f0a132175c20e04e20f63a6a857cb97a8ec48e8e
[pve-docs.git] / api-viewer / apidata.js
1 const apiSchema = [
2 {
3 "children" : [
4 {
5 "children" : [
6 {
7 "info" : {
8 "DELETE" : {
9 "allowtoken" : 1,
10 "description" : "Mark replication job for removal.",
11 "method" : "DELETE",
12 "name" : "delete",
13 "parameters" : {
14 "additionalProperties" : 0,
15 "properties" : {
16 "force" : {
17 "default" : 0,
18 "description" : "Will remove the jobconfig entry, but will not cleanup.",
19 "optional" : 1,
20 "type" : "boolean",
21 "typetext" : "<boolean>"
22 },
23 "id" : {
24 "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
25 "format" : "pve-replication-job-id",
26 "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
27 "type" : "string"
28 },
29 "keep" : {
30 "default" : 0,
31 "description" : "Keep replicated data at target (do not remove).",
32 "optional" : 1,
33 "type" : "boolean",
34 "typetext" : "<boolean>"
35 }
36 }
37 },
38 "permissions" : {
39 "check" : [
40 "perm",
41 "/storage",
42 [
43 "Datastore.Allocate"
44 ]
45 ]
46 },
47 "protected" : 1,
48 "returns" : {
49 "type" : "null"
50 }
51 },
52 "GET" : {
53 "allowtoken" : 1,
54 "description" : "Read replication job configuration.",
55 "method" : "GET",
56 "name" : "read",
57 "parameters" : {
58 "additionalProperties" : 0,
59 "properties" : {
60 "id" : {
61 "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
62 "format" : "pve-replication-job-id",
63 "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
64 "type" : "string"
65 }
66 }
67 },
68 "permissions" : {
69 "description" : "Requires the VM.Audit permission on /vms/<vmid>.",
70 "user" : "all"
71 },
72 "returns" : {
73 "type" : "object"
74 }
75 },
76 "PUT" : {
77 "allowtoken" : 1,
78 "description" : "Update replication job configuration.",
79 "method" : "PUT",
80 "name" : "update",
81 "parameters" : {
82 "additionalProperties" : 0,
83 "properties" : {
84 "comment" : {
85 "description" : "Description.",
86 "maxLength" : 4096,
87 "optional" : 1,
88 "type" : "string",
89 "typetext" : "<string>"
90 },
91 "delete" : {
92 "description" : "A list of settings you want to delete.",
93 "format" : "pve-configid-list",
94 "maxLength" : 4096,
95 "optional" : 1,
96 "type" : "string",
97 "typetext" : "<string>"
98 },
99 "digest" : {
100 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
101 "maxLength" : 40,
102 "optional" : 1,
103 "type" : "string",
104 "typetext" : "<string>"
105 },
106 "disable" : {
107 "description" : "Flag to disable/deactivate the entry.",
108 "optional" : 1,
109 "type" : "boolean",
110 "typetext" : "<boolean>"
111 },
112 "id" : {
113 "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
114 "format" : "pve-replication-job-id",
115 "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
116 "type" : "string"
117 },
118 "rate" : {
119 "description" : "Rate limit in mbps (megabytes per second) as floating point number.",
120 "minimum" : 1,
121 "optional" : 1,
122 "type" : "number",
123 "typetext" : "<number> (1 - N)"
124 },
125 "remove_job" : {
126 "description" : "Mark the replication job for removal. The job will remove all local replication snapshots. When set to 'full', it also tries to remove replicated volumes on the target. The job then removes itself from the configuration file.",
127 "enum" : [
128 "local",
129 "full"
130 ],
131 "optional" : 1,
132 "type" : "string"
133 },
134 "schedule" : {
135 "default" : "*/15",
136 "description" : "Storage replication schedule. The format is a subset of `systemd` calendar events.",
137 "format" : "pve-calendar-event",
138 "maxLength" : 128,
139 "optional" : 1,
140 "type" : "string",
141 "typetext" : "<string>"
142 },
143 "source" : {
144 "description" : "For internal use, to detect if the guest was stolen.",
145 "format" : "pve-node",
146 "optional" : 1,
147 "type" : "string",
148 "typetext" : "<string>"
149 }
150 },
151 "type" : "object"
152 },
153 "permissions" : {
154 "check" : [
155 "perm",
156 "/storage",
157 [
158 "Datastore.Allocate"
159 ]
160 ]
161 },
162 "protected" : 1,
163 "returns" : {
164 "type" : "null"
165 }
166 }
167 },
168 "leaf" : 1,
169 "path" : "/cluster/replication/{id}",
170 "text" : "{id}"
171 }
172 ],
173 "info" : {
174 "GET" : {
175 "allowtoken" : 1,
176 "description" : "List replication jobs.",
177 "method" : "GET",
178 "name" : "index",
179 "parameters" : {
180 "additionalProperties" : 0
181 },
182 "permissions" : {
183 "description" : "Requires the VM.Audit permission on /vms/<vmid>.",
184 "user" : "all"
185 },
186 "returns" : {
187 "items" : {
188 "properties" : {},
189 "type" : "object"
190 },
191 "links" : [
192 {
193 "href" : "{id}",
194 "rel" : "child"
195 }
196 ],
197 "type" : "array"
198 }
199 },
200 "POST" : {
201 "allowtoken" : 1,
202 "description" : "Create a new replication job",
203 "method" : "POST",
204 "name" : "create",
205 "parameters" : {
206 "additionalProperties" : 0,
207 "properties" : {
208 "comment" : {
209 "description" : "Description.",
210 "maxLength" : 4096,
211 "optional" : 1,
212 "type" : "string",
213 "typetext" : "<string>"
214 },
215 "disable" : {
216 "description" : "Flag to disable/deactivate the entry.",
217 "optional" : 1,
218 "type" : "boolean",
219 "typetext" : "<boolean>"
220 },
221 "id" : {
222 "description" : "Replication Job ID. The ID is composed of a Guest ID and a job number, separated by a hyphen, i.e. '<GUEST>-<JOBNUM>'.",
223 "format" : "pve-replication-job-id",
224 "pattern" : "[1-9][0-9]{2,8}-\\d{1,9}",
225 "type" : "string"
226 },
227 "rate" : {
228 "description" : "Rate limit in mbps (megabytes per second) as floating point number.",
229 "minimum" : 1,
230 "optional" : 1,
231 "type" : "number",
232 "typetext" : "<number> (1 - N)"
233 },
234 "remove_job" : {
235 "description" : "Mark the replication job for removal. The job will remove all local replication snapshots. When set to 'full', it also tries to remove replicated volumes on the target. The job then removes itself from the configuration file.",
236 "enum" : [
237 "local",
238 "full"
239 ],
240 "optional" : 1,
241 "type" : "string"
242 },
243 "schedule" : {
244 "default" : "*/15",
245 "description" : "Storage replication schedule. The format is a subset of `systemd` calendar events.",
246 "format" : "pve-calendar-event",
247 "maxLength" : 128,
248 "optional" : 1,
249 "type" : "string",
250 "typetext" : "<string>"
251 },
252 "source" : {
253 "description" : "For internal use, to detect if the guest was stolen.",
254 "format" : "pve-node",
255 "optional" : 1,
256 "type" : "string",
257 "typetext" : "<string>"
258 },
259 "target" : {
260 "description" : "Target node.",
261 "format" : "pve-node",
262 "optional" : 0,
263 "type" : "string",
264 "typetext" : "<string>"
265 },
266 "type" : {
267 "description" : "Section type.",
268 "enum" : [
269 "local"
270 ],
271 "type" : "string"
272 }
273 },
274 "type" : "object"
275 },
276 "permissions" : {
277 "check" : [
278 "perm",
279 "/storage",
280 [
281 "Datastore.Allocate"
282 ]
283 ]
284 },
285 "protected" : 1,
286 "returns" : {
287 "type" : "null"
288 }
289 }
290 },
291 "leaf" : 0,
292 "path" : "/cluster/replication",
293 "text" : "replication"
294 },
295 {
296 "children" : [
297 {
298 "children" : [
299 {
300 "info" : {
301 "DELETE" : {
302 "allowtoken" : 1,
303 "description" : "Remove Metric server.",
304 "method" : "DELETE",
305 "name" : "delete",
306 "parameters" : {
307 "additionalProperties" : 0,
308 "properties" : {
309 "id" : {
310 "format" : "pve-configid",
311 "type" : "string",
312 "typetext" : "<string>"
313 }
314 }
315 },
316 "permissions" : {
317 "check" : [
318 "perm",
319 "/",
320 [
321 "Sys.Modify"
322 ]
323 ]
324 },
325 "protected" : 1,
326 "returns" : {
327 "type" : "null"
328 }
329 },
330 "GET" : {
331 "allowtoken" : 1,
332 "description" : "Read metric server configuration.",
333 "method" : "GET",
334 "name" : "read",
335 "parameters" : {
336 "additionalProperties" : 0,
337 "properties" : {
338 "id" : {
339 "format" : "pve-configid",
340 "type" : "string",
341 "typetext" : "<string>"
342 }
343 }
344 },
345 "permissions" : {
346 "check" : [
347 "perm",
348 "/",
349 [
350 "Sys.Audit"
351 ]
352 ]
353 },
354 "returns" : {
355 "type" : "object"
356 }
357 },
358 "POST" : {
359 "allowtoken" : 1,
360 "description" : "Create a new external metric server config",
361 "method" : "POST",
362 "name" : "create",
363 "parameters" : {
364 "additionalProperties" : 0,
365 "properties" : {
366 "api-path-prefix" : {
367 "description" : "An API path prefix inserted between '<host>:<port>/' and '/api2/'. Can be useful if the InfluxDB service runs behind a reverse proxy.",
368 "optional" : 1,
369 "type" : "string",
370 "typetext" : "<string>"
371 },
372 "bucket" : {
373 "description" : "The InfluxDB bucket/db. Only necessary when using the http v2 api.",
374 "optional" : 1,
375 "type" : "string",
376 "typetext" : "<string>"
377 },
378 "disable" : {
379 "description" : "Flag to disable the plugin.",
380 "optional" : 1,
381 "type" : "boolean",
382 "typetext" : "<boolean>"
383 },
384 "id" : {
385 "description" : "The ID of the entry.",
386 "format" : "pve-configid",
387 "type" : "string",
388 "typetext" : "<string>"
389 },
390 "influxdbproto" : {
391 "default" : "udp",
392 "enum" : [
393 "udp",
394 "http",
395 "https"
396 ],
397 "optional" : 1,
398 "type" : "string"
399 },
400 "max-body-size" : {
401 "default" : 25000000,
402 "description" : "InfluxDB max-body-size in bytes. Requests are batched up to this size.",
403 "minimum" : 1,
404 "optional" : 1,
405 "type" : "integer",
406 "typetext" : "<integer> (1 - N)"
407 },
408 "mtu" : {
409 "default" : 1500,
410 "description" : "MTU for metrics transmission over UDP",
411 "maximum" : 65536,
412 "minimum" : 512,
413 "optional" : 1,
414 "type" : "integer",
415 "typetext" : "<integer> (512 - 65536)"
416 },
417 "organization" : {
418 "description" : "The InfluxDB organization. Only necessary when using the http v2 api. Has no meaning when using v2 compatibility api.",
419 "optional" : 1,
420 "type" : "string",
421 "typetext" : "<string>"
422 },
423 "path" : {
424 "description" : "root graphite path (ex: proxmox.mycluster.mykey)",
425 "format" : "graphite-path",
426 "optional" : 1,
427 "type" : "string",
428 "typetext" : "<string>"
429 },
430 "port" : {
431 "description" : "server network port",
432 "maximum" : 65536,
433 "minimum" : 1,
434 "type" : "integer",
435 "typetext" : "<integer> (1 - 65536)"
436 },
437 "proto" : {
438 "description" : "Protocol to send graphite data. TCP or UDP (default)",
439 "enum" : [
440 "udp",
441 "tcp"
442 ],
443 "optional" : 1,
444 "type" : "string"
445 },
446 "server" : {
447 "description" : "server dns name or IP address",
448 "format" : "address",
449 "type" : "string",
450 "typetext" : "<string>"
451 },
452 "timeout" : {
453 "default" : 1,
454 "description" : "graphite TCP socket timeout (default=1)",
455 "minimum" : 0,
456 "optional" : 1,
457 "type" : "integer",
458 "typetext" : "<integer> (0 - N)"
459 },
460 "token" : {
461 "description" : "The InfluxDB access token. Only necessary when using the http v2 api. If the v2 compatibility api is used, use 'user:password' instead.",
462 "optional" : 1,
463 "type" : "string",
464 "typetext" : "<string>"
465 },
466 "type" : {
467 "description" : "Plugin type.",
468 "enum" : [
469 "graphite",
470 "influxdb"
471 ],
472 "format" : "pve-configid",
