-var pveapi = [
+const apiSchema = [
{
"children" : [
{
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Mark replication job for removal.",
"method" : "DELETE",
"name" : "delete",
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Read replication job configuration.",
"method" : "GET",
"name" : "read",
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Update replication job configuration.",
"method" : "PUT",
"name" : "update",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"schedule" : {
"default" : "*/15",
- "description" : "Storage replication schedule. The format is a subset of `systemd` calender events.",
+ "description" : "Storage replication schedule. The format is a subset of `systemd` calendar events.",
"format" : "pve-calendar-event",
"maxLength" : 128,
"optional" : 1,
"typetext" : "<string>"
},
"source" : {
- "description" : "Source of the replication.",
+ "description" : "For internal use, to detect if the guest was stolen.",
"format" : "pve-node",
"optional" : 1,
"type" : "string",
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List replication jobs.",
"method" : "GET",
"name" : "index",
"additionalProperties" : 0
},
"permissions" : {
- "description" : "Requires the VM.Audit permission on /vms/<vmid>.",
+ "description" : "Will only return replication jobs for which the calling user has VM.Audit permission on /vms/<vmid>.",
"user" : "all"
},
"returns" : {
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create a new replication job",
"method" : "POST",
"name" : "create",
},
"schedule" : {
"default" : "*/15",
- "description" : "Storage replication schedule. The format is a subset of `systemd` calender events.",
+ "description" : "Storage replication schedule. The format is a subset of `systemd` calendar events.",
"format" : "pve-calendar-event",
"maxLength" : 128,
"optional" : 1,
"typetext" : "<string>"
},
"source" : {
- "description" : "Source of the replication.",
+ "description" : "For internal use, to detect if the guest was stolen.",
"format" : "pve-node",
"optional" : 1,
"type" : "string",
{
"info" : {
"DELETE" : {
- "description" : "Removes a node from the cluster configuration.",
+ "allowtoken" : 1,
+ "description" : "Remove Metric server.",
"method" : "DELETE",
- "name" : "delnode",
+ "name" : "delete",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
+ "id" : {
+ "format" : "pve-configid",
"type" : "string",
"typetext" : "<string>"
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"returns" : {
"type" : "null"
}
},
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read metric server configuration.",
+ "method" : "GET",
+ "name" : "read",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ },
"POST" : {
- "description" : "Adds a node to the cluster configuration. This call is for internal use.",
+ "allowtoken" : 1,
+ "description" : "Create a new external metric server config",
"method" : "POST",
- "name" : "addnode",
+ "name" : "create",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "force" : {
- "description" : "Do not throw error if node already exists.",
+ "api-path-prefix" : {
+ "description" : "An API path prefix inserted between '<host>:<port>/' and '/api2/'. Can be useful if the InfluxDB service runs behind a reverse proxy.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "bucket" : {
+ "description" : "The InfluxDB bucket/db. Only necessary when using the http v2 api.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "disable" : {
+ "description" : "Flag to disable the plugin.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
+ "id" : {
+ "description" : "The ID of the entry.",
+ "format" : "pve-configid",
"type" : "string",
"typetext" : "<string>"
},
- "nodeid" : {
- "description" : "Node id for this node.",
+ "influxdbproto" : {
+ "default" : "udp",
+ "enum" : [
+ "udp",
+ "http",
+ "https"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "max-body-size" : {
+ "default" : 25000000,
+ "description" : "InfluxDB max-body-size in bytes. Requests are batched up to this size.",
"minimum" : 1,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (1 - N)"
},
- "ring0_addr" : {
- "default" : "Hostname of the node",
- "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
- "format" : "address",
+ "mtu" : {
+ "default" : 1500,
+ "description" : "MTU for metrics transmission over UDP",
+ "maximum" : 65536,
+ "minimum" : 512,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (512 - 65536)"
+ },
+ "organization" : {
+ "description" : "The InfluxDB organization. Only necessary when using the http v2 api. Has no meaning when using v2 compatibility api.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "ring1_addr" : {
- "description" : "Hostname (or IP) of the corosync ring1 address of this node. Requires a valid configured ring 1 (bindnet1_addr) in the cluster.",
- "format" : "address",
+ "path" : {
+ "description" : "root graphite path (ex: proxmox.mycluster.mykey)",
+ "format" : "graphite-path",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "votes" : {
- "description" : "Number of votes for this node",
+ "port" : {
+ "description" : "server network port",
+ "maximum" : 65536,
+ "minimum" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 65536)"
+ },
+ "proto" : {
+ "description" : "Protocol to send graphite data. TCP or UDP (default)",
+ "enum" : [
+ "udp",
+ "tcp"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "server" : {
+ "description" : "server dns name or IP address",
+ "format" : "address",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "timeout" : {
+ "default" : 1,
+ "description" : "graphite TCP socket timeout (default=1)",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (0 - N)"
+ },
+ "token" : {
+ "description" : "The InfluxDB access token. Only necessary when using the http v2 api. If the v2 compatibility api is used, use 'user:password' instead.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "Plugin type.",
+ "enum" : [
+ "graphite",
+ "influxdb"
+ ],
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "verify-certificate" : {
+ "default" : 1,
+ "description" : "Set to 0 to disable certificate verification for https endpoints.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
}
- }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
},
"protected" : 1,
"returns" : {
+ "type" : "null"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update metric server configuration.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
"properties" : {
- "corosync_authkey" : {
+ "api-path-prefix" : {
+ "description" : "An API path prefix inserted between '<host>:<port>/' and '/api2/'. Can be useful if the InfluxDB service runs behind a reverse proxy.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "bucket" : {
+ "description" : "The InfluxDB bucket/db. Only necessary when using the http v2 api.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "disable" : {
+ "description" : "Flag to disable the plugin.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "id" : {
+ "description" : "The ID of the entry.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "influxdbproto" : {
+ "default" : "udp",
+ "enum" : [
+ "udp",
+ "http",
+ "https"
+ ],
+ "optional" : 1,
"type" : "string"
},
- "corosync_conf" : {
+ "max-body-size" : {
+ "default" : 25000000,
+ "description" : "InfluxDB max-body-size in bytes. Requests are batched up to this size.",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ },
+ "mtu" : {
+ "default" : 1500,
+ "description" : "MTU for metrics transmission over UDP",
+ "maximum" : 65536,
+ "minimum" : 512,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (512 - 65536)"
+ },
+ "organization" : {
+ "description" : "The InfluxDB organization. Only necessary when using the http v2 api. Has no meaning when using v2 compatibility api.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "path" : {
+ "description" : "root graphite path (ex: proxmox.mycluster.mykey)",
+ "format" : "graphite-path",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "port" : {
+ "description" : "server network port",
+ "maximum" : 65536,
+ "minimum" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 65536)"
+ },
+ "proto" : {
+ "description" : "Protocol to send graphite data. TCP or UDP (default)",
+ "enum" : [
+ "udp",
+ "tcp"
+ ],
+ "optional" : 1,
"type" : "string"
+ },
+ "server" : {
+ "description" : "server dns name or IP address",
+ "format" : "address",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "timeout" : {
+ "default" : 1,
+ "description" : "graphite TCP socket timeout (default=1)",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "token" : {
+ "description" : "The InfluxDB access token. Only necessary when using the http v2 api. If the v2 compatibility api is used, use 'user:password' instead.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "verify-certificate" : {
+ "default" : 1,
+ "description" : "Set to 0 to disable certificate verification for https endpoints.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
}
},
"type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
}
}
},
"leaf" : 1,
- "path" : "/cluster/config/nodes/{node}",
- "text" : "{node}"
+ "path" : "/cluster/metrics/server/{id}",
+ "text" : "{id}"
}
],
"info" : {
"GET" : {
- "description" : "Corosync node list.",
+ "allowtoken" : 1,
+ "description" : "List configured metric servers.",
"method" : "GET",
- "name" : "nodes",
+ "name" : "server_index",
"parameters" : {
"additionalProperties" : 0
},
"returns" : {
"items" : {
"properties" : {
- "node" : {
+ "disable" : {
+ "description" : "Flag to disable the plugin.",
+ "type" : "boolean"
+ },
+ "id" : {
+ "description" : "The ID of the entry.",
+ "type" : "string"
+ },
+ "port" : {
+ "description" : "Server network port",
+ "type" : "integer"
+ },
+ "server" : {
+ "description" : "Server dns name or IP address",
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "Plugin type.",
"type" : "string"
}
},
},
"links" : [
{
- "href" : "{node}",
+ "href" : "{id}",
"rel" : "child"
}
],
}
},
"leaf" : 0,
- "path" : "/cluster/config/nodes",
- "text" : "nodes"
- },
- {
- "info" : {
- "GET" : {
- "description" : "Get information needed to join this cluster over the connected node.",
- "method" : "GET",
- "name" : "join_info",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "default" : "current connected node",
- "description" : "The node for which the joinee gets the nodeinfo. ",
- "format" : "pve-node",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
- },
- "returns" : {
- "additionalProperties" : 0,
- "properties" : {
- "config_digest" : {
- "type" : "string"
- },
- "nodelist" : {
- "items" : {
- "additionalProperties" : 1,
- "properties" : {
- "name" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string"
- },
- "nodeid" : {
- "description" : "Node id for this node.",
- "minimum" : 1,
- "optional" : 1,
- "type" : "integer"
- },
- "pve_addr" : {
- "format" : "ip",
- "type" : "string"
- },
- "pve_fp" : {
- "description" : "Certificate SHA 256 fingerprint.",
- "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
- "type" : "string"
- },
- "quorum_votes" : {
- "minimum" : 0,
- "type" : "integer"
- },
- "ring0_addr" : {
- "default" : "Hostname of the node",
- "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
- "format" : "address",
- "optional" : 1,
- "type" : "string"
- }
- },
- "type" : "object"
- },
- "type" : "array"
- },
- "preferred_node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string"
- },
- "totem" : {
- "type" : "object"
- }
- },
- "type" : "object"
- }
- },
- "POST" : {
- "description" : "Joins this node into an existing cluster.",
- "method" : "POST",
- "name" : "join",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "fingerprint" : {
- "description" : "Certificate SHA 256 fingerprint.",
- "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
- "type" : "string"
- },
- "force" : {
- "description" : "Do not throw error if node already exists.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "hostname" : {
- "description" : "Hostname (or IP) of an existing cluster member.",
- "type" : "string",
- "typetext" : "<string>"
- },
- "nodeid" : {
- "description" : "Node id for this node.",
- "minimum" : 1,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (1 - N)"
- },
- "password" : {
- "description" : "Superuser (root) password of peer node.",
- "maxLength" : 128,
- "type" : "string",
- "typetext" : "<string>"
- },
- "ring0_addr" : {
- "default" : "IP resolved by node's hostname",
- "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
- "format" : "address",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "ring1_addr" : {
- "description" : "Hostname (or IP) of the corosync ring1 address of this node. Requires a valid configured ring 1 (bindnet1_addr) in the cluster.",
- "format" : "address",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "votes" : {
- "description" : "Number of votes for this node",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- }
- }
- },
- "protected" : 1,
- "returns" : {
- "type" : "string"
- }
- }
- },
- "leaf" : 1,
- "path" : "/cluster/config/join",
- "text" : "join"
- },
- {
- "info" : {
- "GET" : {
- "description" : "Get corosync totem protocol settings.",
- "method" : "GET",
- "name" : "totem",
- "parameters" : {
- "additionalProperties" : 0
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
- },
- "returns" : {
- "type" : "object"
- }
- }
- },
- "leaf" : 1,
- "path" : "/cluster/config/totem",
- "text" : "totem"
+ "path" : "/cluster/metrics/server",
+ "text" : "server"
}
],
"info" : {
"GET" : {
- "description" : "Directory index.",
+ "allowtoken" : 1,
+ "description" : "Metrics index.",
"method" : "GET",
"name" : "index",
"parameters" : {
"additionalProperties" : 0
},
"permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
+ "user" : "all"
},
"returns" : {
"items" : {
],
"type" : "array"
}
- },
- "POST" : {
- "description" : "Generate new cluster configuration.",
- "method" : "POST",
- "name" : "create",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "bindnet0_addr" : {
- "description" : "This specifies the network address the corosync ring 0 executive should bind to and defaults to the local IP address of the node.",
- "format" : "ip",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "bindnet1_addr" : {
- "description" : "This specifies the network address the corosync ring 1 executive should bind to and is optional.",
- "format" : "ip",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "clustername" : {
- "description" : "The name of the cluster.",
- "format" : "pve-node",
- "maxLength" : 15,
- "type" : "string",
- "typetext" : "<string>"
- },
- "nodeid" : {
- "description" : "Node id for this node.",
- "minimum" : 1,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (1 - N)"
- },
- "ring0_addr" : {
- "default" : "Hostname of the node",
- "description" : "Hostname (or IP) of the corosync ring0 address of this node.",
- "format" : "address",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "ring1_addr" : {
- "description" : "Hostname (or IP) of the corosync ring1 address of this node. Requires a valid configured ring 1 (bindnet1_addr) in the cluster.",
- "format" : "address",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "votes" : {
- "description" : "Number of votes for this node.",
- "minimum" : 1,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (1 - N)"
- }
- }
- },
- "protected" : 1,
- "returns" : {
- "type" : "string"
- }
}
},
"leaf" : 0,
- "path" : "/cluster/config",
- "text" : "config"
+ "path" : "/cluster/metrics",
+ "text" : "metrics"
},
{
"children" : [
{
"info" : {
"DELETE" : {
- "description" : "Delete rule.",
+ "allowtoken" : 1,
+ "description" : "Remove sendmail endpoint",
"method" : "DELETE",
- "name" : "delete_rule",
+ "name" : "delete_sendmail_endpoint",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
+ "name" : {
+ "format" : "pve-configid",
"type" : "string",
"typetext" : "<string>"
- },
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
}
}
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/mapping/notifications",
[
- "Sys.Modify"
+ "Mapping.Modify"
]
]
},
"protected" : 1,
- "proxyto" : null,
"returns" : {
"type" : "null"
}
},
"GET" : {
- "description" : "Get single rule data.",
+ "allowtoken" : 1,
+ "description" : "Return a specific sendmail endpoint",
"method" : "GET",
- "name" : "get_rule",
+ "name" : "get_sendmail_endpoint",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "name" : {
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
"permissions" : {
"check" : [
- "perm",
- "/",
+ "or",
[
- "Sys.Audit"
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Audit"
+ ]
]
]
},
- "proxyto" : null,
+ "protected" : 1,
"returns" : {
"properties" : {
- "action" : {
- "type" : "string"
- },
- "comment" : {
- "optional" : 1,
- "type" : "string"
- },
- "dest" : {
+ "author" : {
+ "description" : "Author of the mail",
"optional" : 1,
"type" : "string"
},
- "dport" : {
+ "comment" : {
+ "description" : "Comment",
"optional" : 1,
"type" : "string"
},
- "enable" : {
- "optional" : 1,
- "type" : "integer"
- },
- "iface" : {
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string"
},
- "ipversion" : {
- "optional" : 1,
- "type" : "integer"
- },
- "macro" : {
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
"optional" : 1,
- "type" : "integer"
- },
- "pos" : {
- "type" : "integer"
+ "type" : "boolean"
},
- "proto" : {
+ "from-address" : {
+ "description" : "`From` address for the mail",
"optional" : 1,
"type" : "string"
},
- "source" : {
+ "mailto" : {
+ "description" : "List of email recipients",
+ "items" : {
+ "format" : "email-or-username",
+ "type" : "string"
+ },
"optional" : 1,
- "type" : "string"
+ "type" : "array"
},
- "sport" : {
+ "mailto-user" : {
+ "description" : "List of users",
+ "items" : {
+ "format" : "pve-userid",
+ "type" : "string"
+ },
"optional" : 1,
- "type" : "string"
+ "type" : "array"
},
- "type" : {
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
"type" : "string"
}
},
}
},
"PUT" : {
- "description" : "Modify rule data.",
+ "allowtoken" : 1,
+ "description" : "Update existing sendmail endpoint",
"method" : "PUT",
- "name" : "update_rule",
+ "name" : "update_sendmail_endpoint",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "action" : {
- "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
- "maxLength" : 20,
- "minLength" : 2,
+ "author" : {
+ "description" : "Author of the mail",
"optional" : 1,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
"comment" : {
- "description" : "Descriptive comment.",
+ "description" : "Comment",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"delete" : {
"description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "dest" : {
- "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
+ "items" : {
+ "format" : "pve-configid",
+ "type" : "string"
+ },
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "array",
+ "typetext" : "<array>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "dport" : {
- "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-dport-spec",
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "enable" : {
- "description" : "Flag to enable/disable a rule.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- },
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "iface" : {
- "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
- "format" : "pve-iface",
- "maxLength" : 20,
- "minLength" : 2,
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "macro" : {
- "description" : "Use predefined standard macro.",
- "maxLength" : 128,
+ "from-address" : {
+ "description" : "`From` address for the mail",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "moveto" : {
- "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- },
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- },
- "proto" : {
- "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
- "format" : "pve-fw-protocol-spec",
+ "mailto" : {
+ "description" : "List of email recipients",
+ "items" : {
+ "format" : "email-or-username",
+ "type" : "string"
+ },
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "array",
+ "typetext" : "<array>"
},
- "source" : {
- "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
+ "mailto-user" : {
+ "description" : "List of users",
+ "items" : {
+ "format" : "pve-userid",
+ "type" : "string"
+ },
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "array",
+ "typetext" : "<array>"
},
- "sport" : {
- "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-sport-spec",
- "optional" : 1,
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
"type" : "string",
"typetext" : "<string>"
- },
- "type" : {
- "description" : "Rule type.",
- "enum" : [
- "in",
- "out",
- "group"
- ],
- "optional" : 1,
- "type" : "string"
}
}
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/mapping/notifications",
[
- "Sys.Modify"
+ "Mapping.Modify"
]
]
},
"protected" : 1,
- "proxyto" : null,
"returns" : {
"type" : "null"
}
}
},
"leaf" : 1,
- "path" : "/cluster/firewall/groups/{group}/{pos}",
- "text" : "{pos}"
+ "path" : "/cluster/notifications/endpoints/sendmail/{name}",
+ "text" : "{name}"
}
],
"info" : {
- "DELETE" : {
- "description" : "Delete security group.",
- "method" : "DELETE",
- "name" : "delete_security_group",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- },
"GET" : {
- "description" : "List rules.",
+ "allowtoken" : 1,
+ "description" : "Returns a list of all sendmail endpoints",
"method" : "GET",
- "name" : "get_rules",
+ "name" : "get_sendmail_endpoints",
"parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- }
- }
+ "additionalProperties" : 0
},
"permissions" : {
"check" : [
- "perm",
- "/",
+ "or",
[
- "Sys.Audit"
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Audit"
+ ]
]
]
},
- "proxyto" : null,
+ "protected" : 1,
"returns" : {
"items" : {
"properties" : {
- "pos" : {
- "type" : "integer"
+ "author" : {
+ "description" : "Author of the mail",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "comment" : {
+ "description" : "Comment",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "from-address" : {
+ "description" : "`From` address for the mail",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "mailto" : {
+ "description" : "List of email recipients",
+ "items" : {
+ "format" : "email-or-username",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "mailto-user" : {
+ "description" : "List of users",
+ "items" : {
+ "format" : "pve-userid",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "origin" : {
+ "description" : "Show if this entry was created by a user or was built-in",
+ "enum" : [
+ "user-created",
+ "builtin",
+ "modified-builtin"
+ ],
+ "type" : "string"
}
},
"type" : "object"
},
"links" : [
{
- "href" : "{pos}",
+ "href" : "{name}",
"rel" : "child"
}
],
}
},
"POST" : {
- "description" : "Create new rule.",
+ "allowtoken" : 1,
+ "description" : "Create a new sendmail endpoint",
"method" : "POST",
- "name" : "create_rule",
+ "name" : "create_sendmail_endpoint",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "action" : {
- "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 0,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "comment" : {
- "description" : "Descriptive comment.",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "dest" : {
- "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "author" : {
+ "description" : "Author of the mail",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "dport" : {
- "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-dport-spec",
+ "comment" : {
+ "description" : "Comment",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "enable" : {
- "description" : "Flag to enable/disable a rule.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- },
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "iface" : {
- "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
- "format" : "pve-iface",
- "maxLength" : 20,
- "minLength" : 2,
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "macro" : {
- "description" : "Use predefined standard macro.",
- "maxLength" : 128,
+ "from-address" : {
+ "description" : "`From` address for the mail",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- },
- "proto" : {
- "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
- "format" : "pve-fw-protocol-spec",
+ "mailto" : {
+ "description" : "List of email recipients",
+ "items" : {
+ "format" : "email-or-username",
+ "type" : "string"
+ },
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "array",
+ "typetext" : "<array>"
},
- "source" : {
- "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
+ "mailto-user" : {
+ "description" : "List of users",
+ "items" : {
+ "format" : "pve-userid",
+ "type" : "string"
+ },
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "array",
+ "typetext" : "<array>"
},
- "sport" : {
- "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-sport-spec",
- "optional" : 1,
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
"type" : "string",
"typetext" : "<string>"
- },
- "type" : {
- "description" : "Rule type.",
- "enum" : [
- "in",
- "out",
- "group"
- ],
- "optional" : 0,
- "type" : "string"
}
}
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/mapping/notifications",
[
- "Sys.Modify"
+ "Mapping.Modify"
]
]
},
"protected" : 1,
- "proxyto" : null,
"returns" : {
"type" : "null"
}
}
},
"leaf" : 0,
- "path" : "/cluster/firewall/groups/{group}",
- "text" : "{group}"
- }
- ],
- "info" : {
- "GET" : {
- "description" : "List security groups.",
- "method" : "GET",
- "name" : "list_security_groups",
- "parameters" : {
- "additionalProperties" : 0
- },
- "permissions" : {
- "user" : "all"
- },
- "returns" : {
- "items" : {
- "properties" : {
- "comment" : {
- "optional" : 1,
- "type" : "string"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 0,
- "type" : "string"
- },
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- }
- },
- "type" : "object"
- },
- "links" : [
- {
- "href" : "{group}",
- "rel" : "child"
- }
- ],
- "type" : "array"
- }
+ "path" : "/cluster/notifications/endpoints/sendmail",
+ "text" : "sendmail"
},
- "POST" : {
- "description" : "Create new security group.",
- "method" : "POST",
- "name" : "create_security_group",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "comment" : {
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "group" : {
- "description" : "Security Group name.",
- "maxLength" : 18,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "rename" : {
- "description" : "Rename/update an existing security group. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing group.",
- "maxLength" : 18,
- "minLength" : 2,
- "optional" : 1,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 0,
- "path" : "/cluster/firewall/groups",
- "text" : "groups"
- },
- {
- "children" : [
{
- "info" : {
- "DELETE" : {
- "description" : "Delete rule.",
- "method" : "DELETE",
- "name" : "delete_rule",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Remove gotify endpoint",
+ "method" : "DELETE",
+ "name" : "delete_gotify_endpoint",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "name" : {
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
},
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
}
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Return a specific gotify endpoint",
+ "method" : "GET",
+ "name" : "get_gotify_endpoint",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "name" : {
+ "description" : "Name of the endpoint.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Audit"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "properties" : {
+ "comment" : {
+ "description" : "Comment",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string"
+ },
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "server" : {
+ "description" : "Server URL",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update existing gotify endpoint",
+ "method" : "PUT",
+ "name" : "update_gotify_endpoint",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "description" : "Comment",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "items" : {
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "server" : {
+ "description" : "Server URL",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "token" : {
+ "description" : "Secret token",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
},
- "protected" : 1,
- "proxyto" : null,
- "returns" : {
- "type" : "null"
- }
- },
+ "leaf" : 1,
+ "path" : "/cluster/notifications/endpoints/gotify/{name}",
+ "text" : "{name}"
+ }
+ ],
+ "info" : {
"GET" : {
- "description" : "Get single rule data.",
+ "allowtoken" : 1,
+ "description" : "Returns a list of all gotify endpoints",
"method" : "GET",
- "name" : "get_rule",
+ "name" : "get_gotify_endpoints",
"parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- }
- }
+ "additionalProperties" : 0
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/mapping/notifications",
[
- "Sys.Audit"
+ "Mapping.Audit"
]
]
},
- "proxyto" : null,
+ "protected" : 1,
"returns" : {
- "properties" : {
- "action" : {
- "type" : "string"
- },
- "comment" : {
- "optional" : 1,
- "type" : "string"
- },
- "dest" : {
- "optional" : 1,
- "type" : "string"
- },
- "dport" : {
- "optional" : 1,
- "type" : "string"
- },
- "enable" : {
- "optional" : 1,
- "type" : "integer"
- },
- "iface" : {
- "optional" : 1,
- "type" : "string"
- },
- "ipversion" : {
- "optional" : 1,
- "type" : "integer"
- },
- "macro" : {
- "optional" : 1,
- "type" : "integer"
- },
- "pos" : {
- "type" : "integer"
- },
- "proto" : {
- "optional" : 1,
- "type" : "string"
- },
- "source" : {
- "optional" : 1,
- "type" : "string"
- },
- "sport" : {
- "optional" : 1,
- "type" : "string"
+ "items" : {
+ "properties" : {
+ "comment" : {
+ "description" : "Comment",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "origin" : {
+ "description" : "Show if this entry was created by a user or was built-in",
+ "enum" : [
+ "user-created",
+ "builtin",
+ "modified-builtin"
+ ],
+ "type" : "string"
+ },
+ "server" : {
+ "description" : "Server URL",
+ "type" : "string"
+ }
},
- "type" : {
- "type" : "string"
- }
+ "type" : "object"
},
- "type" : "object"
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
}
},
- "PUT" : {
- "description" : "Modify rule data.",
- "method" : "PUT",
- "name" : "update_rule",
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create a new gotify endpoint",
+ "method" : "POST",
+ "name" : "create_gotify_endpoint",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "action" : {
- "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 1,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
"comment" : {
- "description" : "Descriptive comment.",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "delete" : {
- "description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "dest" : {
- "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "dport" : {
- "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-dport-spec",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "enable" : {
- "description" : "Flag to enable/disable a rule.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- },
- "iface" : {
- "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
- "format" : "pve-iface",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "macro" : {
- "description" : "Use predefined standard macro.",
- "maxLength" : 128,
+ "description" : "Comment",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "moveto" : {
- "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- },
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
"optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "proto" : {
- "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
- "format" : "pve-fw-protocol-spec",
- "optional" : 1,
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
"type" : "string",
"typetext" : "<string>"
},
- "source" : {
- "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
+ "server" : {
+ "description" : "Server URL",
"type" : "string",
"typetext" : "<string>"
},
- "sport" : {
- "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-sport-spec",
- "optional" : 1,
+ "token" : {
+ "description" : "Secret token",
"type" : "string",
"typetext" : "<string>"
- },
- "type" : {
- "description" : "Rule type.",
- "enum" : [
- "in",
- "out",
- "group"
- ],
- "optional" : 1,
- "type" : "string"
}
}
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/mapping/notifications",
[
- "Sys.Modify"
+ "Mapping.Modify"
]
]
},
"protected" : 1,
- "proxyto" : null,
"returns" : {
"type" : "null"
}
}
},
- "leaf" : 1,
- "path" : "/cluster/firewall/rules/{pos}",
- "text" : "{pos}"
- }
- ],
- "info" : {
- "GET" : {
- "description" : "List rules.",
- "method" : "GET",
- "name" : "get_rules",
- "parameters" : {
- "additionalProperties" : 0
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
- },
- "proxyto" : null,
- "returns" : {
- "items" : {
- "properties" : {
- "pos" : {
- "type" : "integer"
- }
- },
- "type" : "object"
- },
- "links" : [
- {
- "href" : "{pos}",
- "rel" : "child"
- }
- ],
- "type" : "array"
- }
+ "leaf" : 0,
+ "path" : "/cluster/notifications/endpoints/gotify",
+ "text" : "gotify"
},
- "POST" : {
- "description" : "Create new rule.",
- "method" : "POST",
- "name" : "create_rule",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "action" : {
- "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 0,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "comment" : {
- "description" : "Descriptive comment.",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "dest" : {
- "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "dport" : {
- "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-dport-spec",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "enable" : {
- "description" : "Flag to enable/disable a rule.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- },
- "iface" : {
- "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
- "format" : "pve-iface",
- "maxLength" : 20,
- "minLength" : 2,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "macro" : {
- "description" : "Use predefined standard macro.",
- "maxLength" : 128,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "pos" : {
- "description" : "Update rule at position <pos>.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- },
- "proto" : {
- "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
- "format" : "pve-fw-protocol-spec",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "source" : {
- "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
- "format" : "pve-fw-addr-spec",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "sport" : {
- "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
- "format" : "pve-fw-sport-spec",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "type" : {
- "description" : "Rule type.",
- "enum" : [
- "in",
- "out",
- "group"
- ],
- "optional" : 0,
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "proxyto" : null,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 0,
- "path" : "/cluster/firewall/rules",
- "text" : "rules"
- },
- {
- "children" : [
{
"children" : [
{
"info" : {
"DELETE" : {
- "description" : "Remove IP or Network from IPSet.",
+ "allowtoken" : 1,
+ "description" : "Remove smtp endpoint",
"method" : "DELETE",
- "name" : "remove_ip",
+ "name" : "delete_smtp_endpoint",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "cidr" : {
- "description" : "Network/IP specification in CIDR format.",
- "format" : "IPorCIDRorAlias",
- "type" : "string",
- "typetext" : "<string>"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
+ "name" : {
+ "format" : "pve-configid",
"type" : "string",
"typetext" : "<string>"
- },
- "name" : {
- "description" : "IP set name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
}
}
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/mapping/notifications",
[
- "Sys.Modify"
+ "Mapping.Modify"
]
]
},
}
},
"GET" : {
- "description" : "Read IP or Network settings from IPSet.",
+ "allowtoken" : 1,
+ "description" : "Return a specific smtp endpoint",
"method" : "GET",
- "name" : "read_ip",
+ "name" : "get_smtp_endpoint",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "cidr" : {
- "description" : "Network/IP specification in CIDR format.",
- "format" : "IPorCIDRorAlias",
+ "name" : {
+ "format" : "pve-configid",
"type" : "string",
"typetext" : "<string>"
- },
- "name" : {
- "description" : "IP set name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
}
}
},
"permissions" : {
"check" : [
- "perm",
- "/",
+ "or",
[
- "Sys.Audit"
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Audit"
+ ]
]
]
},
"protected" : 1,
"returns" : {
+ "properties" : {
+ "author" : {
+ "description" : "Author of the mail. Defaults to 'Proxmox VE'.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "comment" : {
+ "description" : "Comment",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string"
+ },
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "from-address" : {
+ "description" : "`From` address for the mail",
+ "type" : "string"
+ },
+ "mailto" : {
+ "description" : "List of email recipients",
+ "items" : {
+ "format" : "email-or-username",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "mailto-user" : {
+ "description" : "List of users",
+ "items" : {
+ "format" : "pve-userid",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "mode" : {
+ "default" : "tls",
+ "description" : "Determine which encryption method shall be used for the connection.",
+ "enum" : [
+ "insecure",
+ "starttls",
+ "tls"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "port" : {
+ "description" : "The port to be used. Defaults to 465 for TLS based connections, 587 for STARTTLS based connections and port 25 for insecure plain-text connections.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "server" : {
+ "description" : "The address of the SMTP server.",
+ "type" : "string"
+ },
+ "username" : {
+ "description" : "Username for SMTP authentication",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
"type" : "object"
}
},
"PUT" : {
- "description" : "Update IP or Network settings",
+ "allowtoken" : 1,
+ "description" : "Update existing smtp endpoint",
"method" : "PUT",
- "name" : "update_ip",
+ "name" : "update_smtp_endpoint",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "cidr" : {
- "description" : "Network/IP specification in CIDR format.",
- "format" : "IPorCIDRorAlias",
+ "author" : {
+ "description" : "Author of the mail. Defaults to 'Proxmox VE'.",
+ "optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"comment" : {
+ "description" : "Comment",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "items" : {
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "name" : {
- "description" : "IP set name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "nomatch" : {
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
+ },
+ "from-address" : {
+ "description" : "`From` address for the mail",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mailto" : {
+ "description" : "List of email recipients",
+ "items" : {
+ "format" : "email-or-username",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "mailto-user" : {
+ "description" : "List of users",
+ "items" : {
+ "format" : "pve-userid",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "mode" : {
+ "default" : "tls",
+ "description" : "Determine which encryption method shall be used for the connection.",
+ "enum" : [
+ "insecure",
+ "starttls",
+ "tls"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "password" : {
+ "description" : "Password for SMTP authentication",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "port" : {
+ "description" : "The port to be used. Defaults to 465 for TLS based connections, 587 for STARTTLS based connections and port 25 for insecure plain-text connections.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "server" : {
+ "description" : "The address of the SMTP server.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "username" : {
+ "description" : "Username for SMTP authentication",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
"permissions" : {
"check" : [
- "perm",
- "/",
+ "or",
[
- "Sys.Modify"
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
]
]
},
}
},
"leaf" : 1,
- "path" : "/cluster/firewall/ipset/{name}/{cidr}",
- "text" : "{cidr}"
+ "path" : "/cluster/notifications/endpoints/smtp/{name}",
+ "text" : "{name}"
}
],
"info" : {
- "DELETE" : {
- "description" : "Delete IPSet",
- "method" : "DELETE",
- "name" : "delete_ipset",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "name" : {
- "description" : "IP set name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- },
"GET" : {
- "description" : "List IPSet content",
+ "allowtoken" : 1,
+ "description" : "Returns a list of all smtp endpoints",
"method" : "GET",
- "name" : "get_ipset",
+ "name" : "get_smtp_endpoints",
"parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "name" : {
- "description" : "IP set name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- }
- }
+ "additionalProperties" : 0
},
"permissions" : {
"check" : [
- "perm",
- "/",
+ "or",
[
- "Sys.Audit"
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Audit"
+ ]
]
]
},
+ "protected" : 1,
"returns" : {
"items" : {
"properties" : {
- "cidr" : {
+ "author" : {
+ "description" : "Author of the mail. Defaults to 'Proxmox VE'.",
+ "optional" : 1,
"type" : "string"
},
"comment" : {
+ "description" : "Comment",
"optional" : 1,
"type" : "string"
},
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 0,
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "from-address" : {
+ "description" : "`From` address for the mail",
"type" : "string"
},
- "nomatch" : {
+ "mailto" : {
+ "description" : "List of email recipients",
+ "items" : {
+ "format" : "email-or-username",
+ "type" : "string"
+ },
"optional" : 1,
- "type" : "boolean"
+ "type" : "array"
+ },
+ "mailto-user" : {
+ "description" : "List of users",
+ "items" : {
+ "format" : "pve-userid",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "mode" : {
+ "default" : "tls",
+ "description" : "Determine which encryption method shall be used for the connection.",
+ "enum" : [
+ "insecure",
+ "starttls",
+ "tls"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "origin" : {
+ "description" : "Show if this entry was created by a user or was built-in",
+ "enum" : [
+ "user-created",
+ "builtin",
+ "modified-builtin"
+ ],
+ "type" : "string"
+ },
+ "port" : {
+ "description" : "The port to be used. Defaults to 465 for TLS based connections, 587 for STARTTLS based connections and port 25 for insecure plain-text connections.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "server" : {
+ "description" : "The address of the SMTP server.",
+ "type" : "string"
+ },
+ "username" : {
+ "description" : "Username for SMTP authentication",
+ "optional" : 1,
+ "type" : "string"
}
},
"type" : "object"
},
"links" : [
{
- "href" : "{cidr}",
+ "href" : "{name}",
"rel" : "child"
}
],
}
},
"POST" : {
- "description" : "Add IP or Network to IPSet.",
+ "allowtoken" : 1,
+ "description" : "Create a new smtp endpoint",
"method" : "POST",
- "name" : "create_ip",
+ "name" : "create_smtp_endpoint",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "cidr" : {
- "description" : "Network/IP specification in CIDR format.",
- "format" : "IPorCIDRorAlias",
+ "author" : {
+ "description" : "Author of the mail. Defaults to 'Proxmox VE'.",
+ "optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"comment" : {
+ "description" : "Comment",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "name" : {
- "description" : "IP set name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "nomatch" : {
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this target",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
+ },
+ "from-address" : {
+ "description" : "`From` address for the mail",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mailto" : {
+ "description" : "List of email recipients",
+ "items" : {
+ "format" : "email-or-username",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "mailto-user" : {
+ "description" : "List of users",
+ "items" : {
+ "format" : "pve-userid",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "mode" : {
+ "default" : "tls",
+ "description" : "Determine which encryption method shall be used for the connection.",
+ "enum" : [
+ "insecure",
+ "starttls",
+ "tls"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "The name of the endpoint.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "password" : {
+ "description" : "Password for SMTP authentication",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "port" : {
+ "description" : "The port to be used. Defaults to 465 for TLS based connections, 587 for STARTTLS based connections and port 25 for insecure plain-text connections.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "server" : {
+ "description" : "The address of the SMTP server.",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "username" : {
+ "description" : "Username for SMTP authentication",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
"permissions" : {
"check" : [
- "perm",
- "/",
+ "or",
[
- "Sys.Modify"
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
]
]
},
}
},
"leaf" : 0,
- "path" : "/cluster/firewall/ipset/{name}",
+ "path" : "/cluster/notifications/endpoints/smtp",
+ "text" : "smtp"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Index for all available endpoint types.",
+ "method" : "GET",
+ "name" : "endpoints_index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/notifications/endpoints",
+ "text" : "endpoints"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Send a test notification to a provided target.",
+ "method" : "POST",
+ "name" : "test_target",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "name" : {
+ "description" : "Name of the target.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Audit"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Use"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/notifications/targets/{name}/test",
+ "text" : "test"
+ }
+ ],
+ "leaf" : 0,
+ "path" : "/cluster/notifications/targets/{name}",
"text" : "{name}"
}
],
"info" : {
"GET" : {
- "description" : "List IPSets",
+ "allowtoken" : 1,
+ "description" : "Returns a list of all entities that can be used as notification targets.",
"method" : "GET",
- "name" : "ipset_index",
+ "name" : "get_all_targets",
"parameters" : {
"additionalProperties" : 0
},
"permissions" : {
"check" : [
- "perm",
- "/",
+ "or",
[
- "Sys.Audit"
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Audit"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Use"
+ ]
]
]
},
+ "protected" : 1,
"returns" : {
"items" : {
"properties" : {
"comment" : {
+ "description" : "Comment",
"optional" : 1,
"type" : "string"
},
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 0,
- "type" : "string"
+ "disable" : {
+ "default" : 0,
+ "description" : "Show if this target is disabled",
+ "optional" : 1,
+ "type" : "boolean"
},
"name" : {
- "description" : "IP set name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "description" : "Name of the target.",
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "origin" : {
+ "description" : "Show if this entry was created by a user or was built-in",
+ "enum" : [
+ "user-created",
+ "builtin",
+ "modified-builtin"
+ ],
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "Type of the target.",
+ "enum" : [
+ "sendmail",
+ "gotify",
+ "smtp"
+ ],
"type" : "string"
}
},
],
"type" : "array"
}
- },
- "POST" : {
- "description" : "Create new IPSet",
- "method" : "POST",
- "name" : "create_ipset",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "comment" : {
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "name" : {
- "description" : "IP set name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- },
- "rename" : {
- "description" : "Rename an existing IPSet. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing IPSet.",
- "maxLength" : 64,
- "minLength" : 2,
- "optional" : 1,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
}
},
"leaf" : 0,
- "path" : "/cluster/firewall/ipset",
- "text" : "ipset"
+ "path" : "/cluster/notifications/targets",
+ "text" : "targets"
},
{
"children" : [
{
"info" : {
"DELETE" : {
- "description" : "Remove IP or Network alias.",
+ "allowtoken" : 1,
+ "description" : "Remove matcher",
"method" : "DELETE",
- "name" : "remove_alias",
+ "name" : "delete_matcher",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
+ "name" : {
+ "format" : "pve-configid",
"type" : "string",
"typetext" : "<string>"
- },
- "name" : {
- "description" : "Alias name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
}
}
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/mapping/notifications",
[
- "Sys.Modify"
+ "Mapping.Modify"
]
]
},
}
},
"GET" : {
- "description" : "Read alias.",
+ "allowtoken" : 1,
+ "description" : "Return a specific matcher",
"method" : "GET",
- "name" : "read_alias",
+ "name" : "get_matcher",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
"name" : {
- "description" : "Alias name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
"permissions" : {
"check" : [
- "perm",
- "/",
+ "or",
[
- "Sys.Audit"
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Audit"
+ ]
]
]
},
+ "protected" : 1,
"returns" : {
- "type" : "object"
- }
- },
- "PUT" : {
- "description" : "Update IP or Network alias.",
- "method" : "PUT",
- "name" : "update_alias",
- "parameters" : {
- "additionalProperties" : 0,
"properties" : {
- "cidr" : {
- "description" : "Network/IP specification in CIDR format.",
- "format" : "IPorCIDR",
- "type" : "string",
- "typetext" : "<string>"
+ "comment" : {
+ "description" : "Comment",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string"
+ },
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this matcher",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "invert-match" : {
+ "description" : "Invert match of the whole matcher",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "match-calendar" : {
+ "description" : "Match notification timestamp",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "match-field" : {
+ "description" : "Metadata fields to match (regex or exact match). Must be in the form (regex|exact):<field>=<value>",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "match-severity" : {
+ "description" : "Notification severities to match",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "mode" : {
+ "default" : "all",
+ "description" : "Choose between 'all' and 'any' for when multiple properties are specified",
+ "enum" : [
+ "all",
+ "any"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "Name of the matcher.",
+ "format" : "pve-configid",
+ "type" : "string"
},
+ "target" : {
+ "description" : "Targets to notify on match",
+ "items" : {
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update existing matcher",
+ "method" : "PUT",
+ "name" : "update_matcher",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
"comment" : {
+ "description" : "Comment",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "items" : {
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "name" : {
- "description" : "Alias name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this matcher",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "rename" : {
- "description" : "Rename an existing alias.",
- "maxLength" : 64,
- "minLength" : 2,
+ "invert-match" : {
+ "description" : "Invert match of the whole matcher",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "match-calendar" : {
+ "description" : "Match notification timestamp",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "match-field" : {
+ "description" : "Metadata fields to match (regex or exact match). Must be in the form (regex|exact):<field>=<value>",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "match-severity" : {
+ "description" : "Notification severities to match",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "mode" : {
+ "default" : "all",
+ "description" : "Choose between 'all' and 'any' for when multiple properties are specified",
+ "enum" : [
+ "all",
+ "any"
+ ],
"optional" : 1,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
"type" : "string"
+ },
+ "name" : {
+ "description" : "Name of the matcher.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "target" : {
+ "description" : "Targets to notify on match",
+ "items" : {
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
}
}
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/mapping/notifications",
[
- "Sys.Modify"
+ "Mapping.Modify"
]
]
},
}
},
"leaf" : 1,
- "path" : "/cluster/firewall/aliases/{name}",
+ "path" : "/cluster/notifications/matchers/{name}",
"text" : "{name}"
}
],
"info" : {
"GET" : {
- "description" : "List aliases",
+ "allowtoken" : 1,
+ "description" : "Returns a list of all matchers",
"method" : "GET",
- "name" : "get_aliases",
+ "name" : "get_matchers",
"parameters" : {
"additionalProperties" : 0
},
"permissions" : {
"check" : [
- "perm",
- "/",
+ "or",
[
- "Sys.Audit"
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Audit"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/notifications",
+ [
+ "Mapping.Use"
+ ]
]
]
},
+ "protected" : 1,
"returns" : {
"items" : {
"properties" : {
- "cidr" : {
- "type" : "string"
- },
"comment" : {
+ "description" : "Comment",
"optional" : 1,
"type" : "string"
},
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 0,
