx",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}",
+ [
+ "SDN.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "subdir" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{subdir}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/sdn/zones/{zone}",
+ "text" : "{zone}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get status for all zones.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Only list entries where you have 'SDN.Audit'",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "status" : {
+ "description" : "Status of zone",
+ "enum" : [
+ "available",
+ "pending",
+ "error"
+ ],
+ "type" : "string"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{zone}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/sdn/zones",
+ "text" : "zones"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "SDN index.",
+ "method" : "GET",
+ "name" : "sdnindex",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/sdn",
+ "text" : "sdn"
},
{
"info" : {
"default" : "login",
"description" : "Run specific command or default to login.",
"enum" : [
- "upgrade",
"login",
- "ceph_install"
+ "ceph_install",
+ "upgrade"
],
"optional" : 1,
"type" : "string"
"default" : "login",
"description" : "Run specific command or default to login.",
"enum" : [
- "upgrade",
"login",
- "ceph_install"
+ "ceph_install",
+ "upgrade"
],
"optional" : 1,
"type" : "string"
"default" : "login",
"description" : "Run specific command or default to login.",
"enum" : [
- "upgrade",
"login",
- "ceph_install"
+ "ceph_install",
+ "upgrade"
],
"optional" : 1,
"type" : "string"
"type" : "string",
"typetext" : "<string>"
},
+ "encryption-key" : {
+ "description" : "Encryption key. Use 'autogen' to generate one automatically without passphrase.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "fingerprint" : {
+ "description" : "Certificate SHA 256 fingerprint.",
+ "optional" : 1,
+ "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
+ "type" : "string"
+ },
"format" : {
"description" : "Default image format.",
"format" : "pve-storage-format",
"typetext" : "<string>"
},
"password" : {
- "description" : "Password for CIFS share.",
+ "description" : "Password for accessing the share/datastore.",
"maxLength" : 256,
"optional" : 1,
"type" : "string",
"type" : "string",
"typetext" : "<string>"
},
+ "prune-backups" : {
+ "description" : "The retention options with shorter intervals are processed first with --keep-last being the very first one. Each option covers a specific period of time. We say that backups within this period are covered by this option. The next option does not take care of already covered backups and only considers older backups.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
"redundancy" : {
"default" : 2,
"description" : "The redundancy count specifies the number of nodes to which the resource should be deployed. It must be at least 1 and at most the number of nodes in the cluster.",
"lvm",
"lvmthin",
"nfs",
+ "pbs",
"rbd",
"zfs",
"zfspool"
"type" : "string",
"typetext" : "<string>"
},
+ "datastore" : {
+ "description" : "Proxmox backup server datastore name.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"disable" : {
"description" : "Flag to disable the storage.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "encryption-key" : {
+ "description" : "Encryption key. Use 'autogen' to generate one automatically without passphrase.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"export" : {
"description" : "NFS export path.",
"format" : "pve-storage-path",
"type" : "string",
"typetext" : "<string>"
},
+ "fingerprint" : {
+ "description" : "Certificate SHA 256 fingerprint.",
+ "optional" : 1,
+ "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
+ "type" : "string"
+ },
"format" : {
"description" : "Default image format.",
"format" : "pve-storage-format",
"typetext" : "<string>"
},
"password" : {
- "description" : "Password for CIFS share.",
+ "description" : "Password for accessing the share/datastore.",
"maxLength" : 256,
"optional" : 1,
"type" : "string",
"type" : "string",
"typetext" : "<string>"
},
+ "prune-backups" : {
+ "description" : "The retention options with shorter intervals are processed first with --keep-last being the very first one. Each option covers a specific period of time. We say that backups within this period are covered by this option. The next option does not take care of already covered backups and only considers older backups.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
"redundancy" : {
"default" : 2,
"description" : "The redundancy count specifies the number of nodes to which the resource should be deployed. It must be at least 1 and at most the number of nodes in the cluster.",
"lvm",
"lvmthin",
"nfs",
+ "pbs",
"rbd",
"zfs",
"zfspool"
},
"protected" : 1,
"returns" : {
- "type" : "null"
- }
- },
- "GET" : {
- "allowtoken" : 1,
- "description" : "Get specific API token information.",
- "method" : "GET",
- "name" : "read_token",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "tokenid" : {
- "description" : "User-specific token identifier.",
- "pattern" : "(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+)",
- "type" : "string"
- },
- "userid" : {