473 "type" : "string"
474 },
475 "verify-certificate" : {
476 "default" : 1,
477 "description" : "Set to 0 to disable certificate verification for https endpoints.",
478 "optional" : 1,
479 "type" : "boolean",
480 "typetext" : "<boolean>"
481 }
482 },
483 "type" : "object"
484 },
485 "permissions" : {
486 "check" : [
487 "perm",
488 "/",
489 [
490 "Sys.Modify"
491 ]
492 ]
493 },
494 "protected" : 1,
495 "returns" : {
496 "type" : "null"
497 }
498 },
499 "PUT" : {
500 "allowtoken" : 1,
501 "description" : "Update metric server configuration.",
502 "method" : "PUT",
503 "name" : "update",
504 "parameters" : {
505 "additionalProperties" : 0,
506 "properties" : {
507 "api-path-prefix" : {
508 "description" : "An API path prefix inserted between '<host>:<port>/' and '/api2/'. Can be useful if the InfluxDB service runs behind a reverse proxy.",
509 "optional" : 1,
510 "type" : "string",
511 "typetext" : "<string>"
512 },
513 "bucket" : {
514 "description" : "The InfluxDB bucket/db. Only necessary when using the http v2 api.",
515 "optional" : 1,
516 "type" : "string",
517 "typetext" : "<string>"
518 },
519 "delete" : {
520 "description" : "A list of settings you want to delete.",
521 "format" : "pve-configid-list",
522 "maxLength" : 4096,
523 "optional" : 1,
524 "type" : "string",
525 "typetext" : "<string>"
526 },
527 "digest" : {
528 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
529 "maxLength" : 40,
530 "optional" : 1,
531 "type" : "string",
532 "typetext" : "<string>"
533 },
534 "disable" : {
535 "description" : "Flag to disable the plugin.",
536 "optional" : 1,
537 "type" : "boolean",
538 "typetext" : "<boolean>"
539 },
540 "id" : {
541 "description" : "The ID of the entry.",
542 "format" : "pve-configid",
543 "type" : "string",
544 "typetext" : "<string>"
545 },
546 "influxdbproto" : {
547 "default" : "udp",
548 "enum" : [
549 "udp",
550 "http",
551 "https"
552 ],
553 "optional" : 1,
554 "type" : "string"
555 },
556 "max-body-size" : {
557 "default" : 25000000,
558 "description" : "InfluxDB max-body-size in bytes. Requests are batched up to this size.",
559 "minimum" : 1,
560 "optional" : 1,
561 "type" : "integer",
562 "typetext" : "<integer> (1 - N)"
563 },
564 "mtu" : {
565 "default" : 1500,
566 "description" : "MTU for metrics transmission over UDP",
567 "maximum" : 65536,
568 "minimum" : 512,
569 "optional" : 1,
570 "type" : "integer",
571 "typetext" : "<integer> (512 - 65536)"
572 },
573 "organization" : {
574 "description" : "The InfluxDB organization. Only necessary when using the http v2 api. Has no meaning when using v2 compatibility api.",
575 "optional" : 1,
576 "type" : "string",
577 "typetext" : "<string>"
578 },
579 "path" : {
580 "description" : "root graphite path (ex: proxmox.mycluster.mykey)",
581 "format" : "graphite-path",
582 "optional" : 1,
583 "type" : "string",
584 "typetext" : "<string>"
585 },
586 "port" : {
587 "description" : "server network port",
588 "maximum" : 65536,
589 "minimum" : 1,
590 "type" : "integer",
591 "typetext" : "<integer> (1 - 65536)"
592 },
593 "proto" : {
594 "description" : "Protocol to send graphite data. TCP or UDP (default)",
595 "enum" : [
596 "udp",
597 "tcp"
598 ],
599 "optional" : 1,
600 "type" : "string"
601 },
602 "server" : {
603 "description" : "server dns name or IP address",
604 "format" : "address",
605 "type" : "string",
606 "typetext" : "<string>"
607 },
608 "timeout" : {
609 "default" : 1,
610 "description" : "graphite TCP socket timeout (default=1)",
611 "minimum" : 0,
612 "optional" : 1,
613 "type" : "integer",
614 "typetext" : "<integer> (0 - N)"
615 },
616 "token" : {
617 "description" : "The InfluxDB access token. Only necessary when using the http v2 api. If the v2 compatibility api is used, use 'user:password' instead.",
618 "optional" : 1,
619 "type" : "string",
620 "typetext" : "<string>"
621 },
622 "verify-certificate" : {
623 "default" : 1,
624 "description" : "Set to 0 to disable certificate verification for https endpoints.",
625 "optional" : 1,
626 "type" : "boolean",
627 "typetext" : "<boolean>"
628 }
629 },
630 "type" : "object"
631 },
632 "permissions" : {
633 "check" : [
634 "perm",
635 "/",
636 [
637 "Sys.Modify"
638 ]
639 ]
640 },
641 "protected" : 1,
642 "returns" : {
643 "type" : "null"
644 }
645 }
646 },
647 "leaf" : 1,
648 "path" : "/cluster/metrics/server/{id}",
649 "text" : "{id}"
650 }
651 ],
652 "info" : {
653 "GET" : {
654 "allowtoken" : 1,
655 "description" : "List configured metric servers.",
656 "method" : "GET",
657 "name" : "server_index",
658 "parameters" : {
659 "additionalProperties" : 0
660 },
661 "permissions" : {
662 "check" : [
663 "perm",
664 "/",
665 [
666 "Sys.Audit"
667 ]
668 ]
669 },
670 "returns" : {
671 "items" : {
672 "properties" : {
673 "disable" : {
674 "description" : "Flag to disable the plugin.",
675 "type" : "boolean"
676 },
677 "id" : {
678 "description" : "The ID of the entry.",
679 "type" : "string"
680 },
681 "port" : {
682 "description" : "Server network port",
683 "type" : "integer"
684 },
685 "server" : {
686 "description" : "Server dns name or IP address",
687 "type" : "string"
688 },
689 "type" : {
690 "description" : "Plugin type.",
691 "type" : "string"
692 }
693 },
694 "type" : "object"
695 },
696 "links" : [
697 {
698 "href" : "{id}",
699 "rel" : "child"
700 }
701 ],
702 "type" : "array"
703 }
704 }
705 },
706 "leaf" : 0,
707 "path" : "/cluster/metrics/server",
708 "text" : "server"
709 }
710 ],
711 "info" : {
712 "GET" : {
713 "allowtoken" : 1,
714 "description" : "Metrics index.",
715 "method" : "GET",
716 "name" : "index",
717 "parameters" : {
718 "additionalProperties" : 0
719 },
720 "permissions" : {
721 "user" : "all"
722 },
723 "returns" : {
724 "items" : {
725 "properties" : {},
726 "type" : "object"
727 },
728 "links" : [
729 {
730 "href" : "{name}",
731 "rel" : "child"
732 }
733 ],
734 "type" : "array"
735 }
736 }
737 },
738 "leaf" : 0,
739 "path" : "/cluster/metrics",
740 "text" : "metrics"
741 },
742 {
743 "children" : [
744 {
745 "info" : {
746 "GET" : {
747 "allowtoken" : 1,
748 "description" : "Return the version of the cluster join API available on this node.",
749 "method" : "GET",
750 "name" : "join_api_version",
751 "parameters" : {
752 "additionalProperties" : 0
753 },
754 "permissions" : {
755 "check" : [
756 "perm",
757 "/",
758 [
759 "Sys.Audit"
760 ]
761 ]
762 },
763 "returns" : {
764 "description" : "Cluster Join API version, currently 1",
765 "minimum" : 0,
766 "type" : "integer"
767 }
768 }
769 },
770 "leaf" : 1,
771 "path" : "/cluster/config/apiversion",
772 "text" : "apiversion"
773 },
774 {
775 "children" : [
776 {
777 "info" : {
778 "DELETE" : {
779 "allowtoken" : 1,
780 "description" : "Removes a node from the cluster configuration.",
781 "method" : "DELETE",
782 "name" : "delnode",
783 "parameters" : {
784 "additionalProperties" : 0,
785 "properties" : {
786 "node" : {
787 "description" : "The cluster node name.",
788 "format" : "pve-node",
789 "type" : "string",
790 "typetext" : "<string>"
791 }
792 }
793 },
794 "protected" : 1,
795 "returns" : {
796 "type" : "null"
797 }
798 },
799 "POST" : {
800 "allowtoken" : 1,
801 "description" : "Adds a node to the cluster configuration. This call is for internal use.",
802 "method" : "POST",
803 "name" : "addnode",
804 "parameters" : {
805 "additionalProperties" : 0,
806 "properties" : {
807 "apiversion" : {
808 "description" : "The JOIN_API_VERSION of the new node.",
809 "optional" : 1,
810 "type" : "integer",
811 "typetext" : "<integer>"
812 },
813 "force" : {
814 "description" : "Do not throw error if node already exists.",
815 "optional" : 1,
816 "type" : "boolean",
817 "typetext" : "<boolean>"
818 },
819 "link[n]" : {
820 "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
821 "format" : {
822 "address" : {
823 "default_key" : 1,
824 "description" : "Hostname (or IP) of this corosync link address.",
825 "format" : "address",
826 "format_description" : "IP",
827 "type" : "string"
828 },
829 "priority" : {
830 "default" : 0,
831 "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
832 "maximum" : 255,
833 "minimum" : 0,
834 "optional" : 1,
835 "type" : "integer"
836 }
837 },
838 "optional" : 1,
839 "type" : "string",
840 "typetext" : "[address=]<IP> [,priority=<integer>]"
841 },
842 "new_node_ip" : {
843 "description" : "IP Address of node to add. Used as fallback if no links are given.",
844 "format" : "ip",
845 "optional" : 1,
846 "type" : "string",
847 "typetext" : "<string>"
848 },
849 "node" : {
850 "description" : "The cluster node name.",
851 "format" : "pve-node",
852 "type" : "string",
853 "typetext" : "<string>"
854 },
855 "nodeid" : {
856 "description" : "Node id for this node.",
857 "minimum" : 1,
858 "optional" : 1,
859 "type" : "integer",
860 "typetext" : "<integer> (1 - N)"
861 },
862 "votes" : {
863 "description" : "Number of votes for this node",
864 "minimum" : 0,
865 "optional" : 1,
866 "type" : "integer",
867 "typetext" : "<integer> (0 - N)"
868 }
869 }
870 },
871 "protected" : 1,
872 "returns" : {
873 "properties" : {
874 "corosync_authkey" : {
875 "type" : "string"
876 },
877 "corosync_conf" : {
878 "type" : "string"
879 },
880 "warnings" : {
881 "items" : {
882 "type" : "string"
883 },
884 "type" : "array"
885 }
886 },
887 "type" : "object"
888 }
889 }
890 },
891 "leaf" : 1,
892 "path" : "/cluster/config/nodes/{node}",
893 "text" : "{node}"
894 }
895 ],
896 "info" : {
897 "GET" : {
898 "allowtoken" : 1,
899 "description" : "Corosync node list.",
900 "method" : "GET",
901 "name" : "nodes",
902 "parameters" : {
903 "additionalProperties" : 0
904 },
905 "permissions" : {
906 "check" : [
907 "perm",
908 "/",
909 [
910 "Sys.Audit"
911 ]
912 ]
913 },
914 "returns" : {
915 "items" : {
916 "properties" : {
917 "node" : {
918 "type" : "string"
919 }
920 },
921 "type" : "object"
922 },
923 "links" : [
924 {
925 "href" : "{node}",
926 "rel" : "child"
927 }
928 ],
929 "type" : "array"
930 }
931 }
932 },
933 "leaf" : 0,
934 "path" : "/cluster/config/nodes",
935 "text" : "nodes"
936 },
937 {
938 "info" : {
939 "GET" : {
940 "allowtoken" : 1,
941 "description" : "Get information needed to join this cluster over the connected node.",
942 "method" : "GET",
943 "name" : "join_info",
944 "parameters" : {
945 "additionalProperties" : 0,
946 "properties" : {
947 "node" : {
948 "default" : "current connected node",
949 "description" : "The node for which the joinee gets the nodeinfo. ",
950 "format" : "pve-node",
951 "optional" : 1,
952 "type" : "string",
953 "typetext" : "<string>"
954 }
955 }
956 },
957 "permissions" : {
958 "check" : [
959 "perm",
960 "/",
961 [
962 "Sys.Audit"
963 ]
964 ]
965 },
966 "returns" : {
967 "additionalProperties" : 0,
968 "properties" : {
969 "config_digest" : {
970 "type" : "string"
971 },
972 "nodelist" : {
973 "items" : {
974 "additionalProperties" : 1,
975 "properties" : {
976 "name" : {
977 "description" : "The cluster node name.",
978 "format" : "pve-node",
979 "type" : "string"
980 },
981 "nodeid" : {
982 "description" : "Node id for this node.",
983 "minimum" : 1,
984 "optional" : 1,
985 "type" : "integer"
986 },
987 "pve_addr" : {
988 "format" : "ip",
989 "type" : "string"
990 },
991 "pve_fp" : {
992 "description" : "Certificate SHA 256 fingerprint.",
993 "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
994 "type" : "string"
995 },