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this matcher",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "invert-match" : {
+ "description" : "Invert match of the whole matcher",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "match-calendar" : {
+ "description" : "Match notification timestamp",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "match-field" : {
+ "description" : "Metadata fields to match (regex or exact match). Must be in the form (regex|exact):<field>=<value>",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "match-severity" : {
+ "description" : "Notification severities to match",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "mode" : {
+ "default" : "all",
+ "description" : "Choose between 'all' and 'any' for when multiple properties are specified",
+ "enum" : [
+ "all",
+ "any"
+ ],
+ "optional" : 1,
"type" : "string"
},
"name" : {
+ "description" : "Name of the matcher.",
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "origin" : {
+ "description" : "Show if this entry was created by a user or was built-in",
+ "enum" : [
+ "user-created",
+ "builtin",
+ "modified-builtin"
+ ],
"type" : "string"
+ },
+ "target" : {
+ "description" : "Targets to notify on match",
+ "items" : {
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
}
},
"type" : "object"
}
},
"POST" : {
- "description" : "Create IP or Network Alias.",
+ "allowtoken" : 1,
+ "description" : "Create a new matcher",
"method" : "POST",
- "name" : "create_alias",
+ "name" : "create_matcher",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "cidr" : {
- "description" : "Network/IP specification in CIDR format.",
- "format" : "IPorCIDR",
- "type" : "string",
- "typetext" : "<string>"
- },
"comment" : {
+ "description" : "Comment",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "name" : {
- "description" : "Alias name.",
- "maxLength" : 64,
- "minLength" : 2,
- "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 0,
- "path" : "/cluster/firewall/aliases",
- "text" : "aliases"
- },
- {
- "info" : {
- "GET" : {
- "description" : "Get Firewall options.",
- "method" : "GET",
- "name" : "get_options",
- "parameters" : {
- "additionalProperties" : 0
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
- },
- "returns" : {
- "properties" : {
- "ebtables" : {
- "default" : 1,
- "description" : "Enable ebtables rules cluster wide.",
- "optional" : 1,
- "type" : "boolean"
- },
- "enable" : {
- "description" : "Enable or disable the firewall cluster wide.",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer"
- },
- "policy_in" : {
- "description" : "Input policy.",
- "enum" : [
- "ACCEPT",
- "REJECT",
- "DROP"
- ],
+ "disable" : {
+ "default" : 0,
+ "description" : "Disable this matcher",
"optional" : 1,
- "type" : "string"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "policy_out" : {
- "description" : "Output policy.",
- "enum" : [
- "ACCEPT",
- "REJECT",
- "DROP"
- ],
- "optional" : 1,
- "type" : "string"
- }
- },
- "type" : "object"
- }
- },
- "PUT" : {
- "description" : "Set Firewall options.",
- "method" : "PUT",
- "name" : "set_options",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "delete" : {
- "description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
+ "invert-match" : {
+ "description" : "Invert match of the whole matcher",
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "match-calendar" : {
+ "description" : "Match notification timestamp",
+ "items" : {
+ "type" : "string"
+ },
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "array",
+ "typetext" : "<array>"
},
- "ebtables" : {
- "default" : 1,
- "description" : "Enable ebtables rules cluster wide.",
+ "match-field" : {
+ "description" : "Metadata fields to match (regex or exact match). Must be in the form (regex|exact):<field>=<value>",
+ "items" : {
+ "type" : "string"
+ },
"optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
+ "type" : "array",
+ "typetext" : "<array>"
},
- "enable" : {
- "description" : "Enable or disable the firewall cluster wide.",
- "minimum" : 0,
+ "match-severity" : {
+ "description" : "Notification severities to match",
+ "items" : {
+ "type" : "string"
+ },
"optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "type" : "array",
+ "typetext" : "<array>"
},
- "policy_in" : {
- "description" : "Input policy.",
+ "mode" : {
+ "default" : "all",
+ "description" : "Choose between 'all' and 'any' for when multiple properties are specified",
"enum" : [
- "ACCEPT",
- "REJECT",
- "DROP"
+ "all",
+ "any"
],
"optional" : 1,
"type" : "string"
},
- "policy_out" : {
- "description" : "Output policy.",
- "enum" : [
- "ACCEPT",
- "REJECT",
- "DROP"
- ],
- "optional" : 1,
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 1,
- "path" : "/cluster/firewall/options",
- "text" : "options"
- },
- {
- "info" : {
- "GET" : {
- "description" : "List available macros",
- "method" : "GET",
- "name" : "get_macros",
- "parameters" : {
- "additionalProperties" : 0
- },
- "permissions" : {
- "user" : "all"
- },
- "returns" : {
- "items" : {
- "properties" : {
- "descr" : {
- "description" : "More verbose description (if available).",
+ "name" : {
+ "description" : "Name of the matcher.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "target" : {
+ "description" : "Targets to notify on match",
+ "items" : {
+ "format" : "pve-configid",
"type" : "string"
},
- "macro" : {
- "description" : "Macro name.",
- "type" : "string"
- }
- },
- "type" : "object"
- },
- "type" : "array"
- }
- }
- },
- "leaf" : 1,
- "path" : "/cluster/firewall/macros",
- "text" : "macros"
- },
- {
- "info" : {
- "GET" : {
- "description" : "Lists possible IPSet/Alias reference which are allowed in source/dest properties.",
- "method" : "GET",
- "name" : "refs",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "type" : {
- "description" : "Only list references of specified type.",
- "enum" : [
- "alias",
- "ipset"
- ],
"optional" : 1,
- "type" : "string"
+ "type" : "array",
+ "typetext" : "<array>"
}
}
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/mapping/notifications",
[
- "Sys.Audit"
+ "Mapping.Modify"
]
]
},
+ "protected" : 1,
"returns" : {
- "items" : {
- "properties" : {
- "comment" : {
- "optional" : 1,
- "type" : "string"
- },
- "name" : {
- "type" : "string"
- },
- "ref" : {
- "type" : "string"
- },
- "type" : {
- "enum" : [
- "alias",
- "ipset"
- ],
- "type" : "string"
- }
- },
- "type" : "object"
- },
- "type" : "array"
+ "type" : "null"
}
}
},
- "leaf" : 1,
- "path" : "/cluster/firewall/refs",
- "text" : "refs"
+ "leaf" : 0,
+ "path" : "/cluster/notifications/matchers",
+ "text" : "matchers"
}
],
"info" : {
"GET" : {
- "description" : "Directory index.",
+ "allowtoken" : 1,
+ "description" : "Index for notification-related API endpoints.",
"method" : "GET",
"name" : "index",
"parameters" : {
}
},
"leaf" : 0,
- "path" : "/cluster/firewall",
- "text" : "firewall"
+ "path" : "/cluster/notifications",
+ "text" : "notifications"
},
{
"children" : [
{
"info" : {
- "DELETE" : {
- "description" : "Delete vzdump backup job definition.",
- "method" : "DELETE",
- "name" : "delete_job",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "id" : {
- "description" : "The job ID.",
- "maxLength" : 50,
- "type" : "string",
- "typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- },
"GET" : {
- "description" : "Read vzdump backup job definition.",
+ "allowtoken" : 1,
+ "description" : "Return the version of the cluster join API available on this node.",
"method" : "GET",
- "name" : "read_job",
+ "name" : "join_api_version",
"parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "id" : {
- "description" : "The job ID.",
- "maxLength" : 50,
- "type" : "string",
- "typetext" : "<string>"
- }
- }
+ "additionalProperties" : 0
},
"permissions" : {
"check" : [
]
},
"returns" : {
- "type" : "object"
+ "description" : "Cluster Join API version, currently 1",
+ "minimum" : 0,
+ "type" : "integer"
}
- },
- "PUT" : {
- "description" : "Update vzdump backup job definition.",
- "method" : "PUT",
- "name" : "update_job",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "all" : {
- "default" : 0,
- "description" : "Backup all known guest systems on this host.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/config/apiversion",
+ "text" : "apiversion"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Removes a node from the cluster configuration.",
+ "method" : "DELETE",
+ "name" : "delnode",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
},
- "bwlimit" : {
- "default" : 0,
- "description" : "Limit I/O bandwidth (KBytes per second).",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Adds a node to the cluster configuration. This call is for internal use.",
+ "method" : "POST",
+ "name" : "addnode",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "apiversion" : {
+ "description" : "The JOIN_API_VERSION of the new node.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "force" : {
+ "description" : "Do not throw error if node already exists.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "link[n]" : {
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
+ "format" : {
+ "address" : {
+ "default_key" : 1,
+ "description" : "Hostname (or IP) of this corosync link address.",
+ "format" : "address",
+ "format_description" : "IP",
+ "type" : "string"
+ },
+ "priority" : {
+ "default" : 0,
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
+ "maximum" : 255,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[address=]<IP> [,priority=<integer>]"
+ },
+ "new_node_ip" : {
+ "description" : "IP Address of node to add. Used as fallback if no links are given.",
+ "format" : "ip",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nodeid" : {
+ "description" : "Node id for this node.",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ },
+ "votes" : {
+ "description" : "Number of votes for this node",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ }
+ }
},
- "compress" : {
- "default" : "0",
- "description" : "Compress dump file.",
- "enum" : [
- "0",
- "1",
- "gzip",
- "lzo"
- ],
- "optional" : 1,
- "type" : "string"
+ "protected" : 1,
+ "returns" : {
+ "properties" : {
+ "corosync_authkey" : {
+ "type" : "string"
+ },
+ "corosync_conf" : {
+ "type" : "string"
+ },
+ "warnings" : {
+ "items" : {
+ "type" : "string"
+ },
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/config/nodes/{node}",
+ "text" : "{node}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Corosync node list.",
+ "method" : "GET",
+ "name" : "nodes",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "node" : {
+ "type" : "string"
+ }
},
- "delete" : {
- "description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{node}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/config/nodes",
+ "text" : "nodes"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get information needed to join this cluster over the connected node.",
+ "method" : "GET",
+ "name" : "join_info",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "default" : "current connected node",
+ "description" : "The node for which the joinee gets the nodeinfo. ",
+ "format" : "pve-node",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "config_digest" : {
+ "type" : "string"
},
- "dow" : {
- "description" : "Day of week selection.",
- "format" : "pve-day-of-week-list",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "nodelist" : {
+ "items" : {
+ "additionalProperties" : 1,
+ "properties" : {
+ "name" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string"
+ },
+ "nodeid" : {
+ "description" : "Node id for this node.",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "pve_addr" : {
+ "format" : "ip",
+ "type" : "string"
+ },
+ "pve_fp" : {
+ "description" : "Certificate SHA 256 fingerprint.",
+ "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
+ "type" : "string"
+ },
+ "quorum_votes" : {
+ "minimum" : 0,
+ "type" : "integer"
+ },
+ "ring0_addr" : {
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
+ "format" : {
+ "address" : {
+ "default_key" : 1,
+ "description" : "Hostname (or IP) of this corosync link address.",
+ "format" : "address",
+ "format_description" : "IP",
+ "type" : "string"
+ },
+ "priority" : {
+ "default" : 0,
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
+ "maximum" : 255,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
},
- "dumpdir" : {
- "description" : "Store resulting files to specified directory.",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "preferred_node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string"
},
- "enabled" : {
- "default" : "1",
- "description" : "Enable or disable the job.",
+ "totem" : {
+ "type" : "object"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Joins this node into an existing cluster. If no links are given, default to IP resolved by node's hostname on single link (fallback fails for clusters with multiple links).",
+ "method" : "POST",
+ "name" : "join",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "fingerprint" : {
+ "description" : "Certificate SHA 256 fingerprint.",
+ "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
+ "type" : "string"
+ },
+ "force" : {
+ "description" : "Do not throw error if node already exists.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
- "exclude" : {
- "description" : "Exclude specified guest systems (assumes --all)",
- "format" : "pve-vmid-list",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "exclude-path" : {
- "description" : "Exclude certain files/directories (shell globs).",
- "format" : "string-alist",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "id" : {
- "description" : "The job ID.",
- "maxLength" : 50,
+ "hostname" : {
+ "description" : "Hostname (or IP) of an existing cluster member.",
"type" : "string",
"typetext" : "<string>"
},
- "ionice" : {
- "default" : 7,
- "description" : "Set CFQ ionice priority.",
- "maximum" : 8,
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - 8)"
- },
- "lockwait" : {
- "default" : 180,
- "description" : "Maximal time to wait for the global lock (minutes).",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
- },
- "mailnotification" : {
- "default" : "always",
- "description" : "Specify when to send an email",
- "enum" : [
- "always",
- "failure"
- ],
- "optional" : 1,
- "type" : "string"
- },
- "mailto" : {
- "description" : "Comma-separated list of email addresses that should receive email notifications.",
- "format" : "string-list",
+ "link[n]" : {
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
+ "format" : {
+ "address" : {
+ "default_key" : 1,
+ "description" : "Hostname (or IP) of this corosync link address.",
+ "format" : "address",
+ "format_description" : "IP",
+ "type" : "string"
+ },
+ "priority" : {
+ "default" : 0,
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
+ "maximum" : 255,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ }
+ },
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[address=]<IP> [,priority=<integer>]"
},
- "maxfiles" : {
- "default" : 1,
- "description" : "Maximal number of backup files per guest system.",
+ "nodeid" : {
+ "description" : "Node id for this node.",
"minimum" : 1,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (1 - N)"
},
- "mode" : {
- "default" : "snapshot",
- "description" : "Backup mode.",
- "enum" : [
- "snapshot",
- "suspend",
- "stop"
- ],
- "optional" : 1,
- "type" : "string"
- },
- "node" : {
- "description" : "Only run if executed on this node.",
- "format" : "pve-node",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "pigz" : {
- "default" : 0,
- "description" : "Use pigz instead of gzip when N>0. N=1 uses half of cores, N>1 uses N as thread count.",
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer>"
- },
- "quiet" : {
- "default" : 0,
- "description" : "Be quiet.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "remove" : {
- "default" : 1,
- "description" : "Remove old backup files if there are more than 'maxfiles' backup files.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "script" : {
- "description" : "Use specified hook script.",
- "optional" : 1,
+ "password" : {
+ "description" : "Superuser (root) password of peer node.",
+ "maxLength" : 128,
"type" : "string",
"typetext" : "<string>"
},
- "size" : {
- "default" : 1024,
- "description" : "Unused, will be removed in a future release.",
- "minimum" : 500,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (500 - N)"
- },
- "starttime" : {
- "description" : "Job Start time.",
- "pattern" : "\\d{1,2}:\\d{1,2}",
- "type" : "string",
- "typetext" : "HH:MM"
- },
- "stdexcludes" : {
- "default" : 1,
- "description" : "Exclude temporary files and logs.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "stop" : {
- "default" : 0,
- "description" : "Stop runnig backup jobs on this host.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "stopwait" : {
- "default" : 10,
- "description" : "Maximal time to wait until a guest system is stopped (minutes).",
+ "votes" : {
+ "description" : "Number of votes for this node",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (0 - N)"
- },
- "storage" : {
- "description" : "Store resulting file to this storage.",
- "format" : "pve-storage-id",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "tmpdir" : {
- "description" : "Store temporary files to specified directory.",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "vmid" : {
- "description" : "The ID of the guest system you want to backup.",
- "format" : "pve-vmid-list",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
}
}
},
+ "protected" : 1,
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/config/join",
+ "text" : "join"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get corosync totem protocol settings.",
+ "method" : "GET",
+ "name" : "totem",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
"permissions" : {
"check" : [
"perm",
"/",
[
- "Sys.Modify"
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/config/totem",
+ "text" : "totem"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get QDevice status",
+ "method" : "GET",
+ "name" : "status",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
]
]
},
"protected" : 1,
"returns" : {
- "type" : "null"
+ "type" : "object"
}
}
},
"leaf" : 1,
- "path" : "/cluster/backup/{id}",
- "text" : "{id}"
+ "path" : "/cluster/config/qdevice",
+ "text" : "qdevice"
}
],
"info" : {
"GET" : {
- "description" : "List vzdump backup schedule.",
+ "allowtoken" : 1,
+ "description" : "Directory index.",
"method" : "GET",
"name" : "index",
"parameters" : {
},
"returns" : {
"items" : {
- "properties" : {
- "id" : {
- "type" : "string"
- }
- },
+ "properties" : {},
"type" : "object"
},
"links" : [
{
- "href" : "{id}",
+ "href" : "{name}",
"rel" : "child"
}
],
}
},
"POST" : {
- "description" : "Create new vzdump backup job.",
+ "allowtoken" : 1,
+ "description" : "Generate new cluster configuration. If no links given, default to local IP address as link0.",
"method" : "POST",
- "name" : "create_job",
+ "name" : "create",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "all" : {
- "default" : 0,
- "description" : "Backup all known guest systems on this host.",
+ "clustername" : {
+ "description" : "The name of the cluster.",
+ "format" : "pve-node",
+ "maxLength" : 15,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "link[n]" : {
+ "description" : "Address and priority information of a single corosync link. (up to 8 links supported; link0..link7)",
+ "format" : {
+ "address" : {
+ "default_key" : 1,
+ "description" : "Hostname (or IP) of this corosync link address.",
+ "format" : "address",
+ "format_description" : "IP",
+ "type" : "string"
+ },
+ "priority" : {
+ "default" : 0,
+ "description" : "The priority for the link when knet is used in 'passive' mode (default). Lower value means higher priority. Only valid for cluster create, ignored on node add.",
+ "maximum" : 255,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ }
+ },
"optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
+ "type" : "string",
+ "typetext" : "[address=]<IP> [,priority=<integer>]"
},
- "bwlimit" : {
- "default" : 0,
- "description" : "Limit I/O bandwidth (KBytes per second).",
- "minimum" : 0,
+ "nodeid" : {
+ "description" : "Node id for this node.",
+ "minimum" : 1,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "typetext" : "<integer> (1 - N)"
},
- "compress" : {
- "default" : "0",
- "description" : "Compress dump file.",
- "enum" : [
- "0",
- "1",
- "gzip",
- "lzo"
- ],
+ "votes" : {
+ "description" : "Number of votes for this node.",
+ "minimum" : 1,
"optional" : 1,
- "type" : "string"
- },
- "dow" : {
- "default" : "mon,tue,wed,thu,fri,sat,sun",
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ }
+ }
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/config",
+ "text" : "config"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete rule.",
+ "method" : "DELETE",
+ "name" : "delete_rule",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group" : {
+ "description" : "Security Group name.",
+ "maxLength" : 18,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : null,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get single rule data.",
+ "method" : "GET",
+ "name" : "get_rule",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "group" : {
+ "description" : "Security Group name.",
+ "maxLength" : 18,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "proxyto" : null,
+ "returns" : {
+ "properties" : {
+ "action" : {
+ "type" : "string"
+ },
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "dest" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "dport" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "enable" : {
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "icmp-type" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "iface" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "ipversion" : {
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "log" : {
+ "description" : "Log level for firewall rule",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "macro" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "pos" : {
+ "type" : "integer"
+ },
+ "proto" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "source" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "sport" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Modify rule data.",
+ "method" : "PUT",
+ "name" : "update_rule",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "action" : {
+ "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "comment" : {
+ "description" : "Descriptive comment.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dest" : {
+ "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dport" : {
+ "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-dport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable" : {
+ "description" : "Flag to enable/disable a rule.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "group" : {
+ "description" : "Security Group name.",
+ "maxLength" : 18,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "icmp-type" : {
+ "description" : "Specify icmp-type. Only valid if proto equals 'icmp' or 'icmpv6'/'ipv6-icmp'.",
+ "format" : "pve-fw-icmp-type-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "iface" : {
+ "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "format" : "pve-iface",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "log" : {
+ "description" : "Log level for firewall rule.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "macro" : {
+ "description" : "Use predefined standard macro.",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "moveto" : {
+ "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "proto" : {
+ "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
+ "format" : "pve-fw-protocol-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sport" : {
+ "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-sport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "Rule type.",
+ "enum" : [
+ "in",
+ "out",
+ "group"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : null,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/firewall/groups/{group}/{pos}",
+ "text" : "{pos}"
+ }
+ ],
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete security group.",
+ "method" : "DELETE",
+ "name" : "delete_security_group",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "group" : {
+ "description" : "Security Group name.",
+ "maxLength" : 18,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List rules.",
+ "method" : "GET",
+ "name" : "get_rules",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "group" : {
+ "description" : "Security Group name.",
+ "maxLength" : 18,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "proxyto" : null,
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "pos" : {
+ "type" : "integer"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{pos}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create new rule.",
+ "method" : "POST",
+ "name" : "create_rule",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "action" : {
+ "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 0,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "comment" : {
+ "description" : "Descriptive comment.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dest" : {
+ "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dport" : {
+ "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-dport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable" : {
+ "description" : "Flag to enable/disable a rule.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "group" : {
+ "description" : "Security Group name.",
+ "maxLength" : 18,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "icmp-type" : {
+ "description" : "Specify icmp-type. Only valid if proto equals 'icmp' or 'icmpv6'/'ipv6-icmp'.",
+ "format" : "pve-fw-icmp-type-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "iface" : {
+ "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "format" : "pve-iface",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "log" : {
+ "description" : "Log level for firewall rule.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "macro" : {
+ "description" : "Use predefined standard macro.",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "proto" : {
+ "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
+ "format" : "pve-fw-protocol-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sport" : {
+ "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-sport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "Rule type.",
+ "enum" : [
+ "in",
+ "out",
+ "group"
+ ],
+ "optional" : 0,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : null,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/firewall/groups/{group}",
+ "text" : "{group}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List security groups.",
+ "method" : "GET",
+ "name" : "list_security_groups",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 0,
+ "type" : "string"
+ },
+ "group" : {
+ "description" : "Security Group name.",
+ "maxLength" : 18,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{group}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create new security group.",
+ "method" : "POST",
+ "name" : "create_security_group",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group" : {
+ "description" : "Security Group name.",
+ "maxLength" : 18,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "rename" : {
+ "description" : "Rename/update an existing security group. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing group.",
+ "maxLength" : 18,
+ "minLength" : 2,
+ "optional" : 1,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/firewall/groups",
+ "text" : "groups"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete rule.",
+ "method" : "DELETE",
+ "name" : "delete_rule",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : null,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get single rule data.",
+ "method" : "GET",
+ "name" : "get_rule",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "proxyto" : null,
+ "returns" : {
+ "properties" : {
+ "action" : {
+ "type" : "string"
+ },
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "dest" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "dport" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "enable" : {
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "icmp-type" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "iface" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "ipversion" : {
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "log" : {
+ "description" : "Log level for firewall rule",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "macro" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "pos" : {
+ "type" : "integer"
+ },
+ "proto" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "source" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "sport" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Modify rule data.",
+ "method" : "PUT",
+ "name" : "update_rule",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "action" : {
+ "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "comment" : {
+ "description" : "Descriptive comment.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dest" : {
+ "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dport" : {
+ "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-dport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable" : {
+ "description" : "Flag to enable/disable a rule.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "icmp-type" : {
+ "description" : "Specify icmp-type. Only valid if proto equals 'icmp' or 'icmpv6'/'ipv6-icmp'.",
+ "format" : "pve-fw-icmp-type-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "iface" : {
+ "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "format" : "pve-iface",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "log" : {
+ "description" : "Log level for firewall rule.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "macro" : {
+ "description" : "Use predefined standard macro.",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "moveto" : {
+ "description" : "Move rule to new position <moveto>. Other arguments are ignored.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "proto" : {
+ "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
+ "format" : "pve-fw-protocol-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sport" : {
+ "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-sport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "Rule type.",
+ "enum" : [
+ "in",
+ "out",
+ "group"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : null,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/firewall/rules/{pos}",
+ "text" : "{pos}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List rules.",
+ "method" : "GET",
+ "name" : "get_rules",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "proxyto" : null,
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "pos" : {
+ "type" : "integer"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{pos}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create new rule.",
+ "method" : "POST",
+ "name" : "create_rule",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "action" : {
+ "description" : "Rule action ('ACCEPT', 'DROP', 'REJECT') or security group name.",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 0,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "comment" : {
+ "description" : "Descriptive comment.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dest" : {
+ "description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dport" : {
+ "description" : "Restrict TCP/UDP destination port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-dport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable" : {
+ "description" : "Flag to enable/disable a rule.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "icmp-type" : {
+ "description" : "Specify icmp-type. Only valid if proto equals 'icmp' or 'icmpv6'/'ipv6-icmp'.",
+ "format" : "pve-fw-icmp-type-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "iface" : {
+ "description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
+ "format" : "pve-iface",
+ "maxLength" : 20,
+ "minLength" : 2,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "log" : {
+ "description" : "Log level for firewall rule.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "macro" : {
+ "description" : "Use predefined standard macro.",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "pos" : {
+ "description" : "Update rule at position <pos>.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "proto" : {
+ "description" : "IP protocol. You can use protocol names ('tcp'/'udp') or simple numbers, as defined in '/etc/protocols'.",
+ "format" : "pve-fw-protocol-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "source" : {
+ "description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
+ "format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sport" : {
+ "description" : "Restrict TCP/UDP source port. You can use service names or simple numbers (0-65535), as defined in '/etc/services'. Port ranges can be specified with '\\d+:\\d+', for example '80:85', and you can use comma separated list to match several ports or ranges.",
+ "format" : "pve-fw-sport-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "Rule type.",
+ "enum" : [
+ "in",
+ "out",
+ "group"
+ ],
+ "optional" : 0,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : null,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/firewall/rules",
+ "text" : "rules"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Remove IP or Network from IPSet.",
+ "method" : "DELETE",
+ "name" : "remove_ip",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "cidr" : {
+ "description" : "Network/IP specification in CIDR format.",
+ "format" : "IPorCIDRorAlias",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "name" : {
+ "description" : "IP set name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read IP or Network settings from IPSet.",
+ "method" : "GET",
+ "name" : "read_ip",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "cidr" : {
+ "description" : "Network/IP specification in CIDR format.",
+ "format" : "IPorCIDRorAlias",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "name" : {
+ "description" : "IP set name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update IP or Network settings",
+ "method" : "PUT",
+ "name" : "update_ip",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "cidr" : {
+ "description" : "Network/IP specification in CIDR format.",
+ "format" : "IPorCIDRorAlias",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "comment" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "name" : {
+ "description" : "IP set name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "nomatch" : {
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/firewall/ipset/{name}/{cidr}",
+ "text" : "{cidr}"
+ }
+ ],
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete IPSet",
+ "method" : "DELETE",
+ "name" : "delete_ipset",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "force" : {
+ "description" : "Delete all members of the IPSet, if there are any.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "name" : {
+ "description" : "IP set name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List IPSet content",
+ "method" : "GET",
+ "name" : "get_ipset",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "name" : {
+ "description" : "IP set name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "cidr" : {
+ "type" : "string"
+ },
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 0,
+ "type" : "string"
+ },
+ "nomatch" : {
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{cidr}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Add IP or Network to IPSet.",
+ "method" : "POST",
+ "name" : "create_ip",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "cidr" : {
+ "description" : "Network/IP specification in CIDR format.",
+ "format" : "IPorCIDRorAlias",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "comment" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "name" : {
+ "description" : "IP set name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "nomatch" : {
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/firewall/ipset/{name}",
+ "text" : "{name}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List IPSets",
+ "method" : "GET",
+ "name" : "ipset_index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 0,
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "IP set name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create new IPSet",
+ "method" : "POST",
+ "name" : "create_ipset",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "name" : {
+ "description" : "IP set name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "rename" : {
+ "description" : "Rename an existing IPSet. You can set 'rename' to the same value as 'name' to update the 'comment' of an existing IPSet.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "optional" : 1,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/firewall/ipset",
+ "text" : "ipset"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Remove IP or Network alias.",
+ "method" : "DELETE",
+ "name" : "remove_alias",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "name" : {
+ "description" : "Alias name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read alias.",
+ "method" : "GET",
+ "name" : "read_alias",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "name" : {
+ "description" : "Alias name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update IP or Network alias.",
+ "method" : "PUT",
+ "name" : "update_alias",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "cidr" : {
+ "description" : "Network/IP specification in CIDR format.",
+ "format" : "IPorCIDR",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "comment" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "name" : {
+ "description" : "Alias name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ },
+ "rename" : {
+ "description" : "Rename an existing alias.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "optional" : 1,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/firewall/aliases/{name}",
+ "text" : "{name}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List aliases",
+ "method" : "GET",
+ "name" : "get_aliases",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "cidr" : {
+ "type" : "string"
+ },
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 0,
+ "type" : "string"
+ },
+ "name" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create IP or Network Alias.",
+ "method" : "POST",
+ "name" : "create_alias",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "cidr" : {
+ "description" : "Network/IP specification in CIDR format.",
+ "format" : "IPorCIDR",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "comment" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "name" : {
+ "description" : "Alias name.",
+ "maxLength" : 64,
+ "minLength" : 2,
+ "pattern" : "[A-Za-z][A-Za-z0-9\\-\\_]+",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/firewall/aliases",
+ "text" : "aliases"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get Firewall options.",
+ "method" : "GET",
+ "name" : "get_options",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "properties" : {
+ "ebtables" : {
+ "default" : 1,
+ "description" : "Enable ebtables rules cluster wide.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "enable" : {
+ "description" : "Enable or disable the firewall cluster wide.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "log_ratelimit" : {
+ "description" : "Log ratelimiting settings",
+ "format" : {
+ "burst" : {
+ "default" : 5,
+ "description" : "Initial burst of packages which will always get logged before the rate is applied",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "enable" : {
+ "default" : "1",
+ "default_key" : 1,
+ "description" : "Enable or disable log rate limiting",
+ "type" : "boolean"
+ },
+ "rate" : {
+ "default" : "1/second",
+ "description" : "Frequency with which the burst bucket gets refilled",
+ "format_description" : "rate",
+ "optional" : 1,
+ "pattern" : "[1-9][0-9]*\\/(second|minute|hour|day)",
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ },
+ "policy_in" : {
+ "description" : "Input policy.",
+ "enum" : [
+ "ACCEPT",
+ "REJECT",
+ "DROP"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "policy_out" : {
+ "description" : "Output policy.",
+ "enum" : [
+ "ACCEPT",
+ "REJECT",
+ "DROP"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Set Firewall options.",
+ "method" : "PUT",
+ "name" : "set_options",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ebtables" : {
+ "default" : 1,
+ "description" : "Enable ebtables rules cluster wide.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "enable" : {
+ "description" : "Enable or disable the firewall cluster wide.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "log_ratelimit" : {
+ "description" : "Log ratelimiting settings",
+ "format" : {
+ "burst" : {
+ "default" : 5,
+ "description" : "Initial burst of packages which will always get logged before the rate is applied",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "enable" : {
+ "default" : "1",
+ "default_key" : 1,
+ "description" : "Enable or disable log rate limiting",
+ "type" : "boolean"
+ },
+ "rate" : {
+ "default" : "1/second",
+ "description" : "Frequency with which the burst bucket gets refilled",
+ "format_description" : "rate",
+ "optional" : 1,
+ "pattern" : "[1-9][0-9]*\\/(second|minute|hour|day)",
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[enable=]<1|0> [,burst=<integer>] [,rate=<rate>]"
+ },
+ "policy_in" : {
+ "description" : "Input policy.",
+ "enum" : [
+ "ACCEPT",
+ "REJECT",
+ "DROP"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "policy_out" : {
+ "description" : "Output policy.",
+ "enum" : [
+ "ACCEPT",
+ "REJECT",
+ "DROP"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/firewall/options",
+ "text" : "options"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List available macros",
+ "method" : "GET",
+ "name" : "get_macros",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "descr" : {
+ "description" : "More verbose description (if available).",
+ "type" : "string"
+ },
+ "macro" : {
+ "description" : "Macro name.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/firewall/macros",
+ "text" : "macros"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Lists possible IPSet/Alias reference which are allowed in source/dest properties.",
+ "method" : "GET",
+ "name" : "refs",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "type" : {
+ "description" : "Only list references of specified type.",
+ "enum" : [
+ "alias",
+ "ipset"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "name" : {
+ "type" : "string"
+ },
+ "ref" : {
+ "type" : "string"
+ },
+ "scope" : {
+ "type" : "string"
+ },
+ "type" : {
+ "enum" : [
+ "alias",
+ "ipset"
+ ],
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/firewall/refs",
+ "text" : "refs"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Directory index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/firewall",
+ "text" : "firewall"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Returns included guests and the backup status of their disks. Optimized to be used in ExtJS tree views.",
+ "method" : "GET",
+ "name" : "get_volume_backup_included",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "description" : "The job ID.",
+ "maxLength" : 50,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "Root node of the tree object. Children represent guests, grandchildren represent volumes of that guest.",
+ "properties" : {
+ "children" : {
+ "items" : {
+ "properties" : {
+ "children" : {
+ "description" : "The volumes of the guest with the information if they will be included in backups.",
+ "items" : {
+ "properties" : {
+ "id" : {
+ "description" : "Configuration key of the volume.",
+ "type" : "string"
+ },
+ "included" : {
+ "description" : "Whether the volume is included in the backup or not.",
+ "type" : "boolean"
+ },
+ "name" : {
+ "description" : "Name of the volume.",
+ "type" : "string"
+ },
+ "reason" : {
+ "description" : "The reason why the volume is included (or excluded).",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "id" : {
+ "description" : "VMID of the guest.",
+ "type" : "integer"
+ },
+ "name" : {
+ "description" : "Name of the guest",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "Type of the guest, VM, CT or unknown for removed but not purged guests.",
+ "enum" : [
+ "qemu",
+ "lxc",
+ "unknown"
+ ],
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/backup/{id}/included_volumes",
+ "text" : "included_volumes"
+ }
+ ],
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete vzdump backup job definition.",
+ "method" : "DELETE",
+ "name" : "delete_job",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "description" : "The job ID.",
+ "maxLength" : 50,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read vzdump backup job definition.",
+ "method" : "GET",
+ "name" : "read_job",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "description" : "The job ID.",
+ "maxLength" : 50,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update vzdump backup job definition.",
+ "method" : "PUT",
+ "name" : "update_job",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "all" : {
+ "default" : 0,
+ "description" : "Backup all known guest systems on this host.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "bwlimit" : {
+ "default" : 0,
+ "description" : "Limit I/O bandwidth (in KiB/s).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "comment" : {
+ "description" : "Description for the Job.",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "compress" : {
+ "default" : "0",
+ "description" : "Compress dump file.",
+ "enum" : [
+ "0",
+ "1",
+ "gzip",
+ "lzo",
+ "zstd"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dow" : {
+ "description" : "Day of week selection.",
+ "format" : "pve-day-of-week-list",
+ "optional" : 1,
+ "requires" : "starttime",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dumpdir" : {
+ "description" : "Store resulting files to specified directory.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enabled" : {
+ "default" : "1",
+ "description" : "Enable or disable the job.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "exclude" : {
+ "description" : "Exclude specified guest systems (assumes --all)",
+ "format" : "pve-vmid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "exclude-path" : {
+ "description" : "Exclude certain files/directories (shell globs). Paths starting with '/' are anchored to the container's root, other paths match relative to each subdirectory.",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "fleecing" : {
+ "description" : "Options for backup fleecing (VM only).",
+ "format" : "backup-fleecing",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[[enabled=]<1|0>] [,storage=<storage ID>]"
+ },
+ "id" : {
+ "description" : "The job ID.",
+ "maxLength" : 50,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ionice" : {
+ "default" : 7,
+ "description" : "Set IO priority when using the BFQ scheduler. For snapshot and suspend mode backups of VMs, this only affects the compressor. A value of 8 means the idle priority is used, otherwise the best-effort priority is used with the specified value.",
+ "maximum" : 8,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 8)"
+ },
+ "lockwait" : {
+ "default" : 180,
+ "description" : "Maximal time to wait for the global lock (minutes).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "mailnotification" : {
+ "default" : "always",
+ "description" : "Deprecated: use notification targets/matchers instead. Specify when to send a notification mail",
+ "enum" : [
+ "always",
+ "failure"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "mailto" : {
+ "description" : "Deprecated: Use notification targets/matchers instead. Comma-separated list of email addresses or users that should receive email notifications.",
+ "format" : "email-or-username-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "maxfiles" : {
+ "description" : "Deprecated: use 'prune-backups' instead. Maximal number of backup files per guest system.",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ },
+ "mode" : {
+ "default" : "snapshot",
+ "description" : "Backup mode.",
+ "enum" : [
+ "snapshot",
+ "suspend",
+ "stop"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "node" : {
+ "description" : "Only run if executed on this node.",
+ "format" : "pve-node",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "notes-template" : {
+ "description" : "Template string for generating notes for the backup(s). It can contain variables which will be replaced by their values. Currently supported are {{cluster}}, {{guestname}}, {{node}}, and {{vmid}}, but more might be added in the future. Needs to be a single line, newline and backslash need to be escaped as '\\n' and '\\\\' respectively.",
+ "maxLength" : 1024,
+ "optional" : 1,
+ "requires" : "storage",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "notification-mode" : {
+ "default" : "auto",
+ "description" : "Determine which notification system to use. If set to 'legacy-sendmail', vzdump will consider the mailto/mailnotification parameters and send emails to the specified address(es) via the 'sendmail' command. If set to 'notification-system', a notification will be sent via PVE's notification system, and the mailto and mailnotification will be ignored. If set to 'auto' (default setting), an email will be sent if mailto is set, and the notification system will be used if not.",
+ "enum" : [
+ "auto",
+ "legacy-sendmail",
+ "notification-system"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "notification-policy" : {
+ "default" : "always",
+ "description" : "Deprecated: Do not use",
+ "enum" : [
+ "always",
+ "failure",
+ "never"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "notification-target" : {
+ "description" : "Deprecated: Do not use",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "performance" : {
+ "description" : "Other performance-related settings.",
+ "format" : "backup-performance",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[max-workers=<integer>] [,pbs-entries-max=<integer>]"
+ },
+ "pigz" : {
+ "default" : 0,
+ "description" : "Use pigz instead of gzip when N>0. N=1 uses half of cores, N>1 uses N as thread count.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "pool" : {
+ "description" : "Backup all known guest systems included in the specified pool.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "protected" : {
+ "description" : "If true, mark backup(s) as protected.",
+ "optional" : 1,
+ "requires" : "storage",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "prune-backups" : {
+ "default" : "keep-all=1",
+ "description" : "Use these retention options instead of those from the storage configuration.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-all=<1|0>] [,keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
+ "quiet" : {
+ "default" : 0,
+ "description" : "Be quiet.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "remove" : {
+ "default" : 1,
+ "description" : "Prune older backups according to 'prune-backups'.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "repeat-missed" : {
+ "default" : 0,
+ "description" : "If true, the job will be run as soon as possible if it was missed while the scheduler was not running.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "schedule" : {
+ "description" : "Backup schedule. The format is a subset of `systemd` calendar events.",
+ "format" : "pve-calendar-event",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "script" : {
+ "description" : "Use specified hook script.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "starttime" : {
+ "description" : "Job Start time.",
+ "optional" : 1,
+ "pattern" : "\\d{1,2}:\\d{1,2}",
+ "type" : "string",
+ "typetext" : "HH:MM"
+ },
+ "stdexcludes" : {
+ "default" : 1,
+ "description" : "Exclude temporary files and logs.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "stop" : {
+ "default" : 0,
+ "description" : "Stop running backup jobs on this host.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "stopwait" : {
+ "default" : 10,
+ "description" : "Maximal time to wait until a guest system is stopped (minutes).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "storage" : {
+ "description" : "Store resulting file to this storage.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "tmpdir" : {
+ "description" : "Store temporary files to specified directory.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The ID of the guest system you want to backup.",
+ "format" : "pve-vmid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zstd" : {
+ "default" : 1,
+ "description" : "Zstd threads. N=0 uses half of the available cores, if N is set to a value bigger than 0, N is used as thread count.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ],
+ "description" : "The 'tmpdir', 'dumpdir' and 'script' parameters are additionally restricted to the 'root@pam' user."