- "description" : "User ID",
- "format" : "pve-userid",
- "maxLength" : 64,
- "type" : "string",
- "typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "or",
- [
- "userid-param",
- "self"
- ],
- [
- "perm",
- "/access/users/{userid}",
- [
- "User.Modify"
- ]
- ]
- ]
- },
- "returns" : {
- "properties" : {
- "comment" : {
- "optional" : 1,
- "type" : "string"
- },
- "expire" : {
- "default" : "same as user",
- "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer"
- },
- "privsep" : {
- "default" : 1,
- "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
- "optional" : 1,
- "type" : "boolean"
- }
- },
- "type" : "object"
- }
- },
- "POST" : {
- "allowtoken" : 1,
- "description" : "Generate a new API token for a specific user. NOTE: returns API token value, which needs to be stored as it cannot be retrieved afterwards!",
- "method" : "POST",
- "name" : "generate_token",
- "parameters" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get specific API token information.",
+ "method" : "GET",
+ "name" : "read_token",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "tokenid" : {
+ "description" : "User-specific token identifier.",
+ "pattern" : "(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+)",
+ "type" : "string"
+ },
+ "userid" : {
+ "description" : "User ID",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "perm",
+ "/access/users/{userid}",
+ [
+ "User.Modify"
+ ]
+ ]
+ ]
+ },
+ "returns" : {
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "expire" : {
+ "default" : "same as user",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Generate a new API token for a specific user. NOTE: returns API token value, which needs to be stored as it cannot be retrieved afterwards!",
+ "method" : "POST",
+ "name" : "generate_token",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "expire" : {
+ "default" : "same as user",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "tokenid" : {
+ "description" : "User-specific token identifier.",
+ "pattern" : "(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+)",
+ "type" : "string"
+ },
+ "userid" : {
+ "description" : "User ID",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "perm",
+ "/access/users/{userid}",
+ [
+ "User.Modify"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
"additionalProperties" : 0,
"properties" : {
- "comment" : {
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "expire" : {
- "default" : "same as user",
- "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- },
- "privsep" : {
- "default" : 1,
- "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "tokenid" : {
- "description" : "User-specific token identifier.",
- "pattern" : "(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+)",
+ "full-tokenid" : {
+ "description" : "The full token id.",
+ "format_description" : "<userid>!<tokenid>",
"type" : "string"
},
- "userid" : {
- "description" : "User ID",
- "format" : "pve-userid",
- "maxLength" : 64,
- "type" : "string",
- "typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "or",
- [
- "userid-param",
- "self"
- ],
- [
- "perm",
- "/access/users/{userid}",
- [
- "User.Modify"
- ]
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "additionalProperties" : 0,
- "properties" : {
"info" : {
"properties" : {
"comment" : {
"optional" : 1,
"type" : "boolean"
},
+ "VM.Config.Cloudinit" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
"VM.Config.Disk" : {
"optional" : 1,
"type" : "boolean"
{
"children" : [
{
+ "children" : [
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Syncs users and/or groups from the configured LDAP to user.cfg. NOTE: Synced groups will have the name 'name-$realm', so make sure those groups do not exist to prevent overwriting.",
+ "method" : "POST",
+ "name" : "sync",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "dry-run" : {
+ "default" : 0,
+ "description" : "If set, does not write anything.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "enable-new" : {
+ "default" : "1",
+ "description" : "Enable newly synced users immediately.",
+ "optional" : "1",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "full" : {
+ "description" : "If set, uses the LDAP Directory as source of truth, deleting users or groups not returned from the sync. Otherwise only syncs information which is not already present, and does not deletes or modifies anything else.",
+ "optional" : "1",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "purge" : {
+ "description" : "Remove ACLs for users or groups which were removed from the config during a sync.",
+ "optional" : "1",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "realm" : {
+ "description" : "Authentication domain ID",
+ "format" : "pve-realm",
+ "maxLength" : 32,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "scope" : {
+ "description" : "Select what to sync.",
+ "enum" : [
+ "users",
+ "groups",
+ "both"
+ ],
+ "optional" : "1",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "and",
+ [
+ "userid-param",
+ "Realm.AllocateUser"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify"
+ ]
+ ]
+ ],
+ "description" : "'Realm.AllocateUser' on '/access/realm/<realm>' and 'User.Modify' permissions to '/access/groups/'."