996 "quorum_votes" : {
997 "minimum" : 0,
998 "type" : "integer"
999 },
1000 "ring0_addr" : {
1001 "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
1002 "format" : {
1003 "address" : {
1004 "default_key" : 1,
1005 "description" : "Hostname (or IP) of this corosync link address.",
1006 "format" : "address",
1007 "format_description" : "IP",
1008 "type" : "string"
1009 },
1010 "priority" : {
1011 "default" : 0,
1012 "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
1013 "maximum" : 255,
1014 "minimum" : 0,
1015 "optional" : 1,
1016 "type" : "integer"
1017 }
1018 },
1019 "optional" : 1,
1020 "type" : "string"
1021 }
1022 },
1023 "type" : "object"
1024 },
1025 "type" : "array"
1026 },
1027 "preferred_node" : {
1028 "description" : "The cluster node name.",
1029 "format" : "pve-node",
1030 "type" : "string"
1031 },
1032 "totem" : {
1033 "type" : "object"
1034 }
1035 },
1036 "type" : "object"
1037 }
1038 },
1039 "POST" : {
1040 "allowtoken" : 1,
1041 "description" : "Joins this node into an existing cluster. If no links are given, default to IP resolved by node's hostname on single link (fallback fails for clusters with multiple links).",
1042 "method" : "POST",
1043 "name" : "join",
1044 "parameters" : {
1045 "additionalProperties" : 0,
1046 "properties" : {
1047 "fingerprint" : {
1048 "description" : "Certificate SHA 256 fingerprint.",
1049 "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
1050 "type" : "string"
1051 },
1052 "force" : {
1053 "description" : "Do not throw error if node already exists.",
1054 "optional" : 1,
1055 "type" : "boolean",
1056 "typetext" : "<boolean>"
1057 },
1058 "hostname" : {
1059 "description" : "Hostname (or IP) of an existing cluster member.",
1060 "type" : "string",
1061 "typetext" : "<string>"
1062 },
1063 "link[n]" : {
1064 "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
1065 "format" : {
1066 "address" : {
1067 "default_key" : 1,
1068 "description" : "Hostname (or IP) of this corosync link address.",
1069 "format" : "address",
1070 "format_description" : "IP",
1071 "type" : "string"
1072 },
1073 "priority" : {
1074 "default" : 0,
1075 "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
1076 "maximum" : 255,
1077 "minimum" : 0,
1078 "optional" : 1,
1079 "type" : "integer"
1080 }
1081 },
1082 "optional" : 1,
1083 "type" : "string",
1084 "typetext" : "[address=]<IP> [,priority=<integer>]"
1085 },
1086 "nodeid" : {
1087 "description" : "Node id for this node.",
1088 "minimum" : 1,
1089 "optional" : 1,
1090 "type" : "integer",
1091 "typetext" : "<integer> (1 - N)"
1092 },
1093 "password" : {
1094 "description" : "Superuser (root) password of peer node.",
1095 "maxLength" : 128,
1096 "type" : "string",
1097 "typetext" : "<string>"
1098 },
1099 "votes" : {
1100 "description" : "Number of votes for this node",
1101 "minimum" : 0,
1102 "optional" : 1,
1103 "type" : "integer",
1104 "typetext" : "<integer> (0 - N)"
1105 }
1106 }
1107 },
1108 "protected" : 1,
1109 "returns" : {
1110 "type" : "string"
1111 }
1112 }
1113 },
1114 "leaf" : 1,
1115 "path" : "/cluster/config/join",
1116 "text" : "join"
1117 },
1118 {
1119 "info" : {
1120 "GET" : {
1121 "allowtoken" : 1,
1122 "description" : "Get corosync totem protocol settings.",
1123 "method" : "GET",
1124 "name" : "totem",
1125 "parameters" : {
1126 "additionalProperties" : 0
1127 },
1128 "permissions" : {
1129 "check" : [
1130 "perm",
1131 "/",
1132 [
1133 "Sys.Audit"
1134 ]
1135 ]
1136 },
1137 "returns" : {
1138 "type" : "object"
1139 }
1140 }
1141 },
1142 "leaf" : 1,
1143 "path" : "/cluster/config/totem",
1144 "text" : "totem"
1145 },
1146 {
1147 "info" : {
1148 "GET" : {
1149 "allowtoken" : 1,
1150 "description" : "Get QDevice status",
1151 "method" : "GET",
1152 "name" : "status",
1153 "parameters" : {
1154 "additionalProperties" : 0
1155 },
1156 "permissions" : {
1157 "check" : [
1158 "perm",
1159 "/",
1160 [
1161 "Sys.Audit"
1162 ]
1163 ]
1164 },
1165 "returns" : {
1166 "type" : "object"
1167 }
1168 }
1169 },
1170 "leaf" : 1,
1171 "path" : "/cluster/config/qdevice",
1172 "text" : "qdevice"
1173 }
1174 ],
1175 "info" : {
1176 "GET" : {
1177 "allowtoken" : 1,
1178 "description" : "Directory index.",
1179 "method" : "GET",
1180 "name" : "index",
1181 "parameters" : {
1182 "additionalProperties" : 0
1183 },
1184 "permissions" : {
1185 "check" : [
1186 "perm",
1187 "/",
1188 [
1189 "Sys.Audit"
1190 ]
1191 ]
1192 },
1193 "returns" : {
1194 "items" : {
1195 "properties" : {},
1196 "type" : "object"
1197 },
1198 "links" : [
1199 {
1200 "href" : "{name}",
1201 "rel" : "child"
1202 }
1203 ],
1204 "type" : "array"
1205 }
1206 },
1207 "POST" : {
1208 "allowtoken" : 1,
1209 "description" : "Generate new cluster configuration. If no links given, default to local IP address as link0.",
1210 "method" : "POST",
1211 "name" : "create",
1212 "parameters" : {
1213 "additionalProperties" : 0,
1214 "properties" : {
1215 "clustername" : {
1216 "description" : "The name of the cluster.",
1217 "format" : "pve-node",
1218 "maxLength" : 15,
1219 "type" : "string",
1220 "typetext" : "<string>"
1221 },
1222 "link[n]" : {
1223 "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
1224 "format" : {
1225 "address" : {
1226 "default_key" : 1,
1227 "description" : "Hostname (or IP) of this corosync link address.",
1228 "format" : "address",
1229 "format_description" : "IP",
1230 "type" : "string"
1231 },
1232 "priority" : {
1233 "default" : 0,
1234 "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
1235 "maximum" : 255,
1236 "minimum" : 0,
1237 "optional" : 1,
1238 "type" : "integer"
1239 }
1240 },
1241 "optional" : 1,
1242 "type" : "string",
1243 "typetext" : "[address=]<IP> [,priority=<integer>]"
1244 },
1245 "nodeid" : {
1246 "description" : "Node id for this node.",
1247 "minimum" : 1,
1248 "optional" : 1,
1249 "type" : "integer",
1250 "typetext" : "<integer> (1 - N)"
1251 },
1252 "votes" : {
1253 "description" : "Number of votes for this node.",
1254 "minimum" : 1,
1255 "optional" : 1,
1256 "type" : "integer",
1257 "typetext" : "<integer> (1 - N)"
1258 }
1259 }
1260 },
1261 "protected" : 1,
1262 "returns" : {
1263 "type" : "string"
1264 }
1265 }
1266 },
1267 "leaf" : 0,
1268 "path" : "/cluster/config",
1269 "text" : "config"
1270 },
1271 {
1272 "children" : [
1273 {
1274 "children" : [
1275 {
1276 "children" : [
1277 {
1278 "info" : {
1279 "DELETE" : {
1280 "allowtoken" : 1,
1281 "description" : "Delete rule.",
1282 "method" : "DELETE",
1283 "name" : "delete_rule",
1284 "parameters" : {
1285 "additionalProperties" : 0,
1286 "properties" : {
1287 "digest" : {
1288 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1289 "maxLength" : 40,
1290 "optional" : 1,
1291 "type" : "string",
1292 "typetext" : "<string>"
1293 },
1294 "group" : {
1295 "description" : "Security Group name.",
1296 "maxLength" : 18,
1297 "minLength" : 2,
1298 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1299 "type" : "string"
1300 },
1301 "pos" : {
1302 "description" : "Update rule at position <pos>.",
1303 "minimum" : 0,
1304 "optional" : 1,
1305 "type" : "integer",
1306 "typetext" : "<integer> (0 - N)"
1307 }
1308 }
1309 },
1310 "permissions" : {
1311 "check" : [
1312 "perm",
1313 "/",
1314 [
1315 "Sys.Modify"
1316 ]
1317 ]
1318 },
1319 "protected" : 1,
1320 "proxyto" : null,
1321 "returns" : {
1322 "type" : "null"
1323 }
1324 },
1325 "GET" : {
1326 "allowtoken" : 1,
1327 "description" : "Get single rule data.",
1328 "method" : "GET",
1329 "name" : "get_rule",
1330 "parameters" : {
1331 "additionalProperties" : 0,
1332 "properties" : {
1333 "group" : {
1334 "description" : "Security Group name.",
1335 "maxLength" : 18,
1336 "minLength" : 2,
1337 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1338 "type" : "string"
1339 },
1340 "pos" : {
1341 "description" : "Update rule at position <pos>.",
1342 "minimum" : 0,
1343 "optional" : 1,
1344 "type" : "integer",
1345 "typetext" : "<integer> (0 - N)"
1346 }
1347 }
1348 },
1349 "permissions" : {
1350 "check" : [
1351 "perm",
1352 "/",
1353 [
1354 "Sys.Audit"
1355 ]
1356 ]
1357 },
1358 "proxyto" : null,
1359 "returns" : {
1360 "properties" : {
1361 "action" : {
1362 "type" : "string"
1363 },
1364 "comment" : {
1365 "optional" : 1,
1366 "type" : "string"
1367 },
1368 "dest" : {
1369 "optional" : 1,
1370 "type" : "string"
1371 },
1372 "dport" : {
1373 "optional" : 1,
1374 "type" : "string"
1375 },
1376 "enable" : {
1377 "optional" : 1,
1378 "type" : "integer"
1379 },
1380 "icmp-type" : {
1381 "optional" : 1,
1382 "type" : "string"
1383 },
1384 "iface" : {
1385 "optional" : 1,
1386 "type" : "string"
1387 },
1388 "ipversion" : {
1389 "optional" : 1,
1390 "type" : "integer"
1391 },
1392 "log" : {
1393 "description" : "Log level for firewall rule",
1394 "enum" : [
1395 "emerg",
1396 "alert",
1397 "crit",
1398 "err",
1399 "warning",
1400 "notice",
1401 "info",
1402 "debug",
1403 "nolog"
1404 ],
1405 "optional" : 1,
1406 "type" : "string"
1407 },
1408 "macro" : {
1409 "optional" : 1,
1410 "type" : "string"
1411 },
1412 "pos" : {
1413 "type" : "integer"
1414 },
1415 "proto" : {
1416 "optional" : 1,
1417 "type" : "string"
1418 },
1419 "source" : {
1420 "optional" : 1,
1421 "type" : "string"
1422 },
1423 "sport" : {
1424 "optional" : 1,
1425 "type" : "string"
1426 },
1427 "type" : {
1428 "type" : "string"
1429 }
1430 },
1431 "type" : "object"
1432 }
1433 },
1434 "PUT" : {
1435 "allowtoken" : 1,
1436 "description" : "Modify rule data.",
1437 "method" : "PUT",
1438 "name" : "update_rule",
1439 "parameters" : {
1440 "additionalProperties" : 0,
1441 "properties" : {
1442 "action" : {
1443 "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
1444 "maxLength" : 20,
1445 "minLength" : 2,
1446 "optional" : 1,
1447 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1448 "type" : "string"
1449 },
1450 "comment" : {
1451 "description" : "Descriptive comment.",
1452 "optional" : 1,
1453 "type" : "string",
1454 "typetext" : "<string>"
1455 },
1456 "delete" : {
1457 "description" : "A list of settings you want to delete.",
1458 "format" : "pve-configid-list",
1459 "optional" : 1,
1460 "type" : "string",
1461 "typetext" : "<string>"
1462 },
1463 "dest" : {
1464 "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1465 "format" : "pve-fw-addr-spec",
1466 "maxLength" : 512,
1467 "optional" : 1,
1468 "type" : "string",
1469 "typetext" : "<string>"
1470 },
1471 "digest" : {
1472 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1473 "maxLength" : 40,
1474 "optional" : 1,
1475 "type" : "string",
1476 "typetext" : "<string>"
1477 },
1478 "dport" : {
1479 "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1480 "format" : "pve-fw-dport-spec",
1481 "optional" : 1,
1482 "type" : "string",
1483 "typetext" : "<string>"
1484 },
1485 "enable" : {
1486 "description" : "Flag to enable/disable a rule.",
1487 "minimum" : 0,
1488 "optional" : 1,
1489 "type" : "integer",
1490 "typetext" : "<integer> (0 - N)"
1491 },
1492 "group" : {
1493 "description" : "Security Group name.",
1494 "maxLength" : 18,
1495 "minLength" : 2,
1496 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1497 "type" : "string"
1498 },
1499 "icmp-type" : {
1500 "description" : "Specify icmp-type. Only valid if proto equals 'icmp'.",
1501 "format" : "pve-fw-icmp-type-spec",
1502 "optional" : 1,
1503 "type" : "string",
1504 "typetext" : "<string>"
1505 },
1506 "iface" : {