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/backup/{id}",
+ "text" : "{id}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List vzdump backup schedule.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "id" : {
+ "description" : "The job ID.",
+ "maxLength" : 50,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{id}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create new vzdump backup job.",
+ "method" : "POST",
+ "name" : "create_job",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "all" : {
+ "default" : 0,
+ "description" : "Backup all known guest systems on this host.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "bwlimit" : {
+ "default" : 0,
+ "description" : "Limit I/O bandwidth (in KiB/s).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "comment" : {
+ "description" : "Description for the Job.",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "compress" : {
+ "default" : "0",
+ "description" : "Compress dump file.",
+ "enum" : [
+ "0",
+ "1",
+ "gzip",
+ "lzo",
+ "zstd"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "dow" : {
+ "default" : "mon,tue,wed,thu,fri,sat,sun",
"description" : "Day of week selection.",
"format" : "pve-day-of-week-list",
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "requires" : "starttime",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dumpdir" : {
+ "description" : "Store resulting files to specified directory.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enabled" : {
+ "default" : "1",
+ "description" : "Enable or disable the job.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "exclude" : {
+ "description" : "Exclude specified guest systems (assumes --all)",
+ "format" : "pve-vmid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "exclude-path" : {
+ "description" : "Exclude certain files/directories (shell globs). Paths starting with '/' are anchored to the container's root, other paths match relative to each subdirectory.",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "fleecing" : {
+ "description" : "Options for backup fleecing (VM only).",
+ "format" : "backup-fleecing",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[[enabled=]<1|0>] [,storage=<storage ID>]"
+ },
+ "id" : {
+ "description" : "Job ID (will be autogenerated).",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ionice" : {
+ "default" : 7,
+ "description" : "Set IO priority when using the BFQ scheduler. For snapshot and suspend mode backups of VMs, this only affects the compressor. A value of 8 means the idle priority is used, otherwise the best-effort priority is used with the specified value.",
+ "maximum" : 8,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 8)"
+ },
+ "lockwait" : {
+ "default" : 180,
+ "description" : "Maximal time to wait for the global lock (minutes).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "mailnotification" : {
+ "default" : "always",
+ "description" : "Deprecated: use notification targets/matchers instead. Specify when to send a notification mail",
+ "enum" : [
+ "always",
+ "failure"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "mailto" : {
+ "description" : "Deprecated: Use notification targets/matchers instead. Comma-separated list of email addresses or users that should receive email notifications.",
+ "format" : "email-or-username-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "maxfiles" : {
+ "description" : "Deprecated: use 'prune-backups' instead. Maximal number of backup files per guest system.",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ },
+ "mode" : {
+ "default" : "snapshot",
+ "description" : "Backup mode.",
+ "enum" : [
+ "snapshot",
+ "suspend",
+ "stop"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "node" : {
+ "description" : "Only run if executed on this node.",
+ "format" : "pve-node",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "notes-template" : {
+ "description" : "Template string for generating notes for the backup(s). It can contain variables which will be replaced by their values. Currently supported are {{cluster}}, {{guestname}}, {{node}}, and {{vmid}}, but more might be added in the future. Needs to be a single line, newline and backslash need to be escaped as '\\n' and '\\\\' respectively.",
+ "maxLength" : 1024,
+ "optional" : 1,
+ "requires" : "storage",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "notification-mode" : {
+ "default" : "auto",
+ "description" : "Determine which notification system to use. If set to 'legacy-sendmail', vzdump will consider the mailto/mailnotification parameters and send emails to the specified address(es) via the 'sendmail' command. If set to 'notification-system', a notification will be sent via PVE's notification system, and the mailto and mailnotification will be ignored. If set to 'auto' (default setting), an email will be sent if mailto is set, and the notification system will be used if not.",
+ "enum" : [
+ "auto",
+ "legacy-sendmail",
+ "notification-system"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "notification-policy" : {
+ "default" : "always",
+ "description" : "Deprecated: Do not use",
+ "enum" : [
+ "always",
+ "failure",
+ "never"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "notification-target" : {
+ "description" : "Deprecated: Do not use",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "performance" : {
+ "description" : "Other performance-related settings.",
+ "format" : "backup-performance",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[max-workers=<integer>] [,pbs-entries-max=<integer>]"
+ },
+ "pigz" : {
+ "default" : 0,
+ "description" : "Use pigz instead of gzip when N>0. N=1 uses half of cores, N>1 uses N as thread count.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "pool" : {
+ "description" : "Backup all known guest systems included in the specified pool.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "protected" : {
+ "description" : "If true, mark backup(s) as protected.",
+ "optional" : 1,
+ "requires" : "storage",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "prune-backups" : {
+ "default" : "keep-all=1",
+ "description" : "Use these retention options instead of those from the storage configuration.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-all=<1|0>] [,keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
+ "quiet" : {
+ "default" : 0,
+ "description" : "Be quiet.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "remove" : {
+ "default" : 1,
+ "description" : "Prune older backups according to 'prune-backups'.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "repeat-missed" : {
+ "default" : 0,
+ "description" : "If true, the job will be run as soon as possible if it was missed while the scheduler was not running.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "schedule" : {
+ "description" : "Backup schedule. The format is a subset of `systemd` calendar events.",
+ "format" : "pve-calendar-event",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "script" : {
+ "description" : "Use specified hook script.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "starttime" : {
+ "description" : "Job Start time.",
+ "optional" : 1,
+ "pattern" : "\\d{1,2}:\\d{1,2}",
+ "type" : "string",
+ "typetext" : "HH:MM"
+ },
+ "stdexcludes" : {
+ "default" : 1,
+ "description" : "Exclude temporary files and logs.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "stop" : {
+ "default" : 0,
+ "description" : "Stop running backup jobs on this host.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "stopwait" : {
+ "default" : 10,
+ "description" : "Maximal time to wait until a guest system is stopped (minutes).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "storage" : {
+ "description" : "Store resulting file to this storage.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "tmpdir" : {
+ "description" : "Store temporary files to specified directory.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The ID of the guest system you want to backup.",
+ "format" : "pve-vmid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zstd" : {
+ "default" : 1,
+ "description" : "Zstd threads. N=0 uses half of the available cores, if N is set to a value bigger than 0, N is used as thread count.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ],
+ "description" : "The 'tmpdir', 'dumpdir' and 'script' parameters are additionally restricted to the 'root@pam' user."
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/backup",
+ "text" : "backup"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Shows all guests which are not covered by any backup job.",
+ "method" : "GET",
+ "name" : "get_guests_not_in_backup",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "Contains the guest objects.",
+ "items" : {
+ "properties" : {
+ "name" : {
+ "description" : "Name of the guest",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "Type of the guest.",
+ "enum" : [
+ "qemu",
+ "lxc"
+ ],
+ "type" : "string"
+ },
+ "vmid" : {
+ "description" : "VMID of the guest.",
+ "type" : "integer"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/backup-info/not-backed-up",
+ "text" : "not-backed-up"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Index for backup info related endpoints",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "returns" : {
+ "description" : "Directory index.",
+ "items" : {
+ "properties" : {
+ "subdir" : {
+ "description" : "API sub-directory endpoint",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{subdir}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/backup-info",
+ "text" : "backup-info"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Request resource migration (online) to another node.",
+ "method" : "POST",
+ "name" : "migrate",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "Target node.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "format" : "pve-ha-resource-or-vm-id",
+ "type" : "string",
+ "typetext" : "<type>:<name>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ha/resources/{sid}/migrate",
+ "text" : "migrate"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Request resource relocatzion to another node. This stops the service on the old node, and restarts it on the target node.",
+ "method" : "POST",
+ "name" : "relocate",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "Target node.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "format" : "pve-ha-resource-or-vm-id",
+ "type" : "string",
+ "typetext" : "<type>:<name>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ha/resources/{sid}/relocate",
+ "text" : "relocate"
+ }
+ ],
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete resource configuration.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "format" : "pve-ha-resource-or-vm-id",
+ "type" : "string",
+ "typetext" : "<type>:<name>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read resource configuration.",
+ "method" : "GET",
+ "name" : "read",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "format" : "pve-ha-resource-or-vm-id",
+ "type" : "string",
+ "typetext" : "<type>:<name>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "properties" : {
+ "comment" : {
+ "description" : "Description.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "digest" : {
+ "description" : "Can be used to prevent concurrent modifications.",
+ "type" : "string"
+ },
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "max_relocate" : {
+ "description" : "Maximal number of service relocate tries when a service failes to start.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "max_restart" : {
+ "description" : "Maximal number of tries to restart the service on a node after its start failed.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "format" : "pve-ha-resource-or-vm-id",
+ "type" : "string",
+ "typetext" : "<type>:<name>"
+ },
+ "state" : {
+ "description" : "Requested resource state.",
+ "enum" : [
+ "started",
+ "stopped",
+ "enabled",
+ "disabled",
+ "ignored"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "The type of the resources.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update resource configuration.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "description" : "Description.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "max_relocate" : {
+ "default" : 1,
+ "description" : "Maximal number of service relocate tries when a service failes to start.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "max_restart" : {
+ "default" : 1,
+ "description" : "Maximal number of tries to restart the service on a node after its start failed.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "format" : "pve-ha-resource-or-vm-id",
+ "type" : "string",
+ "typetext" : "<type>:<name>"
+ },
+ "state" : {
+ "default" : "started",
+ "description" : "Requested resource state.",
+ "enum" : [
+ "started",
+ "stopped",
+ "enabled",
+ "disabled",
+ "ignored"
+ ],
+ "optional" : 1,
+ "type" : "string",
+ "verbose_description" : "Requested resource state. The CRM reads this state and acts accordingly.\nPlease note that `enabled` is just an alias for `started`.\n\n`started`;;\n\nThe CRM tries to start the resource. Service state is\nset to `started` after successful start. On node failures, or when start\nfails, it tries to recover the resource. If everything fails, service\nstate it set to `error`.\n\n`stopped`;;\n\nThe CRM tries to keep the resource in `stopped` state, but it\nstill tries to relocate the resources on node failures.\n\n`disabled`;;\n\nThe CRM tries to put the resource in `stopped` state, but does not try\nto relocate the resources on node failures. The main purpose of this\nstate is error recovery, because it is the only way to move a resource out\nof the `error` state.\n\n`ignored`;;\n\nThe resource gets removed from the manager status and so the CRM and the LRM do\nnot touch the resource anymore. All {pve} API calls affecting this resource\nwill be executed, directly bypassing the HA stack. CRM commands will be thrown\naway while there source is in this state. The resource will not get relocated\non node failures.\n\n"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ha/resources/{sid}",
+ "text" : "{sid}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List HA resources.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "type" : {
+ "description" : "Only list resources of specific type",
+ "enum" : [
+ "ct",
+ "vm"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "sid" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{sid}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create a new HA resource.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "description" : "Description.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "max_relocate" : {
+ "default" : 1,
+ "description" : "Maximal number of service relocate tries when a service failes to start.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "max_restart" : {
+ "default" : 1,
+ "description" : "Maximal number of tries to restart the service on a node after its start failed.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "sid" : {
+ "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
+ "format" : "pve-ha-resource-or-vm-id",
+ "type" : "string",
+ "typetext" : "<type>:<name>"
+ },
+ "state" : {
+ "default" : "started",
+ "description" : "Requested resource state.",
+ "enum" : [
+ "started",
+ "stopped",
+ "enabled",
+ "disabled",
+ "ignored"
+ ],
+ "optional" : 1,
+ "type" : "string",
+ "verbose_description" : "Requested resource state. The CRM reads this state and acts accordingly.\nPlease note that `enabled` is just an alias for `started`.\n\n`started`;;\n\nThe CRM tries to start the resource. Service state is\nset to `started` after successful start. On node failures, or when start\nfails, it tries to recover the resource. If everything fails, service\nstate it set to `error`.\n\n`stopped`;;\n\nThe CRM tries to keep the resource in `stopped` state, but it\nstill tries to relocate the resources on node failures.\n\n`disabled`;;\n\nThe CRM tries to put the resource in `stopped` state, but does not try\nto relocate the resources on node failures. The main purpose of this\nstate is error recovery, because it is the only way to move a resource out\nof the `error` state.\n\n`ignored`;;\n\nThe resource gets removed from the manager status and so the CRM and the LRM do\nnot touch the resource anymore. All {pve} API calls affecting this resource\nwill be executed, directly bypassing the HA stack. CRM commands will be thrown\naway while there source is in this state. The resource will not get relocated\non node failures.\n\n"
+ },
+ "type" : {
+ "description" : "Resource type.",
+ "enum" : [
+ "ct",
+ "vm"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ha/resources",
+ "text" : "resources"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete ha group configuration.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read ha group configuration.",
+ "method" : "GET",
+ "name" : "read",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {}
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update ha group configuration.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "description" : "Description.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names with optional priority.",
+ "format" : "pve-ha-group-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<node>[:<pri>]{,<node>[:<pri>]}*",
+ "verbose_description" : "List of cluster node members, where a priority can be given to each node. A resource bound to a group will run on the available nodes with the highest priority. If there are more nodes in the highest priority class, the services will get distributed to those nodes. The priorities have a relative meaning only."
+ },
+ "nofailback" : {
+ "default" : 0,
+ "description" : "The CRM tries to run services on the node with the highest priority. If a node with higher priority comes online, the CRM migrates the service to that node. Enabling nofailback prevents that behavior.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "restricted" : {
+ "default" : 0,
+ "description" : "Resources bound to restricted groups may only run on nodes defined by the group.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>",
+ "verbose_description" : "Resources bound to restricted groups may only run on nodes defined by the group. The resource will be placed in the stopped state if no group node member is online. Resources on unrestricted groups may run on any cluster node if all group members are offline, but they will migrate back as soon as a group member comes online. One can implement a 'preferred node' behavior using an unrestricted group with only one member."
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ha/groups/{group}",
+ "text" : "{group}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get HA groups.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "group" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{group}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create a new HA group.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "description" : "Description.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group" : {
+ "description" : "The HA group identifier.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names with optional priority.",
+ "format" : "pve-ha-group-node-list",
+ "optional" : 0,
+ "type" : "string",
+ "typetext" : "<node>[:<pri>]{,<node>[:<pri>]}*",
+ "verbose_description" : "List of cluster node members, where a priority can be given to each node. A resource bound to a group will run on the available nodes with the highest priority. If there are more nodes in the highest priority class, the services will get distributed to those nodes. The priorities have a relative meaning only."
+ },
+ "nofailback" : {
+ "default" : 0,
+ "description" : "The CRM tries to run services on the node with the highest priority. If a node with higher priority comes online, the CRM migrates the service to that node. Enabling nofailback prevents that behavior.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "restricted" : {
+ "default" : 0,
+ "description" : "Resources bound to restricted groups may only run on nodes defined by the group.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>",
+ "verbose_description" : "Resources bound to restricted groups may only run on nodes defined by the group. The resource will be placed in the stopped state if no group node member is online. Resources on unrestricted groups may run on any cluster node if all group members are offline, but they will migrate back as soon as a group member comes online. One can implement a 'preferred node' behavior using an unrestricted group with only one member."
+ },
+ "type" : {
+ "description" : "Group type.",
+ "enum" : [
+ "group"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Console"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ha/groups",
+ "text" : "groups"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get HA manger status.",
+ "method" : "GET",
+ "name" : "status",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "crm_state" : {
+ "description" : "For type 'service'. Service state as seen by the CRM.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "id" : {
+ "description" : "Status entry ID (quorum, master, lrm:<node>, service:<sid>).",
+ "type" : "string"
+ },
+ "max_relocate" : {
+ "description" : "For type 'service'.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "max_restart" : {
+ "description" : "For type 'service'.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "node" : {
+ "description" : "Node associated to status entry.",
+ "type" : "string"
+ },
+ "quorate" : {
+ "description" : "For type 'quorum'. Whether the cluster is quorate or not.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "request_state" : {
+ "description" : "For type 'service'. Requested service state.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "sid" : {
+ "description" : "For type 'service'. Service ID.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "state" : {
+ "description" : "For type 'service'. Verbose service state.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "status" : {
+ "description" : "Status of the entry (value depends on type).",
+ "type" : "string"
+ },
+ "timestamp" : {
+ "description" : "For type 'lrm','master'. Timestamp of the status information.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "type" : {
+ "description" : "Type of status entry.",
+ "enum" : [
+ "quorum",
+ "master",
+ "lrm",
+ "service"
+ ]
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ha/status/current",
+ "text" : "current"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get full HA manger status, including LRM status.",
+ "method" : "GET",
+ "name" : "manager_status",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ha/status/manager_status",
+ "text" : "manager_status"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Directory index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ha/status",
+ "text" : "status"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Directory index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "id" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{id}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ha",
+ "text" : "ha"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete ACME plugin configuration.",
+ "method" : "DELETE",
+ "name" : "delete_plugin",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "description" : "Unique identifier for ACME plugin instance.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get ACME plugin configuration.",
+ "method" : "GET",
+ "name" : "get_plugin_config",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "description" : "Unique identifier for ACME plugin instance.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update ACME plugin configuration.",
+ "method" : "PUT",
+ "name" : "update_plugin",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "api" : {
+ "description" : "API plugin name",
+ "enum" : [
+ "1984hosting",
+ "acmedns",
+ "acmeproxy",
+ "active24",
+ "ad",
+ "ali",
+ "anx",
+ "artfiles",
+ "arvan",
+ "aurora",
+ "autodns",
+ "aws",
+ "azion",
+ "azure",
+ "bookmyname",
+ "bunny",
+ "cf",
+ "clouddns",
+ "cloudns",
+ "cn",
+ "conoha",
+ "constellix",
+ "cpanel",
+ "curanet",
+ "cyon",
+ "da",
+ "ddnss",
+ "desec",
+ "df",
+ "dgon",
+ "dnsexit",
+ "dnshome",
+ "dnsimple",
+ "dnsservices",
+ "do",
+ "doapi",
+ "domeneshop",
+ "dp",
+ "dpi",
+ "dreamhost",
+ "duckdns",
+ "durabledns",
+ "dyn",
+ "dynu",
+ "dynv6",
+ "easydns",
+ "edgedns",
+ "euserv",
+ "exoscale",
+ "fornex",
+ "freedns",
+ "gandi_livedns",
+ "gcloud",
+ "gcore",
+ "gd",
+ "geoscaling",
+ "googledomains",
+ "he",
+ "hetzner",
+ "hexonet",
+ "hostingde",
+ "huaweicloud",
+ "infoblox",
+ "infomaniak",
+ "internetbs",
+ "inwx",
+ "ionos",
+ "ipv64",
+ "ispconfig",
+ "jd",
+ "joker",
+ "kappernet",
+ "kas",
+ "kinghost",
+ "knot",
+ "la",
+ "leaseweb",
+ "lexicon",
+ "linode",
+ "linode_v4",
+ "loopia",
+ "lua",
+ "maradns",
+ "me",
+ "miab",
+ "misaka",
+ "myapi",
+ "mydevil",
+ "mydnsjp",
+ "mythic_beasts",
+ "namecheap",
+ "namecom",
+ "namesilo",
+ "nanelo",
+ "nederhost",
+ "neodigit",
+ "netcup",
+ "netlify",
+ "nic",
+ "njalla",
+ "nm",
+ "nsd",
+ "nsone",
+ "nsupdate",
+ "nw",
+ "oci",
+ "one",
+ "online",
+ "openprovider",
+ "openstack",
+ "opnsense",
+ "ovh",
+ "pdns",
+ "pleskxml",
+ "pointhq",
+ "porkbun",
+ "rackcorp",
+ "rackspace",
+ "rage4",
+ "rcode0",
+ "regru",
+ "scaleway",
+ "schlundtech",
+ "selectel",
+ "selfhost",
+ "servercow",
+ "simply",
+ "tele3",
+ "tencent",
+ "transip",
+ "udr",
+ "ultra",
+ "unoeuro",
+ "variomedia",
+ "veesp",
+ "vercel",
+ "vscale",
+ "vultr",
+ "websupport",
+ "world4you",
+ "yandex",
+ "yc",
+ "zilore",
+ "zone",
+ "zonomi"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "data" : {
+ "description" : "DNS plugin data. (base64 encoded)",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "disable" : {
+ "description" : "Flag to disable the config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "id" : {
+ "description" : "ACME Plugin ID name",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "validation-delay" : {
+ "default" : 30,
+ "description" : "Extra delay in seconds to wait before requesting validation. Allows to cope with a long TTL of DNS records.",
+ "maximum" : 172800,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 172800)"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/acme/plugins/{id}",
+ "text" : "{id}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "ACME plugin index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "type" : {
+ "description" : "Only list ACME plugins of a specific type",
+ "enum" : [
+ "dns",
+ "standalone"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "plugin" : {
+ "description" : "Unique identifier for ACME plugin instance.",
+ "format" : "pve-configid",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{plugin}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Add ACME plugin configuration.",
+ "method" : "POST",
+ "name" : "add_plugin",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "api" : {
+ "description" : "API plugin name",
+ "enum" : [
+ "1984hosting",
+ "acmedns",
+ "acmeproxy",
+ "active24",
+ "ad",
+ "ali",
+ "anx",
+ "artfiles",
+ "arvan",
+ "aurora",
+ "autodns",
+ "aws",
+ "azion",
+ "azure",
+ "bookmyname",
+ "bunny",
+ "cf",
+ "clouddns",
+ "cloudns",
+ "cn",
+ "conoha",
+ "constellix",
+ "cpanel",
+ "curanet",
+ "cyon",
+ "da",
+ "ddnss",
+ "desec",
+ "df",
+ "dgon",
+ "dnsexit",
+ "dnshome",
+ "dnsimple",
+ "dnsservices",
+ "do",
+ "doapi",
+ "domeneshop",
+ "dp",
+ "dpi",
+ "dreamhost",
+ "duckdns",
+ "durabledns",
+ "dyn",
+ "dynu",
+ "dynv6",
+ "easydns",
+ "edgedns",
+ "euserv",
+ "exoscale",
+ "fornex",
+ "freedns",
+ "gandi_livedns",
+ "gcloud",
+ "gcore",
+ "gd",
+ "geoscaling",
+ "googledomains",
+ "he",
+ "hetzner",
+ "hexonet",
+ "hostingde",
+ "huaweicloud",
+ "infoblox",
+ "infomaniak",
+ "internetbs",
+ "inwx",
+ "ionos",
+ "ipv64",
+ "ispconfig",
+ "jd",
+ "joker",
+ "kappernet",
+ "kas",
+ "kinghost",
+ "knot",
+ "la",
+ "leaseweb",
+ "lexicon",
+ "linode",
+ "linode_v4",
+ "loopia",
+ "lua",
+ "maradns",
+ "me",
+ "miab",
+ "misaka",
+ "myapi",
+ "mydevil",
+ "mydnsjp",
+ "mythic_beasts",
+ "namecheap",
+ "namecom",
+ "namesilo",
+ "nanelo",
+ "nederhost",
+ "neodigit",
+ "netcup",
+ "netlify",
+ "nic",
+ "njalla",
+ "nm",
+ "nsd",
+ "nsone",
+ "nsupdate",
+ "nw",
+ "oci",
+ "one",
+ "online",
+ "openprovider",
+ "openstack",
+ "opnsense",
+ "ovh",
+ "pdns",
+ "pleskxml",
+ "pointhq",
+ "porkbun",
+ "rackcorp",
+ "rackspace",
+ "rage4",
+ "rcode0",
+ "regru",
+ "scaleway",
+ "schlundtech",
+ "selectel",
+ "selfhost",
+ "servercow",
+ "simply",
+ "tele3",
+ "tencent",
+ "transip",
+ "udr",
+ "ultra",
+ "unoeuro",
+ "variomedia",
+ "veesp",
+ "vercel",
+ "vscale",
+ "vultr",
+ "websupport",
+ "world4you",
+ "yandex",
+ "yc",
+ "zilore",
+ "zone",
+ "zonomi"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "data" : {
+ "description" : "DNS plugin data. (base64 encoded)",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "disable" : {
+ "description" : "Flag to disable the config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "id" : {
+ "description" : "ACME Plugin ID name",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "ACME challenge type.",
+ "enum" : [
+ "dns",
+ "standalone"
+ ],
+ "type" : "string"
+ },
+ "validation-delay" : {
+ "default" : 30,
+ "description" : "Extra delay in seconds to wait before requesting validation. Allows to cope with a long TTL of DNS records.",
+ "maximum" : 172800,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 172800)"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/acme/plugins",
+ "text" : "plugins"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Deactivate existing ACME account at CA.",
+ "method" : "DELETE",
+ "name" : "deactivate_account",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "name" : {
+ "default" : "default",
+ "description" : "ACME account config file name.",
+ "format" : "pve-configid",
+ "format_description" : "name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<name>"
+ }
+ }
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "string"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Return existing ACME account information.",
+ "method" : "GET",
+ "name" : "get_account",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "name" : {
+ "default" : "default",
+ "description" : "ACME account config file name.",
+ "format" : "pve-configid",
+ "format_description" : "name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<name>"
+ }
+ }
+ },
+ "protected" : 1,
+ "returns" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "account" : {
+ "optional" : 1,
+ "renderer" : "yaml",
+ "type" : "object"
+ },
+ "directory" : {
+ "description" : "URL of ACME CA directory endpoint.",
+ "optional" : 1,
+ "pattern" : "^https?://.*",
+ "type" : "string"
+ },
+ "location" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "tos" : {
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update existing ACME account information with CA. Note: not specifying any new account information triggers a refresh.",
+ "method" : "PUT",
+ "name" : "update_account",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "contact" : {
+ "description" : "Contact email addresses.",
+ "format" : "email-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "name" : {
+ "default" : "default",
+ "description" : "ACME account config file name.",
+ "format" : "pve-configid",
+ "format_description" : "name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<name>"
+ }
+ }
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/acme/account/{name}",
+ "text" : "{name}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "ACMEAccount index.",
+ "method" : "GET",
+ "name" : "account_index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "protected" : 1,
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Register a new ACME account with CA.",
+ "method" : "POST",
+ "name" : "register_account",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "contact" : {
+ "description" : "Contact email addresses.",
+ "format" : "email-list",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "directory" : {
+ "default" : "https://acme-v02.api.letsencrypt.org/directory",
+ "description" : "URL of ACME CA directory endpoint.",
+ "optional" : 1,
+ "pattern" : "^https?://.*",
+ "type" : "string"
+ },
+ "eab-hmac-key" : {
+ "description" : "HMAC key for External Account Binding.",
+ "optional" : 1,
+ "requires" : "eab-kid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "eab-kid" : {
+ "description" : "Key Identifier for External Account Binding.",
+ "optional" : 1,
+ "requires" : "eab-hmac-key",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "name" : {
+ "default" : "default",
+ "description" : "ACME account config file name.",
+ "format" : "pve-configid",
+ "format_description" : "name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<name>"
+ },
+ "tos_url" : {
+ "description" : "URL of CA TermsOfService - setting this indicates agreement.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/acme/account",
+ "text" : "account"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Retrieve ACME TermsOfService URL from CA. Deprecated, please use /cluster/acme/meta.",
+ "method" : "GET",
+ "name" : "get_tos",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "directory" : {
+ "default" : "https://acme-v02.api.letsencrypt.org/directory",
+ "description" : "URL of ACME CA directory endpoint.",
+ "optional" : 1,
+ "pattern" : "^https?://.*",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "description" : "ACME TermsOfService URL.",
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/acme/tos",
+ "text" : "tos"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Retrieve ACME Directory Meta Information",
+ "method" : "GET",
+ "name" : "get_meta",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "directory" : {
+ "default" : "https://acme-v02.api.letsencrypt.org/directory",
+ "description" : "URL of ACME CA directory endpoint.",
+ "optional" : 1,
+ "pattern" : "^https?://.*",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "additionalProperties" : 1,
+ "properties" : {
+ "caaIdentities" : {
+ "description" : "Hostnames referring to the ACME servers.",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "externalAccountRequired" : {
+ "description" : "EAB Required",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "termsOfService" : {
+ "description" : "ACME TermsOfService URL.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "website" : {
+ "description" : "URL to more information about the ACME server.",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/acme/meta",
+ "text" : "meta"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get named known ACME directory endpoints.",
+ "method" : "GET",
+ "name" : "get_directories",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "name" : {
+ "type" : "string"
+ },
+ "url" : {
+ "description" : "URL of ACME CA directory endpoint.",
+ "pattern" : "^https?://.*",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/acme/directories",
+ "text" : "directories"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get schema of ACME challenge types.",
+ "method" : "GET",
+ "name" : "challengeschema",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "Human readable name, falls back to id",
+ "type" : "string"
+ },
+ "schema" : {
+ "type" : "object"
+ },
+ "type" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/acme/challenge-schema",
+ "text" : "challenge-schema"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "ACMEAccount index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/acme",
+ "text" : "acme"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get ceph metadata.",
+ "method" : "GET",
+ "name" : "metadata",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "scope" : {
+ "default" : "all",
+ "enum" : [
+ "all",
+ "versions"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit",
+ "Datastore.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "Items for each type of service containing objects for each instance.",
+ "properties" : {
+ "mds" : {
+ "description" : "Metadata servers configured in the cluster and their properties.",
+ "properties" : {
+ "{id}" : {
+ "description" : "Useful properties are listed, but not the full list.",
+ "properties" : {
+ "addr" : {
+ "description" : "Bind addresses and ports.",
+ "type" : "string"
+ },
+ "ceph_release" : {
+ "description" : "Ceph release codename currently used.",
+ "type" : "string"
+ },
+ "ceph_version" : {
+ "description" : "Version info currently used by the service.",
+ "type" : "string"
+ },
+ "ceph_version_short" : {
+ "description" : "Short version (numerical) info currently used by the service.",
+ "type" : "string"
+ },
+ "hostname" : {
+ "description" : "Hostname on which the service is running.",
+ "type" : "string"
+ },
+ "mem_swap_kb" : {
+ "description" : "Memory of the service currently in swap.",
+ "type" : "integer"
+ },
+ "mem_total_kb" : {
+ "description" : "Memory consumption of the service.",
+ "type" : "integer"
+ },
+ "name" : {
+ "description" : "Name of the service instance.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "type" : "object"
+ },
+ "mgr" : {
+ "description" : "Managers configured in the cluster and their properties.",
+ "properties" : {
+ "{id}" : {
+ "description" : "Useful properties are listed, but not the full list.",
+ "properties" : {
+ "addr" : {
+ "description" : "Bind address",
+ "type" : "string"
+ },
+ "ceph_release" : {
+ "description" : "Ceph release codename currently used.",
+ "type" : "string"
+ },
+ "ceph_version" : {
+ "description" : "Version info currently used by the service.",
+ "type" : "string"
+ },
+ "ceph_version_short" : {
+ "description" : "Short version (numerical) info currently used by the service.",
+ "type" : "string"
+ },
+ "hostname" : {
+ "description" : "Hostname on which the service is running.",
+ "type" : "string"
+ },
+ "mem_swap_kb" : {
+ "description" : "Memory of the service currently in swap.",
+ "type" : "integer"
+ },
+ "mem_total_kb" : {
+ "description" : "Memory consumption of the service.",
+ "type" : "integer"
+ },
+ "name" : {
+ "description" : "Name of the service instance.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "type" : "object"
+ },
+ "mon" : {
+ "description" : "Monitors configured in the cluster and their properties.",
+ "properties" : {
+ "{id}" : {
+ "description" : "Useful properties are listed, but not the full list.",
+ "properties" : {
+ "addrs" : {
+ "description" : "Bind addresses and ports.",
+ "type" : "string"
+ },
+ "ceph_release" : {
+ "description" : "Ceph release codename currently used.",
+ "type" : "string"
+ },
+ "ceph_version" : {
+ "description" : "Version info currently used by the service.",
+ "type" : "string"
+ },
+ "ceph_version_short" : {
+ "description" : "Short version (numerical) info currently used by the service.",
+ "type" : "string"
+ },
+ "hostname" : {
+ "description" : "Hostname on which the service is running.",
+ "type" : "string"
+ },
+ "mem_swap_kb" : {
+ "description" : "Memory of the service currently in swap.",
+ "type" : "integer"
+ },
+ "mem_total_kb" : {
+ "description" : "Memory consumption of the service.",
+ "type" : "integer"
+ },
+ "name" : {
+ "description" : "Name of the service instance.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "type" : "object"
+ },
+ "node" : {
+ "description" : "Ceph version installed on the nodes.",
+ "properties" : {
+ "{node}" : {
+ "properties" : {
+ "buildcommit" : {
+ "description" : "GIT commit used for the build.",
+ "type" : "string"
+ },
+ "version" : {
+ "description" : "Version info.",
+ "properties" : {
+ "parts" : {
+ "description" : "major, minor & patch",
+ "type" : "array"
+ },
+ "str" : {
+ "description" : "Version as single string.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "type" : "object"
+ },
+ "osd" : {
+ "description" : "OSDs configured in the cluster and their properties.",
+ "properties" : {
+ "{id}" : {
+ "description" : "Useful properties are listed, but not the full list.",
+ "properties" : {
+ "back_addr" : {
+ "description" : "Bind addresses and ports for backend inter OSD traffic.",
+ "type" : "string"
+ },
+ "ceph_release" : {
+ "description" : "Ceph release codename currently used.",
+ "type" : "string"
+ },
+ "ceph_version" : {
+ "description" : "Version info currently used by the service.",
+ "type" : "string"
+ },
+ "ceph_version_short" : {
+ "description" : "Short version (numerical) info currently used by the service.",
+ "type" : "string"
+ },
+ "device_id" : {
+ "description" : "Devices used by the OSD.",
+ "type" : "string"
+ },
+ "front_addr" : {
+ "description" : "Bind addresses and ports for frontend traffic to OSDs.",
+ "type" : "string"
+ },
+ "hostname" : {
+ "description" : "Hostname on which the service is running.",
+ "type" : "string"
+ },
+ "id" : {
+ "description" : "OSD ID.",
+ "type" : "integer"
+ },
+ "mem_swap_kb" : {
+ "description" : "Memory of the service currently in swap.",
+ "type" : "integer"
+ },
+ "mem_total_kb" : {
+ "description" : "Memory consumption of the service.",
+ "type" : "integer"
+ },
+ "osd_data" : {
+ "description" : "Path to the OSD data directory.",
+ "type" : "string"
+ },
+ "osd_objectstore" : {
+ "description" : "OSD objectstore type.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ceph/metadata",
+ "text" : "metadata"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get ceph status.",
+ "method" : "GET",
+ "name" : "status",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit",
+ "Datastore.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ceph/status",
+ "text" : "status"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get the status of a specific ceph flag.",
+ "method" : "GET",
+ "name" : "get_flag",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "flag" : {
+ "description" : "The name of the flag name to get.",
+ "enum" : [
+ "nobackfill",
+ "nodeep-scrub",
+ "nodown",
+ "noin",
+ "noout",
+ "norebalance",
+ "norecover",
+ "noscrub",
+ "notieragent",
+ "noup",
+ "pause"
+ ],
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "boolean"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Set or clear (unset) a specific ceph flag",
+ "method" : "PUT",
+ "name" : "update_flag",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "flag" : {
+ "description" : "The ceph flag to update",
+ "enum" : [
+ "nobackfill",
+ "nodeep-scrub",
+ "nodown",
+ "noin",
+ "noout",
+ "norebalance",
+ "norecover",
+ "noscrub",
+ "notieragent",
+ "noup",
+ "pause"
+ ],
+ "type" : "string"
+ },
+ "value" : {
+ "description" : "The new value of the flag",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/ceph/flags/{flag}",
+ "text" : "{flag}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "get the status of all ceph flags",
+ "method" : "GET",
+ "name" : "get_all_flags",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "items" : {
+ "additionalProperties" : 1,
+ "properties" : {
+ "description" : {
+ "description" : "Flag description.",
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "Flag name.",
+ "enum" : [
+ "nobackfill",
+ "nodeep-scrub",
+ "nodown",
+ "noin",
+ "noout",
+ "norebalance",
+ "norecover",
+ "noscrub",
+ "notieragent",
+ "noup",
+ "pause"
+ ],
+ "type" : "string"
+ },
+ "value" : {
+ "description" : "Flag value.",
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Set/Unset multiple ceph flags at once.",
+ "method" : "PUT",
+ "name" : "set_flags",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "nobackfill" : {
+ "description" : "Backfilling of PGs is suspended.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "nodeep-scrub" : {
+ "description" : "Deep Scrubbing is disabled.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "nodown" : {
+ "description" : "OSD failure reports are being ignored, such that the monitors will not mark OSDs down.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "noin" : {
+ "description" : "OSDs that were previously marked out will not be marked back in when they start.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "noout" : {
+ "description" : "OSDs will not automatically be marked out after the configured interval.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "norebalance" : {
+ "description" : "Rebalancing of PGs is suspended.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "norecover" : {
+ "description" : "Recovery of PGs is suspended.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "noscrub" : {
+ "description" : "Scrubbing is disabled.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "notieragent" : {
+ "description" : "Cache tiering activity is suspended.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "noup" : {
+ "description" : "OSDs are not allowed to start.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "pause" : {
+ "description" : "Pauses read and writes.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ceph/flags",
+ "text" : "flags"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Cluster ceph index.",
+ "method" : "GET",
+ "name" : "cephindex",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/ceph",
+ "text" : "ceph"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete realm-sync job definition.",
+ "method" : "DELETE",
+ "name" : "delete_job",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read realm-sync job definition.",
+ "method" : "GET",
+ "name" : "read_job",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create new realm-sync job.",
+ "method" : "POST",
+ "name" : "create_job",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "description" : "Description for the Job.",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable-new" : {
+ "default" : "1",
+ "description" : "Enable newly synced users immediately.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "enabled" : {
+ "default" : 1,
+ "description" : "Determines if the job is enabled.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "id" : {
+ "description" : "The ID of the job.",
+ "format" : "pve-configid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "realm" : {
+ "description" : "Authentication domain ID",
+ "format" : "pve-realm",
+ "maxLength" : 32,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "remove-vanished" : {
+ "default" : "none",
+ "description" : "A semicolon-seperated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).",
+ "optional" : 1,
+ "pattern" : "(?:(?:(?:acl|properties|entry);)*(?:acl|properties|entry))|none",
+ "type" : "string",
+ "typetext" : "([acl];[properties];[entry])|none"
+ },
+ "schedule" : {
+ "description" : "Backup schedule. The format is a subset of `systemd` calendar events.",
+ "format" : "pve-calendar-event",
+ "maxLength" : 128,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "scope" : {
+ "description" : "Select what to sync.",
+ "enum" : [
+ "users",
+ "groups",
+ "both"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "and",
+ [
+ "perm",
+ "/access/realm/{realm}",
+ [
+ "Realm.AllocateUser"
+ ]
+ ],
+ [
+ "perm",
+ "/access/groups",
+ [
+ "User.Modify"
+ ]
+ ]
+ ],
+ "description" : "'Realm.AllocateUser' on '/access/realm/<realm>' and 'User.Modify' permissions to '/access/groups/'."