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "Worker Task-UPID",
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/access/domains/{realm}/sync",
+ "text" : "sync"
+ }
+ ],
"info" : {
"DELETE" : {
"allowtoken" : 1,
"pattern" : "\\S+",
"type" : "string"
},
+ "filter" : {
+ "description" : "LDAP filter for user sync.",
+ "maxLength" : 2048,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group_classes" : {
+ "default" : "groupOfNames, group, univentionGroup, ipausergroup",
+ "description" : "The objectclasses for groups.",
+ "format" : "ldap-simple-attr-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group_dn" : {
+ "description" : "LDAP base domain name for group sync. If not set, the base_dn will be used.",
+ "maxLength" : 256,
+ "optional" : 1,
+ "pattern" : "\\w+=[^,]+(,\\s*\\w+=[^,]+)*",
+ "type" : "string"
+ },
+ "group_filter" : {
+ "description" : "LDAP filter for group sync.",
+ "maxLength" : 2048,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group_name_attr" : {
+ "description" : "LDAP attribute representing a groups name. If not set or found, the first value of the DN will be used as name.",
+ "format" : "ldap-simple-attr",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mode" : {
+ "default" : "ldap",
+ "description" : "LDAP protocol mode.",
+ "enum" : [
+ "ldap",
+ "ldaps",
+ "ldap+starttls"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "password" : {
+ "description" : "LDAP bind password. Will be stored in '/etc/pve/priv/realm/<REALM>.pw'.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"port" : {
"description" : "Server port.",
"maximum" : 65535,
"typetext" : "<string>"
},
"secure" : {
- "description" : "Use secure LDAPS protocol.",
+ "description" : "Use secure LDAPS protocol. DEPRECATED: use 'mode' instead.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"optional" : 1,
"type" : "string"
},
+ "sync-defaults-options" : {
+ "description" : "The default options for behavior of synchronizations.",
+ "format" : "realm-sync-options",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[enable-new=<1|0>] [,full=<1|0>] [,purge=<1|0>] [,scope=<users|groups|both>]"
+ },
+ "sync_attributes" : {
+ "description" : "Comma separated list of key=value pairs for specifying which LDAP attributes map to which PVE user field. For example, to map the LDAP attribute 'mail' to PVEs 'email', write 'email=mail'. By default, each PVE user field is represented by an LDAP attribute of the same name.",
+ "optional" : 1,
+ "pattern" : "\\w+=[^,]+(,\\s*\\w+=[^,]+)*",
+ "type" : "string"
+ },
"tfa" : {
"description" : "Use Two-factor authentication.",
"format" : "pve-tfa-config",
"pattern" : "\\S{2,}",
"type" : "string"
},
+ "user_classes" : {
+ "default" : "inetorgperson, posixaccount, person, user",
+ "description" : "The objectclasses for users.",
+ "format" : "ldap-simple-attr-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"verify" : {
"default" : 0,
"description" : "Verify the server's SSL certificate",
}
}
},
- "leaf" : 1,
+ "leaf" : 0,
"path" : "/access/domains/{realm}",
"text" : "{realm}"
}
],
"optional" : 1,
"type" : "string"
+ },
+ "type" : {
+ "type" : "string"
}
},
"type" : "object"
"pattern" : "\\S+",
"type" : "string"
},
+ "filter" : {
+ "description" : "LDAP filter for user sync.",
+ "maxLength" : 2048,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group_classes" : {
+ "default" : "groupOfNames, group, univentionGroup, ipausergroup",
+ "description" : "The objectclasses for groups.",
+ "format" : "ldap-simple-attr-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group_dn" : {
+ "description" : "LDAP base domain name for group sync. If not set, the base_dn will be used.",
+ "maxLength" : 256,
+ "optional" : 1,
+ "pattern" : "\\w+=[^,]+(,\\s*\\w+=[^,]+)*",
+ "type" : "string"
+ },
+ "group_filter" : {
+ "description" : "LDAP filter for group sync.",
+ "maxLength" : 2048,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group_name_attr" : {
+ "description" : "LDAP attribute representing a groups name. If not set or found, the first value of the DN will be used as name.",
+ "format" : "ldap-simple-attr",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mode" : {
+ "default" : "ldap",
+ "description" : "LDAP protocol mode.",
+ "enum" : [
+ "ldap",
+ "ldaps",
+ "ldap+starttls"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "password" : {
+ "description" : "LDAP bind password. Will be stored in '/etc/pve/priv/realm/<REALM>.pw'.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"port" : {
"description" : "Server port.",
"maximum" : 65535,
"typetext" : "<string>"
},
"secure" : {
- "description" : "Use secure LDAPS protocol.",
+ "description" : "Use secure LDAPS protocol. DEPRECATED: use 'mode' instead.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"optional" : 1,
"type" : "string"
},
+ "sync-defaults-options" : {
+ "description" : "The default options for behavior of synchronizations.",
+ "format" : "realm-sync-options",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[enable-new=<1|0>] [,full=<1|0>] [,purge=<1|0>] [,scope=<users|groups|both>]"
+ },
+ "sync_attributes" : {
+ "description" : "Comma separated list of key=value pairs for specifying which LDAP attributes map to which PVE user field. For example, to map the LDAP attribute 'mail' to PVEs 'email', write 'email=mail'. By default, each PVE user field is represented by an LDAP attribute of the same name.",
+ "optional" : 1,
+ "pattern" : "\\w+=[^,]+(,\\s*\\w+=[^,]+)*",
+ "type" : "string"
+ },
"tfa" : {
"description" : "Use Two-factor authentication.",
"format" : "pve-tfa-config",
"pattern" : "\\S{2,}",
"type" : "string"
},
+ "user_classes" : {
+ "default" : "inetorgperson, posixaccount, person, user",
+ "description" : "The objectclasses for users.",
+ "format" : "ldap-simple-attr-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"verify" : {
"default" : 0,
"description" : "Verify the server's SSL certificate",