1507 "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
1508 "format" : "pve-iface",
1509 "maxLength" : 20,
1510 "minLength" : 2,
1511 "optional" : 1,
1512 "type" : "string",
1513 "typetext" : "<string>"
1514 },
1515 "log" : {
1516 "description" : "Log level for firewall rule.",
1517 "enum" : [
1518 "emerg",
1519 "alert",
1520 "crit",
1521 "err",
1522 "warning",
1523 "notice",
1524 "info",
1525 "debug",
1526 "nolog"
1527 ],
1528 "optional" : 1,
1529 "type" : "string"
1530 },
1531 "macro" : {
1532 "description" : "Use predefined standard macro.",
1533 "maxLength" : 128,
1534 "optional" : 1,
1535 "type" : "string",
1536 "typetext" : "<string>"
1537 },
1538 "moveto" : {
1539 "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
1540 "minimum" : 0,
1541 "optional" : 1,
1542 "type" : "integer",
1543 "typetext" : "<integer> (0 - N)"
1544 },
1545 "pos" : {
1546 "description" : "Update rule at position <pos>.",
1547 "minimum" : 0,
1548 "optional" : 1,
1549 "type" : "integer",
1550 "typetext" : "<integer> (0 - N)"
1551 },
1552 "proto" : {
1553 "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
1554 "format" : "pve-fw-protocol-spec",
1555 "optional" : 1,
1556 "type" : "string",
1557 "typetext" : "<string>"
1558 },
1559 "source" : {
1560 "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1561 "format" : "pve-fw-addr-spec",
1562 "maxLength" : 512,
1563 "optional" : 1,
1564 "type" : "string",
1565 "typetext" : "<string>"
1566 },
1567 "sport" : {
1568 "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1569 "format" : "pve-fw-sport-spec",
1570 "optional" : 1,
1571 "type" : "string",
1572 "typetext" : "<string>"
1573 },
1574 "type" : {
1575 "description" : "Rule type.",
1576 "enum" : [
1577 "in",
1578 "out",
1579 "group"
1580 ],
1581 "optional" : 1,
1582 "type" : "string"
1583 }
1584 }
1585 },
1586 "permissions" : {
1587 "check" : [
1588 "perm",
1589 "/",
1590 [
1591 "Sys.Modify"
1592 ]
1593 ]
1594 },
1595 "protected" : 1,
1596 "proxyto" : null,
1597 "returns" : {
1598 "type" : "null"
1599 }
1600 }
1601 },
1602 "leaf" : 1,
1603 "path" : "/cluster/firewall/groups/{group}/{pos}",
1604 "text" : "{pos}"
1605 }
1606 ],
1607 "info" : {
1608 "DELETE" : {
1609 "allowtoken" : 1,
1610 "description" : "Delete security group.",
1611 "method" : "DELETE",
1612 "name" : "delete_security_group",
1613 "parameters" : {
1614 "additionalProperties" : 0,
1615 "properties" : {
1616 "group" : {
1617 "description" : "Security Group name.",
1618 "maxLength" : 18,
1619 "minLength" : 2,
1620 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1621 "type" : "string"
1622 }
1623 }
1624 },
1625 "permissions" : {
1626 "check" : [
1627 "perm",
1628 "/",
1629 [
1630 "Sys.Modify"
1631 ]
1632 ]
1633 },
1634 "protected" : 1,
1635 "returns" : {
1636 "type" : "null"
1637 }
1638 },
1639 "GET" : {
1640 "allowtoken" : 1,
1641 "description" : "List rules.",
1642 "method" : "GET",
1643 "name" : "get_rules",
1644 "parameters" : {
1645 "additionalProperties" : 0,
1646 "properties" : {
1647 "group" : {
1648 "description" : "Security Group name.",
1649 "maxLength" : 18,
1650 "minLength" : 2,
1651 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1652 "type" : "string"
1653 }
1654 }
1655 },
1656 "permissions" : {
1657 "check" : [
1658 "perm",
1659 "/",
1660 [
1661 "Sys.Audit"
1662 ]
1663 ]
1664 },
1665 "proxyto" : null,
1666 "returns" : {
1667 "items" : {
1668 "properties" : {
1669 "pos" : {
1670 "type" : "integer"
1671 }
1672 },
1673 "type" : "object"
1674 },
1675 "links" : [
1676 {
1677 "href" : "{pos}",
1678 "rel" : "child"
1679 }
1680 ],
1681 "type" : "array"
1682 }
1683 },
1684 "POST" : {
1685 "allowtoken" : 1,
1686 "description" : "Create new rule.",
1687 "method" : "POST",
1688 "name" : "create_rule",
1689 "parameters" : {
1690 "additionalProperties" : 0,
1691 "properties" : {
1692 "action" : {
1693 "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
1694 "maxLength" : 20,
1695 "minLength" : 2,
1696 "optional" : 0,
1697 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1698 "type" : "string"
1699 },
1700 "comment" : {
1701 "description" : "Descriptive comment.",
1702 "optional" : 1,
1703 "type" : "string",
1704 "typetext" : "<string>"
1705 },
1706 "dest" : {
1707 "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1708 "format" : "pve-fw-addr-spec",
1709 "maxLength" : 512,
1710 "optional" : 1,
1711 "type" : "string",
1712 "typetext" : "<string>"
1713 },
1714 "digest" : {
1715 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1716 "maxLength" : 40,
1717 "optional" : 1,
1718 "type" : "string",
1719 "typetext" : "<string>"
1720 },
1721 "dport" : {
1722 "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1723 "format" : "pve-fw-dport-spec",
1724 "optional" : 1,
1725 "type" : "string",
1726 "typetext" : "<string>"
1727 },
1728 "enable" : {
1729 "description" : "Flag to enable/disable a rule.",
1730 "minimum" : 0,
1731 "optional" : 1,
1732 "type" : "integer",
1733 "typetext" : "<integer> (0 - N)"
1734 },
1735 "group" : {
1736 "description" : "Security Group name.",
1737 "maxLength" : 18,
1738 "minLength" : 2,
1739 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1740 "type" : "string"
1741 },
1742 "icmp-type" : {
1743 "description" : "Specify icmp-type. Only valid if proto equals 'icmp'.",
1744 "format" : "pve-fw-icmp-type-spec",
1745 "optional" : 1,
1746 "type" : "string",
1747 "typetext" : "<string>"
1748 },
1749 "iface" : {
1750 "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
1751 "format" : "pve-iface",
1752 "maxLength" : 20,
1753 "minLength" : 2,
1754 "optional" : 1,
1755 "type" : "string",
1756 "typetext" : "<string>"
1757 },
1758 "log" : {
1759 "description" : "Log level for firewall rule.",
1760 "enum" : [
1761 "emerg",
1762 "alert",
1763 "crit",
1764 "err",
1765 "warning",
1766 "notice",
1767 "info",
1768 "debug",
1769 "nolog"
1770 ],
1771 "optional" : 1,
1772 "type" : "string"
1773 },
1774 "macro" : {
1775 "description" : "Use predefined standard macro.",
1776 "maxLength" : 128,
1777 "optional" : 1,
1778 "type" : "string",
1779 "typetext" : "<string>"
1780 },
1781 "pos" : {
1782 "description" : "Update rule at position <pos>.",
1783 "minimum" : 0,
1784 "optional" : 1,
1785 "type" : "integer",
1786 "typetext" : "<integer> (0 - N)"
1787 },
1788 "proto" : {
1789 "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
1790 "format" : "pve-fw-protocol-spec",
1791 "optional" : 1,
1792 "type" : "string",
1793 "typetext" : "<string>"
1794 },
1795 "source" : {
1796 "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
1797 "format" : "pve-fw-addr-spec",
1798 "maxLength" : 512,
1799 "optional" : 1,
1800 "type" : "string",
1801 "typetext" : "<string>"
1802 },
1803 "sport" : {
1804 "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
1805 "format" : "pve-fw-sport-spec",
1806 "optional" : 1,
1807 "type" : "string",
1808 "typetext" : "<string>"
1809 },
1810 "type" : {
1811 "description" : "Rule type.",
1812 "enum" : [
1813 "in",
1814 "out",
1815 "group"
1816 ],
1817 "optional" : 0,
1818 "type" : "string"
1819 }
1820 }
1821 },
1822 "permissions" : {
1823 "check" : [
1824 "perm",
1825 "/",
1826 [
1827 "Sys.Modify"
1828 ]
1829 ]
1830 },
1831 "protected" : 1,
1832 "proxyto" : null,
1833 "returns" : {
1834 "type" : "null"
1835 }
1836 }
1837 },
1838 "leaf" : 0,
1839 "path" : "/cluster/firewall/groups/{group}",
1840 "text" : "{group}"
1841 }
1842 ],
1843 "info" : {
1844 "GET" : {
1845 "allowtoken" : 1,
1846 "description" : "List security groups.",
1847 "method" : "GET",
1848 "name" : "list_security_groups",
1849 "parameters" : {
1850 "additionalProperties" : 0
1851 },
1852 "permissions" : {
1853 "user" : "all"
1854 },
1855 "returns" : {
1856 "items" : {
1857 "properties" : {
1858 "comment" : {
1859 "optional" : 1,
1860 "type" : "string"
1861 },
1862 "digest" : {
1863 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1864 "maxLength" : 40,
1865 "optional" : 0,
1866 "type" : "string"
1867 },
1868 "group" : {
1869 "description" : "Security Group name.",
1870 "maxLength" : 18,
1871 "minLength" : 2,
1872 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1873 "type" : "string"
1874 }
1875 },
1876 "type" : "object"
1877 },
1878 "links" : [
1879 {
1880 "href" : "{group}",
1881 "rel" : "child"
1882 }
1883 ],
1884 "type" : "array"
1885 }
1886 },
1887 "POST" : {
1888 "allowtoken" : 1,
1889 "description" : "Create new security group.",
1890 "method" : "POST",
1891 "name" : "create_security_group",
1892 "parameters" : {
1893 "additionalProperties" : 0,
1894 "properties" : {
1895 "comment" : {
1896 "optional" : 1,
1897 "type" : "string",
1898 "typetext" : "<string>"
1899 },
1900 "digest" : {
1901 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1902 "maxLength" : 40,
1903 "optional" : 1,
1904 "type" : "string",
1905 "typetext" : "<string>"
1906 },
1907 "group" : {
1908 "description" : "Security Group name.",
1909 "maxLength" : 18,
1910 "minLength" : 2,
1911 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1912 "type" : "string"
1913 },
1914 "rename" : {
1915 "description" : "Rename/update an existing security group. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing group.",
1916 "maxLength" : 18,
1917 "minLength" : 2,
1918 "optional" : 1,
1919 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
1920 "type" : "string"
1921 }
1922 }
1923 },
1924 "permissions" : {
1925 "check" : [
1926 "perm",
1927 "/",
1928 [
1929 "Sys.Modify"
1930 ]
1931 ]
1932 },
1933 "protected" : 1,
1934 "returns" : {
1935 "type" : "null"
1936 }
1937 }
1938 },
1939 "leaf" : 0,
1940 "path" : "/cluster/firewall/groups",
1941 "text" : "groups"
1942 },
1943 {
1944 "children" : [
1945 {
1946 "info" : {
1947 "DELETE" : {
1948 "allowtoken" : 1,
1949 "description" : "Delete rule.",
1950 "method" : "DELETE",
1951 "name" : "delete_rule",
1952 "parameters" : {
1953 "additionalProperties" : 0,
1954 "properties" : {
1955 "digest" : {
1956 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
1957 "maxLength" : 40,
1958 "optional" : 1,
1959 "type" : "string",
1960 "typetext" : "<string>"
1961 },
1962 "pos" : {
1963 "description" : "Update rule at position <pos>.",
1964 "minimum" : 0,
1965 "optional" : 1,
1966 "type" : "integer",
1967 "typetext" : "<integer> (0 - N)"
1968 }
1969 }
1970 },
1971 "permissions" : {
1972 "check" : [
1973 "perm",
1974 "/",
1975 [
1976 "Sys.Modify"
1977 ]
1978 ]
1979 },
1980 "protected" : 1,
1981 "proxyto" : null,
1982 "returns" : {
1983 "type" : "null"
1984 }
1985 },
1986 "GET" : {
1987 "allowtoken" : 1,
1988 "description" : "Get single rule data.",
1989 "method" : "GET",
1990 "name" : "get_rule",
1991 "parameters" : {
1992 "additionalProperties" : 0,
1993 "properties" : {
1994 "pos" : {
1995 "description" : "Update rule at position <pos>.",
1996 "minimum" : 0,
1997 "optional" : 1,
1998 "type" : "integer",
1999 "typetext" : "<integer> (0 - N)"
2000 }
2001 }
2002 },
2003 "permissions" : {
2004 "check" : [
2005 "perm",
2006 "/",
2007 [
2008 "Sys.Audit"
2009 ]
2010 ]
2011 },
2012 "proxyto" : null,
2013 "returns" : {
2014 "properties" : {
2015 "action" : {
2016 "type" : "string"
2017 },
2018 "comment" : {
2019 "optional" : 1,
2020 "type" : "string"
2021 },
2022 "dest" : {
2023 "optional" : 1,
2024 "type" : "string"
2025 },
2026 "dport" : {
2027 "optional" : 1,
2028 "type" : "string"
2029 },
2030 "enable" : {
2031 "optional" : 1,
2032 "type" : "integer"