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update realm-sync job definition.",
+ "method" : "PUT",
+ "name" : "update_job",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "description" : "Description for the Job.",
+ "maxLength" : 512,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable-new" : {
+ "default" : "1",
+ "description" : "Enable newly synced users immediately.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "enabled" : {
+ "default" : 1,
+ "description" : "Determines if the job is enabled.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "id" : {
+ "description" : "The ID of the job.",
+ "format" : "pve-configid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "remove-vanished" : {
+ "default" : "none",
+ "description" : "A semicolon-seperated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).",
+ "optional" : 1,
+ "pattern" : "(?:(?:(?:acl|properties|entry);)*(?:acl|properties|entry))|none",
+ "type" : "string",
+ "typetext" : "([acl];[properties];[entry])|none"
+ },
+ "schedule" : {
+ "description" : "Backup schedule. The format is a subset of `systemd` calendar events.",
+ "format" : "pve-calendar-event",
+ "maxLength" : 128,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "scope" : {
+ "description" : "Select what to sync.",
+ "enum" : [
+ "users",
+ "groups",
+ "both"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "and",
+ [
+ "perm",
+ "/access/realm/{realm}",
+ [
+ "Realm.AllocateUser"
+ ]
+ ],
+ [
+ "perm",
+ "/access/groups",
+ [
+ "User.Modify"
+ ]
+ ]
+ ],
+ "description" : "'Realm.AllocateUser' on '/access/realm/<realm>' and 'User.Modify' permissions to '/access/groups/'."
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
},
- "dumpdir" : {
- "description" : "Store resulting files to specified directory.",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "leaf" : 1,
+ "path" : "/cluster/jobs/realm-sync/{id}",
+ "text" : "{id}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List configured realm-sync-jobs.",
+ "method" : "GET",
+ "name" : "syncjob_index",
+ "parameters" : {
+ "additionalProperties" : 0
},
- "enabled" : {
- "default" : "1",
- "description" : "Enable or disable the job.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "comment" : {
+ "description" : "A comment for the job.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "enabled" : {
+ "description" : "If the job is enabled or not.",
+ "type" : "boolean"
+ },
+ "id" : {
+ "description" : "The ID of the entry.",
+ "type" : "string"
+ },
+ "last-run" : {
+ "description" : "Last execution time of the job in seconds since the beginning of the UNIX epoch",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "next-run" : {
+ "description" : "Next planned execution time of the job in seconds since the beginning of the UNIX epoch.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "realm" : {
+ "description" : "Authentication domain ID",
+ "format" : "pve-realm",
+ "maxLength" : 32,
+ "type" : "string"
+ },
+ "remove-vanished" : {
+ "default" : "none",
+ "description" : "A semicolon-seperated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).",
+ "optional" : "1",
+ "pattern" : "(?:(?:(?:acl|properties|entry);)*(?:acl|properties|entry))|none",
+ "type" : "string",
+ "typetext" : "([acl];[properties];[entry])|none"
+ },
+ "schedule" : {
+ "description" : "The configured sync schedule.",
+ "type" : "string"
+ },
+ "scope" : {
+ "description" : "Select what to sync.",
+ "enum" : [
+ "users",
+ "groups",
+ "both"
+ ],
+ "optional" : "1",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{id}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/jobs/realm-sync",
+ "text" : "realm-sync"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Returns a list of future schedule runtimes.",
+ "method" : "GET",
+ "name" : "schedule-analyze",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "iterations" : {
+ "default" : 10,
+ "description" : "Number of event-iteration to simulate and return.",
+ "maximum" : 100,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 100)"
+ },
+ "schedule" : {
+ "description" : "Job schedule. The format is a subset of `systemd` calendar events.",
+ "format" : "pve-calendar-event",
+ "maxLength" : 128,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "starttime" : {
+ "description" : "UNIX timestamp to start the calculation from. Defaults to the current time.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "description" : "An array of the next <iterations> events since <starttime>.",
+ "items" : {
+ "properties" : {
+ "timestamp" : {
+ "description" : "UNIX timestamp for the run.",
+ "type" : "integer"
+ },
+ "utc" : {
+ "description" : "UTC timestamp for the run.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/jobs/schedule-analyze",
+ "text" : "schedule-analyze"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Index for jobs related endpoints.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "description" : "Directory index.",
+ "items" : {
+ "properties" : {
+ "subdir" : {
+ "description" : "API sub-directory endpoint",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{subdir}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/jobs",
+ "text" : "jobs"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Remove Hardware Mapping.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/mapping/pci",
+ [
+ "Mapping.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get PCI Mapping.",
+ "method" : "GET",
+ "name" : "get",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "perm",
+ "/mapping/pci/{id}",
+ [
+ "Mapping.Use"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/pci/{id}",
+ [
+ "Mapping.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/pci/{id}",
+ [
+ "Mapping.Audit"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update a hardware mapping.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "description" : {
+ "description" : "Description of the logical PCI device.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "id" : {
+ "description" : "The ID of the logical PCI mapping.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "map" : {
+ "description" : "A list of maps for the cluster nodes.",
+ "items" : {
+ "format" : {
+ "description" : {
+ "description" : "Description of the node specific device.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string"
+ },
+ "id" : {
+ "description" : "The vendor and device ID that is expected. Used for detecting hardware changes",
+ "pattern" : "(?^:^[0-9A-Fa-f]{4}:[0-9A-Fa-f]{4}$)",
+ "type" : "string"
+ },
+ "iommugroup" : {
+ "description" : "The IOMMU group in which the device is to be expected in. Used for detecting hardware changes.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string"
+ },
+ "path" : {
+ "description" : "The path to the device. If the function is omitted, the whole device is mapped. In that case use the attributes of the first device. You can give multiple paths as a semicolon seperated list, the first available will then be chosen on guest start.",
+ "pattern" : "(?:[a-f0-9]{4,}:[a-f0-9]{2}:[a-f0-9]{2}(?:.[a-f0-9])?;)*[a-f0-9]{4,}:[a-f0-9]{2}:[a-f0-9]{2}(?:.[a-f0-9])?",
+ "type" : "string"
+ },
+ "subsystem-id" : {
+ "description" : "The subsystem vendor and device ID that is expected. Used for detecting hardware changes.",
+ "optional" : 1,
+ "pattern" : "(?^:^[0-9A-Fa-f]{4}:[0-9A-Fa-f]{4}$)",
+ "type" : "string"
+ }
+ },
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "mdev" : {
+ "default" : 0,
+ "description" : "Marks the device(s) as being capable of providing mediated devices.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/mapping/pci/{id}",
+ [
+ "Mapping.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/mapping/pci/{id}",
+ "text" : "{id}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List PCI Hardware Mapping",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "check-node" : {
+ "description" : "If given, checks the configurations on the given node for correctness, and adds relevant diagnostics for the devices to the response.",
+ "format" : "pve-node",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Only lists entries where you have 'Mapping.Modify', 'Mapping.Use' or 'Mapping.Audit' permissions on '/mapping/pci/<id>'.",
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "checks" : {
+ "description" : "A list of checks, only present if 'check_node' is set.",
+ "items" : {
+ "properties" : {
+ "message" : {
+ "description" : "The message of the error",
+ "type" : "string"
+ },
+ "severity" : {
+ "description" : "The severity of the error",
+ "enum" : [
+ "warning",
+ "error"
+ ],
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "description" : {
+ "description" : "A description of the logical mapping.",
+ "type" : "string"
+ },
+ "id" : {
+ "description" : "The logical ID of the mapping.",
+ "type" : "string"
+ },
+ "map" : {
+ "description" : "The entries of the mapping.",
+ "items" : {
+ "description" : "A mapping for a node.",
+ "type" : "string"
+ },
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{id}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create a new hardware mapping.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "description" : {
+ "description" : "Description of the logical PCI device.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "id" : {
+ "description" : "The ID of the logical PCI mapping.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "map" : {
+ "description" : "A list of maps for the cluster nodes.",
+ "items" : {
+ "format" : {
+ "description" : {
+ "description" : "Description of the node specific device.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string"
+ },
+ "id" : {
+ "description" : "The vendor and device ID that is expected. Used for detecting hardware changes",
+ "pattern" : "(?^:^[0-9A-Fa-f]{4}:[0-9A-Fa-f]{4}$)",
+ "type" : "string"
+ },
+ "iommugroup" : {
+ "description" : "The IOMMU group in which the device is to be expected in. Used for detecting hardware changes.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string"
+ },
+ "path" : {
+ "description" : "The path to the device. If the function is omitted, the whole device is mapped. In that case use the attributes of the first device. You can give multiple paths as a semicolon seperated list, the first available will then be chosen on guest start.",
+ "pattern" : "(?:[a-f0-9]{4,}:[a-f0-9]{2}:[a-f0-9]{2}(?:.[a-f0-9])?;)*[a-f0-9]{4,}:[a-f0-9]{2}:[a-f0-9]{2}(?:.[a-f0-9])?",
+ "type" : "string"
+ },
+ "subsystem-id" : {
+ "description" : "The subsystem vendor and device ID that is expected. Used for detecting hardware changes.",
+ "optional" : 1,
+ "pattern" : "(?^:^[0-9A-Fa-f]{4}:[0-9A-Fa-f]{4}$)",
+ "type" : "string"
+ }
+ },
+ "type" : "string"
+ },
+ "optional" : 0,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "mdev" : {
+ "default" : 0,
+ "description" : "Marks the device(s) as being capable of providing mediated devices.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/mapping/pci",
+ [
+ "Mapping.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/mapping/pci",
+ "text" : "pci"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Remove Hardware Mapping.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/mapping/usb",
+ [
+ "Mapping.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get USB Mapping.",
+ "method" : "GET",
+ "name" : "get",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "perm",
+ "/mapping/usb/{id}",
+ [
+ "Mapping.Audit"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/usb/{id}",
+ [
+ "Mapping.Use"
+ ]
+ ],
+ [
+ "perm",
+ "/mapping/usb/{id}",
+ [
+ "Mapping.Modify"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update a hardware mapping.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "description" : {
+ "description" : "Description of the logical USB device.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "id" : {
+ "description" : "The ID of the logical USB mapping.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "map" : {
+ "description" : "A list of maps for the cluster nodes.",
+ "items" : {
+ "format" : {
+ "description" : {
+ "description" : "Description of the node specific device.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string"
+ },
+ "id" : {
+ "description" : "The vendor and device ID that is expected. If a USB path is given, it is only used for detecting hardware changes",
+ "pattern" : "(?^:^[0-9A-Fa-f]{4}:[0-9A-Fa-f]{4}$)",
+ "type" : "string"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string"
+ },
+ "path" : {
+ "description" : "The path to the usb device.",
+ "optional" : 1,
+ "pattern" : "(?^:^(\\d+)\\-(\\d+(\\.\\d+)*)$)",
+ "type" : "string"
+ }
+ },
+ "type" : "string"
+ },
+ "type" : "array",
+ "typetext" : "<array>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/mapping/usb/{id}",
+ [
+ "Mapping.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
},
- "exclude" : {
- "description" : "Exclude specified guest systems (assumes --all)",
- "format" : "pve-vmid-list",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "leaf" : 1,
+ "path" : "/cluster/mapping/usb/{id}",
+ "text" : "{id}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List USB Hardware Mappings",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "check-node" : {
+ "description" : "If given, checks the configurations on the given node for correctness, and adds relevant errors to the devices.",
+ "format" : "pve-node",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
},
- "exclude-path" : {
- "description" : "Exclude certain files/directories (shell globs).",
- "format" : "string-alist",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "permissions" : {
+ "description" : "Only lists entries where you have 'Mapping.Modify', 'Mapping.Use' or 'Mapping.Audit' permissions on '/mapping/usb/<id>'.",
+ "user" : "all"
},
- "ionice" : {
- "default" : 7,
- "description" : "Set CFQ ionice priority.",
- "maximum" : 8,
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - 8)"
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "description" : {
+ "description" : "A description of the logical mapping.",
+ "type" : "string"
+ },
+ "error" : {
+ "description" : "A list of errors when 'check_node' is given.",
+ "items" : {
+ "properties" : {
+ "message" : {
+ "description" : "The message of the error",
+ "type" : "string"
+ },
+ "severity" : {
+ "description" : "The severity of the error",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "id" : {
+ "description" : "The logical ID of the mapping.",
+ "type" : "string"
+ },
+ "map" : {
+ "description" : "The entries of the mapping.",
+ "items" : {
+ "description" : "A mapping for a node.",
+ "type" : "string"
+ },
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{id}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create a new hardware mapping.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "description" : {
+ "description" : "Description of the logical USB device.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "id" : {
+ "description" : "The ID of the logical USB mapping.",
+ "format" : "pve-configid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "map" : {
+ "description" : "A list of maps for the cluster nodes.",
+ "items" : {
+ "format" : {
+ "description" : {
+ "description" : "Description of the node specific device.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string"
+ },
+ "id" : {
+ "description" : "The vendor and device ID that is expected. If a USB path is given, it is only used for detecting hardware changes",
+ "pattern" : "(?^:^[0-9A-Fa-f]{4}:[0-9A-Fa-f]{4}$)",
+ "type" : "string"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string"
+ },
+ "path" : {
+ "description" : "The path to the usb device.",
+ "optional" : 1,
+ "pattern" : "(?^:^(\\d+)\\-(\\d+(\\.\\d+)*)$)",
+ "type" : "string"
+ }
+ },
+ "type" : "string"
+ },
+ "type" : "array",
+ "typetext" : "<array>"
+ }
+ },
+ "type" : "object"
},
- "lockwait" : {
- "default" : 180,
- "description" : "Maximal time to wait for the global lock (minutes).",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/mapping/usb",
+ [
+ "Mapping.Modify"
+ ]
+ ]
},
- "mailnotification" : {
- "default" : "always",
- "description" : "Specify when to send an email",
- "enum" : [
- "always",
- "failure"
- ],
- "optional" : 1,
- "type" : "string"
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/mapping/usb",
+ "text" : "usb"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List resource types.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/mapping",
+ "text" : "mapping"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete sdn subnet object configuration.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "subnet" : {
+ "description" : "The SDN subnet object identifier.",
+ "format" : "pve-sdn-subnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Require 'SDN.Allocate' permission on '/sdn/zones/<zone>/<vnet>'",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read sdn subnet configuration.",
+ "method" : "GET",
+ "name" : "read",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "pending" : {
+ "description" : "Display pending config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "running" : {
+ "description" : "Display running config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "subnet" : {
+ "description" : "The SDN subnet object identifier.",
+ "format" : "pve-sdn-subnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Require 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/zones/<zone>/<vnet>'",
+ "user" : "all"
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update sdn subnet object configuration.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dhcp-dns-server" : {
+ "description" : "IP address for the DNS server",
+ "format" : "ip",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dhcp-range" : {
+ "description" : "A list of DHCP ranges for this subnet",
+ "items" : {
+ "format" : "pve-sdn-dhcp-range",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dnszoneprefix" : {
+ "description" : "dns domain zone prefix ex: 'adm' -> <hostname>.adm.mydomain.com",
+ "format" : "dns-name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "gateway" : {
+ "description" : "Subnet Gateway: Will be assign on vnet for layer3 zones",
+ "format" : "ip",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "snat" : {
+ "description" : "enable masquerade for this subnet if pve-firewall",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "subnet" : {
+ "description" : "The SDN subnet object identifier.",
+ "format" : "pve-sdn-subnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vnet" : {
+ "description" : "associated vnet",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "description" : "Require 'SDN.Allocate' permission on '/sdn/zones/<zone>/<vnet>'",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/sdn/vnets/{vnet}/subnets/{subnet}",
+ "text" : "{subnet}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "SDN subnets index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "pending" : {
+ "description" : "Display pending config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "running" : {
+ "description" : "Display running config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/zones/<zone>/<vnet>'",
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{subnet}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create a new sdn subnet object.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "dhcp-dns-server" : {
+ "description" : "IP address for the DNS server",
+ "format" : "ip",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dhcp-range" : {
+ "description" : "A list of DHCP ranges for this subnet",
+ "items" : {
+ "format" : "pve-sdn-dhcp-range",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "dnszoneprefix" : {
+ "description" : "dns domain zone prefix ex: 'adm' -> <hostname>.adm.mydomain.com",
+ "format" : "dns-name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "gateway" : {
+ "description" : "Subnet Gateway: Will be assign on vnet for layer3 zones",
+ "format" : "ip",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "snat" : {
+ "description" : "enable masquerade for this subnet if pve-firewall",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "subnet" : {
+ "description" : "The SDN subnet object identifier.",
+ "format" : "pve-sdn-subnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "enum" : [
+ "subnet"
+ ],
+ "type" : "string"
+ },
+ "vnet" : {
+ "description" : "associated vnet",
+ "optional" : 0,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "description" : "Require 'SDN.Allocate' permission on '/sdn/zones/<zone>/<vnet>'",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/sdn/vnets/{vnet}/subnets",
+ "text" : "subnets"
+ },
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete IP Mappings in a VNet",
+ "method" : "DELETE",
+ "name" : "ipdelete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "ip" : {
+ "description" : "The IP address to delete",
+ "format" : "ip",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mac" : {
+ "description" : "Unicast MAC address.",
+ "format" : "mac-addr",
+ "format_description" : "XX:XX:XX:XX:XX:XX",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<XX:XX:XX:XX:XX:XX>",
+ "verbose_description" : "A common MAC address with the I/G (Individual/Group) bit not set."
+ },
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}/{vnet}",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create IP Mapping in a VNet",
+ "method" : "POST",
+ "name" : "ipcreate",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "ip" : {
+ "description" : "The IP address to associate with the given MAC address",
+ "format" : "ip",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mac" : {
+ "description" : "Unicast MAC address.",
+ "format" : "mac-addr",
+ "format_description" : "XX:XX:XX:XX:XX:XX",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<XX:XX:XX:XX:XX:XX>",
+ "verbose_description" : "A common MAC address with the I/G (Individual/Group) bit not set."
+ },
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}/{vnet}",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update IP Mapping in a VNet",
+ "method" : "PUT",
+ "name" : "ipupdate",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "ip" : {
+ "description" : "The IP address to associate with the given MAC address",
+ "format" : "ip",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mac" : {
+ "description" : "Unicast MAC address.",
+ "format" : "mac-addr",
+ "format_description" : "XX:XX:XX:XX:XX:XX",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<XX:XX:XX:XX:XX:XX>",
+ "verbose_description" : "A common MAC address with the I/G (Individual/Group) bit not set."
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ },
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}/{vnet}",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/sdn/vnets/{vnet}/ips",
+ "text" : "ips"
+ }
+ ],
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete sdn vnet object configuration.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Require 'SDN.Allocate' permission on '/sdn/zones/<zone>/<vnet>'",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read sdn vnet configuration.",
+ "method" : "GET",
+ "name" : "read",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "pending" : {
+ "description" : "Display pending config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "running" : {
+ "description" : "Display running config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Require 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/zones/<zone>/<vnet>'",
+ "user" : "all"
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update sdn vnet object configuration.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "alias" : {
+ "description" : "alias name of the vnet",
+ "maxLength" : 256,
+ "optional" : 1,
+ "pattern" : "(?^i:[\\(\\)-_.\\w\\d\\s]{0,256})",
+ "type" : "string"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "tag" : {
+ "description" : "vlan or vxlan id",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "vlanaware" : {
+ "description" : "Allow vm VLANs to pass through this vnet.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zone" : {
+ "description" : "zone id",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "description" : "Require 'SDN.Allocate' permission on '/sdn/zones/<zone>/<vnet>'",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
},
- "mailto" : {
- "description" : "Comma-separated list of email addresses that should receive email notifications.",
- "format" : "string-list",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "leaf" : 0,
+ "path" : "/cluster/sdn/vnets/{vnet}",
+ "text" : "{vnet}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "SDN vnets index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "pending" : {
+ "description" : "Display pending config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "running" : {
+ "description" : "Display running config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
+ }
},
- "maxfiles" : {
- "default" : 1,
- "description" : "Maximal number of backup files per guest system.",
- "minimum" : 1,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "permissions" : {
+ "description" : "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/zones/<zone>/<vnet>'",
+ "user" : "all"
},
- "mode" : {
- "default" : "snapshot",
- "description" : "Backup mode.",
- "enum" : [
- "snapshot",
- "suspend",
- "stop"
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{vnet}",
+ "rel" : "child"
+ }
],
- "optional" : 1,
- "type" : "string"
- },
- "node" : {
- "description" : "Only run if executed on this node.",
- "format" : "pve-node",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "pigz" : {
- "default" : 0,
- "description" : "Use pigz instead of gzip when N>0. N=1 uses half of cores, N>1 uses N as thread count.",
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer>"
- },
- "quiet" : {
- "default" : 0,
- "description" : "Be quiet.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "remove" : {
- "default" : 1,
- "description" : "Remove old backup files if there are more than 'maxfiles' backup files.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "script" : {
- "description" : "Use specified hook script.",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "size" : {
- "default" : 1024,
- "description" : "Unused, will be removed in a future release.",
- "minimum" : 500,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (500 - N)"
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create a new sdn vnet object.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "alias" : {
+ "description" : "alias name of the vnet",
+ "maxLength" : 256,
+ "optional" : 1,
+ "pattern" : "(?^i:[\\(\\)-_.\\w\\d\\s]{0,256})",
+ "type" : "string"
+ },
+ "tag" : {
+ "description" : "vlan or vxlan id",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "type" : {
+ "description" : "Type",
+ "enum" : [
+ "vnet"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vlanaware" : {
+ "description" : "Allow vm VLANs to pass through this vnet.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "vnet" : {
+ "description" : "The SDN vnet object identifier.",
+ "format" : "pve-sdn-vnet-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zone" : {
+ "description" : "zone id",
+ "optional" : 0,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ },
+ "type" : "object"
},
- "starttime" : {
- "description" : "Job Start time.",
- "pattern" : "\\d{1,2}:\\d{1,2}",
- "type" : "string",
- "typetext" : "HH:MM"
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}",
+ [
+ "SDN.Allocate"
+ ]
+ ]
},
- "stdexcludes" : {
- "default" : 1,
- "description" : "Exclude temporary files and logs.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/cluster/sdn/vnets",
+ "text" : "vnets"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete sdn zone object configuration.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read sdn zone configuration.",
+ "method" : "GET",
+ "name" : "read",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "pending" : {
+ "description" : "Display pending config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "running" : {
+ "description" : "Display running config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "returns" : {
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update sdn zone object configuration.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "advertise-subnets" : {
+ "description" : "Advertise evpn subnets if you have silent hosts",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "bridge" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "bridge-disable-mac-learning" : {
+ "description" : "Disable auto mac learning.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "controller" : {
+ "description" : "Frr router name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dhcp" : {
+ "description" : "Type of the DHCP backend for this zone",
+ "enum" : [
+ "dnsmasq"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "disable-arp-nd-suppression" : {
+ "description" : "Disable ipv4 arp && ipv6 neighbour discovery suppression",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "dns" : {
+ "description" : "dns api server",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dnszone" : {
+ "description" : "dns domain zone ex: mydomain.com",
+ "format" : "dns-name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dp-id" : {
+ "description" : "Faucet dataplane id",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "exitnodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "exitnodes-local-routing" : {
+ "description" : "Allow exitnodes to connect to evpn guests",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "exitnodes-primary" : {
+ "description" : "Force traffic to this exitnode first.",
+ "format" : "pve-node",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ipam" : {
+ "description" : "use a specific ipam",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mac" : {
+ "description" : "Anycast logical router mac address",
+ "format" : "mac-addr",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mtu" : {
+ "description" : "MTU",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "peers" : {
+ "description" : "peers address list.",
+ "format" : "ip-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "reversedns" : {
+ "description" : "reverse dns api server",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "rt-import" : {
+ "description" : "Route-Target import",
+ "format" : "pve-sdn-bgp-rt-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "tag" : {
+ "description" : "Service-VLAN Tag",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "vlan-protocol" : {
+ "default" : "802.1q",
+ "enum" : [
+ "802.1q",
+ "802.1ad"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vrf-vxlan" : {
+ "description" : "l3vni.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "vxlan-port" : {
+ "description" : "Vxlan tunnel udp port (default 4789).",
+ "maximum" : 65536,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 65536)"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
},
- "stop" : {
- "default" : 0,
- "description" : "Stop runnig backup jobs on this host.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
+ "leaf" : 1,
+ "path" : "/cluster/sdn/zones/{zone}",
+ "text" : "{zone}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "SDN zones index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "pending" : {
+ "description" : "Display pending config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "running" : {
+ "description" : "Display running config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "type" : {
+ "description" : "Only list SDN zones of specific type",
+ "enum" : [
+ "evpn",
+ "faucet",
+ "qinq",
+ "simple",
+ "vlan",
+ "vxlan"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
},
- "stopwait" : {
- "default" : 10,
- "description" : "Maximal time to wait until a guest system is stopped (minutes).",
- "minimum" : 0,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "permissions" : {
+ "description" : "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/zones/<zone>'",
+ "user" : "all"
},
- "storage" : {
- "description" : "Store resulting file to this storage.",
- "format" : "pve-storage-id",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "dhcp" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "dns" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "dnszone" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "ipam" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "mtu" : {
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "nodes" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "pending" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "reversedns" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "state" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
+ "type" : "string"
+ },
+ "zone" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{zone}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create a new sdn zone object.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "advertise-subnets" : {
+ "description" : "Advertise evpn subnets if you have silent hosts",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "bridge" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "bridge-disable-mac-learning" : {
+ "description" : "Disable auto mac learning.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "controller" : {
+ "description" : "Frr router name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dhcp" : {
+ "description" : "Type of the DHCP backend for this zone",
+ "enum" : [
+ "dnsmasq"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "disable-arp-nd-suppression" : {
+ "description" : "Disable ipv4 arp && ipv6 neighbour discovery suppression",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "dns" : {
+ "description" : "dns api server",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dnszone" : {
+ "description" : "dns domain zone ex: mydomain.com",
+ "format" : "dns-name",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "dp-id" : {
+ "description" : "Faucet dataplane id",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "exitnodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "exitnodes-local-routing" : {
+ "description" : "Allow exitnodes to connect to evpn guests",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "exitnodes-primary" : {
+ "description" : "Force traffic to this exitnode first.",
+ "format" : "pve-node",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ipam" : {
+ "description" : "use a specific ipam",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mac" : {
+ "description" : "Anycast logical router mac address",
+ "format" : "mac-addr",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mtu" : {
+ "description" : "MTU",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "nodes" : {
+ "description" : "List of cluster node names.",
+ "format" : "pve-node-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "peers" : {
+ "description" : "peers address list.",
+ "format" : "ip-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "reversedns" : {
+ "description" : "reverse dns api server",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "rt-import" : {
+ "description" : "Route-Target import",
+ "format" : "pve-sdn-bgp-rt-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "tag" : {
+ "description" : "Service-VLAN Tag",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "type" : {
+ "description" : "Plugin type.",
+ "enum" : [
+ "evpn",
+ "faucet",
+ "qinq",
+ "simple",
+ "vlan",
+ "vxlan"
+ ],
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "vlan-protocol" : {
+ "default" : "802.1q",
+ "enum" : [
+ "802.1q",
+ "802.1ad"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vrf-vxlan" : {
+ "description" : "l3vni.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "vxlan-port" : {
+ "description" : "Vxlan tunnel udp port (default 4789).",
+ "maximum" : 65536,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 65536)"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ },
+ "type" : "object"
},
- "tmpdir" : {
- "description" : "Store temporary files to specified directory.",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones",
+ [
+ "SDN.Allocate"
+ ]
+ ]
},
- "vmid" : {
- "description" : "The ID of the guest system you want to backup.",
- "format" : "pve-vmid-list",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
}
}
},
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ],
- "description" : "The 'tmpdir', 'dumpdir' and 'script' parameters are additionally restricted to the 'root@pam' user."
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 0,
- "path" : "/cluster/backup",
- "text" : "backup"
- },
- {
- "children" : [
+ "leaf" : 0,
+ "path" : "/cluster/sdn/zones",
+ "text" : "zones"
+ },
{
"children" : [
{
- "children" : [
- {
- "info" : {
- "POST" : {
- "description" : "Request resource migration (online) to another node.",
- "method" : "POST",
- "name" : "migrate",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- },
- "sid" : {
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
- "format" : "pve-ha-resource-or-vm-id",
- "type" : "string",
- "typetext" : "<type>:<name>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Console"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 1,
- "path" : "/cluster/ha/resources/{sid}/migrate",
- "text" : "migrate"
- },
- {
- "info" : {
- "POST" : {
- "description" : "Request resource relocatzion to another node. This stops the service on the old node, and restarts it on the target node.",
- "method" : "POST",
- "name" : "relocate",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- },
- "sid" : {
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
- "format" : "pve-ha-resource-or-vm-id",
- "type" : "string",
- "typetext" : "<type>:<name>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Console"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 1,
- "path" : "/cluster/ha/resources/{sid}/relocate",
- "text" : "relocate"
- }
- ],
"info" : {
"DELETE" : {
- "description" : "Delete resource configuration.",
+ "allowtoken" : 1,
+ "description" : "Delete sdn controller object configuration.",
"method" : "DELETE",
"name" : "delete",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "sid" : {
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
- "format" : "pve-ha-resource-or-vm-id",
+ "controller" : {
+ "description" : "The SDN controller object identifier.",
+ "format" : "pve-sdn-controller-id",
"type" : "string",
- "typetext" : "<type>:<name>"
+ "typetext" : "<string>"
}
}
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/sdn/controllers",
[
- "Sys.Console"
+ "SDN.Allocate"
]
]
},
}
},
"GET" : {
- "description" : "Read resource configuration.",
+ "allowtoken" : 1,
+ "description" : "Read sdn controller configuration.",
"method" : "GET",
"name" : "read",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "sid" : {
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
- "format" : "pve-ha-resource-or-vm-id",
+ "controller" : {
+ "description" : "The SDN controller object identifier.",
+ "format" : "pve-sdn-controller-id",
"type" : "string",
- "typetext" : "<type>:<name>"
+ "typetext" : "<string>"
+ },
+ "pending" : {
+ "description" : "Display pending config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "running" : {
+ "description" : "Display running config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
}
}
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/sdn/controllers/{controller}",
[
- "Sys.Audit"
+ "SDN.Allocate"
]
]
},
- "returns" : {}
+ "returns" : {
+ "type" : "object"
+ }
},
"PUT" : {
- "description" : "Update resource configuration.",
+ "allowtoken" : 1,
+ "description" : "Update sdn controller object configuration.",
"method" : "PUT",
"name" : "update",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "comment" : {
- "description" : "Description.",
- "maxLength" : 4096,
+ "asn" : {
+ "description" : "autonomous system number",
+ "maximum" : 4294967296,
+ "minimum" : 0,
"optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 4294967296)"
+ },
+ "bgp-multipath-as-path-relax" : {
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "controller" : {
+ "description" : "The SDN controller object identifier.",
+ "format" : "pve-sdn-controller-id",
"type" : "string",
"typetext" : "<string>"
},
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
+ "ebgp" : {
+ "description" : "Enable ebgp. (remote-as external)",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "ebgp-multihop" : {
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "isis-domain" : {
+ "description" : "ISIS domain.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "max_relocate" : {
- "default" : 1,
- "description" : "Maximal number of service relocate tries when a service failes to start.",
- "minimum" : 0,
+ "isis-ifaces" : {
+ "description" : "ISIS interface.",
+ "format" : "pve-iface-list",
"optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "max_restart" : {
- "default" : 1,
- "description" : "Maximal number of tries to restart the service on a node after its start failed.",
- "minimum" : 0,
+ "isis-net" : {
+ "description" : "ISIS network entity title.",
+ "format" : "pve-sdn-isis-net",
"optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "sid" : {
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
- "format" : "pve-ha-resource-or-vm-id",
+ "loopback" : {
+ "description" : "source loopback interface.",
+ "optional" : 1,
"type" : "string",
- "typetext" : "<type>:<name>"
+ "typetext" : "<string>"
},
- "state" : {
- "default" : "started",
- "description" : "Requested resource state.",
- "enum" : [
- "started",
- "stopped",
- "enabled",
- "disabled",
- "ignored"
- ],
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
"optional" : 1,
"type" : "string",
- "verbose_description" : "Requested resource state. The CRM reads this state and acts accordingly.\nPlease note that `enabled` is just an alias for `started`.\n\n`started`;;\n\nThe CRM tries to start the resource. Service state is\nset to `started` after successful start. On node failures, or when start\nfails, it tries to recover the resource. If everything fails, service\nstate it set to `error`.\n\n`stopped`;;\n\nThe CRM tries to keep the resource in `stopped` state, but it\nstill tries to relocate the resources on node failures.\n\n`disabled`;;\n\nThe CRM tries to put the resource in `stopped` state, but does not try\nto relocate the resources on node failures. The main purpose of this\nstate is error recovery, because it is the only way to move a resource out\nof the `error` state.\n\n`ignored`;;\n\nThe resource gets removed from the manager status and so the CRM and the LRM do\nnot touch the resource anymore. All {pve} API calls affecting this resource\nwill be executed, directly bypassing the HA stack. CRM commands will be thrown\naway while there source is in this state. The resource will not get relocated\non node failures.\n\n"
+ "typetext" : "<string>"
+ },
+ "peers" : {
+ "description" : "peers address list.",
+ "format" : "ip-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
}
},
"type" : "object"
"permissions" : {
"check" : [
"perm",
- "/",
+ "/sdn/controllers",
[
- "Sys.Console"
+ "SDN.Allocate"
]
]
},
}
}
},
- "leaf" : 0,
- "path" : "/cluster/ha/resources/{sid}",
- "text" : "{sid}"
+ "leaf" : 1,
+ "path" : "/cluster/sdn/controllers/{controller}",
+ "text" : "{controller}"
}
],
"info" : {
"GET" : {
- "description" : "List HA resources.",
+ "allowtoken" : 1,
+ "description" : "SDN controllers index.",
"method" : "GET",
"name" : "index",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "pending" : {
+ "description" : "Display pending config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "running" : {
+ "description" : "Display running config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"type" : {
- "description" : "Only list resources of specific type",
+ "description" : "Only list sdn controllers of specific type",
"enum" : [
- "ct",
- "vm"
+ "bgp",
+ "evpn",
+ "faucet",
+ "isis"
],
"optional" : 1,
"type" : "string"
}
},
"permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
+ "description" : "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/controllers/<controller>'",
+ "user" : "all"
},
"returns" : {
"items" : {
"properties" : {
- "sid" : {
+ "controller" : {
+ "type" : "string"
+ },
+ "pending" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "state" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
"type" : "string"
}
},
},
"links" : [
{
- "href" : "{sid}",
+ "href" : "{controller}",
"rel" : "child"
}
],
}
},
"POST" : {
- "description" : "Create a new HA resource.",
+ "allowtoken" : 1,
+ "description" : "Create a new sdn controller object.",
"method" : "POST",
"name" : "create",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "comment" : {
- "description" : "Description.",
- "maxLength" : 4096,
+ "asn" : {
+ "description" : "autonomous system number",
+ "maximum" : 4294967296,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 4294967296)"
+ },
+ "bgp-multipath-as-path-relax" : {
"optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "controller" : {
+ "description" : "The SDN controller object identifier.",
+ "format" : "pve-sdn-controller-id",
"type" : "string",
"typetext" : "<string>"
},
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
+ "ebgp" : {
+ "description" : "Enable ebgp. (remote-as external)",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "ebgp-multihop" : {
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "isis-domain" : {
+ "description" : "ISIS domain.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "max_relocate" : {
- "default" : 1,
- "description" : "Maximal number of service relocate tries when a service failes to start.",
- "minimum" : 0,
+ "isis-ifaces" : {
+ "description" : "ISIS interface.",
+ "format" : "pve-iface-list",
"optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "max_restart" : {
- "default" : 1,
- "description" : "Maximal number of tries to restart the service on a node after its start failed.",
- "minimum" : 0,
+ "isis-net" : {
+ "description" : "ISIS network entity title.",
+ "format" : "pve-sdn-isis-net",
"optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (0 - N)"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "sid" : {
- "description" : "HA resource ID. This consists of a resource type followed by a resource specific name, separated with colon (example: vm:100 / ct:100). For virtual machines and containers, you can simply use the VM or CT id as a shortcut (example: 100).",
- "format" : "pve-ha-resource-or-vm-id",
+ "loopback" : {
+ "description" : "source loopback interface.",
+ "optional" : 1,
"type" : "string",
- "typetext" : "<type>:<name>"
+ "typetext" : "<string>"
},
- "state" : {
- "default" : "started",
- "description" : "Requested resource state.",
- "enum" : [
- "started",
- "stopped",
- "enabled",
- "disabled",
- "ignored"
- ],
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
"optional" : 1,
"type" : "string",
- "verbose_description" : "Requested resource state. The CRM reads this state and acts accordingly.\nPlease note that `enabled` is just an alias for `started`.\n\n`started`;;\n\nThe CRM tries to start the resource. Service state is\nset to `started` after successful start. On node failures, or when start\nfails, it tries to recover the resource. If everything fails, service\nstate it set to `error`.\n\n`stopped`;;\n\nThe CRM tries to keep the resource in `stopped` state, but it\nstill tries to relocate the resources on node failures.\n\n`disabled`;;\n\nThe CRM tries to put the resource in `stopped` state, but does not try\nto relocate the resources on node failures. The main purpose of this\nstate is error recovery, because it is the only way to move a resource out\nof the `error` state.\n\n`ignored`;;\n\nThe resource gets removed from the manager status and so the CRM and the LRM do\nnot touch the resource anymore. All {pve} API calls affecting this resource\nwill be executed, directly bypassing the HA stack. CRM commands will be thrown\naway while there source is in this state. The resource will not get relocated\non node failures.\n\n"
+ "typetext" : "<string>"
+ },
+ "peers" : {
+ "description" : "peers address list.",
+ "format" : "ip-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"type" : {
- "description" : "Resource type.",
+ "description" : "Plugin type.",
"enum" : [
- "ct",
- "vm"
+ "bgp",
+ "evpn",
+ "faucet",
+ "isis"
],
- "optional" : 1,
+ "format" : "pve-configid",
"type" : "string"
}
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/sdn/controllers",
[
- "Sys.Console"
+ "SDN.Allocate"
]
]
},
}
},
"leaf" : 0,
- "path" : "/cluster/ha/resources",
- "text" : "resources"
+ "path" : "/cluster/sdn/controllers",
+ "text" : "controllers"
},
{
"children" : [
{
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List PVE IPAM Entries",
+ "method" : "GET",
+ "name" : "ipamindex",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "ipam" : {
+ "description" : "The SDN ipam object identifier.",
+ "format" : "pve-sdn-ipam-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/zones/<zone>/<vnet>'",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/cluster/sdn/ipams/{ipam}/status",
+ "text" : "status"
+ }
+ ],
"info" : {
"DELETE" : {
- "description" : "Delete ha group configuration.",
+ "allowtoken" : 1,
+ "description" : "Delete sdn ipam object configuration.",
"method" : "DELETE",
"name" : "delete",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
+ "ipam" : {
+ "description" : "The SDN ipam object identifier.",
+ "format" : "pve-sdn-ipam-id",
"type" : "string",
"typetext" : "<string>"
}
"permissions" : {
"check" : [
"perm",
- "/",
+ "/sdn/ipams",
[
- "Sys.Console"
+ "SDN.Allocate"
]
]
},
}
},
"GET" : {
- "description" : "Read ha group configuration.",
+ "allowtoken" : 1,
+ "description" : "Read sdn ipam configuration.",
"method" : "GET",
"name" : "read",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
+ "ipam" : {
+ "description" : "The SDN ipam object identifier.",
+ "format" : "pve-sdn-ipam-id",
"type" : "string",
"typetext" : "<string>"
}
"permissions" : {
"check" : [
"perm",
- "/",
+ "/sdn/ipams/{ipam}",
[
- "Sys.Audit"
+ "SDN.Allocate"
]
]
},
- "returns" : {}
+ "returns" : {
+ "type" : "object"
+ }
},
"PUT" : {
- "description" : "Update ha group configuration.",
+ "allowtoken" : 1,
+ "description" : "Update sdn ipam object configuration.",
"method" : "PUT",
"name" : "update",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "comment" : {
- "description" : "Description.",
- "maxLength" : 4096,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
"delete" : {
"description" : "A list of settings you want to delete.",
"format" : "pve-configid-list",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
+ "ipam" : {
+ "description" : "The SDN ipam object identifier.",
+ "format" : "pve-sdn-ipam-id",
"type" : "string",
"typetext" : "<string>"
},
- "nodes" : {
- "description" : "List of cluster node names with optional priority.",
- "format" : "pve-ha-group-node-list",
+ "section" : {
"optional" : 1,
- "type" : "string",
- "typetext" : "<node>[:<pri>]{,<node>[:<pri>]}*",
- "verbose_description" : "List of cluster node members, where a priority can be given to each node. A resource bound to a group will run on the available nodes with the highest priority. If there are more nodes in the highest priority class, the services will get distributed to those nodes. The priorities have a relative meaning only."
