use PVE::RESTHandler;
use PVE::RPCEnvironment;
use PVE::LXC;
+use PVE::LXC::Config;
use PVE::LXC::Create;
-use PVE::HA::Config;
use PVE::JSONSchema qw(get_standard_option);
use base qw(PVE::RESTHandler);
properties => {
node => get_standard_option('pve-node'),
vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
+ snapshot => get_standard_option('pve-snapshot-name', {
+ description => "Fetch config values from given snapshot.",
+ optional => 1,
+ completion => sub {
+ my ($cmd, $pname, $cur, $args) = @_;
+ PVE::LXC::Config->snapshot_list($args->[0]);
+ },
+ }),
},
},
returns => {
type => "object",
- properties => {
+ properties => PVE::LXC::Config->json_config_properties({
+ lxc => {
+ description => "Array of lxc low-level configurations ([[key1, value1], [key2, value2] ...]).",
+ type => 'array',
+ items => { type => 'array', items => { type => 'string' }},
+ optional => 1,
+ },
digest => {
type => 'string',
description => 'SHA1 digest of configuration file. This can be used to prevent concurrent modifications.',
}
- },
+ }),
},
code => sub {
my ($param) = @_;
- my $conf = PVE::LXC::load_config($param->{vmid});
+ my $conf = PVE::LXC::Config->load_config($param->{vmid});
+
+ my $snapname = $param->{snapshot};
+ if ($snapname) {
+ my $snapshot = $conf->{snapshots}->{$snapname};
+ die "snapshot '$snapname' does not exist\n"
+ if !defined($snapshot);
+
+ # we need the digest of the file
+ $snapshot->{digest} = $conf->{digest};
+ $conf = $snapshot;
+ }
delete $conf->{snapshots};
- delete $conf->{lxc};
return $conf;
}});
description => "Set container options.",
permissions => {
check => ['perm', '/vms/{vmid}', $vm_config_perm_list, any => 1],
+ description => 'non-volume mount points in rootfs and mp[n] are restricted to root@pam',
},
parameters => {
additionalProperties => 0,
- properties => PVE::LXC::json_config_properties(
+ properties => PVE::LXC::Config->json_config_properties(
{
node => get_standard_option('pve-node'),
vmid => get_standard_option('pve-vmid', { completion => \&PVE::LXC::complete_ctid }),
my $delete_str = extract_param($param, 'delete');
my @delete = PVE::Tools::split_list($delete_str);
- PVE::LXC::check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, [@delete]);
+ PVE::LXC::check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, {}, [@delete]);
foreach my $opt (@delete) {
raise_param_exc({ delete => "you can't use '-$opt' and " .
"-delete $opt' at the same time" })
if defined($param->{$opt});
- if (!PVE::LXC::option_exists($opt)) {
+ if (!PVE::LXC::Config->option_exists($opt)) {
raise_param_exc({ delete => "unknown option '$opt'" });
}
}
- PVE::LXC::check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, [keys %$param]);
+ PVE::LXC::check_ct_modify_config_perm($rpcenv, $authuser, $vmid, undef, $param, []);
my $storage_cfg = cfs_read_file("storage.cfg");
+ my $repl_conf = PVE::ReplicationConfig->new();
+ my $is_replicated = $repl_conf->check_for_existing_jobs($vmid, 1);
+ if ($is_replicated) {
+ PVE::LXC::Config->foreach_mountpoint_full($param, 0, sub {
+ my ($opt, $mountpoint) = @_;
+ my $volid = $mountpoint->{volume};
+ return if !$volid || !($mountpoint->{replicate}//1);
+ if ($mountpoint->{type} eq 'volume') {
+ my ($storeid, $format);
+ if ($volid =~ $PVE::LXC::NEW_DISK_RE) {
+ $storeid = $1;
+ $format = $mountpoint->{format} || PVE::Storage::storage_default_format($storage_cfg, $storeid);
+ } else {
+ ($storeid, undef) = PVE::Storage::parse_volume_id($volid, 1);
+ $format = (PVE::Storage::parse_volname($storage_cfg, $volid))[6];
+ }
+ return if PVE::Storage::storage_can_replicate($storage_cfg, $storeid, $format);
+ my $scfg = PVE::Storage::storage_config($storage_cfg, $storeid);
+ return if $scfg->{shared};
+ }
+ die "cannot add non-replicatable volume to a replicated VM\n";
+ });
+ }
+
my $code = sub {
- my $conf = PVE::LXC::load_config($vmid);
- PVE::LXC::check_lock($conf);
+ my $conf = PVE::LXC::Config->load_config($vmid);
+ PVE::LXC::Config->check_lock($conf);
PVE::Tools::assert_if_modified($digest, $conf->{digest});
my $running = PVE::LXC::check_running($vmid);
- PVE::LXC::update_pct_config($vmid, $conf, $running, $param, \@delete);
+ PVE::LXC::Config->update_pct_config($vmid, $conf, $running, $param, \@delete);
- PVE::LXC::write_config($vmid, $conf);
- PVE::LXC::update_lxc_config($storage_cfg, $vmid, $conf);
+ PVE::LXC::Config->write_config($vmid, $conf);
+ PVE::LXC::update_lxc_config($vmid, $conf);
};
- PVE::LXC::lock_container($vmid, undef, $code);
+ PVE::LXC::Config->lock_config($vmid, $code);
return undef;
}});