2033 },
2034 "icmp-type" : {
2035 "optional" : 1,
2036 "type" : "string"
2037 },
2038 "iface" : {
2039 "optional" : 1,
2040 "type" : "string"
2041 },
2042 "ipversion" : {
2043 "optional" : 1,
2044 "type" : "integer"
2045 },
2046 "log" : {
2047 "description" : "Log level for firewall rule",
2048 "enum" : [
2049 "emerg",
2050 "alert",
2051 "crit",
2052 "err",
2053 "warning",
2054 "notice",
2055 "info",
2056 "debug",
2057 "nolog"
2058 ],
2059 "optional" : 1,
2060 "type" : "string"
2061 },
2062 "macro" : {
2063 "optional" : 1,
2064 "type" : "string"
2065 },
2066 "pos" : {
2067 "type" : "integer"
2068 },
2069 "proto" : {
2070 "optional" : 1,
2071 "type" : "string"
2072 },
2073 "source" : {
2074 "optional" : 1,
2075 "type" : "string"
2076 },
2077 "sport" : {
2078 "optional" : 1,
2079 "type" : "string"
2080 },
2081 "type" : {
2082 "type" : "string"
2083 }
2084 },
2085 "type" : "object"
2086 }
2087 },
2088 "PUT" : {
2089 "allowtoken" : 1,
2090 "description" : "Modify rule data.",
2091 "method" : "PUT",
2092 "name" : "update_rule",
2093 "parameters" : {
2094 "additionalProperties" : 0,
2095 "properties" : {
2096 "action" : {
2097 "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
2098 "maxLength" : 20,
2099 "minLength" : 2,
2100 "optional" : 1,
2101 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2102 "type" : "string"
2103 },
2104 "comment" : {
2105 "description" : "Descriptive comment.",
2106 "optional" : 1,
2107 "type" : "string",
2108 "typetext" : "<string>"
2109 },
2110 "delete" : {
2111 "description" : "A list of settings you want to delete.",
2112 "format" : "pve-configid-list",
2113 "optional" : 1,
2114 "type" : "string",
2115 "typetext" : "<string>"
2116 },
2117 "dest" : {
2118 "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
2119 "format" : "pve-fw-addr-spec",
2120 "maxLength" : 512,
2121 "optional" : 1,
2122 "type" : "string",
2123 "typetext" : "<string>"
2124 },
2125 "digest" : {
2126 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2127 "maxLength" : 40,
2128 "optional" : 1,
2129 "type" : "string",
2130 "typetext" : "<string>"
2131 },
2132 "dport" : {
2133 "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
2134 "format" : "pve-fw-dport-spec",
2135 "optional" : 1,
2136 "type" : "string",
2137 "typetext" : "<string>"
2138 },
2139 "enable" : {
2140 "description" : "Flag to enable/disable a rule.",
2141 "minimum" : 0,
2142 "optional" : 1,
2143 "type" : "integer",
2144 "typetext" : "<integer> (0 - N)"
2145 },
2146 "icmp-type" : {
2147 "description" : "Specify icmp-type. Only valid if proto equals 'icmp'.",
2148 "format" : "pve-fw-icmp-type-spec",
2149 "optional" : 1,
2150 "type" : "string",
2151 "typetext" : "<string>"
2152 },
2153 "iface" : {
2154 "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
2155 "format" : "pve-iface",
2156 "maxLength" : 20,
2157 "minLength" : 2,
2158 "optional" : 1,
2159 "type" : "string",
2160 "typetext" : "<string>"
2161 },
2162 "log" : {
2163 "description" : "Log level for firewall rule.",
2164 "enum" : [
2165 "emerg",
2166 "alert",
2167 "crit",
2168 "err",
2169 "warning",
2170 "notice",
2171 "info",
2172 "debug",
2173 "nolog"
2174 ],
2175 "optional" : 1,
2176 "type" : "string"
2177 },
2178 "macro" : {
2179 "description" : "Use predefined standard macro.",
2180 "maxLength" : 128,
2181 "optional" : 1,
2182 "type" : "string",
2183 "typetext" : "<string>"
2184 },
2185 "moveto" : {
2186 "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
2187 "minimum" : 0,
2188 "optional" : 1,
2189 "type" : "integer",
2190 "typetext" : "<integer> (0 - N)"
2191 },
2192 "pos" : {
2193 "description" : "Update rule at position <pos>.",
2194 "minimum" : 0,
2195 "optional" : 1,
2196 "type" : "integer",
2197 "typetext" : "<integer> (0 - N)"
2198 },
2199 "proto" : {
2200 "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
2201 "format" : "pve-fw-protocol-spec",
2202 "optional" : 1,
2203 "type" : "string",
2204 "typetext" : "<string>"
2205 },
2206 "source" : {
2207 "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
2208 "format" : "pve-fw-addr-spec",
2209 "maxLength" : 512,
2210 "optional" : 1,
2211 "type" : "string",
2212 "typetext" : "<string>"
2213 },
2214 "sport" : {
2215 "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
2216 "format" : "pve-fw-sport-spec",
2217 "optional" : 1,
2218 "type" : "string",
2219 "typetext" : "<string>"
2220 },
2221 "type" : {
2222 "description" : "Rule type.",
2223 "enum" : [
2224 "in",
2225 "out",
2226 "group"
2227 ],
2228 "optional" : 1,
2229 "type" : "string"
2230 }
2231 }
2232 },
2233 "permissions" : {
2234 "check" : [
2235 "perm",
2236 "/",
2237 [
2238 "Sys.Modify"
2239 ]
2240 ]
2241 },
2242 "protected" : 1,
2243 "proxyto" : null,
2244 "returns" : {
2245 "type" : "null"
2246 }
2247 }
2248 },
2249 "leaf" : 1,
2250 "path" : "/cluster/firewall/rules/{pos}",
2251 "text" : "{pos}"
2252 }
2253 ],
2254 "info" : {
2255 "GET" : {
2256 "allowtoken" : 1,
2257 "description" : "List rules.",
2258 "method" : "GET",
2259 "name" : "get_rules",
2260 "parameters" : {
2261 "additionalProperties" : 0
2262 },
2263 "permissions" : {
2264 "check" : [
2265 "perm",
2266 "/",
2267 [
2268 "Sys.Audit"
2269 ]
2270 ]
2271 },
2272 "proxyto" : null,
2273 "returns" : {
2274 "items" : {
2275 "properties" : {
2276 "pos" : {
2277 "type" : "integer"
2278 }
2279 },
2280 "type" : "object"
2281 },
2282 "links" : [
2283 {
2284 "href" : "{pos}",
2285 "rel" : "child"
2286 }
2287 ],
2288 "type" : "array"
2289 }
2290 },
2291 "POST" : {
2292 "allowtoken" : 1,
2293 "description" : "Create new rule.",
2294 "method" : "POST",
2295 "name" : "create_rule",
2296 "parameters" : {
2297 "additionalProperties" : 0,
2298 "properties" : {
2299 "action" : {
2300 "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
2301 "maxLength" : 20,
2302 "minLength" : 2,
2303 "optional" : 0,
2304 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2305 "type" : "string"
2306 },
2307 "comment" : {
2308 "description" : "Descriptive comment.",
2309 "optional" : 1,
2310 "type" : "string",
2311 "typetext" : "<string>"
2312 },
2313 "dest" : {
2314 "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
2315 "format" : "pve-fw-addr-spec",
2316 "maxLength" : 512,
2317 "optional" : 1,
2318 "type" : "string",
2319 "typetext" : "<string>"
2320 },
2321 "digest" : {
2322 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2323 "maxLength" : 40,
2324 "optional" : 1,
2325 "type" : "string",
2326 "typetext" : "<string>"
2327 },
2328 "dport" : {
2329 "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
2330 "format" : "pve-fw-dport-spec",
2331 "optional" : 1,
2332 "type" : "string",
2333 "typetext" : "<string>"
2334 },
2335 "enable" : {
2336 "description" : "Flag to enable/disable a rule.",
2337 "minimum" : 0,
2338 "optional" : 1,
2339 "type" : "integer",
2340 "typetext" : "<integer> (0 - N)"
2341 },
2342 "icmp-type" : {
2343 "description" : "Specify icmp-type. Only valid if proto equals 'icmp'.",
2344 "format" : "pve-fw-icmp-type-spec",
2345 "optional" : 1,
2346 "type" : "string",
2347 "typetext" : "<string>"
2348 },
2349 "iface" : {
2350 "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
2351 "format" : "pve-iface",
2352 "maxLength" : 20,
2353 "minLength" : 2,
2354 "optional" : 1,
2355 "type" : "string",
2356 "typetext" : "<string>"
2357 },
2358 "log" : {
2359 "description" : "Log level for firewall rule.",
2360 "enum" : [
2361 "emerg",
2362 "alert",
2363 "crit",
2364 "err",
2365 "warning",
2366 "notice",
2367 "info",
2368 "debug",
2369 "nolog"
2370 ],
2371 "optional" : 1,
2372 "type" : "string"
2373 },
2374 "macro" : {
2375 "description" : "Use predefined standard macro.",
2376 "maxLength" : 128,
2377 "optional" : 1,
2378 "type" : "string",
2379 "typetext" : "<string>"
2380 },
2381 "pos" : {
2382 "description" : "Update rule at position <pos>.",
2383 "minimum" : 0,
2384 "optional" : 1,
2385 "type" : "integer",
2386 "typetext" : "<integer> (0 - N)"
2387 },
2388 "proto" : {
2389 "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
2390 "format" : "pve-fw-protocol-spec",
2391 "optional" : 1,
2392 "type" : "string",
2393 "typetext" : "<string>"
2394 },
2395 "source" : {
2396 "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
2397 "format" : "pve-fw-addr-spec",
2398 "maxLength" : 512,
2399 "optional" : 1,
2400 "type" : "string",
2401 "typetext" : "<string>"
2402 },
2403 "sport" : {
2404 "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
2405 "format" : "pve-fw-sport-spec",
2406 "optional" : 1,
2407 "type" : "string",
2408 "typetext" : "<string>"
2409 },
2410 "type" : {
2411 "description" : "Rule type.",
2412 "enum" : [
2413 "in",
2414 "out",
2415 "group"
2416 ],
2417 "optional" : 0,
2418 "type" : "string"
2419 }
2420 }
2421 },
2422 "permissions" : {
2423 "check" : [
2424 "perm",
2425 "/",
2426 [
2427 "Sys.Modify"
2428 ]
2429 ]
2430 },
2431 "protected" : 1,
2432 "proxyto" : null,
2433 "returns" : {
2434 "type" : "null"
2435 }
2436 }
2437 },
2438 "leaf" : 0,
2439 "path" : "/cluster/firewall/rules",
2440 "text" : "rules"
2441 },
2442 {
2443 "children" : [
2444 {
2445 "children" : [
2446 {
2447 "info" : {
2448 "DELETE" : {
2449 "allowtoken" : 1,
2450 "description" : "Remove IP or Network from IPSet.",
2451 "method" : "DELETE",
2452 "name" : "remove_ip",
2453 "parameters" : {
2454 "additionalProperties" : 0,
2455 "properties" : {
2456 "cidr" : {
2457 "description" : "Network/IP specification in CIDR format.",
2458 "format" : "IPorCIDRorAlias",
2459 "type" : "string",
2460 "typetext" : "<string>"
2461 },
2462 "digest" : {
2463 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2464 "maxLength" : 40,
2465 "optional" : 1,
2466 "type" : "string",
2467 "typetext" : "<string>"
2468 },
2469 "name" : {
2470 "description" : "IP set name.",
2471 "maxLength" : 64,
2472 "minLength" : 2,
2473 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2474 "type" : "string"
2475 }
2476 }
2477 },
2478 "permissions" : {
2479 "check" : [
2480 "perm",
2481 "/",
2482 [
2483 "Sys.Modify"
2484 ]
2485 ]
2486 },
2487 "protected" : 1,
2488 "returns" : {
2489 "type" : "null"
2490 }
2491 },
2492 "GET" : {
2493 "allowtoken" : 1,
2494 "description" : "Read IP or Network settings from IPSet.",
2495 "method" : "GET",
2496 "name" : "read_ip",
2497 "parameters" : {
2498 "additionalProperties" : 0,
2499 "properties" : {
2500 "cidr" : {
2501 "description" : "Network/IP specification in CIDR format.",
2502 "format" : "IPorCIDRorAlias",
2503 "type" : "string",
2504 "typetext" : "<string>"
2505 },
2506 "name" : {
2507 "description" : "IP set name.",
2508 "maxLength" : 64,
2509 "minLength" : 2,
2510 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2511 "type" : "string"
2512 }
2513 }
2514 },
2515 "permissions" : {
2516 "check" : [
2517 "perm",
2518 "/",
2519 [
2520 "Sys.Audit"
2521 ]
2522 ]
2523 },
2524 "protected" : 1,
2525 "returns" : {
2526 "type" : "object"
2527 }
2528 },
2529 "PUT" : {
2530 "allowtoken" : 1,
2531 "description" : "Update IP or Network settings",
2532 "method" : "PUT",
2533 "name" : "update_ip",
2534 "parameters" : {
2535 "additionalProperties" : 0,
2536 "properties" : {
2537 "cidr" : {
2538 "description" : "Network/IP specification in CIDR format.",
2539 "format" : "IPorCIDRorAlias",
2540 "type" : "string",
2541 "typetext" : "<string>"
2542 },
2543 "comment" : {
2544 "optional" : 1,
2545 "type" : "string",