+ "type" : "integer",
+ "typetext" : "<integer>"
},
- "nofailback" : {
- "default" : 0,
- "description" : "The CRM tries to run services on the node with the highest priority. If a node with higher priority comes online, the CRM migrates the service to that node. Enabling nofailback prevents that behavior.",
+ "token" : {
"optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "restricted" : {
- "default" : 0,
- "description" : "Resources bound to restricted groups may only run on nodes defined by the group.",
+ "url" : {
"optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>",
- "verbose_description" : "Resources bound to restricted groups may only run on nodes defined by the group. The resource will be placed in the stopped state if no group node member is online. Resources on unrestricted groups may run on any cluster node if all group members are offline, but they will migrate back as soon as a group member comes online. One can implement a 'preferred node' behavior using an unrestricted group with only one member."
+ "type" : "string",
+ "typetext" : "<string>"
}
},
"type" : "object"
"permissions" : {
"check" : [
"perm",
- "/",
+ "/sdn/ipams",
[
- "Sys.Console"
+ "SDN.Allocate"
]
]
},
}
}
},
- "leaf" : 1,
- "path" : "/cluster/ha/groups/{group}",
- "text" : "{group}"
+ "leaf" : 0,
+ "path" : "/cluster/sdn/ipams/{ipam}",
+ "text" : "{ipam}"
}
],
"info" : {
"GET" : {
- "description" : "Get HA groups.",
+ "allowtoken" : 1,
+ "description" : "SDN ipams index.",
"method" : "GET",
"name" : "index",
"parameters" : {
- "additionalProperties" : 0
+ "additionalProperties" : 0,
+ "properties" : {
+ "type" : {
+ "description" : "Only list sdn ipams of specific type",
+ "enum" : [
+ "netbox",
+ "phpipam",
+ "pve"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
},
"permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
+ "description" : "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/ipams/<ipam>'",
+ "user" : "all"
},
"returns" : {
"items" : {
"properties" : {
- "group" : {
+ "ipam" : {
+ "type" : "string"
+ },
+ "type" : {
"type" : "string"
}
},
},
"links" : [
{
- "href" : "{group}",
+ "href" : "{ipam}",
"rel" : "child"
}
],
}
},
"POST" : {
- "description" : "Create a new HA group.",
+ "allowtoken" : 1,
+ "description" : "Create a new sdn ipam object.",
"method" : "POST",
"name" : "create",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "comment" : {
- "description" : "Description.",
- "maxLength" : 4096,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "group" : {
- "description" : "The HA group identifier.",
- "format" : "pve-configid",
+ "ipam" : {
+ "description" : "The SDN ipam object identifier.",
+ "format" : "pve-sdn-ipam-id",
"type" : "string",
"typetext" : "<string>"
},
- "nodes" : {
- "description" : "List of cluster node names with optional priority.",
- "format" : "pve-ha-group-node-list",
- "optional" : 0,
- "type" : "string",
- "typetext" : "<node>[:<pri>]{,<node>[:<pri>]}*",
- "verbose_description" : "List of cluster node members, where a priority can be given to each node. A resource bound to a group will run on the available nodes with the highest priority. If there are more nodes in the highest priority class, the services will get distributed to those nodes. The priorities have a relative meaning only."
- },
- "nofailback" : {
- "default" : 0,
- "description" : "The CRM tries to run services on the node with the highest priority. If a node with higher priority comes online, the CRM migrates the service to that node. Enabling nofailback prevents that behavior.",
+ "section" : {
"optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
+ "type" : "integer",
+ "typetext" : "<integer>"
},
- "restricted" : {
- "default" : 0,
- "description" : "Resources bound to restricted groups may only run on nodes defined by the group.",
+ "token" : {
"optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>",
- "verbose_description" : "Resources bound to restricted groups may only run on nodes defined by the group. The resource will be placed in the stopped state if no group node member is online. Resources on unrestricted groups may run on any cluster node if all group members are offline, but they will migrate back as soon as a group member comes online. One can implement a 'preferred node' behavior using an unrestricted group with only one member."
+ "type" : "string",
+ "typetext" : "<string>"
},
"type" : {
- "description" : "Group type.",
+ "description" : "Plugin type.",
"enum" : [
- "group"
+ "netbox",
+ "phpipam",
+ "pve"
],
- "optional" : 1,
+ "format" : "pve-configid",
"type" : "string"
+ },
+ "url" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
}
},
"type" : "object"
"permissions" : {
"check" : [
"perm",
- "/",
+ "/sdn/ipams",
[
- "Sys.Console"
+ "SDN.Allocate"
]
]
},
}
},
"leaf" : 0,
- "path" : "/cluster/ha/groups",
- "text" : "groups"
+ "path" : "/cluster/sdn/ipams",
+ "text" : "ipams"
},
{
"children" : [
{
"info" : {
- "GET" : {
- "description" : "Get HA manger status.",
- "method" : "GET",
- "name" : "status",
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete sdn dns object configuration.",
+ "method" : "DELETE",
+ "name" : "delete",
"parameters" : {
- "additionalProperties" : 0
+ "additionalProperties" : 0,
+ "properties" : {
+ "dns" : {
+ "description" : "The SDN dns object identifier.",
+ "format" : "pve-sdn-dns-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/sdn/dns",
[
- "Sys.Audit"
+ "SDN.Allocate"
]
]
},
+ "protected" : 1,
"returns" : {
- "type" : "array"
+ "type" : "null"
}
- }
- },
- "leaf" : 1,
- "path" : "/cluster/ha/status/current",
- "text" : "current"
- },
- {
- "info" : {
+ },
"GET" : {
- "description" : "Get full HA manger status, including LRM status.",
+ "allowtoken" : 1,
+ "description" : "Read sdn dns configuration.",
"method" : "GET",
- "name" : "manager_status",
+ "name" : "read",
"parameters" : {
- "additionalProperties" : 0
+ "additionalProperties" : 0,
+ "properties" : {
+ "dns" : {
+ "description" : "The SDN dns object identifier.",
+ "format" : "pve-sdn-dns-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
},
"permissions" : {
"check" : [
"perm",
- "/",
+ "/sdn/dns/{dns}",
[
- "Sys.Audit"
+ "SDN.Allocate"
]
]
},
"returns" : {
"type" : "object"
}
- }
- },
- "leaf" : 1,
- "path" : "/cluster/ha/status/manager_status",
- "text" : "manager_status"
- }
- ],
- "info" : {
- "GET" : {
- "description" : "Directory index.",
- "method" : "GET",
- "name" : "index",
- "parameters" : {
- "additionalProperties" : 0
- },
- "permissions" : {
- "user" : "all"
- },
- "returns" : {
- "items" : {
- "properties" : {},
- "type" : "object"
},
- "links" : [
- {
- "href" : "{name}",
- "rel" : "child"
- }
- ],
- "type" : "array"
- }
- }
- },
- "leaf" : 0,
- "path" : "/cluster/ha/status",
- "text" : "status"
- }
- ],
- "info" : {
- "GET" : {
- "description" : "Directory index.",
- "method" : "GET",
- "name" : "index",
- "parameters" : {
- "additionalProperties" : 0
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit"
- ]
- ]
- },
- "returns" : {
- "items" : {
- "properties" : {
- "id" : {
- "type" : "string"
- }
- },
- "type" : "object"
- },
- "links" : [
- {
- "href" : "{id}",
- "rel" : "child"
- }
- ],
- "type" : "array"
- }
- }
- },
- "leaf" : 0,
- "path" : "/cluster/ha",
- "text" : "ha"
- },
- {
- "children" : [
- {
- "children" : [
- {
- "info" : {
- "DELETE" : {
- "description" : "Deactivate existing ACME account at CA.",
- "method" : "DELETE",
- "name" : "deactivate_account",
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update sdn dns object configuration.",
+ "method" : "PUT",
+ "name" : "update",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "name" : {
- "default" : "default",
- "description" : "ACME account config file name.",
- "format" : "pve-configid",
- "format_description" : "name",
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
"optional" : 1,
"type" : "string",
- "typetext" : "<name>"
- }
- }
- },
- "protected" : 1,
- "returns" : {
- "type" : "string"
- }
- },
- "GET" : {
- "description" : "Return existing ACME account information.",
- "method" : "GET",
- "name" : "get_account",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "name" : {
- "default" : "default",
- "description" : "ACME account config file name.",
- "format" : "pve-configid",
- "format_description" : "name",
+ "typetext" : "<string>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
- "typetext" : "<name>"
- }
- }
- },
- "protected" : 1,
- "returns" : {
- "additionalProperties" : 0,
- "properties" : {
- "account" : {
- "optional" : 1,
- "renderer" : "yaml",
- "type" : "object"
+ "typetext" : "<string>"
},
- "directory" : {
- "description" : "URL of ACME CA directory endpoint.",
- "optional" : 1,
- "pattern" : "^https?://.*",
- "type" : "string"
+ "dns" : {
+ "description" : "The SDN dns object identifier.",
+ "format" : "pve-sdn-dns-id",
+ "type" : "string",
+ "typetext" : "<string>"
},
- "location" : {
+ "key" : {
"optional" : 1,
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "tos" : {
+ "reversemaskv6" : {
"optional" : 1,
- "type" : "string"
- }
- },
- "type" : "object"
- }
- },
- "PUT" : {
- "description" : "Update existing ACME account information with CA. Note: not specifying any new account information triggers a refresh.",
- "method" : "PUT",
- "name" : "update_account",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "contact" : {
- "description" : "Contact email addresses.",
- "format" : "email-list",
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "ttl" : {
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "integer",
+ "typetext" : "<integer>"
},
- "name" : {
- "default" : "default",
- "description" : "ACME account config file name.",
- "format" : "pve-configid",
- "format_description" : "name",
+ "url" : {
"optional" : 1,
"type" : "string",
- "typetext" : "<name>"
+ "typetext" : "<string>"
}
- }
+ },
+ "type" : "object"
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/dns",
+ [
+ "SDN.Allocate"
+ ]
+ ]
},
"protected" : 1,
"returns" : {
- "type" : "string"
+ "type" : "null"
}
}
},
"leaf" : 1,
- "path" : "/cluster/acme/account/{name}",
- "text" : "{name}"
+ "path" : "/cluster/sdn/dns/{dns}",
+ "text" : "{dns}"
}
],
"info" : {
"GET" : {
- "description" : "ACMEAccount index.",
+ "allowtoken" : 1,
+ "description" : "SDN dns index.",
"method" : "GET",
- "name" : "account_index",
+ "name" : "index",
"parameters" : {
- "additionalProperties" : 0
+ "additionalProperties" : 0,
+ "properties" : {
+ "type" : {
+ "description" : "Only list sdn dns of specific type",
+ "enum" : [
+ "powerdns"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
},
"permissions" : {
+ "description" : "Only list entries where you have 'SDN.Audit' or 'SDN.Allocate' permissions on '/sdn/dns/<dns>'",
"user" : "all"
},
- "protected" : 1,
"returns" : {
"items" : {
- "properties" : {},
+ "properties" : {
+ "dns" : {
+ "type" : "string"
+ },
+ "type" : {
+ "type" : "string"
+ }
+ },
"type" : "object"
},
"links" : [
{
- "href" : "{name}",
+ "href" : "{dns}",
"rel" : "child"
}
],
}
},
"POST" : {
- "description" : "Register a new ACME account with CA.",
+ "allowtoken" : 1,
+ "description" : "Create a new sdn dns object.",
"method" : "POST",
- "name" : "register_account",
+ "name" : "create",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "contact" : {
- "description" : "Contact email addresses.",
- "format" : "email-list",
+ "dns" : {
+ "description" : "The SDN dns object identifier.",
+ "format" : "pve-sdn-dns-id",
"type" : "string",
"typetext" : "<string>"
},
- "directory" : {
- "default" : "https://acme-v02.api.letsencrypt.org/directory",
- "description" : "URL of ACME CA directory endpoint.",
+ "key" : {
+ "optional" : 0,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "reversemaskv6" : {
"optional" : 1,
- "pattern" : "^https?://.*",
- "type" : "string"
+ "type" : "integer",
+ "typetext" : "<integer>"
},
- "name" : {
- "default" : "default",
- "description" : "ACME account config file name.",
- "format" : "pve-configid",
- "format_description" : "name",
+ "reversev6mask" : {
"optional" : 1,
- "type" : "string",
- "typetext" : "<name>"
+ "type" : "integer",
+ "typetext" : "<integer>"
},
- "tos_url" : {
- "description" : "URL of CA TermsOfService - setting this indicates agreement.",
+ "ttl" : {
"optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "type" : {
+ "description" : "Plugin type.",
+ "enum" : [
+ "powerdns"
+ ],
+ "format" : "pve-configid",
+ "type" : "string"
+ },
+ "url" : {
+ "optional" : 0,
"type" : "string",
"typetext" : "<string>"
}
- }
- },
- "protected" : 1,
- "returns" : {
- "type" : "string"
- }
- }
- },
- "leaf" : 0,
- "path" : "/cluster/acme/account",
- "text" : "account"
- },
- {
- "info" : {
- "GET" : {
- "description" : "Retrieve ACME TermsOfService URL from CA.",
- "method" : "GET",
- "name" : "get_tos",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "directory" : {
- "default" : "https://acme-v02.api.letsencrypt.org/directory",
- "description" : "URL of ACME CA directory endpoint.",
- "optional" : 1,
- "pattern" : "^https?://.*",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "user" : "all"
- },
- "returns" : {
- "description" : "ACME TermsOfService URL.",
- "type" : "string"
- }
- }
- },
- "leaf" : 1,
- "path" : "/cluster/acme/tos",
- "text" : "tos"
- },
- {
- "info" : {
- "GET" : {
- "description" : "Get named known ACME directory endpoints.",
- "method" : "GET",
- "name" : "get_directories",
- "parameters" : {
- "additionalProperties" : 0
+ },
+ "type" : "object"
},
"permissions" : {
- "user" : "all"
+ "check" : [
+ "perm",
+ "/sdn/dns",
+ [
+ "SDN.Allocate"
+ ]
+ ]
},
+ "protected" : 1,
"returns" : {
- "items" : {
- "additionalProperties" : 0,
- "properties" : {
- "name" : {
- "type" : "string"
- },
- "url" : {
- "description" : "URL of ACME CA directory endpoint.",
- "pattern" : "^https?://.*",
- "type" : "string"
- }
- },
- "type" : "object"
- },
- "type" : "array"
+ "type" : "null"
}
}
},
- "leaf" : 1,
- "path" : "/cluster/acme/directories",
- "text" : "directories"
+ "leaf" : 0,
+ "path" : "/cluster/sdn/dns",
+ "text" : "dns"
}
],
"info" : {
"GET" : {
- "description" : "ACMEAccount index.",
+ "allowtoken" : 1,
+ "description" : "Directory index.",
"method" : "GET",
"name" : "index",
"parameters" : {
"additionalProperties" : 0
},
"permissions" : {
- "user" : "all"
+ "check" : [
+ "perm",
+ "/sdn",
+ [
+ "SDN.Audit"
+ ]
+ ]
},
"returns" : {
"items" : {
- "properties" : {},
+ "properties" : {
+ "id" : {
+ "type" : "string"
+ }
+ },
"type" : "object"
},
"links" : [
{
- "href" : "{name}",
+ "href" : "{id}",
"rel" : "child"
}
],
"type" : "array"
}
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Apply sdn controller changes && reload.",
+ "method" : "PUT",
+ "name" : "reload",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn",
+ [
+ "SDN.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "string"
+ }
}
},
"leaf" : 0,
- "path" : "/cluster/acme",
- "text" : "acme"
+ "path" : "/cluster/sdn",
+ "text" : "sdn"
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read cluster log",
"method" : "GET",
"name" : "log",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Resources index (cluster wide).",
"method" : "GET",
"name" : "resources",
"enum" : [
"vm",
"storage",
- "node"
+ "node",
+ "sdn"
],
"optional" : 1,
"type" : "string"
"returns" : {
"items" : {
"properties" : {
+ "cgroup-mode" : {
+ "description" : "The cgroup mode the node operates under (when type == node).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "content" : {
+ "description" : "Allowed storage content types (when type == storage).",
+ "format" : "pve-storage-content-list",
+ "optional" : 1,
+ "type" : "string"
+ },
"cpu" : {
"description" : "CPU utilization (when type in node,qemu,lxc).",
+ "minimum" : 0,
"optional" : 1,
"renderer" : "fraction_as_percentage",
"type" : "number"
},
"disk" : {
"description" : "Used disk space in bytes (when type in storage), used root image spave for VMs (type in qemu,lxc).",
+ "minimum" : 0,
"optional" : 1,
"renderer" : "bytes",
- "type" : "string"
+ "type" : "integer"
},
"hastate" : {
"description" : "HA service status (for HA managed VMs).",
"type" : "string"
},
"id" : {
+ "description" : "Resource id.",
"type" : "string"
},
"level" : {
},
"maxcpu" : {
"description" : "Number of available CPUs (when type in node,qemu,lxc).",
+ "minimum" : 0,
"optional" : 1,
"type" : "number"
},
"maxdisk" : {
"description" : "Storage size in bytes (when type in storage), root image size for VMs (type in qemu,lxc).",
+ "minimum" : 0,
"optional" : 1,
"renderer" : "bytes",
"type" : "integer"
},
"mem" : {
"description" : "Used memory in bytes (when type in node,qemu,lxc).",
+ "minimum" : 0,
"optional" : 1,
"renderer" : "bytes",
+ "type" : "integer"
+ },
+ "name" : {
+ "description" : "Name of the resource.",
+ "optional" : 1,
"type" : "string"
},
"node" : {
"optional" : 1,
"type" : "string"
},
+ "plugintype" : {
+ "description" : "More specific type, if available.",
+ "optional" : 1,
+ "type" : "string"
+ },
"pool" : {
"description" : "The pool name (when type in pool,qemu,lxc).",
"optional" : 1,
"storage" : {
"description" : "The storage identifier (when type == storage).",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string"
},
"pool",
"qemu",
"lxc",
- "openvz"
+ "openvz",
+ "sdn"
],
"type" : "string"
},
"optional" : 1,
"renderer" : "duration",
"type" : "integer"
+ },
+ "vmid" : {
+ "description" : "The numerical vmid (when type in qemu,lxc).",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "optional" : 1,
+ "type" : "integer"
}
},
"type" : "object"
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List recent tasks (cluster wide).",
"method" : "GET",
"name" : "tasks",
{
"info" : {
"GET" : {
- "description" : "Get datacenter options.",
+ "allowtoken" : 1,
+ "description" : "Get datacenter options. Without 'Sys.Audit' on '/' not all options are returned.",
"method" : "GET",
"name" : "get_options",
"parameters" : {
[
"Sys.Audit"
]
- ]
+ ],
+ "user" : "all"
},
"returns" : {
"type" : "object"
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Set datacenter options.",
"method" : "PUT",
"name" : "set_options",
"additionalProperties" : 0,
"properties" : {
"bwlimit" : {
- "description" : "Set bandwidth/io limits various operations.",
+ "description" : "Set I/O bandwidth limit for various operations (in KiB/s).",
"format" : {
"clone" : {
- "description" : "bandwidth limit in MiB/s for cloning disks",
+ "description" : "bandwidth limit in KiB/s for cloning disks",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"default" : {
- "description" : "default bandwidth limit in MiB/s",
+ "description" : "default bandwidth limit in KiB/s",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"migration" : {
- "description" : "bandwidth limit in MiB/s for migrating guests",
+ "description" : "bandwidth limit in KiB/s for migrating guests (including moving local disks)",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"move" : {
- "description" : "bandwidth limit in MiB/s for moving disks",
+ "description" : "bandwidth limit in KiB/s for moving disks",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"restore" : {
- "description" : "bandwidth limit in MiB/s for restoring guests from backups",
+ "description" : "bandwidth limit in KiB/s for restoring guests from backups",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"optional" : 1,
"type" : "string"
},
+ "crs" : {
+ "description" : "Cluster resource scheduling settings.",
+ "format" : {
+ "ha" : {
+ "default" : "basic",
+ "description" : "Use this resource scheduler mode for HA.",
+ "enum" : [
+ "basic",
+ "static"
+ ],
+ "optional" : 1,
+ "type" : "string",
+ "verbose_description" : "Configures how the HA manager should select nodes to start or recover services. With 'basic', only the number of services is used, with 'static', static CPU and memory configuration of services is considered."
+ },
+ "ha-rebalance-on-start" : {
+ "default" : 0,
+ "description" : "Set to use CRS for selecting a suited node when a HA services request-state changes from stop to start.",
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[ha=<basic|static>] [,ha-rebalance-on-start=<1|0>]"
+ },
"delete" : {
"description" : "A list of settings you want to delete.",
"format" : "pve-configid-list",
"type" : "string",
"typetext" : "<string>"
},
+ "description" : {
+ "description" : "Datacenter description. Shown in the web-interface datacenter notes panel. This is saved as comment inside the configuration file.",
+ "maxLength" : 65536,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"email_from" : {
"description" : "Specify email address to send notification from (default is root@$hostname)",
"format" : "email-opt",
"optional" : 1,
"type" : "string"
},
+ "ha" : {
+ "description" : "Cluster wide HA settings.",
+ "format" : {
+ "shutdown_policy" : {
+ "default" : "conditional",
+ "description" : "The policy for HA services on node shutdown. 'freeze' disables auto-recovery, 'failover' ensures recovery, 'conditional' recovers on poweroff and freezes on reboot. 'migrate' will migrate running services to other nodes, if possible. With 'freeze' or 'failover', HA Services will always get stopped first on shutdown.",
+ "enum" : [
+ "freeze",
+ "failover",
+ "conditional",
+ "migrate"
+ ],
+ "type" : "string",
+ "verbose_description" : "Describes the policy for handling HA services on poweroff or reboot of a node. Freeze will always freeze services which are still located on the node on shutdown, those services won't be recovered by the HA manager. Failover will not mark the services as frozen and thus the services will get recovered to other nodes, if the shutdown node does not come up again quickly (< 1min). 'conditional' chooses automatically depending on the type of shutdown, i.e., on a reboot the service will be frozen but on a poweroff the service will stay as is, and thus get recovered after about 2 minutes. Migrate will try to move all running services to another node when a reboot or shutdown was triggered. The poweroff process will only continue once no running services are located on the node anymore. If the node comes up again, the service will be moved back to the previously powered-off node, at least if no other migration, reloaction or recovery took place."
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "shutdown_policy=<enum>"
+ },
"http_proxy" : {
"description" : "Specify external http proxy which is used for downloads (example: 'http://username:password@host:port/')",
"optional" : 1,
"language" : {
"description" : "Default GUI language.",
"enum" : [
- "zh_CN",
- "zh_TW",
+ "ar",
"ca",
+ "da",
+ "de",
"en",
+ "es",
"eu",
+ "fa",
"fr",
- "de",
+ "hr",
+ "he",
"it",
- "es",
"ja",
+ "ka",
+ "kr",
"nb",
+ "nl",
"nn",
- "fa",
"pl",
"pt_BR",
"ru",
"sl",
"sv",
- "tr"
+ "tr",
+ "ukr",
+ "zh_CN",
+ "zh_TW"
],
"optional" : 1,
"type" : "string"
},
"mac_prefix" : {
- "description" : "Prefix for autogenerated MAC addresses.",
+ "default" : "BC:24:11",
+ "description" : "Prefix for the auto-generated MAC addresses of virtual guests. The default 'BC:24:11' is the OUI assigned by the IEEE to Proxmox Server Solutions GmbH for a 24-bit large MAC block. You're allowed to use this in local networks, i.e., those not directly reachable by the public (e.g., in a LAN or behind NAT).",
+ "format" : "mac-prefix",
"optional" : 1,
- "pattern" : "(?^i:[a-f0-9]{2}(?::[a-f0-9]{2}){0,2}:?)",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "<string>",
+ "verbose_description" : "Prefix for the auto-generated MAC addresses of virtual guests. The default `BC:24:11` is the Organizationally Unique Identifier (OUI) assigned by the IEEE to Proxmox Server Solutions GmbH for a MAC Address Block Large (MA-L). You're allowed to use this in local networks, i.e., those not directly reachable by the public (e.g., in a LAN or NAT/Masquerading).\n \nNote that when you run multiple cluster that (partially) share the networks of their virtual guests, it's highly recommended that you extend the default MAC prefix, or generate a custom (valid) one, to reduce the chance of MAC collisions. For example, add a separate extra hexadecimal to the Proxmox OUI for each cluster, like `BC:24:11:0` for the first, `BC:24:11:1` for the second, and so on.\n Alternatively, you can also separate the networks of the guests logically, e.g., by using VLANs.\n\nFor publicly accessible guests it's recommended that you get your own https://standards.ieee.org/products-programs/regauth/[OUI from the IEEE] registered or coordinate with your, or your hosting providers, network admins."
},
"max_workers" : {
"description" : "Defines how many workers (per node) are maximal started on actions like 'stopall VMs' or task from the ha-manager.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
+ },
+ "next-id" : {
+ "description" : "Control the range for the free VMID auto-selection pool.",
+ "format" : {
+ "lower" : {
+ "default" : 100,
+ "description" : "Lower, inclusive boundary for free next-id API range.",
+ "max" : 999999999,
+ "min" : 100,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "upper" : {
+ "default" : 1000000,
+ "description" : "Upper, exclusive boundary for free next-id API range.",
+ "max" : 1000000000,
+ "min" : 100,
+ "optional" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[lower=<integer>] [,upper=<integer>]"
+ },
+ "notify" : {
+ "description" : "Cluster-wide notification settings.",
+ "format" : {
+ "fencing" : {
+ "description" : "UNUSED - Use datacenter notification settings instead.",
+ "enum" : [
+ "always",
+ "never"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "package-updates" : {
+ "default" : "auto",
+ "description" : "DEPRECATED: Use datacenter notification settings instead. Control when the daily update job should send out notifications.",
+ "enum" : [
+ "auto",
+ "always",
+ "never"
+ ],
+ "optional" : 1,
+ "type" : "string",
+ "verbose_description" : "DEPRECATED: Use datacenter notification settings instead.\nControl how often the daily update job should send out notifications:\n* 'auto' daily for systems with a valid subscription, as those are assumed to be production-ready and thus should know about pending updates.\n* 'always' every update, if there are new pending updates.\n* 'never' never send a notification for new pending updates.\n"
+ },
+ "replication" : {
+ "description" : "UNUSED - Use datacenter notification settings instead.",
+ "enum" : [
+ "always",
+ "never"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "target-fencing" : {
+ "description" : "UNUSED - Use datacenter notification settings instead.",
+ "format_description" : "TARGET",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "target-package-updates" : {
+ "description" : "UNUSED - Use datacenter notification settings instead.",
+ "format_description" : "TARGET",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "target-replication" : {
+ "description" : "UNUSED - Use datacenter notification settings instead.",
+ "format_description" : "TARGET",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[fencing=<always|never>] [,package-updates=<auto|always|never>] [,replication=<always|never>] [,target-fencing=<TARGET>] [,target-package-updates=<TARGET>] [,target-replication=<TARGET>]"
+ },
+ "registered-tags" : {
+ "description" : "A list of tags that require a `Sys.Modify` on '/' to set and delete. Tags set here that are also in 'user-tag-access' also require `Sys.Modify`.",
+ "optional" : 1,
+ "pattern" : "(?:(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*);)*(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*)",
+ "type" : "string",
+ "typetext" : "<tag>[;<tag>...]"
+ },
+ "tag-style" : {
+ "description" : "Tag style options.",
+ "format" : {
+ "case-sensitive" : {
+ "default" : 0,
+ "description" : "Controls if filtering for unique tags on update should check case-sensitive.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "color-map" : {
+ "description" : "Manual color mapping for tags (semicolon separated).",
+ "optional" : 1,
+ "pattern" : "(?:(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*):[0-9a-fA-F]{6}(?::[0-9a-fA-F]{6})?)(?:;(?:(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*):[0-9a-fA-F]{6}(?::[0-9a-fA-F]{6})?))*",
+ "type" : "string",
+ "typetext" : "<tag>:<hex-color>[:<hex-color-for-text>][;<tag>=...]"
+ },
+ "ordering" : {
+ "default" : "alphabetical",
+ "description" : "Controls the sorting of the tags in the web-interface and the API update.",
+ "enum" : [
+ "config",
+ "alphabetical"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "shape" : {
+ "default" : "circle",
+ "description" : "Tag shape for the web ui tree. 'full' draws the full tag. 'circle' draws only a circle with the background color. 'dense' only draws a small rectancle (useful when many tags are assigned to each guest).'none' disables showing the tags.",
+ "enum" : [
+ "full",
+ "circle",
+ "dense",
+ "none"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[case-sensitive=<1|0>] [,color-map=<tag>:<hex-color>[:<hex-color-for-text>][;<tag>=...]] [,ordering=<config|alphabetical>] [,shape=<enum>]"
+ },
+ "u2f" : {
+ "description" : "u2f",
+ "format" : {
+ "appid" : {
+ "description" : "U2F AppId URL override. Defaults to the origin.",
+ "format_description" : "APPID",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "origin" : {
+ "description" : "U2F Origin override. Mostly useful for single nodes with a single URL.",
+ "format_description" : "URL",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[appid=<APPID>] [,origin=<URL>]"
+ },
+ "user-tag-access" : {
+ "description" : "Privilege options for user-settable tags",
+ "format" : {
+ "user-allow" : {
+ "default" : "free",
+ "description" : "Controls tag usage for users without `Sys.Modify` on `/` by either allowing `none`, a `list`, already `existing` or anything (`free`).",
+ "enum" : [
+ "none",
+ "list",
+ "existing",
+ "free"
+ ],
+ "optional" : 1,
+ "type" : "string",
+ "verbose_description" : "Controls which tags can be set or deleted on resources a user controls (such as guests). Users with the `Sys.Modify` privilege on `/` are alwaysunrestricted.\n* 'none' no tags are usable.\n* 'list' tags from 'user-allow-list' are usable.\n* 'existing' like list, but already existing tags of resources are also usable.\n* 'free' no tag restrictions.\n"
+ },
+ "user-allow-list" : {
+ "description" : "List of tags users are allowed to set and delete (semicolon separated) for 'user-allow' values 'list' and 'existing'.",
+ "optional" : 1,
+ "pattern" : "(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*)(?:;(?^i:[a-z0-9_][a-z0-9_\\-\\+\\.]*))*",
+ "type" : "string",
+ "typetext" : "<tag>[;<tag>...]"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[user-allow=<enum>] [,user-allow-list=<tag>[;<tag>...]]"
+ },
+ "webauthn" : {
+ "description" : "webauthn configuration",
+ "format" : {
+ "allow-subdomains" : {
+ "default" : 1,
+ "description" : "Whether to allow the origin to be a subdomain, rather than the exact URL.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "id" : {
+ "description" : "Relying party ID. Must be the domain name without protocol, port or location. Changing this *will* break existing credentials.",
+ "format_description" : "DOMAINNAME",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "origin" : {
+ "description" : "Site origin. Must be a `https://` URL (or `http://localhost`). Should contain the address users type in their browsers to access the web interface. Changing this *may* break existing credentials.",
+ "format_description" : "URL",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "rp" : {
+ "description" : "Relying party name. Any text identifier. Changing this *may* break existing credentials.",
+ "format_description" : "RELYING_PARTY",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[allow-subdomains=<1|0>] [,id=<DOMAINNAME>] [,origin=<URL>] [,rp=<RELYING_PARTY>]"
}
}
},
{
"info" : {
"GET" : {
- "description" : "Get cluster status informations.",
+ "allowtoken" : 1,
+ "description" : "Get cluster status information.",
"method" : "GET",
"name" : "get_status",
"parameters" : {
"returns" : {
"items" : {
"properties" : {
+ "id" : {
+ "type" : "string"
+ },
+ "ip" : {
+ "description" : "[node] IP of the resolved nodename.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "level" : {
+ "description" : "[node] Proxmox VE Subscription level, indicates if eligible for enterprise support as well as access to the stable Proxmox VE Enterprise Repository.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "local" : {
+ "description" : "[node] Indicates if this is the responding node.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "name" : {
+ "type" : "string"
+ },
+ "nodeid" : {
+ "description" : "[node] ID of the node from the corosync configuration.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "nodes" : {
+ "description" : "[cluster] Nodes count, including offline nodes.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "online" : {
+ "description" : "[node] Indicates if the node is online or offline.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "quorate" : {
+ "description" : "[cluster] Indicates if there is a majority of nodes online to make decisions",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"type" : {
+ "description" : "Indicates the type, either cluster or node. The type defines the object properties e.g. quorate available for type cluster.",
+ "enum" : [
+ "cluster",
+ "node"
+ ],
"type" : "string"
+ },
+ "version" : {
+ "description" : "[cluster] Current version of the corosync configuration file.",
+ "optional" : 1,
+ "type" : "integer"
}
},
"type" : "object"
{
"info" : {
"GET" : {
- "description" : "Get next free VMID. If you pass an VMID it will raise an error if the ID is already used.",
+ "allowtoken" : 1,
+ "description" : "Get next free VMID. Pass a VMID to assert that its free (at time of check).",
"method" : "GET",
"name" : "nextid",
"parameters" : {
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Cluster index.",
"method" : "GET",
"name" : "index",
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete rule.",
"method" : "DELETE",
"name" : "delete_rule",
"additionalProperties" : 0,
"properties" : {
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Get single rule data.",
"method" : "GET",
"name" : "get_rule",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"optional" : 1,
"type" : "integer"
},
+ "icmp-type" : {
+ "optional" : 1,
+ "type" : "string"
+ },
"iface" : {
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "log" : {
+ "description" : "Log level for firewall rule",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"macro" : {
"optional" : 1,
- "type" : "integer"
+ "type" : "string"
},
"pos" : {
"type" : "integer"
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Modify rule data.",
"method" : "PUT",
"name" : "update_rule",
"dest" : {
"description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
+ "icmp-type" : {
+ "description" : "Specify icmp-type. Only valid if proto equals 'icmp' or 'icmpv6'/'ipv6-icmp'.",
+ "format" : "pve-fw-icmp-type-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"iface" : {
"description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
"format" : "pve-iface",
"type" : "string",
"typetext" : "<string>"
},
+ "log" : {
+ "description" : "Log level for firewall rule.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"macro" : {
"description" : "Use predefined standard macro.",
"maxLength" : 128,
"source" : {
"description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List rules.",
"method" : "GET",
"name" : "get_rules",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create new rule.",
"method" : "POST",
"name" : "create_rule",
"dest" : {
"description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
+ "icmp-type" : {
+ "description" : "Specify icmp-type. Only valid if proto equals 'icmp' or 'icmpv6'/'ipv6-icmp'.",
+ "format" : "pve-fw-icmp-type-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"iface" : {
"description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
"format" : "pve-iface",
"type" : "string",
"typetext" : "<string>"
},
+ "log" : {
+ "description" : "Log level for firewall rule.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"macro" : {
"description" : "Use predefined standard macro.",
"maxLength" : 128,
"source" : {
"description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Remove IP or Network alias.",
"method" : "DELETE",
"name" : "remove_alias",
"additionalProperties" : 0,
"properties" : {
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Read alias.",
"method" : "GET",
"name" : "read_alias",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Update IP or Network alias.",
"method" : "PUT",
"name" : "update_alias",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List aliases",
"method" : "GET",
"name" : "get_aliases",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"type" : "string"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 0,
"type" : "string"
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create IP or Network Alias.",
"method" : "POST",
"name" : "create_alias",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Remove IP or Network from IPSet.",
"method" : "DELETE",
"name" : "remove_ip",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Read IP or Network settings from IPSet.",
"method" : "GET",
"name" : "read_ip",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Update IP or Network settings",
"method" : "PUT",
"name" : "update_ip",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete IPSet",
"method" : "DELETE",
"name" : "delete_ipset",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "force" : {
+ "description" : "Delete all members of the IPSet, if there are any.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"name" : {
"description" : "IP set name.",
"maxLength" : 64,
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "List IPSet content",
"method" : "GET",
"name" : "get_ipset",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"type" : "string"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 0,
"type" : "string"
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Add IP or Network to IPSet.",
"method" : "POST",
"name" : "create_ip",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List IPSets",
"method" : "GET",
"name" : "ipset_index",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"type" : "string"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 0,
"type" : "string"
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create new IPSet",
"method" : "POST",
"name" : "create_ipset",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get VM firewall options.",
"method" : "GET",
"name" : "get_options",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"returns" : {
"properties" : {
"dhcp" : {
+ "default" : 0,
"description" : "Enable DHCP.",
"optional" : 1,
"type" : "boolean"
},
"enable" : {
+ "default" : 0,
"description" : "Enable/disable firewall rules.",
"optional" : 1,
"type" : "boolean"
"type" : "string"
},
"macfilter" : {
+ "default" : 1,
"description" : "Enable/disable MAC address filter.",
"optional" : 1,
"type" : "boolean"
},
"ndp" : {
- "description" : "Enable NDP.",
+ "default" : 0,
+ "description" : "Enable NDP (Neighbor Discovery Protocol).",
"optional" : 1,
"type" : "boolean"
},
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Set Firewall options.",
"method" : "PUT",
"name" : "set_options",
"typetext" : "<string>"
},
"dhcp" : {
+ "default" : 0,
"description" : "Enable DHCP.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"enable" : {
+ "default" : 0,
"description" : "Enable/disable firewall rules.",
"optional" : 1,
"type" : "boolean",
"type" : "string"
},
"macfilter" : {
+ "default" : 1,
"description" : "Enable/disable MAC address filter.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
"ndp" : {
- "description" : "Enable NDP.",
+ "default" : 0,
+ "description" : "Enable NDP (Neighbor Discovery Protocol).",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read firewall log",
"method" : "GET",
"name" : "log",
"type" : "string",
"typetext" : "<string>"
},
+ "since" : {
+ "description" : "Display log since this UNIX epoch.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
"start" : {
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
+ "until" : {
+ "description" : "Display log until this UNIX epoch.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Lists possible IPSet/Alias reference which are allowed in source/dest properties.",
"method" : "GET",
"name" : "refs",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"name" : {
"type" : "string"
},
+ "ref" : {
+ "type" : "string"
+ },
+ "scope" : {
+ "type" : "string"
+ },
"type" : {
"enum" : [
"alias",
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index.",
"method" : "GET",
"name" : "index",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Execute fsfreeze-freeze.",
"method" : "POST",
"name" : "fsfreeze-freeze",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Execute fsfreeze-status.",
"method" : "POST",
"name" : "fsfreeze-status",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Execute fsfreeze-thaw.",
"method" : "POST",
"name" : "fsfreeze-thaw",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Execute fstrim.",
"method" : "POST",
"name" : "fstrim",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Execute get-fsinfo.",
"method" : "GET",
"name" : "get-fsinfo",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Execute get-host-name.",
"method" : "GET",
"name" : "get-host-name",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Execute get-memory-block-info.",
"method" : "GET",
"name" : "get-memory-block-info",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Execute get-memory-blocks.",
"method" : "GET",
"name" : "get-memory-blocks",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Execute get-osinfo.",
"method" : "GET",
"name" : "get-osinfo",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Execute get-time.",
"method" : "GET",
"name" : "get-time",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Execute get-timezone.",
"method" : "GET",
"name" : "get-timezone",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Execute get-users.",
"method" : "GET",
"name" : "get-users",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Execute get-vcpus.",
"method" : "GET",
"name" : "get-vcpus",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Execute info.",
"method" : "GET",
"name" : "info",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Execute network-get-interfaces.",
"method" : "GET",
"name" : "network-get-interfaces",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Execute ping.",
"method" : "POST",
"name" : "ping",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Execute shutdown.",
"method" : "POST",
"name" : "shutdown",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Execute suspend-disk.",
"method" : "POST",
"name" : "suspend-disk",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Execute suspend-hybrid.",
"method" : "POST",
"name" : "suspend-hybrid",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Execute suspend-ram.",
"method" : "POST",
"name" : "suspend-ram",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Sets the password for the given user to the given password",
"method" : "POST",
"name" : "set-user-password",
},
"password" : {
"description" : "The new password.",
- "maxLength" : 64,
+ "maxLength" : 1024,
"minLength" : 5,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Executes the given command in the vm via the guest-agent and returns an object with the pid.",
"method" : "POST",
"name" : "exec",
"additionalProperties" : 0,
"properties" : {
"command" : {
- "description" : "The command as a list of program + arguments",
- "format" : "string-alist",
+ "description" : "The command as a list of program + arguments.",
+ "items" : {
+ "description" : "A single part of the program + arguments.",
+ "format" : "string"
+ },
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "input-data" : {
+ "description" : "Data to pass as 'input-data' to the guest. Usually treated as STDIN to 'command'.",
+ "maxLength" : 65536,
+ "optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Gets the status of the given pid started by the guest-agent",
"method" : "GET",
"name" : "exec-status",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Reads the given file via guest agent. Is limited to 16777216 bytes.",
"method" : "GET",
"name" : "file-read",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Writes the given file via guest agent.",
"method" : "POST",
"name" : "file-write",
"type" : "string",
"typetext" : "<string>"
},
+ "encode" : {
+ "default" : 1,
+ "description" : "If set, the content will be encoded as base64 (required by QEMU).Otherwise the content needs to be encoded beforehand - defaults to true.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"file" : {
"description" : "The path to the file.",
"type" : "string",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
- "description" : "Qemu Agent command index.",
+ "allowtoken" : 1,
+ "description" : "QEMU Guest Agent command index.",
"method" : "GET",
"name" : "index",
"parameters" : {
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
},
"proxyto" : "node",
"returns" : {
- "description" : "Returns the list of Qemu Agent commands",
+ "description" : "Returns the list of QEMU Guest Agent commands",
"items" : {
"properties" : {},
"type" : "object"
}
},
"POST" : {
- "description" : "Execute Qemu Guest Agent commands.",
+ "allowtoken" : 1,
+ "description" : "Execute QEMU Guest Agent commands.",
"method" : "POST",
"name" : "agent",
"parameters" : {
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read VM RRD statistics (returns PNG)",
"method" : "GET",
"name" : "rrd",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read VM RRD statistics",
"method" : "GET",
"name" : "rrddata",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
- "description" : "Get current virtual machine configuration. This does not include pending configuration changes (see 'pending' API).",
+ "allowtoken" : 1,
+ "description" : "Get the virtual machine configuration with pending configuration changes applied. Set the 'current' parameter to get the current configuration instead.",
"method" : "GET",
"name" : "vm_config",
"parameters" : {
"type" : "string",
"typetext" : "<string>"
},
+ "snapshot" : {
+ "description" : "Fetch config values from given snapshot.",
+ "format" : "pve-configid",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
},
"proxyto" : "node",
"returns" : {
- "description" : "The current VM configuration.",
+ "description" : "The VM configuration.",
"properties" : {
"acpi" : {
"default" : 1,
"optional" : 1,
"type" : "boolean"
},
+ "affinity" : {
+ "description" : "List of host cores used to execute guest processes, for example: 0,5,8-11",
+ "format" : "pve-cpuset",
+ "optional" : 1,
+ "type" : "string"
+ },
"agent" : {
- "description" : "Enable/disable Qemu GuestAgent and its properties.",
+ "description" : "Enable/disable communication with the QEMU Guest Agent and its properties.",
"format" : {
"enabled" : {
"default" : 0,
"default_key" : 1,
- "description" : "Enable/disable Qemu GuestAgent.",
+ "description" : "Enable/disable communication with a QEMU Guest Agent (QGA) running in the VM.",
+ "type" : "boolean"
+ },
+ "freeze-fs-on-backup" : {
+ "default" : 1,
+ "description" : "Freeze/thaw guest filesystems on backup for consistency.",
+ "optional" : 1,
"type" : "boolean"
},
"fstrim_cloned_disks" : {
"default" : 0,
- "description" : "Run fstrim after cloning/moving a disk.",
+ "description" : "Run fstrim after moving a disk or migrating the VM.",
"optional" : 1,
"type" : "boolean"
+ },
+ "type" : {
+ "default" : "virtio",
+ "description" : "Select the agent type",
+ "enum" : [
+ "virtio",
+ "isa"
+ ],
+ "optional" : 1,
+ "type" : "string"
}
},
"optional" : 1,
"description" : "Arbitrary arguments passed to kvm.",
"optional" : 1,
"type" : "string",
- "verbose_description" : "Arbitrary arguments passed to kvm, for example:\n\nargs: -no-reboot -no-hpet\n\nNOTE: this option is for experts only.\n"
+ "verbose_description" : "Arbitrary arguments passed to kvm, for example:\n\nargs: -no-reboot -smbios 'type=0,vendor=FOO'\n\nNOTE: this option is for experts only.\n"
+ },
+ "audio0" : {
+ "description" : "Configure a audio device, useful in combination with QXL/Spice.",
+ "format" : {
+ "device" : {
+ "description" : "Configure an audio device.",
+ "enum" : [
+ "ich9-intel-hda",
+ "intel-hda",
+ "AC97"
+ ],
+ "type" : "string"
+ },
+ "driver" : {
+ "default" : "spice",
+ "description" : "Driver backend for the audio device.",
+ "enum" : [
+ "spice",
+ "none"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
},
"autostart" : {
"default" : 0,
"type" : "boolean"
},
"balloon" : {
- "description" : "Amount of target RAM for the VM in MB. Using zero disables the ballon driver.",
+ "description" : "Amount of target RAM for the VM in MiB. Using zero disables the ballon driver.",
"minimum" : 0,
"optional" : 1,
"type" : "integer"
"type" : "string"
},
"boot" : {
- "default" : "cdn",
- "description" : "Boot on floppy (a), hard disk (c), CD-ROM (d), or network (n).",
+ "description" : "Specify guest boot order. Use the 'order=' sub-property as usage with no key or 'legacy=' is deprecated.",
+ "format" : "pve-qm-boot",
"optional" : 1,
- "pattern" : "[acdn]{1,4}",
"type" : "string"
},
"bootdisk" : {
- "description" : "Enable booting from specified disk.",
+ "description" : "Enable booting from specified disk. Deprecated: Use 'boot: order=foo;bar' instead.",
"format" : "pve-qm-bootdisk",
"optional" : 1,
"pattern" : "(ide|sata|scsi|virtio)\\d+",
"type" : "string",
"typetext" : "<volume>"
},
+ "cicustom" : {
+ "description" : "cloud-init: Specify custom files to replace the automatically generated ones at start.",
+ "format" : "pve-qm-cicustom",
+ "optional" : 1,
+ "type" : "string"
+ },
"cipassword" : {
"description" : "cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.",
"optional" : 1,
"description" : "Specifies the cloud-init configuration format. The default depends on the configured operating system type (`ostype`. We use the `nocloud` format for Linux, and `configdrive2` for windows.",
"enum" : [
"configdrive2",
- "nocloud"
+ "nocloud",
+ "opennebula"
],
"optional" : 1,
"type" : "string"
},
+ "ciupgrade" : {
+ "default" : 1,
+ "description" : "cloud-init: do an automatic package upgrade after the first boot.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"ciuser" : {
"description" : "cloud-init: User name to change ssh keys and password for instead of the image's configured default user.",
"optional" : 1,
},
"cpu" : {
"description" : "Emulated CPU type.",
- "format" : {
- "cputype" : {
- "default" : "kvm64",
- "default_key" : 1,
- "description" : "Emulated CPU type.",
- "enum" : [
- "486",
- "athlon",
- "Broadwell",
- "Broadwell-IBRS",
- "Broadwell-noTSX",
- "Broadwell-noTSX-IBRS",
- "Conroe",
- "core2duo",
- "coreduo",
- "EPYC",
- "EPYC-IBPB",
- "Haswell",
- "Haswell-IBRS",
- "Haswell-noTSX",
- "Haswell-noTSX-IBRS",
- "host",
- "IvyBridge",
- "IvyBridge-IBRS",
- "kvm32",
- "kvm64",
- "max",
- "Nehalem",
- "Nehalem-IBRS",
- "Opteron_G1",
- "Opteron_G2",
- "Opteron_G3",
- "Opteron_G4",
- "Opteron_G5",
- "Penryn",
- "pentium",
- "pentium2",
- "pentium3",
- "phenom",
- "qemu32",
- "qemu64",
- "SandyBridge",
- "SandyBridge-IBRS",
- "Skylake-Client",
- "Skylake-Client-IBRS",
- "Skylake-Server",
- "Skylake-Server-IBRS",
- "Westmere",
- "Westmere-IBRS"
- ],
- "type" : "string"
- },
- "flags" : {
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: 'pcid', 'spec-ctrl', 'ibpb', 'ssbd', 'virt-ssbd', 'amd-ssbd', 'amd-no-ssb', 'pdpe1gb'.",
- "format_description" : "+FLAG[;-FLAG...]",
- "optional" : 1,
- "pattern" : "(?^:(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb))(;(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb)))*)",
- "type" : "string"
- },
- "hidden" : {
- "default" : 0,
- "description" : "Do not identify as a KVM virtual machine.",
- "optional" : 1,
- "type" : "boolean"
- }
- },
+ "format" : "pve-vm-cpu-conf",
"optional" : 1,
"type" : "string"
},
"verbose_description" : "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has total of '2' CPU time. Value '0' indicates no CPU limit."
},
"cpuunits" : {
- "default" : 1024,
- "description" : "CPU weight for a VM.",
+ "default" : "cgroup v1: 1024, cgroup v2: 100",
+ "description" : "CPU weight for a VM, will be clamped to [1, 10000] in cgroup v2.",
"maximum" : 262144,
- "minimum" : 2,
+ "minimum" : 1,
"optional" : 1,
"type" : "integer",
"verbose_description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to weights of all the other running VMs."
},
"description" : {
- "description" : "Description for the VM. Only used on the configuration web interface. This is saved as comment inside the configuration file.",
+ "description" : "Description for the VM. Shown in the web-interface VM's summary. This is saved as comment inside the configuration file.",
+ "maxLength" : 8192,
"optional" : 1,
"type" : "string"
},
"type" : "string"
},
"efidisk0" : {
- "description" : "Configure a Disk for storing EFI vars",
+ "description" : "Configure a disk for storing EFI vars.",
"format" : {
+ "efitype" : {
+ "default" : "2m",
+ "description" : "Size and type of the OVMF EFI vars. '4m' is newer and recommended, and required for Secure Boot. For backwards compatibility, '2m' is used if not otherwise specified. Ignored for VMs with arch=aarch64 (ARM).",
+ "enum" : [
+ "2m",
+ "4m"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"file" : {
"default_key" : 1,
"description" : "The drive's backing volume.",
"optional" : 1,
"type" : "string"
},
+ "pre-enrolled-keys" : {
+ "default" : 0,
+ "description" : "Use am EFI vars template with distribution-specific and Microsoft Standard keys enrolled, if used with 'efitype=4m'. Note that this will enable Secure Boot by default, though it can still be turned off from within the VM.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
"format" : "disk-size",
"optional" : 1,
"type" : "boolean"
},
+ "hookscript" : {
+ "description" : "Script that will be executed during various steps in the vms lifetime.",
+ "format" : "pve-volume-id",
+ "optional" : 1,
+ "type" : "string"
+ },
"hostpci[n]" : {
"description" : "Map host PCI devices into guest.",
"format" : "pve-qm-hostpci",
"optional" : 1,
"type" : "string",
- "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer \npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"hotplug" : {
"default" : "network,disk,usb",
- "description" : "Selectively enable hotplug features. This is a comma separated list of hotplug features: 'network', 'disk', 'cpu', 'memory' and 'usb'. Use '0' to disable hotplug completely. Value '1' is an alias for the default 'network,disk,usb'.",
+ "description" : "Selectively enable hotplug features. This is a comma separated list of hotplug features: 'network', 'disk', 'cpu', 'memory', 'usb' and 'cloudinit'. Use '0' to disable hotplug completely. Using '1' as value is an alias for the default `network,disk,usb`. USB hotplugging is possible for guests with machine version >= 7.1 and ostype l26 or windows > 7.",
"format" : "pve-hotplug-features",
"optional" : 1,
"type" : "string"
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string"
},
"ipconfig[n]" : {
- "description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit gateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using dhcp on IPv4.\n",
+ "description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit\ngateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration. This requires\ncloud-init 19.4 or newer.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using\ndhcp on IPv4.\n",
"format" : "pve-qm-ipconfig",
"optional" : 1,
"type" : "string"
},
+ "ivshmem" : {
+ "description" : "Inter-VM shared memory. Useful for direct communication between VMs, or to the host.",
+ "format" : {
+ "name" : {
+ "description" : "The name of the file. Will be prefixed with 'pve-shm-'. Default is the VMID. Will be deleted when the VM is stopped.",
+ "format_description" : "string",
+ "optional" : 1,
+ "pattern" : "[a-zA-Z0-9\\-]+",
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "The size of the file in MB.",
+ "minimum" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ },
+ "keephugepages" : {
+ "default" : 0,
+ "description" : "Use together with hugepages. If enabled, hugepages will not not be deleted after VM shutdown and can be used for subsequent starts.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"keyboard" : {
"default" : null,
- "description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.cfg' configuration file.It should not be necessary to set it.",
+ "description" : "Keyboard layout for VNC server. This option is generally not required and is often better handled from within the guest OS.",
"enum" : [
"de",
"de-ch",
"type" : "boolean"
},
"localtime" : {
- "description" : "Set the real time clock to local time. This is enabled by default if ostype indicates a Microsoft OS.",
+ "description" : "Set the real time clock (RTC) to local time. This is enabled by default if the `ostype` indicates a Microsoft Windows OS.",
"optional" : 1,
"type" : "boolean"
},
"lock" : {
"description" : "Lock/unlock the VM.",
"enum" : [
- "migrate",
"backup",
+ "clone",
+ "create",
+ "migrate",
+ "rollback",
"snapshot",
- "rollback"
+ "snapshot-delete",
+ "suspending",
+ "suspended"
],
"optional" : 1,
"type" : "string"
},
"machine" : {
- "description" : "Specifies the Qemu machine type.",
- "maxLength" : 40,
+ "description" : "Specify the QEMU machine.",
+ "format" : {
+ "type" : {
+ "default_key" : 1,
+ "description" : "Specifies the QEMU machine type.",
+ "format_description" : "machine type",
+ "maxLength" : 40,
+ "optional" : 1,
+ "pattern" : "(pc|pc(-i440fx)?-\\d+(\\.\\d+)+(\\+pve\\d+)?(\\.pxe)?|q35|pc-q35-\\d+(\\.\\d+)+(\\+pve\\d+)?(\\.pxe)?|virt(?:-\\d+(\\.\\d+)+)?(\\+pve\\d+)?)",
+ "type" : "string"
+ },
+ "viommu" : {
+ "description" : "Enable and set guest vIOMMU variant (Intel vIOMMU needs q35 to be set as machine type).",
+ "enum" : [
+ "intel",
+ "virtio"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
"optional" : 1,
- "pattern" : "(pc|pc(-i440fx)?-\\d+\\.\\d+(\\.pxe)?|q35|pc-q35-\\d+\\.\\d+(\\.pxe)?|virt(?:-\\d+\\.\\d+)?)",
"type" : "string"
},
"memory" : {
- "default" : 512,
- "description" : "Amount of RAM for the VM in MB. This is the maximum available memory when you use the balloon device.",
- "minimum" : 16,
+ "description" : "Memory properties.",
+ "format" : {
+ "current" : {
+ "default" : 512,
+ "default_key" : 1,
+ "description" : "Current amount of online RAM for the VM in MiB. This is the maximum available memory when you use the balloon device.",
+ "minimum" : 16,
+ "type" : "integer"
+ }
+ },
"optional" : 1,
- "type" : "integer"
+ "type" : "string"
},
"migrate_downtime" : {
"default" : 0.1,
"format" : {
"bridge" : {
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
+ "format" : "pve-bridge-id",
"format_description" : "bridge",
"optional" : 1,
"type" : "string"
"alias" : "macaddr",
"keyAlias" : "model"
},
+ "e1000e" : {
+ "alias" : "macaddr",
+ "keyAlias" : "model"
+ },
"firewall" : {
"description" : "Whether this interface should be protected by the firewall.",
"optional" : 1,
},
"macaddr" : {
"description" : "MAC address. That address must be unique withing your network. This is automatically generated if not specified.",
+ "format" : "mac-addr",
"format_description" : "XX:XX:XX:XX:XX:XX",
"optional" : 1,
- "pattern" : "(?^i:[0-9a-f]{2}(?::[0-9a-f]{2}){5})",
- "type" : "string"
+ "type" : "string",
+ "verbose_description" : "A common MAC address with the I/G (Individual/Group) bit not set."
},
"model" : {
"default_key" : 1,
"description" : "Network Card Model. The 'virtio' model provides the best performance with very low CPU overhead. If your guest does not support this driver, it is usually best to use 'e1000'.",
"enum" : [
- "rtl8139",
- "ne2k_pci",
"e1000",
- "pcnet",
- "virtio",
- "ne2k_isa",
+ "e1000-82540em",
+ "e1000-82544gc",
+ "e1000-82545em",
+ "e1000e",
"i82551",
"i82557b",
"i82559er",
- "vmxnet3",
- "e1000-82540em",
- "e1000-82544gc",
- "e1000-82545em"
+ "ne2k_isa",
+ "ne2k_pci",
+ "pcnet",
+ "rtl8139",
+ "virtio",
+ "vmxnet3"
],
"type" : "string"
},
+ "mtu" : {
+ "description" : "Force MTU, for VirtIO only. Set to '1' to use the bridge MTU",
+ "maximum" : 65520,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer"
+ },
"ne2k_isa" : {
"alias" : "macaddr",
"keyAlias" : "model"
},
"queues" : {
"description" : "Number of packet queues to be used on the device.",
- "maximum" : 16,
+ "maximum" : 64,
"minimum" : 0,
"optional" : 1,
"type" : "integer"
"win7",
"win8",
"win10",
+ "win11",
"l24",
"l26",
"solaris"
],
"optional" : 1,
"type" : "string",
- "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
+ "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016/2019\nwin11;; Microsoft Windows 11/2022/2025\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6 - 6.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
},
"parallel[n]" : {
"description" : "Map host parallel devices (n is 0 to 2).",
"optional" : 1,
"pattern" : "/dev/parport\\d+|/dev/usb/lp\\d+",
"type" : "string",
- "verbose_description" : "Map host parallel devices (n is 0 to 2).\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Map host parallel devices (n is 0 to 2).\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such\nmachines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"protection" : {
"default" : 0,
"optional" : 1,
"type" : "boolean"
},
+ "rng0" : {
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy allowed to get injected into the guest every 'period' milliseconds. Prefer a lower value when using '/dev/random' as source. Use `0` to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases '/dev/urandom' should be preferred over '/dev/random' to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. '/dev/hwrng' can be used to pass through a hardware RNG from the host.",
+ "enum" : [
+ "/dev/urandom",
+ "/dev/random",
+ "/dev/hwrng"
+ ],
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ },
"sata[n]" : {
"description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5).",
"format" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string"
},
"scsi[n]" : {
- "description" : "Use volume as SCSI hard disk or CD-ROM (n is 0 to 13).",
+ "description" : "Use volume as SCSI hard disk or CD-ROM (n is 0 to 30).",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "string"
},
+ "product" : {
+ "description" : "The drive's product name, up to 16 bytes long.",
+ "format_description" : "product",
+ "optional" : 1,
+ "pattern" : "[A-Za-z0-9\\-_\\s]{,16}",
+ "type" : "string"
+ },
"queues" : {
"description" : "Number of queues.",
"minimum" : 2,
"optional" : 1,
"type" : "string"
},
+ "ro" : {
+ "description" : "Whether the drive is read-only.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"scsiblock" : {
"default" : 0,
"description" : "whether to use scsi-block for full passthrough of host block device\n\nWARNING: can lead to I/O errors in combination with low memory or high memory fragmentation on host",
"optional" : 1,
"type" : "string"
},
+ "vendor" : {
+ "description" : "The drive's vendor name, up to 8 bytes long.",
+ "format_description" : "vendor",
+ "optional" : 1,
+ "pattern" : "[A-Za-z0-9\\-_\\s]{,8}",
+ "type" : "string"
+ },
"volume" : {
"alias" : "file"
},
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"optional" : 1,
"pattern" : "(/dev/.+|socket)",
"type" : "string",
- "verbose_description" : "Create a serial device inside the VM (n is 0 to 3), and pass through a\nhost serial device (i.e. /dev/ttyS0), or create a unix socket on the\nhost side (use 'qm terminal' to open a terminal connection).\n\nNOTE: If you pass through a host serial device, it is no longer possible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Create a serial device inside the VM (n is 0 to 3), and pass through a\nhost serial device (i.e. /dev/ttyS0), or create a unix socket on the\nhost side (use 'qm terminal' to open a terminal connection).\n\nNOTE: If you pass through a host serial device, it is no longer possible to migrate such machines -\nuse with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"shares" : {
"default" : 1000,
"smbios1" : {
"description" : "Specify SMBIOS type 1 fields.",
"format" : "pve-qm-smbios1",
- "maxLength" : 256,
+ "maxLength" : 512,
"optional" : 1,
"type" : "string"
},
"optional" : 1,
"type" : "integer"
},
+ "spice_enhancements" : {
+ "description" : "Configure additional enhancements for SPICE.",
+ "format" : {
+ "foldersharing" : {
+ "default" : "0",
+ "description" : "Enable folder sharing via SPICE. Needs Spice-WebDAV daemon installed in the VM.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "videostreaming" : {
+ "default" : "off",
+ "description" : "Enable video streaming. Uses compression for detected video streams.",
+ "enum" : [
+ "off",
+ "all",
+ "filter"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ },
"sshkeys" : {
"description" : "cloud-init: Setup public SSH keys (one key per line, OpenSSH format).",
"format" : "urlencoded",
},
"startdate" : {
"default" : "now",
- "description" : "Set the initial date of the real time clock. Valid format for date are: 'now' or '2006-06-17T16:01:21' or '2006-06-17'.",
+ "description" : "Set the initial date of the real time clock. Valid format for date are:'now' or '2006-06-17T16:01:21' or '2006-06-17'.",
"optional" : 1,
"pattern" : "(now|\\d{4}-\\d{1,2}-\\d{1,2}(T\\d{1,2}:\\d{1,2}:\\d{1,2})?)",
"type" : "string",
"description" : "Enable/disable the USB tablet device.",
"optional" : 1,
"type" : "boolean",
- "verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (-vga=qxl)."
+ "verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (`qm set <vmid> --vga qxl`)."
+ },
+ "tags" : {
+ "description" : "Tags of the VM. This is only meta information.",
+ "format" : "pve-tag-list",
+ "optional" : 1,
+ "type" : "string"
},
"tdf" : {
"default" : 0,
"optional" : 1,
"type" : "boolean"
},
+ "tpmstate0" : {
+ "description" : "Configure a Disk for storing TPM state. The format is fixed to 'raw'.",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id-or-qm-path",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "Disk size. This is purely informational and has no effect.",
+ "format" : "disk-size",
+ "format_description" : "DiskSize",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "version" : {
+ "default" : "v2.0",
+ "description" : "The TPM interface version. v2.0 is newer and should be preferred. Note that this cannot be changed later on.",
+ "enum" : [
+ "v1.2",
+ "v2.0"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ },
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
"optional" : 1,
"type" : "string"
},
"usb[n]" : {
- "description" : "Configure an USB device (n is 0 to 4).",
+ "description" : "Configure an USB device (n is 0 to 4, for machine version >= 7.1 and ostype l26 or windows > 7, n can be up to 14).",
"format" : {
"host" : {
"default_key" : 1,
- "description" : "The Host USB device or port or the value 'spice'. HOSTUSBDEVICE syntax is:\n\n 'bus-port(.port)*' (decimal numbers) or\n 'vendor_id:product_id' (hexadeciaml numbers) or\n 'spice'\n\nYou can use the 'lsusb -t' command to list existing usb devices.\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such machines - use with special care.\n\nThe value 'spice' can be used to add a usb redirection devices for spice.\n",
- "format" : "pve-qm-usb-device",
+ "description" : "The Host USB device or port or the value 'spice'. HOSTUSBDEVICE syntax is:\n\n 'bus-port(.port)*' (decimal numbers) or\n 'vendor_id:product_id' (hexadeciaml numbers) or\n 'spice'\n\nYou can use the 'lsusb -t' command to list existing usb devices.\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such\nmachines - use with special care.\n\nThe value 'spice' can be used to add a usb redirection devices for spice.\n\nEither this or the 'mapping' key must be set.\n",
"format_description" : "HOSTUSBDEVICE|spice",
+ "optional" : 1,
+ "pattern" : "(?^:(?:(?:(?^:(0x)?([0-9A-Fa-f]{4}):(0x)?([0-9A-Fa-f]{4})))|(?:(?^:(\\d+)\\-(\\d+(\\.\\d+)*)))|[Ss][Pp][Ii][Cc][Ee]))",
+ "type" : "string"
+ },
+ "mapping" : {
+ "description" : "The ID of a cluster wide mapping. Either this or the default-key 'host' must be set.",
+ "format" : "pve-configid",
+ "format_description" : "mapping-id",
+ "optional" : 1,
"type" : "string"
},
"usb3" : {
"default" : 0,
- "description" : "Specifies whether if given host option is a USB3 device or port (this does currently not work reliably with spice redirection and is then ignored).",
+ "description" : "Specifies whether if given host option is a USB3 device or port. For modern guests (machine version >= 7.1 and ostype l26 and windows > 7), this flag is irrelevant (all devices are plugged into a xhci controller).",
"optional" : 1,
"type" : "boolean"
}
"vga" : {
"description" : "Configure the VGA hardware.",
"format" : {
+ "clipboard" : {
+ "description" : "Enable a specific clipboard. If not set, depending on the display type the SPICE one will be added. Migration with VNC clipboard is not yet supported!",
+ "enum" : [
+ "vnc"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"memory" : {
"description" : "Sets the VGA memory (in MiB). Has no effect with serial display.",
"maximum" : 512,
"qxl2",
"qxl3",
"qxl4",
+ "none",
"serial0",
"serial1",
"serial2",
"serial3",
"std",
"virtio",
+ "virtio-gl",
"vmware"
],
"optional" : 1,
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "string"
},
+ "ro" : {
+ "description" : "Whether the drive is read-only.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"secs" : {
"description" : "Force the drive's physical geometry to have a specific sector count.",
"optional" : 1,
"optional" : 1,
"pattern" : "(?:[a-fA-F0-9]{8}(?:-[a-fA-F0-9]{4}){3}-[a-fA-F0-9]{12}|[01])",
"type" : "string",
- "verbose_description" : "The VM generation ID (vmgenid) device exposes a 128-bit integer value identifier to the guest OS. This allows to notify the guest operating system when the virtual machine is executed with a different configuration (e.g. snapshot execution or creation from a template). The guest operating system notices the change, and is then able to react as appropriate by marking its copies of distributed databases as dirty, re-initializing its random number generator, etc.\nNote that auto-creation only works when done throug API/CLI create or update methods, but not when manually editing the config file."
+ "verbose_description" : "The VM generation ID (vmgenid) device exposes a 128-bit integer value identifier to the guest OS. This allows to notify the guest operating system when the virtual machine is executed with a different configuration (e.g. snapshot execution or creation from a template). The guest operating system notices the change, and is then able to react as appropriate by marking its copies of distributed databases as dirty, re-initializing its random number generator, etc.\nNote that auto-creation only works when done through API/CLI create or update methods, but not when manually editing the config file."
},
"vmstatestorage" : {
"description" : "Default storage for VM state volumes/files.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string"
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Set virtual machine options (asynchrounous API).",
"method" : "POST",
"name" : "update_vm_async",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "affinity" : {
+ "description" : "List of host cores used to execute guest processes, for example: 0,5,8-11",
+ "format" : "pve-cpuset",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"agent" : {
- "description" : "Enable/disable Qemu GuestAgent and its properties.",
+ "description" : "Enable/disable communication with the QEMU Guest Agent and its properties.",
"format" : {
"enabled" : {
"default" : 0,
"default_key" : 1,
- "description" : "Enable/disable Qemu GuestAgent.",
+ "description" : "Enable/disable communication with a QEMU Guest Agent (QGA) running in the VM.",
+ "type" : "boolean"
+ },
+ "freeze-fs-on-backup" : {
+ "default" : 1,
+ "description" : "Freeze/thaw guest filesystems on backup for consistency.",
+ "optional" : 1,
"type" : "boolean"
},
"fstrim_cloned_disks" : {
"default" : 0,
- "description" : "Run fstrim after cloning/moving a disk.",
+ "description" : "Run fstrim after moving a disk or migrating the VM.",
"optional" : 1,
"type" : "boolean"
+ },
+ "type" : {
+ "default" : "virtio",
+ "description" : "Select the agent type",
+ "enum" : [
+ "virtio",
+ "isa"
+ ],
+ "optional" : 1,
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[enabled=]<1|0> [,fstrim_cloned_disks=<1|0>]"
+ "typetext" : "[enabled=]<1|0> [,freeze-fs-on-backup=<1|0>] [,fstrim_cloned_disks=<1|0>] [,type=<virtio|isa>]"
},
"arch" : {
"description" : "Virtual processor architecture. Defaults to the host.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>",
- "verbose_description" : "Arbitrary arguments passed to kvm, for example:\n\nargs: -no-reboot -no-hpet\n\nNOTE: this option is for experts only.\n"
+ "verbose_description" : "Arbitrary arguments passed to kvm, for example:\n\nargs: -no-reboot -smbios 'type=0,vendor=FOO'\n\nNOTE: this option is for experts only.\n"
+ },
+ "audio0" : {
+ "description" : "Configure a audio device, useful in combination with QXL/Spice.",
+ "format" : {
+ "device" : {
+ "description" : "Configure an audio device.",
+ "enum" : [
+ "ich9-intel-hda",
+ "intel-hda",
+ "AC97"
+ ],
+ "type" : "string"
+ },
+ "driver" : {
+ "default" : "spice",
+ "description" : "Driver backend for the audio device.",
+ "enum" : [
+ "spice",
+ "none"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "device=<ich9-intel-hda|intel-hda|AC97> [,driver=<spice|none>]"
},
"autostart" : {
"default" : 0,
"typetext" : "<integer> (1 - 30)"
},
"balloon" : {
- "description" : "Amount of target RAM for the VM in MB. Using zero disables the ballon driver.",
+ "description" : "Amount of target RAM for the VM in MiB. Using zero disables the ballon driver.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"type" : "string"
},
"boot" : {
- "default" : "cdn",
- "description" : "Boot on floppy (a), hard disk (c), CD-ROM (d), or network (n).",
+ "description" : "Specify guest boot order. Use the 'order=' sub-property as usage with no key or 'legacy=' is deprecated.",
+ "format" : "pve-qm-boot",
"optional" : 1,
- "pattern" : "[acdn]{1,4}",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "[[legacy=]<[acdn]{1,4}>] [,order=<device[;device...]>]"
},
"bootdisk" : {
- "description" : "Enable booting from specified disk.",
+ "description" : "Enable booting from specified disk. Deprecated: Use 'boot: order=foo;bar' instead.",
"format" : "pve-qm-bootdisk",
"optional" : 1,
"pattern" : "(ide|sata|scsi|virtio)\\d+",
"type" : "string",
"typetext" : "<volume>"
},
+ "cicustom" : {
+ "description" : "cloud-init: Specify custom files to replace the automatically generated ones at start.",
+ "format" : "pve-qm-cicustom",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[meta=<volume>] [,network=<volume>] [,user=<volume>] [,vendor=<volume>]"
+ },
"cipassword" : {
"description" : "cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.",
"optional" : 1,
"description" : "Specifies the cloud-init configuration format. The default depends on the configured operating system type (`ostype`. We use the `nocloud` format for Linux, and `configdrive2` for windows.",
"enum" : [
"configdrive2",
- "nocloud"
+ "nocloud",
+ "opennebula"
],
"optional" : 1,
"type" : "string"
},
+ "ciupgrade" : {
+ "default" : 1,
+ "description" : "cloud-init: do an automatic package upgrade after the first boot.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"ciuser" : {
"description" : "cloud-init: User name to change ssh keys and password for instead of the image's configured default user.",
"optional" : 1,
},
"cpu" : {
"description" : "Emulated CPU type.",
- "format" : {
- "cputype" : {
- "default" : "kvm64",
- "default_key" : 1,
- "description" : "Emulated CPU type.",
- "enum" : [
- "486",
- "athlon",
- "Broadwell",
- "Broadwell-IBRS",
- "Broadwell-noTSX",
- "Broadwell-noTSX-IBRS",
- "Conroe",
- "core2duo",
- "coreduo",
- "EPYC",
- "EPYC-IBPB",
- "Haswell",
- "Haswell-IBRS",
- "Haswell-noTSX",
- "Haswell-noTSX-IBRS",
- "host",
- "IvyBridge",
- "IvyBridge-IBRS",
- "kvm32",
- "kvm64",
- "max",
- "Nehalem",
- "Nehalem-IBRS",
- "Opteron_G1",
- "Opteron_G2",
- "Opteron_G3",
- "Opteron_G4",
- "Opteron_G5",
- "Penryn",
- "pentium",
- "pentium2",
- "pentium3",
- "phenom",
- "qemu32",
- "qemu64",
- "SandyBridge",
- "SandyBridge-IBRS",
- "Skylake-Client",
- "Skylake-Client-IBRS",
- "Skylake-Server",
- "Skylake-Server-IBRS",
- "Westmere",
- "Westmere-IBRS"
- ],
- "type" : "string"
- },
- "flags" : {
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: 'pcid', 'spec-ctrl', 'ibpb', 'ssbd', 'virt-ssbd', 'amd-ssbd', 'amd-no-ssb', 'pdpe1gb'.",
- "format_description" : "+FLAG[;-FLAG...]",
- "optional" : 1,
- "pattern" : "(?^:(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb))(;(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb)))*)",
- "type" : "string"
- },
- "hidden" : {
- "default" : 0,
- "description" : "Do not identify as a KVM virtual machine.",
- "optional" : 1,
- "type" : "boolean"
- }
- },
+ "format" : "pve-vm-cpu-conf",
"optional" : 1,
"type" : "string",
- "typetext" : "[cputype=]<enum> [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>]"
+ "typetext" : "[[cputype=]<string>] [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>] [,hv-vendor-id=<vendor-id>] [,phys-bits=<8-64|host>] [,reported-model=<enum>]"
},
"cpulimit" : {
"default" : 0,
"verbose_description" : "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has total of '2' CPU time. Value '0' indicates no CPU limit."
},
"cpuunits" : {
- "default" : 1024,
- "description" : "CPU weight for a VM.",
+ "default" : "cgroup v1: 1024, cgroup v2: 100",
+ "description" : "CPU weight for a VM, will be clamped to [1, 10000] in cgroup v2.",
"maximum" : 262144,
- "minimum" : 2,
+ "minimum" : 1,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (2 - 262144)",
+ "typetext" : "<integer> (1 - 262144)",
"verbose_description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to weights of all the other running VMs."