2546 "typetext" : "<string>"
2547 },
2548 "digest" : {
2549 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2550 "maxLength" : 40,
2551 "optional" : 1,
2552 "type" : "string",
2553 "typetext" : "<string>"
2554 },
2555 "name" : {
2556 "description" : "IP set name.",
2557 "maxLength" : 64,
2558 "minLength" : 2,
2559 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2560 "type" : "string"
2561 },
2562 "nomatch" : {
2563 "optional" : 1,
2564 "type" : "boolean",
2565 "typetext" : "<boolean>"
2566 }
2567 }
2568 },
2569 "permissions" : {
2570 "check" : [
2571 "perm",
2572 "/",
2573 [
2574 "Sys.Modify"
2575 ]
2576 ]
2577 },
2578 "protected" : 1,
2579 "returns" : {
2580 "type" : "null"
2581 }
2582 }
2583 },
2584 "leaf" : 1,
2585 "path" : "/cluster/firewall/ipset/{name}/{cidr}",
2586 "text" : "{cidr}"
2587 }
2588 ],
2589 "info" : {
2590 "DELETE" : {
2591 "allowtoken" : 1,
2592 "description" : "Delete IPSet",
2593 "method" : "DELETE",
2594 "name" : "delete_ipset",
2595 "parameters" : {
2596 "additionalProperties" : 0,
2597 "properties" : {
2598 "name" : {
2599 "description" : "IP set name.",
2600 "maxLength" : 64,
2601 "minLength" : 2,
2602 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2603 "type" : "string"
2604 }
2605 }
2606 },
2607 "permissions" : {
2608 "check" : [
2609 "perm",
2610 "/",
2611 [
2612 "Sys.Modify"
2613 ]
2614 ]
2615 },
2616 "protected" : 1,
2617 "returns" : {
2618 "type" : "null"
2619 }
2620 },
2621 "GET" : {
2622 "allowtoken" : 1,
2623 "description" : "List IPSet content",
2624 "method" : "GET",
2625 "name" : "get_ipset",
2626 "parameters" : {
2627 "additionalProperties" : 0,
2628 "properties" : {
2629 "name" : {
2630 "description" : "IP set name.",
2631 "maxLength" : 64,
2632 "minLength" : 2,
2633 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2634 "type" : "string"
2635 }
2636 }
2637 },
2638 "permissions" : {
2639 "check" : [
2640 "perm",
2641 "/",
2642 [
2643 "Sys.Audit"
2644 ]
2645 ]
2646 },
2647 "returns" : {
2648 "items" : {
2649 "properties" : {
2650 "cidr" : {
2651 "type" : "string"
2652 },
2653 "comment" : {
2654 "optional" : 1,
2655 "type" : "string"
2656 },
2657 "digest" : {
2658 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2659 "maxLength" : 40,
2660 "optional" : 0,
2661 "type" : "string"
2662 },
2663 "nomatch" : {
2664 "optional" : 1,
2665 "type" : "boolean"
2666 }
2667 },
2668 "type" : "object"
2669 },
2670 "links" : [
2671 {
2672 "href" : "{cidr}",
2673 "rel" : "child"
2674 }
2675 ],
2676 "type" : "array"
2677 }
2678 },
2679 "POST" : {
2680 "allowtoken" : 1,
2681 "description" : "Add IP or Network to IPSet.",
2682 "method" : "POST",
2683 "name" : "create_ip",
2684 "parameters" : {
2685 "additionalProperties" : 0,
2686 "properties" : {
2687 "cidr" : {
2688 "description" : "Network/IP specification in CIDR format.",
2689 "format" : "IPorCIDRorAlias",
2690 "type" : "string",
2691 "typetext" : "<string>"
2692 },
2693 "comment" : {
2694 "optional" : 1,
2695 "type" : "string",
2696 "typetext" : "<string>"
2697 },
2698 "name" : {
2699 "description" : "IP set name.",
2700 "maxLength" : 64,
2701 "minLength" : 2,
2702 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2703 "type" : "string"
2704 },
2705 "nomatch" : {
2706 "optional" : 1,
2707 "type" : "boolean",
2708 "typetext" : "<boolean>"
2709 }
2710 }
2711 },
2712 "permissions" : {
2713 "check" : [
2714 "perm",
2715 "/",
2716 [
2717 "Sys.Modify"
2718 ]
2719 ]
2720 },
2721 "protected" : 1,
2722 "returns" : {
2723 "type" : "null"
2724 }
2725 }
2726 },
2727 "leaf" : 0,
2728 "path" : "/cluster/firewall/ipset/{name}",
2729 "text" : "{name}"
2730 }
2731 ],
2732 "info" : {
2733 "GET" : {
2734 "allowtoken" : 1,
2735 "description" : "List IPSets",
2736 "method" : "GET",
2737 "name" : "ipset_index",
2738 "parameters" : {
2739 "additionalProperties" : 0
2740 },
2741 "permissions" : {
2742 "check" : [
2743 "perm",
2744 "/",
2745 [
2746 "Sys.Audit"
2747 ]
2748 ]
2749 },
2750 "returns" : {
2751 "items" : {
2752 "properties" : {
2753 "comment" : {
2754 "optional" : 1,
2755 "type" : "string"
2756 },
2757 "digest" : {
2758 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2759 "maxLength" : 40,
2760 "optional" : 0,
2761 "type" : "string"
2762 },
2763 "name" : {
2764 "description" : "IP set name.",
2765 "maxLength" : 64,
2766 "minLength" : 2,
2767 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2768 "type" : "string"
2769 }
2770 },
2771 "type" : "object"
2772 },
2773 "links" : [
2774 {
2775 "href" : "{name}",
2776 "rel" : "child"
2777 }
2778 ],
2779 "type" : "array"
2780 }
2781 },
2782 "POST" : {
2783 "allowtoken" : 1,
2784 "description" : "Create new IPSet",
2785 "method" : "POST",
2786 "name" : "create_ipset",
2787 "parameters" : {
2788 "additionalProperties" : 0,
2789 "properties" : {
2790 "comment" : {
2791 "optional" : 1,
2792 "type" : "string",
2793 "typetext" : "<string>"
2794 },
2795 "digest" : {
2796 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2797 "maxLength" : 40,
2798 "optional" : 1,
2799 "type" : "string",
2800 "typetext" : "<string>"
2801 },
2802 "name" : {
2803 "description" : "IP set name.",
2804 "maxLength" : 64,
2805 "minLength" : 2,
2806 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2807 "type" : "string"
2808 },
2809 "rename" : {
2810 "description" : "Rename an existing IPSet. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing IPSet.",
2811 "maxLength" : 64,
2812 "minLength" : 2,
2813 "optional" : 1,
2814 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2815 "type" : "string"
2816 }
2817 }
2818 },
2819 "permissions" : {
2820 "check" : [
2821 "perm",
2822 "/",
2823 [
2824 "Sys.Modify"
2825 ]
2826 ]
2827 },
2828 "protected" : 1,
2829 "returns" : {
2830 "type" : "null"
2831 }
2832 }
2833 },
2834 "leaf" : 0,
2835 "path" : "/cluster/firewall/ipset",
2836 "text" : "ipset"
2837 },
2838 {
2839 "children" : [
2840 {
2841 "info" : {
2842 "DELETE" : {
2843 "allowtoken" : 1,
2844 "description" : "Remove IP or Network alias.",
2845 "method" : "DELETE",
2846 "name" : "remove_alias",
2847 "parameters" : {
2848 "additionalProperties" : 0,
2849 "properties" : {
2850 "digest" : {
2851 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2852 "maxLength" : 40,
2853 "optional" : 1,
2854 "type" : "string",
2855 "typetext" : "<string>"
2856 },
2857 "name" : {
2858 "description" : "Alias name.",
2859 "maxLength" : 64,
2860 "minLength" : 2,
2861 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2862 "type" : "string"
2863 }
2864 }
2865 },
2866 "permissions" : {
2867 "check" : [
2868 "perm",
2869 "/",
2870 [
2871 "Sys.Modify"
2872 ]
2873 ]
2874 },
2875 "protected" : 1,
2876 "returns" : {
2877 "type" : "null"
2878 }
2879 },
2880 "GET" : {
2881 "allowtoken" : 1,
2882 "description" : "Read alias.",
2883 "method" : "GET",
2884 "name" : "read_alias",
2885 "parameters" : {
2886 "additionalProperties" : 0,
2887 "properties" : {
2888 "name" : {
2889 "description" : "Alias name.",
2890 "maxLength" : 64,
2891 "minLength" : 2,
2892 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2893 "type" : "string"
2894 }
2895 }
2896 },
2897 "permissions" : {
2898 "check" : [
2899 "perm",
2900 "/",
2901 [
2902 "Sys.Audit"
2903 ]
2904 ]
2905 },
2906 "returns" : {
2907 "type" : "object"
2908 }
2909 },
2910 "PUT" : {
2911 "allowtoken" : 1,
2912 "description" : "Update IP or Network alias.",
2913 "method" : "PUT",
2914 "name" : "update_alias",
2915 "parameters" : {
2916 "additionalProperties" : 0,
2917 "properties" : {
2918 "cidr" : {
2919 "description" : "Network/IP specification in CIDR format.",
2920 "format" : "IPorCIDR",
2921 "type" : "string",
2922 "typetext" : "<string>"
2923 },
2924 "comment" : {
2925 "optional" : 1,
2926 "type" : "string",
2927 "typetext" : "<string>"
2928 },
2929 "digest" : {
2930 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
2931 "maxLength" : 40,
2932 "optional" : 1,
2933 "type" : "string",
2934 "typetext" : "<string>"
2935 },
2936 "name" : {
2937 "description" : "Alias name.",
2938 "maxLength" : 64,
2939 "minLength" : 2,
2940 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2941 "type" : "string"
2942 },
2943 "rename" : {
2944 "description" : "Rename an existing alias.",
2945 "maxLength" : 64,
2946 "minLength" : 2,
2947 "optional" : 1,
2948 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
2949 "type" : "string"
2950 }
2951 }
2952 },
2953 "permissions" : {
2954 "check" : [
2955 "perm",
2956 "/",
2957 [
2958 "Sys.Modify"
2959 ]
2960 ]
2961 },
2962 "protected" : 1,
2963 "returns" : {
2964 "type" : "null"
2965 }
2966 }
2967 },
2968 "leaf" : 1,
2969 "path" : "/cluster/firewall/aliases/{name}",
2970 "text" : "{name}"
2971 }
2972 ],
2973 "info" : {
2974 "GET" : {
2975 "allowtoken" : 1,
2976 "description" : "List aliases",
2977 "method" : "GET",
2978 "name" : "get_aliases",
2979 "parameters" : {
2980 "additionalProperties" : 0
2981 },
2982 "permissions" : {
2983 "check" : [
2984 "perm",
2985 "/",
2986 [
2987 "Sys.Audit"
2988 ]
2989 ]
2990 },
2991 "returns" : {
2992 "items" : {
2993 "properties" : {
2994 "cidr" : {
2995 "type" : "string"
2996 },
2997 "comment" : {
2998 "optional" : 1,
2999 "type" : "string"
3000 },
3001 "digest" : {
3002 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
3003 "maxLength" : 40,
3004 "optional" : 0,
3005 "type" : "string"
3006 },
3007 "name" : {
3008 "type" : "string"
3009 }
3010 },
3011 "type" : "object"
3012 },
3013 "links" : [
3014 {
3015 "href" : "{name}",
3016 "rel" : "child"
3017 }
3018 ],
3019 "type" : "array"
3020 }
3021 },
3022 "POST" : {
3023 "allowtoken" : 1,
3024 "description" : "Create IP or Network Alias.",
3025 "method" : "POST",
3026 "name" : "create_alias",
3027 "parameters" : {
3028 "additionalProperties" : 0,
3029 "properties" : {
3030 "cidr" : {
3031 "description" : "Network/IP specification in CIDR format.",
3032 "format" : "IPorCIDR",
3033 "type" : "string",
3034 "typetext" : "<string>"
3035 },
3036 "comment" : {
3037 "optional" : 1,
3038 "type" : "string",
3039 "typetext" : "<string>"
3040 },
3041 "name" : {
3042 "description" : "Alias name.",
3043 "maxLength" : 64,
3044 "minLength" : 2,
3045 "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
3046 "type" : "string"
3047 }
3048 }
3049 },
3050 "permissions" : {
3051 "check" : [
3052 "perm",
3053 "/",
3054 [
3055 "Sys.Modify"
3056 ]
3057 ]
3058 },
3059 "protected" : 1,
3060 "returns" : {
3061 "type" : "null"
3062 }
3063 }
3064 },
3065 "leaf" : 0,
3066 "path" : "/cluster/firewall/aliases",
3067 "text" : "aliases"
3068 },
3069 {
3070 "info" : {
3071 "GET" : {
3072 "allowtoken" : 1,
3073 "description" : "Get Firewall options.",
3074 "method" : "GET",
3075 "name" : "get_options",
3076 "parameters" : {
3077 "additionalProperties" : 0
3078 },
3079 "permissions" : {
3080 "check" : [
3081 "perm",
3082 "/",
3083 [
3084 "Sys.Audit"
3085 ]
3086 ]
3087 },
3088 "returns" : {
3089 "properties" : {
3090 "ebtables" : {
3091 "default" : 1,
3092 "description" : "Enable ebtables rules cluster wide.",
3093 "optional" : 1,
3094 "type" : "boolean"
3095 },
3096 "enable" : {
3097 "description" : "Enable or disable the firewall cluster wide.",
3098 "minimum" : 0,
3099 "optional" : 1,
3100 "type" : "integer"
3101 },
3102 "log_ratelimit" : {
3103 "description" : "Log ratelimiting settings",
3104 "format" : {
3105 "burst" : {
3106 "default" : 5,
3107 "description" : "Initial burst of packages which will always get logged before the rate is applied",