},
"delete" : {
"typetext" : "<string>"
},
"description" : {
- "description" : "Description for the VM. Only used on the configuration web interface. This is saved as comment inside the configuration file.",
+ "description" : "Description for the VM. Shown in the web-interface VM's summary. This is saved as comment inside the configuration file.",
+ "maxLength" : 8192,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"typetext" : "<string>"
},
"efidisk0" : {
- "description" : "Configure a Disk for storing EFI vars",
+ "description" : "Configure a disk for storing EFI vars. Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Note that SIZE_IN_GiB is ignored here and that the default EFI vars are copied to the volume instead. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
+ "efitype" : {
+ "default" : "2m",
+ "description" : "Size and type of the OVMF EFI vars. '4m' is newer and recommended, and required for Secure Boot. For backwards compatibility, '2m' is used if not otherwise specified. Ignored for VMs with arch=aarch64 (ARM).",
+ "enum" : [
+ "2m",
+ "4m"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"file" : {
"default_key" : 1,
"description" : "The drive's backing volume.",
"optional" : 1,
"type" : "string"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "pre-enrolled-keys" : {
+ "default" : 0,
+ "description" : "Use am EFI vars template with distribution-specific and Microsoft Standard keys enrolled, if used with 'efitype=4m'. Note that this will enable Secure Boot by default, though it can still be turned off from within the VM.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
"format" : "disk-size",
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,format=<enum>] [,size=<DiskSize>]"
+ "typetext" : "[file=]<volume> [,efitype=<2m|4m>] [,format=<enum>] [,import-from=<source volume>] [,pre-enrolled-keys=<1|0>] [,size=<DiskSize>]"
},
"force" : {
"description" : "Force physical removal. Without this, we simple remove the disk from the config file and create an additional configuration entry called 'unused[n]', which contains the volume ID. Unlink of unused[n] always cause physical removal.",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "hookscript" : {
+ "description" : "Script that will be executed during various steps in the vms lifetime.",
+ "format" : "pve-volume-id",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"hostpci[n]" : {
"description" : "Map host PCI devices into guest.",
"format" : "pve-qm-hostpci",
"optional" : 1,
"type" : "string",
- "typetext" : "[host=]<HOSTPCIID[;HOSTPCIID2...]> [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,x-vga=<1|0>]",
- "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer \npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "typetext" : "[[host=]<HOSTPCIID[;HOSTPCIID2...]>] [,device-id=<hex id>] [,legacy-igd=<1|0>] [,mapping=<mapping-id>] [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,sub-device-id=<hex id>] [,sub-vendor-id=<hex id>] [,vendor-id=<hex id>] [,x-vga=<1|0>]",
+ "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"hotplug" : {
"default" : "network,disk,usb",
- "description" : "Selectively enable hotplug features. This is a comma separated list of hotplug features: 'network', 'disk', 'cpu', 'memory' and 'usb'. Use '0' to disable hotplug completely. Value '1' is an alias for the default 'network,disk,usb'.",
+ "description" : "Selectively enable hotplug features. This is a comma separated list of hotplug features: 'network', 'disk', 'cpu', 'memory', 'usb' and 'cloudinit'. Use '0' to disable hotplug completely. Using '1' as value is an alias for the default `network,disk,usb`. USB hotplugging is possible for guests with machine version >= 7.1 and ostype l26 or windows > 7.",
"format" : "pve-hotplug-features",
"optional" : 1,
"type" : "string",
"type" : "string"
},
"ide[n]" : {
- "description" : "Use volume as IDE hard disk or CD-ROM (n is 0 to 3).",
+ "description" : "Use volume as IDE hard disk or CD-ROM (n is 0 to 3). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,model=<model>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,model=<model>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>] [,wwn=<wwn>]"
},
"ipconfig[n]" : {
- "description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit gateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using dhcp on IPv4.\n",
+ "description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit\ngateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration. This requires\ncloud-init 19.4 or newer.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using\ndhcp on IPv4.\n",
"format" : "pve-qm-ipconfig",
"optional" : 1,
"type" : "string",
"typetext" : "[gw=<GatewayIPv4>] [,gw6=<GatewayIPv6>] [,ip=<IPv4Format/CIDR>] [,ip6=<IPv6Format/CIDR>]"
},
+ "ivshmem" : {
+ "description" : "Inter-VM shared memory. Useful for direct communication between VMs, or to the host.",
+ "format" : {
+ "name" : {
+ "description" : "The name of the file. Will be prefixed with 'pve-shm-'. Default is the VMID. Will be deleted when the VM is stopped.",
+ "format_description" : "string",
+ "optional" : 1,
+ "pattern" : "[a-zA-Z0-9\\-]+",
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "The size of the file in MB.",
+ "minimum" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "size=<integer> [,name=<string>]"
+ },
+ "keephugepages" : {
+ "default" : 0,
+ "description" : "Use together with hugepages. If enabled, hugepages will not not be deleted after VM shutdown and can be used for subsequent starts.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"keyboard" : {
"default" : null,
- "description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.cfg' configuration file.It should not be necessary to set it.",
+ "description" : "Keyboard layout for VNC server. This option is generally not required and is often better handled from within the guest OS.",
"enum" : [
"de",
"de-ch",
"typetext" : "<boolean>"
},
"localtime" : {
- "description" : "Set the real time clock to local time. This is enabled by default if ostype indicates a Microsoft OS.",
+ "description" : "Set the real time clock (RTC) to local time. This is enabled by default if the `ostype` indicates a Microsoft Windows OS.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"lock" : {
"description" : "Lock/unlock the VM.",
"enum" : [
- "migrate",
"backup",
+ "clone",
+ "create",
+ "migrate",
+ "rollback",
"snapshot",
- "rollback"
+ "snapshot-delete",
+ "suspending",
+ "suspended"
],
"optional" : 1,
"type" : "string"
},
"machine" : {
- "description" : "Specifies the Qemu machine type.",
- "maxLength" : 40,
+ "description" : "Specify the QEMU machine.",
+ "format" : {
+ "type" : {
+ "default_key" : 1,
+ "description" : "Specifies the QEMU machine type.",
+ "format_description" : "machine type",
+ "maxLength" : 40,
+ "optional" : 1,
+ "pattern" : "(pc|pc(-i440fx)?-\\d+(\\.\\d+)+(\\+pve\\d+)?(\\.pxe)?|q35|pc-q35-\\d+(\\.\\d+)+(\\+pve\\d+)?(\\.pxe)?|virt(?:-\\d+(\\.\\d+)+)?(\\+pve\\d+)?)",
+ "type" : "string"
+ },
+ "viommu" : {
+ "description" : "Enable and set guest vIOMMU variant (Intel vIOMMU needs q35 to be set as machine type).",
+ "enum" : [
+ "intel",
+ "virtio"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
"optional" : 1,
- "pattern" : "(pc|pc(-i440fx)?-\\d+\\.\\d+(\\.pxe)?|q35|pc-q35-\\d+\\.\\d+(\\.pxe)?|virt(?:-\\d+\\.\\d+)?)",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "[[type=]<machine type>] [,viommu=<intel|virtio>]"
},
"memory" : {
- "default" : 512,
- "description" : "Amount of RAM for the VM in MB. This is the maximum available memory when you use the balloon device.",
- "minimum" : 16,
+ "description" : "Memory properties.",
+ "format" : {
+ "current" : {
+ "default" : 512,
+ "default_key" : 1,
+ "description" : "Current amount of online RAM for the VM in MiB. This is the maximum available memory when you use the balloon device.",
+ "minimum" : 16,
+ "type" : "integer"
+ }
+ },
"optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (16 - N)"
+ "type" : "string",
+ "typetext" : "[current=]<integer>"
},
"migrate_downtime" : {
"default" : 0.1,
"format" : {
"bridge" : {
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
+ "format" : "pve-bridge-id",
"format_description" : "bridge",
"optional" : 1,
"type" : "string"
"alias" : "macaddr",
"keyAlias" : "model"
},
+ "e1000e" : {
+ "alias" : "macaddr",
+ "keyAlias" : "model"
+ },
"firewall" : {
"description" : "Whether this interface should be protected by the firewall.",
"optional" : 1,
},
"macaddr" : {
"description" : "MAC address. That address must be unique withing your network. This is automatically generated if not specified.",
+ "format" : "mac-addr",
"format_description" : "XX:XX:XX:XX:XX:XX",
"optional" : 1,
- "pattern" : "(?^i:[0-9a-f]{2}(?::[0-9a-f]{2}){5})",
- "type" : "string"
+ "type" : "string",
+ "verbose_description" : "A common MAC address with the I/G (Individual/Group) bit not set."
},
"model" : {
"default_key" : 1,
"description" : "Network Card Model. The 'virtio' model provides the best performance with very low CPU overhead. If your guest does not support this driver, it is usually best to use 'e1000'.",
"enum" : [
- "rtl8139",
- "ne2k_pci",
"e1000",
- "pcnet",
- "virtio",
- "ne2k_isa",
+ "e1000-82540em",
+ "e1000-82544gc",
+ "e1000-82545em",
+ "e1000e",
"i82551",
"i82557b",
"i82559er",
- "vmxnet3",
- "e1000-82540em",
- "e1000-82544gc",
- "e1000-82545em"
+ "ne2k_isa",
+ "ne2k_pci",
+ "pcnet",
+ "rtl8139",
+ "virtio",
+ "vmxnet3"
],
"type" : "string"
},
+ "mtu" : {
+ "description" : "Force MTU, for VirtIO only. Set to '1' to use the bridge MTU",
+ "maximum" : 65520,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer"
+ },
"ne2k_isa" : {
"alias" : "macaddr",
"keyAlias" : "model"
},
"queues" : {
"description" : "Number of packet queues to be used on the device.",
- "maximum" : 16,
+ "maximum" : 64,
"minimum" : 0,
"optional" : 1,
"type" : "integer"
},
"optional" : 1,
"type" : "string",
- "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
+ "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,mtu=<integer>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
},
"node" : {
"description" : "The cluster node name.",
"win7",
"win8",
"win10",
+ "win11",
"l24",
"l26",
"solaris"
],
"optional" : 1,
"type" : "string",
- "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
+ "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016/2019\nwin11;; Microsoft Windows 11/2022/2025\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6 - 6.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
},
"parallel[n]" : {
"description" : "Map host parallel devices (n is 0 to 2).",
"optional" : 1,
"pattern" : "/dev/parport\\d+|/dev/usb/lp\\d+",
"type" : "string",
- "verbose_description" : "Map host parallel devices (n is 0 to 2).\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Map host parallel devices (n is 0 to 2).\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such\nmachines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"protection" : {
"default" : 0,
"type" : "string",
"typetext" : "<string>"
},
+ "rng0" : {
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy allowed to get injected into the guest every 'period' milliseconds. Prefer a lower value when using '/dev/random' as source. Use `0` to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases '/dev/urandom' should be preferred over '/dev/random' to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. '/dev/hwrng' can be used to pass through a hardware RNG from the host.",
+ "enum" : [
+ "/dev/urandom",
+ "/dev/random",
+ "/dev/hwrng"
+ ],
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[source=]</dev/urandom|/dev/random|/dev/hwrng> [,max_bytes=<integer>] [,period=<integer>]"
+ },
"sata[n]" : {
- "description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5).",
+ "description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>] [,wwn=<wwn>]"
},
"scsi[n]" : {
- "description" : "Use volume as SCSI hard disk or CD-ROM (n is 0 to 13).",
+ "description" : "Use volume as SCSI hard disk or CD-ROM (n is 0 to 30). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
"optional" : 1,
"type" : "string"
},
+ "product" : {
+ "description" : "The drive's product name, up to 16 bytes long.",
+ "format_description" : "product",
+ "optional" : 1,
+ "pattern" : "[A-Za-z0-9\\-_\\s]{,16}",
+ "type" : "string"
+ },
"queues" : {
"description" : "Number of queues.",
"minimum" : 2,
"optional" : 1,
"type" : "string"
},
+ "ro" : {
+ "description" : "Whether the drive is read-only.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"scsiblock" : {
"default" : 0,
"description" : "whether to use scsi-block for full passthrough of host block device\n\nWARNING: can lead to I/O errors in combination with low memory or high memory fragmentation on host",
"optional" : 1,
"type" : "string"
},
+ "vendor" : {
+ "description" : "The drive's vendor name, up to 8 bytes long.",
+ "format_description" : "vendor",
+ "optional" : 1,
+ "pattern" : "[A-Za-z0-9\\-_\\s]{,8}",
+ "type" : "string"
+ },
"volume" : {
"alias" : "file"
},
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,queues=<integer>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,scsiblock=<1|0>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,product=<product>] [,queues=<integer>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,ro=<1|0>] [,scsiblock=<1|0>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,vendor=<vendor>] [,werror=<enum>] [,wwn=<wwn>]"
},
"scsihw" : {
"default" : "lsi",
"optional" : 1,
"pattern" : "(/dev/.+|socket)",
"type" : "string",
- "verbose_description" : "Create a serial device inside the VM (n is 0 to 3), and pass through a\nhost serial device (i.e. /dev/ttyS0), or create a unix socket on the\nhost side (use 'qm terminal' to open a terminal connection).\n\nNOTE: If you pass through a host serial device, it is no longer possible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Create a serial device inside the VM (n is 0 to 3), and pass through a\nhost serial device (i.e. /dev/ttyS0), or create a unix socket on the\nhost side (use 'qm terminal' to open a terminal connection).\n\nNOTE: If you pass through a host serial device, it is no longer possible to migrate such machines -\nuse with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"shares" : {
"default" : 1000,
"smbios1" : {
"description" : "Specify SMBIOS type 1 fields.",
"format" : "pve-qm-smbios1",
- "maxLength" : 256,
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
- "typetext" : "[family=<string>] [,manufacturer=<string>] [,product=<string>] [,serial=<string>] [,sku=<string>] [,uuid=<UUID>] [,version=<string>]"
+ "typetext" : "[base64=<1|0>] [,family=<Base64 encoded string>] [,manufacturer=<Base64 encoded string>] [,product=<Base64 encoded string>] [,serial=<Base64 encoded string>] [,sku=<Base64 encoded string>] [,uuid=<UUID>] [,version=<Base64 encoded string>]"
},
"smp" : {
"default" : 1,
"type" : "integer",
"typetext" : "<integer> (1 - N)"
},
+ "spice_enhancements" : {
+ "description" : "Configure additional enhancements for SPICE.",
+ "format" : {
+ "foldersharing" : {
+ "default" : "0",
+ "description" : "Enable folder sharing via SPICE. Needs Spice-WebDAV daemon installed in the VM.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "videostreaming" : {
+ "default" : "off",
+ "description" : "Enable video streaming. Uses compression for detected video streams.",
+ "enum" : [
+ "off",
+ "all",
+ "filter"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[foldersharing=<1|0>] [,videostreaming=<off|all|filter>]"
+ },
"sshkeys" : {
"description" : "cloud-init: Setup public SSH keys (one key per line, OpenSSH format).",
"format" : "urlencoded",
},
"startdate" : {
"default" : "now",
- "description" : "Set the initial date of the real time clock. Valid format for date are: 'now' or '2006-06-17T16:01:21' or '2006-06-17'.",
+ "description" : "Set the initial date of the real time clock. Valid format for date are:'now' or '2006-06-17T16:01:21' or '2006-06-17'.",
"optional" : 1,
"pattern" : "(now|\\d{4}-\\d{1,2}-\\d{1,2}(T\\d{1,2}:\\d{1,2}:\\d{1,2})?)",
"type" : "string",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>",
- "verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (-vga=qxl)."
+ "verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (`qm set <vmid> --vga qxl`)."
+ },
+ "tags" : {
+ "description" : "Tags of the VM. This is only meta information.",
+ "format" : "pve-tag-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"tdf" : {
"default" : 0,
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "tpmstate0" : {
+ "description" : "Configure a Disk for storing TPM state. The format is fixed to 'raw'. Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Note that SIZE_IN_GiB is ignored here and 4 MiB will be used instead. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id-or-qm-path",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "Disk size. This is purely informational and has no effect.",
+ "format" : "disk-size",
+ "format_description" : "DiskSize",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "version" : {
+ "default" : "v2.0",
+ "description" : "The TPM interface version. v2.0 is newer and should be preferred. Note that this cannot be changed later on.",
+ "enum" : [
+ "v1.2",
+ "v2.0"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[file=]<volume> [,import-from=<source volume>] [,size=<DiskSize>] [,version=<v1.2|v2.0>]"
+ },
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[file=]<volume>"
},
"usb[n]" : {
- "description" : "Configure an USB device (n is 0 to 4).",
+ "description" : "Configure an USB device (n is 0 to 4, for machine version >= 7.1 and ostype l26 or windows > 7, n can be up to 14).",
"format" : {
"host" : {
"default_key" : 1,
- "description" : "The Host USB device or port or the value 'spice'. HOSTUSBDEVICE syntax is:\n\n 'bus-port(.port)*' (decimal numbers) or\n 'vendor_id:product_id' (hexadeciaml numbers) or\n 'spice'\n\nYou can use the 'lsusb -t' command to list existing usb devices.\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such machines - use with special care.\n\nThe value 'spice' can be used to add a usb redirection devices for spice.\n",
- "format" : "pve-qm-usb-device",
+ "description" : "The Host USB device or port or the value 'spice'. HOSTUSBDEVICE syntax is:\n\n 'bus-port(.port)*' (decimal numbers) or\n 'vendor_id:product_id' (hexadeciaml numbers) or\n 'spice'\n\nYou can use the 'lsusb -t' command to list existing usb devices.\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such\nmachines - use with special care.\n\nThe value 'spice' can be used to add a usb redirection devices for spice.\n\nEither this or the 'mapping' key must be set.\n",
"format_description" : "HOSTUSBDEVICE|spice",
+ "optional" : 1,
+ "pattern" : "(?^:(?:(?:(?^:(0x)?([0-9A-Fa-f]{4}):(0x)?([0-9A-Fa-f]{4})))|(?:(?^:(\\d+)\\-(\\d+(\\.\\d+)*)))|[Ss][Pp][Ii][Cc][Ee]))",
+ "type" : "string"
+ },
+ "mapping" : {
+ "description" : "The ID of a cluster wide mapping. Either this or the default-key 'host' must be set.",
+ "format" : "pve-configid",
+ "format_description" : "mapping-id",
+ "optional" : 1,
"type" : "string"
},
"usb3" : {
"default" : 0,
- "description" : "Specifies whether if given host option is a USB3 device or port (this does currently not work reliably with spice redirection and is then ignored).",
+ "description" : "Specifies whether if given host option is a USB3 device or port. For modern guests (machine version >= 7.1 and ostype l26 and windows > 7), this flag is irrelevant (all devices are plugged into a xhci controller).",
"optional" : 1,
"type" : "boolean"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[host=]<HOSTUSBDEVICE|spice> [,usb3=<1|0>]"
+ "typetext" : "[[host=]<HOSTUSBDEVICE|spice>] [,mapping=<mapping-id>] [,usb3=<1|0>]"
},
"vcpus" : {
"default" : 0,
"vga" : {
"description" : "Configure the VGA hardware.",
"format" : {
+ "clipboard" : {
+ "description" : "Enable a specific clipboard. If not set, depending on the display type the SPICE one will be added. Migration with VNC clipboard is not yet supported!",
+ "enum" : [
+ "vnc"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"memory" : {
"description" : "Sets the VGA memory (in MiB). Has no effect with serial display.",
"maximum" : 512,
"qxl2",
"qxl3",
"qxl4",
+ "none",
"serial0",
"serial1",
"serial2",
"serial3",
"std",
"virtio",
+ "virtio-gl",
"vmware"
],
"optional" : 1,
},
"optional" : 1,
"type" : "string",
- "typetext" : "[[type=]<enum>] [,memory=<integer>]",
+ "typetext" : "[[type=]<enum>] [,clipboard=<vnc>] [,memory=<integer>]",
"verbose_description" : "Configure the VGA Hardware. If you want to use high resolution modes (>= 1280x1024x16) you may need to increase the vga memory option. Since QEMU 2.9 the default VGA display type is 'std' for all OS types besides some Windows versions (XP and older) which use 'cirrus'. The 'qxl' option enables the SPICE display server. For win* OS you can select how many independent displays you want, Linux guests can add displays them self.\nYou can also run without any graphic card, using a serial device as terminal."
},
"virtio[n]" : {
- "description" : "Use volume as VIRTIO hard disk (n is 0 to 15).",
+ "description" : "Use volume as VIRTIO hard disk (n is 0 to 15). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
"optional" : 1,
"type" : "string"
},
+ "ro" : {
+ "description" : "Whether the drive is read-only.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"secs" : {
"description" : "Force the drive's physical geometry to have a specific sector count.",
"optional" : 1,
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,ro=<1|0>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
},
"vmgenid" : {
"default" : "1 (autogenerated)",
"optional" : 1,
"pattern" : "(?:[a-fA-F0-9]{8}(?:-[a-fA-F0-9]{4}){3}-[a-fA-F0-9]{12}|[01])",
"type" : "string",
- "verbose_description" : "The VM generation ID (vmgenid) device exposes a 128-bit integer value identifier to the guest OS. This allows to notify the guest operating system when the virtual machine is executed with a different configuration (e.g. snapshot execution or creation from a template). The guest operating system notices the change, and is then able to react as appropriate by marking its copies of distributed databases as dirty, re-initializing its random number generator, etc.\nNote that auto-creation only works when done throug API/CLI create or update methods, but not when manually editing the config file."
+ "verbose_description" : "The VM generation ID (vmgenid) device exposes a 128-bit integer value identifier to the guest OS. This allows to notify the guest operating system when the virtual machine is executed with a different configuration (e.g. snapshot execution or creation from a template). The guest operating system notices the change, and is then able to react as appropriate by marking its copies of distributed databases as dirty, re-initializing its random number generator, etc.\nNote that auto-creation only works when done through API/CLI create or update methods, but not when manually editing the config file."
},
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"vmstatestorage" : {
"description" : "Default storage for VM state volumes/files.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"watchdog" : {
"description" : "Create a virtual hardware watchdog device.",
"VM.Config.Memory",
"VM.Config.Network",
"VM.Config.HWType",
- "VM.Config.Options"
+ "VM.Config.Options",
+ "VM.Config.Cloudinit"
],
"any",
1
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Set virtual machine options (synchrounous API) - You should consider using the POST method instead for any actions involving hotplug or storage allocation.",
"method" : "PUT",
"name" : "update_vm",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "affinity" : {
+ "description" : "List of host cores used to execute guest processes, for example: 0,5,8-11",
+ "format" : "pve-cpuset",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"agent" : {
- "description" : "Enable/disable Qemu GuestAgent and its properties.",
+ "description" : "Enable/disable communication with the QEMU Guest Agent and its properties.",
"format" : {
"enabled" : {
"default" : 0,
"default_key" : 1,
- "description" : "Enable/disable Qemu GuestAgent.",
+ "description" : "Enable/disable communication with a QEMU Guest Agent (QGA) running in the VM.",
+ "type" : "boolean"
+ },
+ "freeze-fs-on-backup" : {
+ "default" : 1,
+ "description" : "Freeze/thaw guest filesystems on backup for consistency.",
+ "optional" : 1,
"type" : "boolean"
},
"fstrim_cloned_disks" : {
"default" : 0,
- "description" : "Run fstrim after cloning/moving a disk.",
+ "description" : "Run fstrim after moving a disk or migrating the VM.",
"optional" : 1,
"type" : "boolean"
+ },
+ "type" : {
+ "default" : "virtio",
+ "description" : "Select the agent type",
+ "enum" : [
+ "virtio",
+ "isa"
+ ],
+ "optional" : 1,
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[enabled=]<1|0> [,fstrim_cloned_disks=<1|0>]"
+ "typetext" : "[enabled=]<1|0> [,freeze-fs-on-backup=<1|0>] [,fstrim_cloned_disks=<1|0>] [,type=<virtio|isa>]"
},
"arch" : {
"description" : "Virtual processor architecture. Defaults to the host.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>",
- "verbose_description" : "Arbitrary arguments passed to kvm, for example:\n\nargs: -no-reboot -no-hpet\n\nNOTE: this option is for experts only.\n"
+ "verbose_description" : "Arbitrary arguments passed to kvm, for example:\n\nargs: -no-reboot -smbios 'type=0,vendor=FOO'\n\nNOTE: this option is for experts only.\n"
+ },
+ "audio0" : {
+ "description" : "Configure a audio device, useful in combination with QXL/Spice.",
+ "format" : {
+ "device" : {
+ "description" : "Configure an audio device.",
+ "enum" : [
+ "ich9-intel-hda",
+ "intel-hda",
+ "AC97"
+ ],
+ "type" : "string"
+ },
+ "driver" : {
+ "default" : "spice",
+ "description" : "Driver backend for the audio device.",
+ "enum" : [
+ "spice",
+ "none"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "device=<ich9-intel-hda|intel-hda|AC97> [,driver=<spice|none>]"
},
"autostart" : {
"default" : 0,
"typetext" : "<boolean>"
},
"balloon" : {
- "description" : "Amount of target RAM for the VM in MB. Using zero disables the ballon driver.",
+ "description" : "Amount of target RAM for the VM in MiB. Using zero disables the ballon driver.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"type" : "string"
},
"boot" : {
- "default" : "cdn",
- "description" : "Boot on floppy (a), hard disk (c), CD-ROM (d), or network (n).",
+ "description" : "Specify guest boot order. Use the 'order=' sub-property as usage with no key or 'legacy=' is deprecated.",
+ "format" : "pve-qm-boot",
"optional" : 1,
- "pattern" : "[acdn]{1,4}",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "[[legacy=]<[acdn]{1,4}>] [,order=<device[;device...]>]"
},
"bootdisk" : {
- "description" : "Enable booting from specified disk.",
+ "description" : "Enable booting from specified disk. Deprecated: Use 'boot: order=foo;bar' instead.",
"format" : "pve-qm-bootdisk",
"optional" : 1,
"pattern" : "(ide|sata|scsi|virtio)\\d+",
"type" : "string",
"typetext" : "<volume>"
},
+ "cicustom" : {
+ "description" : "cloud-init: Specify custom files to replace the automatically generated ones at start.",
+ "format" : "pve-qm-cicustom",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[meta=<volume>] [,network=<volume>] [,user=<volume>] [,vendor=<volume>]"
+ },
"cipassword" : {
"description" : "cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.",
"optional" : 1,
"description" : "Specifies the cloud-init configuration format. The default depends on the configured operating system type (`ostype`. We use the `nocloud` format for Linux, and `configdrive2` for windows.",
"enum" : [
"configdrive2",
- "nocloud"
+ "nocloud",
+ "opennebula"
],
"optional" : 1,
"type" : "string"
},
+ "ciupgrade" : {
+ "default" : 1,
+ "description" : "cloud-init: do an automatic package upgrade after the first boot.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"ciuser" : {
"description" : "cloud-init: User name to change ssh keys and password for instead of the image's configured default user.",
"optional" : 1,
},
"cpu" : {
"description" : "Emulated CPU type.",
- "format" : {
- "cputype" : {
- "default" : "kvm64",
- "default_key" : 1,
- "description" : "Emulated CPU type.",
- "enum" : [
- "486",
- "athlon",
- "Broadwell",
- "Broadwell-IBRS",
- "Broadwell-noTSX",
- "Broadwell-noTSX-IBRS",
- "Conroe",
- "core2duo",
- "coreduo",
- "EPYC",
- "EPYC-IBPB",
- "Haswell",
- "Haswell-IBRS",
- "Haswell-noTSX",
- "Haswell-noTSX-IBRS",
- "host",
- "IvyBridge",
- "IvyBridge-IBRS",
- "kvm32",
- "kvm64",
- "max",
- "Nehalem",
- "Nehalem-IBRS",
- "Opteron_G1",
- "Opteron_G2",
- "Opteron_G3",
- "Opteron_G4",
- "Opteron_G5",
- "Penryn",
- "pentium",
- "pentium2",
- "pentium3",
- "phenom",
- "qemu32",
- "qemu64",
- "SandyBridge",
- "SandyBridge-IBRS",
- "Skylake-Client",
- "Skylake-Client-IBRS",
- "Skylake-Server",
- "Skylake-Server-IBRS",
- "Westmere",
- "Westmere-IBRS"
- ],
- "type" : "string"
- },
- "flags" : {
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: 'pcid', 'spec-ctrl', 'ibpb', 'ssbd', 'virt-ssbd', 'amd-ssbd', 'amd-no-ssb', 'pdpe1gb'.",
- "format_description" : "+FLAG[;-FLAG...]",
- "optional" : 1,
- "pattern" : "(?^:(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb))(;(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb)))*)",
- "type" : "string"
- },
- "hidden" : {
- "default" : 0,
- "description" : "Do not identify as a KVM virtual machine.",
- "optional" : 1,
- "type" : "boolean"
- }
- },
+ "format" : "pve-vm-cpu-conf",
"optional" : 1,
"type" : "string",
- "typetext" : "[cputype=]<enum> [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>]"
+ "typetext" : "[[cputype=]<string>] [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>] [,hv-vendor-id=<vendor-id>] [,phys-bits=<8-64|host>] [,reported-model=<enum>]"
},
"cpulimit" : {
"default" : 0,
"verbose_description" : "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has total of '2' CPU time. Value '0' indicates no CPU limit."
},
"cpuunits" : {
- "default" : 1024,
- "description" : "CPU weight for a VM.",
+ "default" : "cgroup v1: 1024, cgroup v2: 100",
+ "description" : "CPU weight for a VM, will be clamped to [1, 10000] in cgroup v2.",
"maximum" : 262144,
- "minimum" : 2,
+ "minimum" : 1,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (2 - 262144)",
+ "typetext" : "<integer> (1 - 262144)",
"verbose_description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to weights of all the other running VMs."
},
"delete" : {
"typetext" : "<string>"
},
"description" : {
- "description" : "Description for the VM. Only used on the configuration web interface. This is saved as comment inside the configuration file.",
+ "description" : "Description for the VM. Shown in the web-interface VM's summary. This is saved as comment inside the configuration file.",
+ "maxLength" : 8192,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"typetext" : "<string>"
},
"efidisk0" : {
- "description" : "Configure a Disk for storing EFI vars",
+ "description" : "Configure a disk for storing EFI vars. Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Note that SIZE_IN_GiB is ignored here and that the default EFI vars are copied to the volume instead. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
+ "efitype" : {
+ "default" : "2m",
+ "description" : "Size and type of the OVMF EFI vars. '4m' is newer and recommended, and required for Secure Boot. For backwards compatibility, '2m' is used if not otherwise specified. Ignored for VMs with arch=aarch64 (ARM).",
+ "enum" : [
+ "2m",
+ "4m"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"file" : {
"default_key" : 1,
"description" : "The drive's backing volume.",
"optional" : 1,
"type" : "string"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "pre-enrolled-keys" : {
+ "default" : 0,
+ "description" : "Use am EFI vars template with distribution-specific and Microsoft Standard keys enrolled, if used with 'efitype=4m'. Note that this will enable Secure Boot by default, though it can still be turned off from within the VM.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
"format" : "disk-size",
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,format=<enum>] [,size=<DiskSize>]"
+ "typetext" : "[file=]<volume> [,efitype=<2m|4m>] [,format=<enum>] [,import-from=<source volume>] [,pre-enrolled-keys=<1|0>] [,size=<DiskSize>]"
},
"force" : {
"description" : "Force physical removal. Without this, we simple remove the disk from the config file and create an additional configuration entry called 'unused[n]', which contains the volume ID. Unlink of unused[n] always cause physical removal.",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "hookscript" : {
+ "description" : "Script that will be executed during various steps in the vms lifetime.",
+ "format" : "pve-volume-id",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"hostpci[n]" : {
"description" : "Map host PCI devices into guest.",
"format" : "pve-qm-hostpci",
"optional" : 1,
"type" : "string",
- "typetext" : "[host=]<HOSTPCIID[;HOSTPCIID2...]> [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,x-vga=<1|0>]",
- "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer \npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "typetext" : "[[host=]<HOSTPCIID[;HOSTPCIID2...]>] [,device-id=<hex id>] [,legacy-igd=<1|0>] [,mapping=<mapping-id>] [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,sub-device-id=<hex id>] [,sub-vendor-id=<hex id>] [,vendor-id=<hex id>] [,x-vga=<1|0>]",
+ "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"hotplug" : {
"default" : "network,disk,usb",
- "description" : "Selectively enable hotplug features. This is a comma separated list of hotplug features: 'network', 'disk', 'cpu', 'memory' and 'usb'. Use '0' to disable hotplug completely. Value '1' is an alias for the default 'network,disk,usb'.",
+ "description" : "Selectively enable hotplug features. This is a comma separated list of hotplug features: 'network', 'disk', 'cpu', 'memory', 'usb' and 'cloudinit'. Use '0' to disable hotplug completely. Using '1' as value is an alias for the default `network,disk,usb`. USB hotplugging is possible for guests with machine version >= 7.1 and ostype l26 or windows > 7.",
"format" : "pve-hotplug-features",
"optional" : 1,
"type" : "string",
"type" : "string"
},
"ide[n]" : {
- "description" : "Use volume as IDE hard disk or CD-ROM (n is 0 to 3).",
+ "description" : "Use volume as IDE hard disk or CD-ROM (n is 0 to 3). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,model=<model>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,model=<model>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>] [,wwn=<wwn>]"
},
"ipconfig[n]" : {
- "description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit gateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using dhcp on IPv4.\n",
+ "description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit\ngateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration. This requires\ncloud-init 19.4 or newer.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using\ndhcp on IPv4.\n",
"format" : "pve-qm-ipconfig",
"optional" : 1,
"type" : "string",
"typetext" : "[gw=<GatewayIPv4>] [,gw6=<GatewayIPv6>] [,ip=<IPv4Format/CIDR>] [,ip6=<IPv6Format/CIDR>]"
},
+ "ivshmem" : {
+ "description" : "Inter-VM shared memory. Useful for direct communication between VMs, or to the host.",
+ "format" : {
+ "name" : {
+ "description" : "The name of the file. Will be prefixed with 'pve-shm-'. Default is the VMID. Will be deleted when the VM is stopped.",
+ "format_description" : "string",
+ "optional" : 1,
+ "pattern" : "[a-zA-Z0-9\\-]+",
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "The size of the file in MB.",
+ "minimum" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "size=<integer> [,name=<string>]"
+ },
+ "keephugepages" : {
+ "default" : 0,
+ "description" : "Use together with hugepages. If enabled, hugepages will not not be deleted after VM shutdown and can be used for subsequent starts.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"keyboard" : {
"default" : null,
- "description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.cfg' configuration file.It should not be necessary to set it.",
+ "description" : "Keyboard layout for VNC server. This option is generally not required and is often better handled from within the guest OS.",
"enum" : [
"de",
"de-ch",
"typetext" : "<boolean>"
},
"localtime" : {
- "description" : "Set the real time clock to local time. This is enabled by default if ostype indicates a Microsoft OS.",
+ "description" : "Set the real time clock (RTC) to local time. This is enabled by default if the `ostype` indicates a Microsoft Windows OS.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"lock" : {
"description" : "Lock/unlock the VM.",
"enum" : [
- "migrate",
"backup",
+ "clone",
+ "create",
+ "migrate",
+ "rollback",
"snapshot",
- "rollback"
+ "snapshot-delete",
+ "suspending",
+ "suspended"
],
"optional" : 1,
"type" : "string"
},
"machine" : {
- "description" : "Specifies the Qemu machine type.",
- "maxLength" : 40,
+ "description" : "Specify the QEMU machine.",
+ "format" : {
+ "type" : {
+ "default_key" : 1,
+ "description" : "Specifies the QEMU machine type.",
+ "format_description" : "machine type",
+ "maxLength" : 40,
+ "optional" : 1,
+ "pattern" : "(pc|pc(-i440fx)?-\\d+(\\.\\d+)+(\\+pve\\d+)?(\\.pxe)?|q35|pc-q35-\\d+(\\.\\d+)+(\\+pve\\d+)?(\\.pxe)?|virt(?:-\\d+(\\.\\d+)+)?(\\+pve\\d+)?)",
+ "type" : "string"
+ },
+ "viommu" : {
+ "description" : "Enable and set guest vIOMMU variant (Intel vIOMMU needs q35 to be set as machine type).",
+ "enum" : [
+ "intel",
+ "virtio"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
"optional" : 1,
- "pattern" : "(pc|pc(-i440fx)?-\\d+\\.\\d+(\\.pxe)?|q35|pc-q35-\\d+\\.\\d+(\\.pxe)?|virt(?:-\\d+\\.\\d+)?)",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "[[type=]<machine type>] [,viommu=<intel|virtio>]"
},
"memory" : {
- "default" : 512,
- "description" : "Amount of RAM for the VM in MB. This is the maximum available memory when you use the balloon device.",
- "minimum" : 16,
+ "description" : "Memory properties.",
+ "format" : {
+ "current" : {
+ "default" : 512,
+ "default_key" : 1,
+ "description" : "Current amount of online RAM for the VM in MiB. This is the maximum available memory when you use the balloon device.",
+ "minimum" : 16,
+ "type" : "integer"
+ }
+ },
"optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (16 - N)"
+ "type" : "string",
+ "typetext" : "[current=]<integer>"
},
"migrate_downtime" : {
"default" : 0.1,
"format" : {
"bridge" : {
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
+ "format" : "pve-bridge-id",
"format_description" : "bridge",
"optional" : 1,
"type" : "string"
"alias" : "macaddr",
"keyAlias" : "model"
},
+ "e1000e" : {
+ "alias" : "macaddr",
+ "keyAlias" : "model"
+ },
"firewall" : {
"description" : "Whether this interface should be protected by the firewall.",
"optional" : 1,
},
"macaddr" : {
"description" : "MAC address. That address must be unique withing your network. This is automatically generated if not specified.",
+ "format" : "mac-addr",
"format_description" : "XX:XX:XX:XX:XX:XX",
"optional" : 1,
- "pattern" : "(?^i:[0-9a-f]{2}(?::[0-9a-f]{2}){5})",
- "type" : "string"
+ "type" : "string",
+ "verbose_description" : "A common MAC address with the I/G (Individual/Group) bit not set."
},
"model" : {
"default_key" : 1,
"description" : "Network Card Model. The 'virtio' model provides the best performance with very low CPU overhead. If your guest does not support this driver, it is usually best to use 'e1000'.",
"enum" : [
- "rtl8139",
- "ne2k_pci",
"e1000",
- "pcnet",
- "virtio",
- "ne2k_isa",
+ "e1000-82540em",
+ "e1000-82544gc",
+ "e1000-82545em",
+ "e1000e",
"i82551",
"i82557b",
"i82559er",
- "vmxnet3",
- "e1000-82540em",
- "e1000-82544gc",
- "e1000-82545em"
+ "ne2k_isa",
+ "ne2k_pci",
+ "pcnet",
+ "rtl8139",
+ "virtio",
+ "vmxnet3"
],
"type" : "string"
},
+ "mtu" : {
+ "description" : "Force MTU, for VirtIO only. Set to '1' to use the bridge MTU",
+ "maximum" : 65520,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer"
+ },
"ne2k_isa" : {
"alias" : "macaddr",
"keyAlias" : "model"
},
"queues" : {
"description" : "Number of packet queues to be used on the device.",
- "maximum" : 16,
+ "maximum" : 64,
"minimum" : 0,
"optional" : 1,
"type" : "integer"
},
"optional" : 1,
"type" : "string",
- "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
+ "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,mtu=<integer>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
},
"node" : {
"description" : "The cluster node name.",
"win7",
"win8",
"win10",
+ "win11",
"l24",
"l26",
"solaris"
],
"optional" : 1,
"type" : "string",
- "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
+ "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016/2019\nwin11;; Microsoft Windows 11/2022/2025\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6 - 6.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
},
"parallel[n]" : {
"description" : "Map host parallel devices (n is 0 to 2).",
"optional" : 1,
"pattern" : "/dev/parport\\d+|/dev/usb/lp\\d+",
"type" : "string",
- "verbose_description" : "Map host parallel devices (n is 0 to 2).\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Map host parallel devices (n is 0 to 2).\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such\nmachines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"protection" : {
"default" : 0,
"type" : "string",
"typetext" : "<string>"
},
+ "rng0" : {
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy allowed to get injected into the guest every 'period' milliseconds. Prefer a lower value when using '/dev/random' as source. Use `0` to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases '/dev/urandom' should be preferred over '/dev/random' to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. '/dev/hwrng' can be used to pass through a hardware RNG from the host.",
+ "enum" : [
+ "/dev/urandom",
+ "/dev/random",
+ "/dev/hwrng"
+ ],
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[source=]</dev/urandom|/dev/random|/dev/hwrng> [,max_bytes=<integer>] [,period=<integer>]"
+ },
"sata[n]" : {
- "description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5).",
+ "description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>] [,wwn=<wwn>]"
},
"scsi[n]" : {
- "description" : "Use volume as SCSI hard disk or CD-ROM (n is 0 to 13).",
+ "description" : "Use volume as SCSI hard disk or CD-ROM (n is 0 to 30). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
"optional" : 1,
"type" : "string"
},
+ "product" : {
+ "description" : "The drive's product name, up to 16 bytes long.",
+ "format_description" : "product",
+ "optional" : 1,
+ "pattern" : "[A-Za-z0-9\\-_\\s]{,16}",
+ "type" : "string"
+ },
"queues" : {
"description" : "Number of queues.",
"minimum" : 2,
"optional" : 1,
"type" : "string"
},
+ "ro" : {
+ "description" : "Whether the drive is read-only.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"scsiblock" : {
"default" : 0,
"description" : "whether to use scsi-block for full passthrough of host block device\n\nWARNING: can lead to I/O errors in combination with low memory or high memory fragmentation on host",
"optional" : 1,
"type" : "string"
},
+ "vendor" : {
+ "description" : "The drive's vendor name, up to 8 bytes long.",
+ "format_description" : "vendor",
+ "optional" : 1,
+ "pattern" : "[A-Za-z0-9\\-_\\s]{,8}",
+ "type" : "string"
+ },
"volume" : {
"alias" : "file"
},
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,queues=<integer>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,scsiblock=<1|0>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,product=<product>] [,queues=<integer>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,ro=<1|0>] [,scsiblock=<1|0>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,vendor=<vendor>] [,werror=<enum>] [,wwn=<wwn>]"
},
"scsihw" : {
"default" : "lsi",
"optional" : 1,
"pattern" : "(/dev/.+|socket)",
"type" : "string",
- "verbose_description" : "Create a serial device inside the VM (n is 0 to 3), and pass through a\nhost serial device (i.e. /dev/ttyS0), or create a unix socket on the\nhost side (use 'qm terminal' to open a terminal connection).\n\nNOTE: If you pass through a host serial device, it is no longer possible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Create a serial device inside the VM (n is 0 to 3), and pass through a\nhost serial device (i.e. /dev/ttyS0), or create a unix socket on the\nhost side (use 'qm terminal' to open a terminal connection).\n\nNOTE: If you pass through a host serial device, it is no longer possible to migrate such machines -\nuse with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"shares" : {
"default" : 1000,
"smbios1" : {
"description" : "Specify SMBIOS type 1 fields.",
"format" : "pve-qm-smbios1",
- "maxLength" : 256,
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
- "typetext" : "[family=<string>] [,manufacturer=<string>] [,product=<string>] [,serial=<string>] [,sku=<string>] [,uuid=<UUID>] [,version=<string>]"
+ "typetext" : "[base64=<1|0>] [,family=<Base64 encoded string>] [,manufacturer=<Base64 encoded string>] [,product=<Base64 encoded string>] [,serial=<Base64 encoded string>] [,sku=<Base64 encoded string>] [,uuid=<UUID>] [,version=<Base64 encoded string>]"
},
"smp" : {
"default" : 1,
"type" : "integer",
"typetext" : "<integer> (1 - N)"
},
+ "spice_enhancements" : {
+ "description" : "Configure additional enhancements for SPICE.",
+ "format" : {
+ "foldersharing" : {
+ "default" : "0",
+ "description" : "Enable folder sharing via SPICE. Needs Spice-WebDAV daemon installed in the VM.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "videostreaming" : {
+ "default" : "off",
+ "description" : "Enable video streaming. Uses compression for detected video streams.",
+ "enum" : [
+ "off",
+ "all",
+ "filter"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[foldersharing=<1|0>] [,videostreaming=<off|all|filter>]"
+ },
"sshkeys" : {
"description" : "cloud-init: Setup public SSH keys (one key per line, OpenSSH format).",
"format" : "urlencoded",
},
"startdate" : {
"default" : "now",
- "description" : "Set the initial date of the real time clock. Valid format for date are: 'now' or '2006-06-17T16:01:21' or '2006-06-17'.",
+ "description" : "Set the initial date of the real time clock. Valid format for date are:'now' or '2006-06-17T16:01:21' or '2006-06-17'.",
"optional" : 1,
"pattern" : "(now|\\d{4}-\\d{1,2}-\\d{1,2}(T\\d{1,2}:\\d{1,2}:\\d{1,2})?)",
"type" : "string",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>",
- "verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (-vga=qxl)."