3108 "minimum" : 0,
3109 "optional" : 1,
3110 "type" : "integer"
3111 },
3112 "enable" : {
3113 "default" : "1",
3114 "default_key" : 1,
3115 "description" : "Enable or disable log rate limiting",
3116 "type" : "boolean"
3117 },
3118 "rate" : {
3119 "default" : "1/second",
3120 "description" : "Frequency with which the burst bucket gets refilled",
3121 "format_description" : "rate",
3122 "optional" : 1,
3123 "pattern" : "[1-9][0-9]*\\/(second|minute|hour|day)",
3124 "type" : "string"
3125 }
3126 },
3127 "optional" : 1,
3128 "type" : "string"
3129 },
3130 "policy_in" : {
3131 "description" : "Input policy.",
3132 "enum" : [
3133 "ACCEPT",
3134 "REJECT",
3135 "DROP"
3136 ],
3137 "optional" : 1,
3138 "type" : "string"
3139 },
3140 "policy_out" : {
3141 "description" : "Output policy.",
3142 "enum" : [
3143 "ACCEPT",
3144 "REJECT",
3145 "DROP"
3146 ],
3147 "optional" : 1,
3148 "type" : "string"
3149 }
3150 },
3151 "type" : "object"
3152 }
3153 },
3154 "PUT" : {
3155 "allowtoken" : 1,
3156 "description" : "Set Firewall options.",
3157 "method" : "PUT",
3158 "name" : "set_options",
3159 "parameters" : {
3160 "additionalProperties" : 0,
3161 "properties" : {
3162 "delete" : {
3163 "description" : "A list of settings you want to delete.",
3164 "format" : "pve-configid-list",
3165 "optional" : 1,
3166 "type" : "string",
3167 "typetext" : "<string>"
3168 },
3169 "digest" : {
3170 "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
3171 "maxLength" : 40,
3172 "optional" : 1,
3173 "type" : "string",
3174 "typetext" : "<string>"
3175 },
3176 "ebtables" : {
3177 "default" : 1,
3178 "description" : "Enable ebtables rules cluster wide.",
3179 "optional" : 1,
3180 "type" : "boolean",
3181 "typetext" : "<boolean>"
3182 },
3183 "enable" : {
3184 "description" : "Enable or disable the firewall cluster wide.",
3185 "minimum" : 0,
3186 "optional" : 1,
3187 "type" : "integer",
3188 "typetext" : "<integer> (0 - N)"
3189 },
3190 "log_ratelimit" : {
3191 "description" : "Log ratelimiting settings",
3192 "format" : {
3193 "burst" : {
3194 "default" : 5,
3195 "description" : "Initial burst of packages which will always get logged before the rate is applied",
3196 "minimum" : 0,
3197 "optional" : 1,
3198 "type" : "integer"
3199 },
3200 "enable" : {
3201 "default" : "1",
3202 "default_key" : 1,
3203 "description" : "Enable or disable log rate limiting",
3204 "type" : "boolean"
3205 },
3206 "rate" : {
3207 "default" : "1/second",
3208 "description" : "Frequency with which the burst bucket gets refilled",
3209 "format_description" : "rate",
3210 "optional" : 1,
3211 "pattern" : "[1-9][0-9]*\\/(second|minute|hour|day)",
3212 "type" : "string"
3213 }
3214 },
3215 "optional" : 1,
3216 "type" : "string",
3217 "typetext" : "[enable=]<1|0> [,burst=<integer>] [,rate=<rate>]"
3218 },
3219 "policy_in" : {
3220 "description" : "Input policy.",
3221 "enum" : [
3222 "ACCEPT",
3223 "REJECT",
3224 "DROP"
3225 ],
3226 "optional" : 1,
3227 "type" : "string"
3228 },
3229 "policy_out" : {
3230 "description" : "Output policy.",
3231 "enum" : [
3232 "ACCEPT",
3233 "REJECT",
3234 "DROP"
3235 ],
3236 "optional" : 1,
3237 "type" : "string"
3238 }
3239 }
3240 },
3241 "permissions" : {
3242 "check" : [
3243 "perm",
3244 "/",
3245 [
3246 "Sys.Modify"
3247 ]
3248 ]
3249 },
3250 "protected" : 1,
3251 "returns" : {
3252 "type" : "null"
3253 }
3254 }
3255 },
3256 "leaf" : 1,
3257 "path" : "/cluster/firewall/options",
3258 "text" : "options"
3259 },
3260 {
3261 "info" : {
3262 "GET" : {
3263 "allowtoken" : 1,
3264 "description" : "List available macros",
3265 "method" : "GET",
3266 "name" : "get_macros",
3267 "parameters" : {
3268 "additionalProperties" : 0
3269 },
3270 "permissions" : {
3271 "user" : "all"
3272 },
3273 "returns" : {
3274 "items" : {
3275 "properties" : {
3276 "descr" : {
3277 "description" : "More verbose description (if available).",
3278 "type" : "string"
3279 },
3280 "macro" : {
3281 "description" : "Macro name.",
3282 "type" : "string"
3283 }
3284 },
3285 "type" : "object"
3286 },
3287 "type" : "array"
3288 }
3289 }
3290 },
3291 "leaf" : 1,
3292 "path" : "/cluster/firewall/macros",
3293 "text" : "macros"
3294 },
3295 {
3296 "info" : {
3297 "GET" : {
3298 "allowtoken" : 1,
3299 "description" : "Lists possible IPSet/Alias reference which are allowed in source/dest properties.",
3300 "method" : "GET",
3301 "name" : "refs",
3302 "parameters" : {
3303 "additionalProperties" : 0,
3304 "properties" : {
3305 "type" : {
3306 "description" : "Only list references of specified type.",
3307 "enum" : [
3308 "alias",
3309 "ipset"
3310 ],
3311 "optional" : 1,
3312 "type" : "string"
3313 }
3314 }
3315 },
3316 "permissions" : {
3317 "check" : [
3318 "perm",
3319 "/",
3320 [
3321 "Sys.Audit"
3322 ]
3323 ]
3324 },
3325 "returns" : {
3326 "items" : {
3327 "properties" : {
3328 "comment" : {
3329 "optional" : 1,
3330 "type" : "string"
3331 },
3332 "name" : {
3333 "type" : "string"
3334 },
3335 "ref" : {
3336 "type" : "string"
3337 },
3338 "type" : {
3339 "enum" : [
3340 "alias",
3341 "ipset"
3342 ],
3343 "type" : "string"
3344 }
3345 },
3346 "type" : "object"
3347 },
3348 "type" : "array"
3349 }
3350 }
3351 },
3352 "leaf" : 1,
3353 "path" : "/cluster/firewall/refs",
3354 "text" : "refs"
3355 }
3356 ],
3357 "info" : {
3358 "GET" : {
3359 "allowtoken" : 1,
3360 "description" : "Directory index.",
3361 "method" : "GET",
3362 "name" : "index",
3363 "parameters" : {
3364 "additionalProperties" : 0
3365 },
3366 "permissions" : {
3367 "user" : "all"
3368 },
3369 "returns" : {
3370 "items" : {
3371 "properties" : {},
3372 "type" : "object"
3373 },
3374 "links" : [
3375 {
3376 "href" : "{name}",
3377 "rel" : "child"
3378 }
3379 ],
3380 "type" : "array"
3381 }
3382 }
3383 },
3384 "leaf" : 0,
3385 "path" : "/cluster/firewall",
3386 "text" : "firewall"
3387 },
3388 {
3389 "children" : [
3390 {
3391 "children" : [
3392 {
3393 "info" : {
3394 "GET" : {
3395 "allowtoken" : 1,
3396 "description" : "Returns included guests and the backup status of their disks. Optimized to be used in ExtJS tree views.",
3397 "method" : "GET",
3398 "name" : "get_volume_backup_included",
3399 "parameters" : {
3400 "additionalProperties" : 0,
3401 "properties" : {
3402 "id" : {
3403 "description" : "The job ID.",
3404 "maxLength" : 50,
3405 "type" : "string",
3406 "typetext" : "<string>"
3407 }
3408 }
3409 },
3410 "permissions" : {
3411 "check" : [
3412 "perm",
3413 "/",
3414 [
3415 "Sys.Audit"
3416 ]
3417 ]
3418 },
3419 "protected" : 1,
3420 "returns" : {
3421 "description" : "Root node of the tree object. Children represent guests, grandchildren represent volumes of that guest.",
3422 "properties" : {
3423 "children" : {
3424 "items" : {
3425 "properties" : {
3426 "children" : {
3427 "description" : "The volumes of the guest with the information if they will be included in backups.",
3428 "items" : {
3429 "properties" : {
3430 "id" : {
3431 "description" : "Configuration key of the volume.",
3432 "type" : "string"
3433 },
3434 "included" : {
3435 "description" : "Whether the volume is included in the backup or not.",
3436 "type" : "boolean"
3437 },
3438 "name" : {
3439 "description" : "Name of the volume.",
3440 "type" : "string"
3441 },
3442 "reason" : {
3443 "description" : "The reason why the volume is included (or excluded).",
3444 "type" : "string"
3445 }
3446 },
3447 "type" : "object"
3448 },
3449 "optional" : 1,
3450 "type" : "array"
3451 },
3452 "id" : {
3453 "description" : "VMID of the guest.",
3454 "type" : "integer"
3455 },
3456 "name" : {
3457 "description" : "Name of the guest",
3458 "optional" : 1,
3459 "type" : "string"
3460 },
3461 "type" : {
3462 "description" : "Type of the guest, VM, CT or unknown for removed but not purged guests.",
3463 "enum" : [
3464 "qemu",
3465 "lxc",
3466 "unknown"
3467 ],
3468 "type" : "string"
3469 }
3470 },
3471 "type" : "object"
3472 },
3473 "type" : "array"
3474 }
3475 },
3476 "type" : "object"
3477 }
3478 }
3479 },
3480 "leaf" : 1,
3481 "path" : "/cluster/backup/{id}/included_volumes",
3482 "text" : "included_volumes"
3483 }
3484 ],
3485 "info" : {
3486 "DELETE" : {
3487 "allowtoken" : 1,
3488 "description" : "Delete vzdump backup job definition.",
3489 "method" : "DELETE",
3490 "name" : "delete_job",
3491 "parameters" : {
3492 "additionalProperties" : 0,
3493 "properties" : {
3494 "id" : {
3495 "description" : "The job ID.",
3496 "maxLength" : 50,
3497 "type" : "string",
3498 "typetext" : "<string>"
3499 }
3500 }
3501 },
3502 "permissions" : {
3503 "check" : [
3504 "perm",
3505 "/",
3506 [
3507 "Sys.Modify"
3508 ]
3509 ]
3510 },
3511 "protected" : 1,
3512 "returns" : {
3513 "type" : "null"
3514 }
3515 },
3516 "GET" : {
3517 "allowtoken" : 1,
3518 "description" : "Read vzdump backup job definition.",
3519 "method" : "GET",
3520 "name" : "read_job",
3521 "parameters" : {
3522 "additionalProperties" : 0,
3523 "properties" : {
3524 "id" : {
3525 "description" : "The job ID.",
3526 "maxLength" : 50,
3527 "type" : "string",
3528 "typetext" : "<string>"
3529 }
3530 }
3531 },
3532 "permissions" : {
3533 "check" : [
3534 "perm",
3535 "/",
3536 [
3537 "Sys.Audit"
3538 ]
3539 ]
3540 },
3541 "returns" : {
3542 "type" : "object"
3543 }
3544 },
3545 "PUT" : {
3546 "allowtoken" : 1,
3547 "description" : "Update vzdump backup job definition.",
3548 "method" : "PUT",
3549 "name" : "update_job",
3550 "parameters" : {
3551 "additionalProperties" : 0,
3552 "properties" : {
3553 "all" : {
3554 "default" : 0,
3555 "description" : "Backup all known guest systems on this host.",
3556 "optional" : 1,
3557 "type" : "boolean",
3558 "typetext" : "<boolean>"
3559 },
3560 "bwlimit" : {
3561 "default" : 0,
3562 "description" : "Limit I/O bandwidth (KBytes per second).",
3563 "minimum" : 0,
3564 "optional" : 1,
3565 "type" : "integer",
3566 "typetext" : "<integer> (0 - N)"
3567 },
3568 "comment" : {
3569 "description" : "Description for the Job.",
3570 "maxLength" : 512,
3571 "optional" : 1,
3572 "type" : "string",
3573 "typetext" : "<string>"
3574 },
3575 "compress" : {
3576 "default" : "0",
3577 "description" : "Compress dump file.",
3578 "enum" : [
3579 "0",
3580 "1",
3581 "gzip",
3582 "lzo",
3583 "zstd"
3584 ],
3585 "optional" : 1,
3586 "type" : "string"
3587 },
3588 "delete" : {
3589 "description" : "A list of settings you want to delete.",
3590 "format" : "pve-configid-list",
3591 "optional" : 1,
3592 "type" : "string",
3593 "typetext" : "<string>"
3594 },
3595 "dow" : {
3596 "description" : "Day of week selection.",
3597 "format" : "pve-day-of-week-list",
3598 "optional" : 1,
3599 "requires" : "starttime",
3600 "type" : "string",
3601 "typetext" : "<string>"
3602 },
3603 "dumpdir" : {
3604 "description" : "Store resulting files to specified directory.",
3605 "optional" : 1,
3606 "type" : "string",
3607 "typetext" : "<string>"
3608 },
3609 "enabled" : {
3610 "default" : "1",
3611 "description" : "Enable or disable the job.",
3612 "optional" : 1,
3613 "type" : "boolean",
3614 "typetext" : "<boolean>"
3615 },
3616 "exclude" : {
3617 "description" : "Exclude specified guest systems (assumes --all)",
3618 "format" : "pve-vmid-list",
3619 "optional" : 1,
3620 "type" : "string",
3621 "typetext" : "<string>"
3622 },
3623 "exclude-path" : {
3624 "description" : "Exclude certain files/directories (shell globs). Paths starting with '/' are anchored to the container's root, other paths match relative to each subdirectory.",
3625 "format" : "string-alist",
3626 "optional" : 1,
3627 "type" : "string",
3628 "typetext" : "<string>"
3629 },
3630 "id" : {
3631 "description" : "The job ID.",
3632 "maxLength" : 50,
3633 "type" : "string",
3634 "typetext" : "<string>"
3635 },
3636 "ionice" : {
3637 "default" : 7,
3638 "description" : "Set CFQ ionice priority.",
3639 "maximum" : 8,
3640 "minimum" : 0,
3641 "optional" : 1,
3642 "type" : "integer",
3643 "typetext" : "<integer> (0 - 8)"
3644 },
3645 "lockwait" : {
3646 "default" : 180,
3647 "description" : "Maximal time to wait for the global lock (minutes).",
3648 "minimum" : 0,
3649 "optional" : 1,
3650 "type" : "integer",
3651 "typetext" : "<integer> (0 - N)"
3652 },
3653 "mailnotification" : {
3654 "default" : "always",
3655 "description" : "Specify when to send an email",
3656 "enum" : [
3657 "always",
3658 "failure"
3659 ],
3660 "optional" : 1,
3661 "type" : "string"
3662 },
3663 "mailto" : {
3664 "description" : "Comma-separated list of email addresses or users that should receive email notifications.",
3665 "format" : "email-or-username-list",
3666 "optional" : 1,
3667 "type" : "string",
3668 "typetext" : "<string>"
3669 },
3670 "maxfiles" : {
3671 "description" : "Deprecated: use 'prune-backups' instead. Maximal number of backup files per guest system.",
3672 "minimum" : 1,
3673 "optional" : 1,
3674 "type" : "integer",
3675 "typetext" : "<integer> (1 - N)"
3676 },
3677 "mode" : {
3678 "default" : "snapshot",
3679 "description" : "Backup mode.",
3680 "enum" : [
3681 "snapshot",
3682 "suspend",
3683 "stop"
3684 ],
3685 "optional" : 1,
3686 "type" : "string"
3687 },
3688 "node" : {
3689 "description" : "Only run if executed on this node.",
3690 "format" : "pve-node",
3691 "optional" : 1,
3692 "type" : "string",
3693 "typetext" : "<string>"
3694 },
3695 "notes-template" : {
3696 "description" : "Template string for generating notes for the backup(s). It can contain variables which will be replaced by their values. Currently supported are {{cluster}}, {{guestname}}, {{node}}, and {{vmid}}, but more might be added in the future.",
3697 "optional" : 1,
3698 "requires" : "storage",
3699 "type" : "string",
3700 "typetext" : "<string>"
3701 },
3702 "pigz" : {
3703 "default" : 0,
3704 "description" : "Use pigz instead of gzip when N>0. N=1 uses half of cores, N>1 uses N as thread count.",
3705 "optional" : 1,
3706 "type" : "integer",
3707 "typetext" : "<integer>"
3708 },
3709 "pool" : {
3710 "description" : "Backup all known guest systems included in the specified pool.",
3711 "optional" : 1,
3712 "type" : "string",
3713 "typetext" : "<string>"
3714 },
3715 "protected" : {
3716 "description" : "If true, mark backup(s) as protected.",
3717 "optional" : 1,
3718 "requires" : "storage",
3719 "type" : "boolean",
3720 "typetext" : "<boolean>"
3721 },
3722 "prune-backups" : {
3723 "default" : "keep-all=1",
3724 "description" : "Use these retention options instead of those from the storage configuration.",
3725 "format" : "prune-backups",
3726 "optional" : 1,
3727 "type" : "string",
3728 "typetext" : "[keep-all=<1|0>] [,keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
3729 },
3730 "quiet" : {
3731 "default" : 0,
3732 "description" : "Be quiet.",
3733 "optional" : 1,
3734 "type" : "boolean",
3735 "typetext" : "<boolean>"
3736 },
3737 "remove" : {
3738 "default" : 1,
3739 "description" : "Prune older backups according to 'prune-backups'.",
3740 "optional" : 1,
3741 "type" : "boolean",
3742 "typetext" : "<boolean>"
3743 },
3744 "schedule" : {
3745 "description" : "Backup schedule. The format is a subset of `systemd` calendar events.",
3746 "format" : "pve-calendar-event",
3747 "maxLength" : 128,
3748 "optional" : 1,
3749 "type" : "string",
3750 "typetext" : "<string>"
3751 },
3752 "script" : {
3753 "description" : "Use specified hook script.",
3754 "optional" : 1,
3755 "type" : "string",
3756 "typetext" : "<string>"
3757 },
3758 "starttime" : {
3759 "description" : "Job Start time.",
3760 "optional" : 1,
3761 "pattern" : "\\d{1,2}:\\d{1,2}",
3762 "type" : "string",
3763 "typetext" : "HH:MM"
3764 },
3765 "stdexcludes" : {
3766 "default" : 1,
3767 "description" : "Exclude temporary files and logs.",
3768 "optional" : 1,
3769 "type" : "boolean",
3770 "typetext" : "<boolean>"
3771 },
3772 "stop" : {
3773 "default" : 0,
3774 "description" : "Stop running backup jobs on this host.",
3775 "optional" : 1,
3776 "type" : "boolean",
3777 "typetext" : "<boolean>"
3778 },
3779 "stopwait" : {
3780 "default" : 10,
3781 "description" : "Maximal time to wait until a guest system is stopped (minutes).",
3782 "minimum" : 0,
3783 "optional" : 1,
3784 "type" : "integer",
3785 "typetext" : "<integer> (0 - N)"
3786 },
3787 "storage" : {
3788 "description" : "Store resulting file to this storage.",
3789 "format" : "pve-storage-id",
3790 "optional" : 1,
3791 "type" : "string",
3792 "typetext" : "<string>"
3793 },
3794 "tmpdir" : {
3795 "description" : "Store temporary files to specified directory.",
3796 "optional" : 1,
3797 "type" : "string",
3798 "typetext" : "<string>"
3799 },
3800 "vmid" : {
3801 "description" : "The ID of the guest system you want to backup.",
3802 "format" : "pve-vmid-list",
3803 "optional" : 1,
3804 "type" : "string",
3805 "typetext" : "<string>"
3806 },
3807 "zstd" : {
3808 "default" : 1,
3809 "description" : "Zstd threads. N=0 uses half of the available cores, N>0 uses N as thread count.",
3810 "optional" : 1,
3811 "type" : "integer",
3812 "typetext" : "<integer>"
3813 }
3814 }
3815 },
3816 "permissions" : {
3817 "check" : [
3818 "perm",
3819 "/",
3820 [
3821 "Sys.Modify"
3822 ]
3823 ],
3824 "description" : "The 'tmpdir', 'dumpdir' and 'script' parameters are additionally restricted to the 'root@pam' user."
3825 },
3826 "protected" : 1,
3827 "returns" : {
3828 "type" : "null"
3829 }
3830 }
3831 },
3832 "leaf" : 0,
3833 "path" : "/cluster/backup/{id}",
3834 "text" : "{id}"
3835 }
3836 ],
3837 "info" : {
3838 "GET" : {
3839 "allowtoken" : 1,
3840 "description" : "List vzdump backup schedule.",
3841 "method" : "GET",
3842 "name" : "index",
3843 "parameters" : {
3844 "additionalProperties" : 0
3845 },
3846 "permissions" : {
3847 "check" : [
3848 "perm",
3849 "/",
3850 [
3851 "Sys.Audit"
3852 ]
3853 ]
3854 },
3855 "returns" : {
3856 "items" : {
3857 "properties" : {
3858 "id" : {
3859 "description" : "The job ID.",
3860 "maxLength" : 50,
3861 "type" : "string"
3862 }
3863 },
3864 "type" : "object"
3865 },
3866 "links" : [
3867 {
3868 "href" : "{id}",
3869 "rel" : "child"
3870 }
3871 ],
3872 "type" : "array"
3873 }
3874 },
3875 "POST" : {
3876 "allowtoken" : 1,
3877 "description" : "Create new vzdump backup job.",
3878 "method" : "POST",
3879 "name" : "create_job",
3880 "parameters" : {
3881 "additionalProperties" : 0,
3882 "properties" : {
3883 "all" : {
3884 "default" : 0,
3885 "description" : "Backup all known guest systems on this host.",
3886 "optional" : 1,
3887 "type" : "boolean",
3888 "typetext" : "<boolean>"
3889 },
3890 "bwlimit" : {
3891 "default" : 0,
3892 "description" : "Limit I/O bandwidth (KBytes per second).",
3893 "minimum" : 0,
3894 "optional" : 1,
3895 "type" : "integer",
3896 "typetext" : "<integer> (0 - N)"
3897 },
3898 "comment" : {
3899 "description" : "Description for the Job.",
3900 "maxLength" : 512,
3901 "optional" : 1,
3902 "type" : "string",
3903 "typetext" : "<string>"
3904 },
3905 "compress" : {
3906 "default" : "0",
3907 "description" : "Compress dump file.",
3908 "enum" : [
3909 "0",
3910 "1",
3911 "gzip",
3912 "lzo",
3913 "zstd"
3914 ],
3915 "optional" : 1,
3916 "type" : "string"
3917 },
3918 "dow" : {
3919 "default" : "mon,tue,wed,thu,fri,sat,sun",
3920 "description" : "Day of week selection.",
3921 "format" : "pve-day-of-week-list",
3922 "optional" : 1,
3923 "requires" : "starttime",
3924 "type" : "string",
3925 "typetext" : "<string>"
3926 },
3927 "dumpdir" : {
3928 "description" : "Store resulting files to specified directory.",
3929 "optional" : 1,
3930 "type" : "string",
3931 "typetext" : "<string>"
3932 },
3933 "enabled" : {
3934 "default" : "1",
3935 "description" : "Enable or disable the job.",
3936 "optional" : 1,
3937 "type" : "boolean",
3938 "typetext" : "<boolean>"
3939 },
3940 "exclude" : {
3941 "description" : "Exclude specified guest systems (assumes --all)",
3942 "format" : "pve-vmid-list",
3943 "optional" : 1,
3944 "type" : "string",
3945 "typetext" : "<string>"
3946 },
3947 "exclude-path" : {
3948 "description" : "Exclude certain files/directories (shell globs). Paths starting with '/' are anchored to the container's root, other paths match relative to each subdirectory.",
3949 "format" : "string-alist",
3950 "optional" : 1,
3951 "type" : "string",
3952 "typetext" : "<string>"
3953 },
3954 "id" : {
3955 "description" : "Job ID (will be autogenerated).",
3956 "format" : "pve-configid",
3957 "optional" : 1,
3958 "type" : "string",
3959 "typetext" : "<string>"
3960 },
3961 "ionice" : {
3962 "default" : 7,
3963 "description" : "Set CFQ ionice priority.",
3964 "maximum" : 8,
3965 "minimum" : 0,
3966 "optional" : 1,
3967 "type" : "integer",
3968 "typetext" : "<integer> (0 - 8)"
3969 },
3970 "lockwait" : {
3971 "default" : 180,
3972 "description" : "Maximal time to wait for the global lock (minutes).",
3973 "minimum" : 0,
3974 "optional" : 1,
3975 "type" : "integer",
3976 "typetext" : "<integer> (0 - N)"
3977 },
3978 "mailnotification" : {
3979 "default" : "always",
3980 "description" : "Specify when to send an email",
3981 "enum" : [
3982 "always",
3983 "failure"
3984 ],
3985 "optional" : 1,
3986 "type" : "string"
3987 },
3988 "mailto" : {
3989 "description" : "Comma-separated list of email addresses or users that should receive email notifications.",
3990 "format" : "email-or-username-list",
3991 "optional" : 1,
3992 "type" : "string",
3993 "typetext" : "<string>"
3994 },
3995 "maxfiles" : {
3996 "description" : "Deprecated: use 'prune-backups' instead. Maximal number of backup files per guest system.",
3997 "minimum" : 1,
3998 "optional" : 1,
3999 "type" : "integer",
4000 "typetext" : "<integer> (1 - N)"
4001 },
4002 "mode" : {
4003 "default" : "snapshot",
4004 "description" : "Backup mode.",
4005 "enum" : [
4006 "snapshot",
4007 "suspend",
4008 "stop"
4009 ],
4010 "optional" : 1,
4011 "type" : "string"
4012 },
4013 "node" : {
4014 "description" : "Only run if executed on this node.",
4015 "format" : "pve-node",
4016 "optional" : 1,
4017 "type" : "string",
4018 "typetext" : "<string>"
4019 },
4020 "notes-template" : {
4021 "description" : "Template string for generating notes for the backup(s). It can contain variables which will be replaced by their values. Currently supported are {{cluster}}, {{guestname}}, {{node}}, and {{vmid}}, but more might be added in the future.",
4022 "optional" : 1,
4023 "requires" : "storage",
4024 "type" : "string",
4025 "typetext" : "<string>"
4026 },
4027 "pigz" : {
4028 "default" : 0,
4029 "description" : "Use pigz instead of gzip when N>0. N=1 uses half of cores, N>1 uses N as thread count.",
4030 "optional" : 1,
4031 "type" : "integer",
4032 "typetext" : "<integer>"
4033 },
4034 "pool" : {
4035 "description" : "Backup all known guest systems included in the specified pool.",
4036 "optional" : 1,
4037 "type" : "string&