+ "verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (`qm set <vmid> --vga qxl`)."
+ },
+ "tags" : {
+ "description" : "Tags of the VM. This is only meta information.",
+ "format" : "pve-tag-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"tdf" : {
"default" : 0,
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "tpmstate0" : {
+ "description" : "Configure a Disk for storing TPM state. The format is fixed to 'raw'. Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Note that SIZE_IN_GiB is ignored here and 4 MiB will be used instead. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id-or-qm-path",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "Disk size. This is purely informational and has no effect.",
+ "format" : "disk-size",
+ "format_description" : "DiskSize",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "version" : {
+ "default" : "v2.0",
+ "description" : "The TPM interface version. v2.0 is newer and should be preferred. Note that this cannot be changed later on.",
+ "enum" : [
+ "v1.2",
+ "v2.0"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[file=]<volume> [,import-from=<source volume>] [,size=<DiskSize>] [,version=<v1.2|v2.0>]"
+ },
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[file=]<volume>"
},
"usb[n]" : {
- "description" : "Configure an USB device (n is 0 to 4).",
+ "description" : "Configure an USB device (n is 0 to 4, for machine version >= 7.1 and ostype l26 or windows > 7, n can be up to 14).",
"format" : {
"host" : {
"default_key" : 1,
- "description" : "The Host USB device or port or the value 'spice'. HOSTUSBDEVICE syntax is:\n\n 'bus-port(.port)*' (decimal numbers) or\n 'vendor_id:product_id' (hexadeciaml numbers) or\n 'spice'\n\nYou can use the 'lsusb -t' command to list existing usb devices.\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such machines - use with special care.\n\nThe value 'spice' can be used to add a usb redirection devices for spice.\n",
- "format" : "pve-qm-usb-device",
+ "description" : "The Host USB device or port or the value 'spice'. HOSTUSBDEVICE syntax is:\n\n 'bus-port(.port)*' (decimal numbers) or\n 'vendor_id:product_id' (hexadeciaml numbers) or\n 'spice'\n\nYou can use the 'lsusb -t' command to list existing usb devices.\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such\nmachines - use with special care.\n\nThe value 'spice' can be used to add a usb redirection devices for spice.\n\nEither this or the 'mapping' key must be set.\n",
"format_description" : "HOSTUSBDEVICE|spice",
+ "optional" : 1,
+ "pattern" : "(?^:(?:(?:(?^:(0x)?([0-9A-Fa-f]{4}):(0x)?([0-9A-Fa-f]{4})))|(?:(?^:(\\d+)\\-(\\d+(\\.\\d+)*)))|[Ss][Pp][Ii][Cc][Ee]))",
+ "type" : "string"
+ },
+ "mapping" : {
+ "description" : "The ID of a cluster wide mapping. Either this or the default-key 'host' must be set.",
+ "format" : "pve-configid",
+ "format_description" : "mapping-id",
+ "optional" : 1,
"type" : "string"
},
"usb3" : {
"default" : 0,
- "description" : "Specifies whether if given host option is a USB3 device or port (this does currently not work reliably with spice redirection and is then ignored).",
+ "description" : "Specifies whether if given host option is a USB3 device or port. For modern guests (machine version >= 7.1 and ostype l26 and windows > 7), this flag is irrelevant (all devices are plugged into a xhci controller).",
"optional" : 1,
"type" : "boolean"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[host=]<HOSTUSBDEVICE|spice> [,usb3=<1|0>]"
+ "typetext" : "[[host=]<HOSTUSBDEVICE|spice>] [,mapping=<mapping-id>] [,usb3=<1|0>]"
},
"vcpus" : {
"default" : 0,
"vga" : {
"description" : "Configure the VGA hardware.",
"format" : {
+ "clipboard" : {
+ "description" : "Enable a specific clipboard. If not set, depending on the display type the SPICE one will be added. Migration with VNC clipboard is not yet supported!",
+ "enum" : [
+ "vnc"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"memory" : {
"description" : "Sets the VGA memory (in MiB). Has no effect with serial display.",
"maximum" : 512,
"qxl2",
"qxl3",
"qxl4",
+ "none",
"serial0",
"serial1",
"serial2",
"serial3",
"std",
"virtio",
+ "virtio-gl",
"vmware"
],
"optional" : 1,
},
"optional" : 1,
"type" : "string",
- "typetext" : "[[type=]<enum>] [,memory=<integer>]",
+ "typetext" : "[[type=]<enum>] [,clipboard=<vnc>] [,memory=<integer>]",
"verbose_description" : "Configure the VGA Hardware. If you want to use high resolution modes (>= 1280x1024x16) you may need to increase the vga memory option. Since QEMU 2.9 the default VGA display type is 'std' for all OS types besides some Windows versions (XP and older) which use 'cirrus'. The 'qxl' option enables the SPICE display server. For win* OS you can select how many independent displays you want, Linux guests can add displays them self.\nYou can also run without any graphic card, using a serial device as terminal."
},
"virtio[n]" : {
- "description" : "Use volume as VIRTIO hard disk (n is 0 to 15).",
+ "description" : "Use volume as VIRTIO hard disk (n is 0 to 15). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
"optional" : 1,
"type" : "string"
},
+ "ro" : {
+ "description" : "Whether the drive is read-only.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"secs" : {
"description" : "Force the drive's physical geometry to have a specific sector count.",
"optional" : 1,
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,ro=<1|0>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
},
"vmgenid" : {
"default" : "1 (autogenerated)",
"optional" : 1,
"pattern" : "(?:[a-fA-F0-9]{8}(?:-[a-fA-F0-9]{4}){3}-[a-fA-F0-9]{12}|[01])",
"type" : "string",
- "verbose_description" : "The VM generation ID (vmgenid) device exposes a 128-bit integer value identifier to the guest OS. This allows to notify the guest operating system when the virtual machine is executed with a different configuration (e.g. snapshot execution or creation from a template). The guest operating system notices the change, and is then able to react as appropriate by marking its copies of distributed databases as dirty, re-initializing its random number generator, etc.\nNote that auto-creation only works when done throug API/CLI create or update methods, but not when manually editing the config file."
+ "verbose_description" : "The VM generation ID (vmgenid) device exposes a 128-bit integer value identifier to the guest OS. This allows to notify the guest operating system when the virtual machine is executed with a different configuration (e.g. snapshot execution or creation from a template). The guest operating system notices the change, and is then able to react as appropriate by marking its copies of distributed databases as dirty, re-initializing its random number generator, etc.\nNote that auto-creation only works when done through API/CLI create or update methods, but not when manually editing the config file."
},
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"vmstatestorage" : {
"description" : "Default storage for VM state volumes/files.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"watchdog" : {
"description" : "Create a virtual hardware watchdog device.",
"VM.Config.Memory",
"VM.Config.Network",
"VM.Config.HWType",
- "VM.Config.Options"
+ "VM.Config.Options",
+ "VM.Config.Cloudinit"
],
"any",
1
{
"info" : {
"GET" : {
- "description" : "Get virtual machine configuration, including pending changes.",
+ "allowtoken" : 1,
+ "description" : "Get the virtual machine configuration with both current and pending values.",
"method" : "GET",
"name" : "vm_pending",
"parameters" : {
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"path" : "/nodes/{node}/qemu/{vmid}/pending",
"text" : "pending"
},
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get automatically generated cloudinit config.",
+ "method" : "GET",
+ "name" : "cloudinit_generated_config_dump",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "description" : "Config type.",
+ "enum" : [
+ "user",
+ "network",
+ "meta"
+ ],
+ "type" : "string"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Audit"
+ ]
+ ]
+ },
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/qemu/{vmid}/cloudinit/dump",
+ "text" : "dump"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get the cloudinit configuration with both current and pending values.",
+ "method" : "GET",
+ "name" : "cloudinit_pending",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Audit"
+ ]
+ ]
+ },
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "delete" : {
+ "description" : "Indicates a pending delete request if present and not 0. ",
+ "maximum" : 1,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "key" : {
+ "description" : "Configuration option name.",
+ "type" : "string"
+ },
+ "pending" : {
+ "description" : "The new pending value.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "value" : {
+ "description" : "Value as it was used to generate the current cloudinit image.",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Regenerate and change cloudinit config drive.",
+ "method" : "PUT",
+ "name" : "cloudinit_update",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Config.Cloudinit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/qemu/{vmid}/cloudinit",
+ "text" : "cloudinit"
+ },
{
"info" : {
"PUT" : {
+ "allowtoken" : 1,
"description" : "Unlink/delete disk images.",
"method" : "PUT",
"name" : "unlink",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Creates a TCP VNC proxy connections.",
"method" : "POST",
"name" : "vncproxy",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "generate-password" : {
+ "default" : 0,
+ "description" : "Generates a random password to be used as ticket instead of the API ticket.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"websocket" : {
- "description" : "starts websockify instead of vncproxy",
+ "description" : "Prepare for websocket upgrade (only required when using serial terminal, otherwise upgrade is always possible).",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"cert" : {
"type" : "string"
},
+ "password" : {
+ "description" : "Returned if requested with 'generate-password' param. Consists of printable ASCII characters ('!' .. '~').",
+ "optional" : 1,
+ "type" : "string"
+ },
"port" : {
"type" : "integer"
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Creates a TCP proxy connections.",
"method" : "POST",
"name" : "termproxy",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Opens a weksocket for VNC traffic.",
"method" : "GET",
"name" : "vncwebsocket",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"vncticket" : {
"description" : "Ticket from previous call to vncproxy.",
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Returns a SPICE configuration to connect to the VM.",
"method" : "POST",
"name" : "spiceproxy",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get virtual machine status.",
"method" : "GET",
"name" : "vm_status",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"returns" : {
"properties" : {
"agent" : {
- "description" : "Qemu GuestAgent enabled in config.",
+ "description" : "QEMU Guest Agent is enabled in config.",
"optional" : 1,
"type" : "boolean"
},
+ "clipboard" : {
+ "description" : "Enable a specific clipboard. If not set, depending on the display type the SPICE one will be added.",
+ "enum" : [
+ "vnc"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"cpus" : {
"description" : "Maximum usable CPUs.",
"optional" : 1,
"description" : "HA manager service status.",
"type" : "object"
},
+ "lock" : {
+ "description" : "The current config lock, if any.",
+ "optional" : 1,
+ "type" : "string"
+ },
"maxdisk" : {
"description" : "Root disk size in bytes.",
"optional" : 1,
"type" : "integer"
},
"qmpstatus" : {
- "description" : "Qemu QMP agent status.",
+ "description" : "VM run state from the 'query-status' QMP monitor command.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "running-machine" : {
+ "description" : "The currently running machine type (if running).",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "running-qemu" : {
+ "description" : "The currently running QEMU version (if running).",
"optional" : 1,
"type" : "string"
},
"spice" : {
- "description" : "Qemu VGA configuration supports spice.",
+ "description" : "QEMU VGA configuration supports spice.",
"optional" : 1,
"type" : "boolean"
},
"status" : {
- "description" : "Qemu process status.",
+ "description" : "QEMU process status.",
"enum" : [
"stopped",
"running"
],
"type" : "string"
},
+ "tags" : {
+ "description" : "The current configured tags, if any",
+ "optional" : 1,
+ "type" : "string"
+ },
"uptime" : {
"description" : "Uptime.",
"optional" : 1,
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer"
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Start virtual machine.",
"method" : "POST",
"name" : "vm_start",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "force-cpu" : {
+ "description" : "Override QEMU's -cpu argument with the given string.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"machine" : {
- "description" : "Specifies the Qemu machine type.",
- "maxLength" : 40,
+ "description" : "Specify the QEMU machine.",
+ "format" : {
+ "type" : {
+ "default_key" : 1,
+ "description" : "Specifies the QEMU machine type.",
+ "format_description" : "machine type",
+ "maxLength" : 40,
+ "optional" : 1,
+ "pattern" : "(pc|pc(-i440fx)?-\\d+(\\.\\d+)+(\\+pve\\d+)?(\\.pxe)?|q35|pc-q35-\\d+(\\.\\d+)+(\\+pve\\d+)?(\\.pxe)?|virt(?:-\\d+(\\.\\d+)+)?(\\+pve\\d+)?)",
+ "type" : "string"
+ },
+ "viommu" : {
+ "description" : "Enable and set guest vIOMMU variant (Intel vIOMMU needs q35 to be set as machine type).",
+ "enum" : [
+ "intel",
+ "virtio"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
"optional" : 1,
- "pattern" : "(pc|pc(-i440fx)?-\\d+\\.\\d+(\\.pxe)?|q35|pc-q35-\\d+\\.\\d+(\\.pxe)?|virt(?:-\\d+\\.\\d+)?)",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "[[type=]<machine type>] [,viommu=<intel|virtio>]"
},
"migratedfrom" : {
"description" : "The cluster node name.",
"typetext" : "<string>"
},
"targetstorage" : {
- "description" : "Target storage for the migration. (Can be '1' to use the same storage id as on the source node.)",
+ "description" : "Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself.",
+ "format" : "storage-pair-list",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "timeout" : {
+ "default" : "max(30, vm memory in GiB)",
+ "description" : "Wait maximal timeout seconds.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
- "description" : "Stop virtual machine. The qemu process will exit immediately. Thisis akin to pulling the power plug of a running computer and may damage the VM data",
+ "allowtoken" : 1,
+ "description" : "Stop virtual machine. The qemu process will exit immediately. This is akin to pulling the power plug of a running computer and may damage the VM data.",
"method" : "POST",
"name" : "vm_stop",
"parameters" : {
"type" : "string",
"typetext" : "<string>"
},
+ "overrule-shutdown" : {
+ "default" : 0,
+ "description" : "Try to abort active 'qmshutdown' tasks before stopping.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"skiplock" : {
"description" : "Ignore locks - only root is allowed to use this option.",
"optional" : 1,
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Reset virtual machine.",
"method" : "POST",
"name" : "vm_reset",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
- "description" : "Shutdown virtual machine. This is similar to pressing the power button on a physical machine.This will send an ACPI event for the guest OS, which should then proceed to a clean shutdown.",
+ "allowtoken" : 1,
+ "description" : "Shutdown virtual machine. This is similar to pressing the power button on a physical machine. This will send an ACPI event for the guest OS, which should then proceed to a clean shutdown.",
"method" : "POST",
"name" : "vm_shutdown",
"parameters" : {
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
+ "description" : "Reboot the VM by shutting it down, and starting it again. Applies pending changes.",
+ "method" : "POST",
+ "name" : "vm_reboot",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "timeout" : {
+ "description" : "Wait maximal timeout seconds for the shutdown.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.PowerMgmt"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/qemu/{vmid}/status/reboot",
+ "text" : "reboot"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
"description" : "Suspend virtual machine.",
"method" : "POST",
"name" : "vm_suspend",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "statestorage" : {
+ "description" : "The storage for the VM state",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "optional" : 1,
+ "requires" : "todisk",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "todisk" : {
+ "default" : 0,
+ "description" : "If set, suspends the VM to disk. Will be resumed on next VM start.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
[
"VM.PowerMgmt"
]
- ]
+ ],
+ "description" : "You need 'VM.PowerMgmt' on /vms/{vmid}, and if you have set 'todisk', you need also 'VM.Config.Disk' on /vms/{vmid} and 'Datastore.AllocateSpace' on the storage for the vmstate."
},
"protected" : 1,
"proxyto" : "node",
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Resume virtual machine.",
"method" : "POST",
"name" : "vm_resume",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index",
"method" : "GET",
"name" : "vmcmdidx",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"PUT" : {
+ "allowtoken" : 1,
"description" : "Send key event to virtual machine.",
"method" : "PUT",
"name" : "vm_sendkey",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Check if feature for virtual machine is available.",
"method" : "GET",
"name" : "vm_feature",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Create a copy of virtual machine/template.",
"method" : "POST",
"name" : "clone_vm",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "bwlimit" : {
+ "default" : "clone limit from datacenter or storage config",
+ "description" : "Override I/O bandwidth limit (in KiB/s).",
+ "minimum" : "0",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
"description" : {
"description" : "Description for the new VM.",
"optional" : 1,
"newid" : {
"description" : "VMID for the clone.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"node" : {
"description" : "The cluster node name.",
"storage" : {
"description" : "Target storage for full clone.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"target" : {
"description" : "Target node. Only allowed if the original VM is on shared storage.",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
]
]
],
- "description" : "You need 'VM.Clone' permissions on /vms/{vmid}, and 'VM.Allocate' permissions on /vms/{newid} (or on the VM pool /pool/{pool}). You also need 'Datastore.AllocateSpace' on any used storage."
+ "description" : "You need 'VM.Clone' permissions on /vms/{vmid}, and 'VM.Allocate' permissions on /vms/{newid} (or on the VM pool /pool/{pool}). You also need 'Datastore.AllocateSpace' on any used storage and 'SDN.Use' on any used bridge/vnet"
},
"protected" : 1,
"proxyto" : "node",
{
"info" : {
"POST" : {
- "description" : "Move volume to different storage.",
+ "allowtoken" : 1,
+ "description" : "Move volume to different storage or to a different VM.",
"method" : "POST",
"name" : "move_vm_disk",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "bwlimit" : {
+ "default" : "move limit from datacenter or storage config",
+ "description" : "Override I/O bandwidth limit (in KiB/s).",
+ "minimum" : "0",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
"delete" : {
"default" : 0,
"description" : "Delete the original disk after successful copy. By default the original disk is kept as unused disk.",
"typetext" : "<boolean>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "description" : "Prevent changes if current configuration file has different SHA1\"\n\t\t .\" digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"optional" : 1,
"type" : "string",
"scsi11",
"scsi12",
"scsi13",
+ "scsi14",
+ "scsi15",
+ "scsi16",
+ "scsi17",
+ "scsi18",
+ "scsi19",
+ "scsi20",
+ "scsi21",
+ "scsi22",
+ "scsi23",
+ "scsi24",
+ "scsi25",
+ "scsi26",
+ "scsi27",
+ "scsi28",
+ "scsi29",
+ "scsi30",
"virtio0",
"virtio1",
"virtio2",
"sata3",
"sata4",
"sata5",
- "efidisk0"
+ "efidisk0",
+ "tpmstate0",
+ "unused0",
+ "unused1",
+ "unused2",
+ "unused3",
+ "unused4",
+ "unused5",
+ "unused6",
+ "unused7",
+ "unused8",
+ "unused9",
+ "unused10",
+ "unused11",
+ "unused12",
+ "unused13",
+ "unused14",
+ "unused15",
+ "unused16",
+ "unused17",
+ "unused18",
+ "unused19",
+ "unused20",
+ "unused21",
+ "unused22",
+ "unused23",
+ "unused24",
+ "unused25",
+ "unused26",
+ "unused27",
+ "unused28",
+ "unused29",
+ "unused30",
+ "unused31",
+ "unused32",
+ "unused33",
+ "unused34",
+ "unused35",
+ "unused36",
+ "unused37",
+ "unused38",
+ "unused39",
+ "unused40",
+ "unused41",
+ "unused42",
+ "unused43",
+ "unused44",
+ "unused45",
+ "unused46",
+ "unused47",
+ "unused48",
+ "unused49",
+ "unused50",
+ "unused51",
+ "unused52",
+ "unused53",
+ "unused54",
+ "unused55",
+ "unused56",
+ "unused57",
+ "unused58",
+ "unused59",
+ "unused60",
+ "unused61",
+ "unused62",
+ "unused63",
+ "unused64",
+ "unused65",
+ "unused66",
+ "unused67",
+ "unused68",
+ "unused69",
+ "unused70",
+ "unused71",
+ "unused72",
+ "unused73",
+ "unused74",
+ "unused75",
+ "unused76",
+ "unused77",
+ "unused78",
+ "unused79",
+ "unused80",
+ "unused81",
+ "unused82",
+ "unused83",
+ "unused84",
+ "unused85",
+ "unused86",
+ "unused87",
+ "unused88",
+ "unused89",
+ "unused90",
+ "unused91",
+ "unused92",
+ "unused93",
+ "unused94",
+ "unused95",
+ "unused96",
+ "unused97",
+ "unused98",
+ "unused99",
+ "unused100",
+ "unused101",
+ "unused102",
+ "unused103",
+ "unused104",
+ "unused105",
+ "unused106",
+ "unused107",
+ "unused108",
+ "unused109",
+ "unused110",
+ "unused111",
+ "unused112",
+ "unused113",
+ "unused114",
+ "unused115",
+ "unused116",
+ "unused117",
+ "unused118",
+ "unused119",
+ "unused120",
+ "unused121",
+ "unused122",
+ "unused123",
+ "unused124",
+ "unused125",
+ "unused126",
+ "unused127",
+ "unused128",
+ "unused129",
+ "unused130",
+ "unused131",
+ "unused132",
+ "unused133",
+ "unused134",
+ "unused135",
+ "unused136",
+ "unused137",
+ "unused138",
+ "unused139",
+ "unused140",
+ "unused141",
+ "unused142",
+ "unused143",
+ "unused144",
+ "unused145",
+ "unused146",
+ "unused147",
+ "unused148",
+ "unused149",
+ "unused150",
+ "unused151",
+ "unused152",
+ "unused153",
+ "unused154",
+ "unused155",
+ "unused156",
+ "unused157",
+ "unused158",
+ "unused159",
+ "unused160",
+ "unused161",
+ "unused162",
+ "unused163",
+ "unused164",
+ "unused165",
+ "unused166",
+ "unused167",
+ "unused168",
+ "unused169",
+ "unused170",
+ "unused171",
+ "unused172",
+ "unused173",
+ "unused174",
+ "unused175",
+ "unused176",
+ "unused177",
+ "unused178",
+ "unused179",
+ "unused180",
+ "unused181",
+ "unused182",
+ "unused183",
+ "unused184",
+ "unused185",
+ "unused186",
+ "unused187",
+ "unused188",
+ "unused189",
+ "unused190",
+ "unused191",
+ "unused192",
+ "unused193",
+ "unused194",
+ "unused195",
+ "unused196",
+ "unused197",
+ "unused198",
+ "unused199",
+ "unused200",
+ "unused201",
+ "unused202",
+ "unused203",
+ "unused204",
+ "unused205",
+ "unused206",
+ "unused207",
+ "unused208",
+ "unused209",
+ "unused210",
+ "unused211",
+ "unused212",
+ "unused213",
+ "unused214",
+ "unused215",
+ "unused216",
+ "unused217",
+ "unused218",
+ "unused219",
+ "unused220",
+ "unused221",
+ "unused222",
+ "unused223",
+ "unused224",
+ "unused225",
+ "unused226",
+ "unused227",
+ "unused228",
+ "unused229",
+ "unused230",
+ "unused231",
+ "unused232",
+ "unused233",
+ "unused234",
+ "unused235",
+ "unused236",
+ "unused237",
+ "unused238",
+ "unused239",
+ "unused240",
+ "unused241",
+ "unused242",
+ "unused243",
+ "unused244",
+ "unused245",
+ "unused246",
+ "unused247",
+ "unused248",
+ "unused249",
+ "unused250",
+ "unused251",
+ "unused252",
+ "unused253",
+ "unused254",
+ "unused255"
],
"type" : "string"
},
"storage" : {
"description" : "Target storage.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "target-digest" : {
+ "description" : "Prevent changes if the current config file of the target VM has a\"\n\t\t .\" different SHA1 digest. This can be used to detect concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "target-disk" : {
+ "description" : "The config key the disk will be moved to on the target VM (for example, ide0 or scsi1). Default is the source disk key.",
+ "enum" : [
+ "ide0",
+ "ide1",
+ "ide2",
+ "ide3",
+ "scsi0",
+ "scsi1",
+ "scsi2",
+ "scsi3",
+ "scsi4",
+ "scsi5",
+ "scsi6",
+ "scsi7",
+ "scsi8",
+ "scsi9",
+ "scsi10",
+ "scsi11",
+ "scsi12",
+ "scsi13",
+ "scsi14",
+ "scsi15",
+ "scsi16",
+ "scsi17",
+ "scsi18",
+ "scsi19",
+ "scsi20",
+ "scsi21",
+ "scsi22",
+ "scsi23",
+ "scsi24",
+ "scsi25",
+ "scsi26",
+ "scsi27",
+ "scsi28",
+ "scsi29",
+ "scsi30",
+ "virtio0",
+ "virtio1",
+ "virtio2",
+ "virtio3",
+ "virtio4",
+ "virtio5",
+ "virtio6",
+ "virtio7",
+ "virtio8",
+ "virtio9",
+ "virtio10",
+ "virtio11",
+ "virtio12",
+ "virtio13",
+ "virtio14",
+ "virtio15",
+ "sata0",
+ "sata1",
+ "sata2",
+ "sata3",
+ "sata4",
+ "sata5",
+ "efidisk0",
+ "tpmstate0",
+ "unused0",
+ "unused1",
+ "unused2",
+ "unused3",
+ "unused4",
+ "unused5",
+ "unused6",
+ "unused7",
+ "unused8",
+ "unused9",
+ "unused10",
+ "unused11",
+ "unused12",
+ "unused13",
+ "unused14",
+ "unused15",
+ "unused16",
+ "unused17",
+ "unused18",
+ "unused19",
+ "unused20",
+ "unused21",
+ "unused22",
+ "unused23",
+ "unused24",
+ "unused25",
+ "unused26",
+ "unused27",
+ "unused28",
+ "unused29",
+ "unused30",
+ "unused31",
+ "unused32",
+ "unused33",
+ "unused34",
+ "unused35",
+ "unused36",
+ "unused37",
+ "unused38",
+ "unused39",
+ "unused40",
+ "unused41",
+ "unused42",
+ "unused43",
+ "unused44",
+ "unused45",
+ "unused46",
+ "unused47",
+ "unused48",
+ "unused49",
+ "unused50",
+ "unused51",
+ "unused52",
+ "unused53",
+ "unused54",
+ "unused55",
+ "unused56",
+ "unused57",
+ "unused58",
+ "unused59",
+ "unused60",
+ "unused61",
+ "unused62",
+ "unused63",
+ "unused64",
+ "unused65",
+ "unused66",
+ "unused67",
+ "unused68",
+ "unused69",
+ "unused70",
+ "unused71",
+ "unused72",
+ "unused73",
+ "unused74",
+ "unused75",
+ "unused76",
+ "unused77",
+ "unused78",
+ "unused79",
+ "unused80",
+ "unused81",
+ "unused82",
+ "unused83",
+ "unused84",
+ "unused85",
+ "unused86",
+ "unused87",
+ "unused88",
+ "unused89",
+ "unused90",
+ "unused91",
+ "unused92",
+ "unused93",
+ "unused94",
+ "unused95",
+ "unused96",
+ "unused97",
+ "unused98",
+ "unused99",
+ "unused100",
+ "unused101",
+ "unused102",
+ "unused103",
+ "unused104",
+ "unused105",
+ "unused106",
+ "unused107",
+ "unused108",
+ "unused109",
+ "unused110",
+ "unused111",
+ "unused112",
+ "unused113",
+ "unused114",
+ "unused115",
+ "unused116",
+ "unused117",
+ "unused118",
+ "unused119",
+ "unused120",
+ "unused121",
+ "unused122",
+ "unused123",
+ "unused124",
+ "unused125",
+ "unused126",
+ "unused127",
+ "unused128",
+ "unused129",
+ "unused130",
+ "unused131",
+ "unused132",
+ "unused133",
+ "unused134",
+ "unused135",
+ "unused136",
+ "unused137",
+ "unused138",
+ "unused139",
+ "unused140",
+ "unused141",
+ "unused142",
+ "unused143",
+ "unused144",
+ "unused145",
+ "unused146",
+ "unused147",
+ "unused148",
+ "unused149",
+ "unused150",
+ "unused151",
+ "unused152",
+ "unused153",
+ "unused154",
+ "unused155",
+ "unused156",
+ "unused157",
+ "unused158",
+ "unused159",
+ "unused160",
+ "unused161",
+ "unused162",
+ "unused163",
+ "unused164",
+ "unused165",
+ "unused166",
+ "unused167",
+ "unused168",
+ "unused169",
+ "unused170",
+ "unused171",
+ "unused172",
+ "unused173",
+ "unused174",
+ "unused175",
+ "unused176",
+ "unused177",
+ "unused178",
+ "unused179",
+ "unused180",
+ "unused181",
+ "unused182",
+ "unused183",
+ "unused184",
+ "unused185",
+ "unused186",
+ "unused187",
+ "unused188",
+ "unused189",
+ "unused190",
+ "unused191",
+ "unused192",
+ "unused193",
+ "unused194",
+ "unused195",
+ "unused196",
+ "unused197",
+ "unused198",
+ "unused199",
+ "unused200",
+ "unused201",
+ "unused202",
+ "unused203",
+ "unused204",
+ "unused205",
+ "unused206",
+ "unused207",
+ "unused208",
+ "unused209",
+ "unused210",
+ "unused211",
+ "unused212",
+ "unused213",
+ "unused214",
+ "unused215",
+ "unused216",
+ "unused217",
+ "unused218",
+ "unused219",
+ "unused220",
+ "unused221",
+ "unused222",
+ "unused223",
+ "unused224",
+ "unused225",
+ "unused226",
+ "unused227",
+ "unused228",
+ "unused229",
+ "unused230",
+ "unused231",
+ "unused232",
+ "unused233",
+ "unused234",
+ "unused235",
+ "unused236",
+ "unused237",
+ "unused238",
+ "unused239",
+ "unused240",
+ "unused241",
+ "unused242",
+ "unused243",
+ "unused244",
+ "unused245",
+ "unused246",
+ "unused247",
+ "unused248",
+ "unused249",
+ "unused250",
+ "unused251",
+ "unused252",
+ "unused253",
+ "unused254",
+ "unused255"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "target-vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ },
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"permissions" : {
"check" : [
- "and",
- [
- "perm",
- "/vms/{vmid}",
- [
- "VM.Config.Disk"
- ]
- ],
+ "perm",
+ "/vms/{vmid}",
[
- "perm",
- "/storage/{storage}",
- [
- "Datastore.AllocateSpace"
- ]
+ "VM.Config.Disk"
]
],
- "description" : "You need 'VM.Config.Disk' permissions on /vms/{vmid}, and 'Datastore.AllocateSpace' permissions on the storage."
+ "description" : "You need 'VM.Config.Disk' permissions on /vms/{vmid}, and 'Datastore.AllocateSpace' permissions on the storage. To move a disk to another VM, you need the permissions on the target VM as well."
},
"protected" : 1,
"proxyto" : "node",
},
{
"info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get preconditions for migration.",
+ "method" : "GET",
+ "name" : "migrate_vm_precondition",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "target" : {
+ "description" : "Target node.",
+ "format" : "pve-node",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Migrate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "properties" : {
+ "allowed_nodes" : {
+ "description" : "List nodes allowed for offline migration, only passed if VM is offline",
+ "optional" : 1,
+ "type" : "array"
+ },
+ "local_disks" : {
+ "description" : "List local disks including CD-Rom, unsused and not referenced disks",
+ "type" : "array"
+ },
+ "local_resources" : {
+ "description" : "List local resources e.g. pci, usb",
+ "type" : "array"
+ },
+ "mapped-resources" : {
+ "description" : "List of mapped resources e.g. pci, usb",
+ "type" : "array"
+ },
+ "not_allowed_nodes" : {
+ "description" : "List not allowed nodes with additional informations, only passed if VM is offline",
+ "optional" : 1,
+ "type" : "object"
+ },
+ "running" : {
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ }
+ },
"POST" : {
+ "allowtoken" : 1,
"description" : "Migrate virtual machine. Creates a new migration task.",
"method" : "POST",
"name" : "migrate_vm",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "bwlimit" : {
+ "default" : "migrate limit from datacenter or storage config",
+ "description" : "Override I/O bandwidth limit (in KiB/s).",
+ "minimum" : "0",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
"force" : {
"description" : "Allow to migrate VMs which use local devices. Only root may use this option.",
"optional" : 1,
"typetext" : "<string>"
},
"online" : {
- "description" : "Use online/live migration.",
+ "description" : "Use online/live migration if VM is running. Ignored if VM is stopped.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"typetext" : "<string>"
},
"targetstorage" : {
- "description" : "Default target storage.",
- "format" : "pve-storage-id",
+ "description" : "Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself.",
+ "format" : "storage-pair-list",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"with-local-disks" : {
"description" : "Enable live storage migration for local disk",
{
"info" : {
"POST" : {
- "description" : "Execute Qemu monitor commands.",
+ "allowtoken" : 1,
+ "description" : "Migrate virtual machine to a remote cluster. Creates a new migration task. EXPERIMENTAL feature!",
+ "method" : "POST",
+ "name" : "remote_migrate_vm",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "bwlimit" : {
+ "default" : "migrate limit from datacenter or storage config",
+ "description" : "Override I/O bandwidth limit (in KiB/s).",
+ "minimum" : "0",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "delete" : {
+ "default" : 0,
+ "description" : "Delete the original VM and related data after successful migration. By default the original VM is kept on the source cluster in a stopped state.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "online" : {
+ "description" : "Use online/live migration if VM is running. Ignored if VM is stopped.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "target-bridge" : {
+ "description" : "Mapping from source to target bridges. Providing only a single bridge ID maps all source bridges to that bridge. Providing the special value '1' will map each source bridge to itself.",
+ "format" : "bridge-pair-list",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "target-endpoint" : {
+ "description" : "Remote target endpoint",
+ "format" : "proxmox-remote",
+ "type" : "string",
+ "typetext" : "apitoken=<PVEAPIToken=user@realm!token=SECRET> ,host=<ADDRESS> [,fingerprint=<FINGERPRINT>] [,port=<PORT>]"
+ },
+ "target-storage" : {
+ "description" : "Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself.",
+ "format" : "storage-pair-list",
+ "optional" : 0,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "target-vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Migrate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "description" : "the task ID.",
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/qemu/{vmid}/remote_migrate",
+ "text" : "remote_migrate"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Execute QEMU monitor commands.",
"method" : "POST",
"name" : "monitor",
"parameters" : {
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"PUT" : {
+ "allowtoken" : 1,
"description" : "Extend volume size.",
"method" : "PUT",
"name" : "resize_vm",
"scsi11",
"scsi12",
"scsi13",
+ "scsi14",
+ "scsi15",
+ "scsi16",
+ "scsi17",
+ "scsi18",
+ "scsi19",
+ "scsi20",
+ "scsi21",
+ "scsi22",
+ "scsi23",
+ "scsi24",
+ "scsi25",
+ "scsi26",
+ "scsi27",
+ "scsi28",
+ "scsi29",
+ "scsi30",
"virtio0",
"virtio1",
"virtio2",
"sata3",
"sata4",
"sata5",
- "efidisk0"
+ "efidisk0",
+ "tpmstate0"
],
"type" : "string"
},
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"protected" : 1,
"proxyto" : "node",
"returns" : {
- "type" : "null"
+ "description" : "the task ID.",
+ "type" : "string"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get snapshot configuration",
"method" : "GET",
"name" : "get_snapshot_config",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"/vms/{vmid}",
[
"VM.Snapshot",
- "VM.Snapshot.Rollback"
+ "VM.Snapshot.Rollback",
+ "VM.Audit"
],
"any",
1
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Update snapshot metadata.",
"method" : "PUT",
"name" : "update_snapshot_config",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Rollback VM state to specified snapshot.",
"method" : "POST",
"name" : "rollback",
"type" : "string",
"typetext" : "<string>"
},
+ "start" : {
+ "default" : 0,
+ "description" : "Whether the VM should get started after rolling back successfully. (Note: VMs will be automatically started if the snapshot includes RAM.)",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete a VM snapshot.",
"method" : "DELETE",
"name" : "delsnapshot",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "",
"method" : "GET",
"name" : "snapshot_cmd_idx",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List all snapshots.",
"method" : "GET",
"name" : "snapshot_list",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Snapshot a VM.",
"method" : "POST",
"name" : "snapshot",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"vmstate" : {
"description" : "Save the vmstate",
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Create a Template.",
"method" : "POST",
"name" : "template",
"scsi11",
"scsi12",
"scsi13",
+ "scsi14",
+ "scsi15",
+ "scsi16",
+ "scsi17",
+ "scsi18",
+ "scsi19",
+ "scsi20",
+ "scsi21",
+ "scsi22",
+ "scsi23",
+ "scsi24",
+ "scsi25",
+ "scsi26",
+ "scsi27",
+ "scsi28",
+ "scsi29",
+ "scsi30",
"virtio0",
"virtio1",
"virtio2",
"sata3",
"sata4",
"sata5",
- "efidisk0"
+ "efidisk0",
+ "tpmstate0"
],
"optional" : 1,
"type" : "string"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"protected" : 1,
"proxyto" : "node",
"returns" : {
- "type" : "null"
+ "description" : "the task ID.",
+ "type" : "string"
}
}
},
"leaf" : 1,
"path" : "/nodes/{node}/qemu/{vmid}/template",
"text" : "template"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Migration tunnel endpoint - only for internal use by VM migration.",
+ "method" : "POST",
+ "name" : "mtunnel",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "bridges" : {
+ "description" : "List of network bridges to check availability. Will be checked again for actually used bridges during migration.",
+ "format" : "pve-bridge-id-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "storages" : {
+ "description" : "List of storages to check permission and availability. Will be checked again for all actually used storages during migration.",
+ "format" : "pve-storage-id-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "and",
+ [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Allocate"
+ ]
+ ],
+ [
+ "perm",
+ "/",
+ [
+ "Sys.Incoming"
+ ]
+ ]
+ ],
+ "description" : "You need 'VM.Allocate' permissions on '/vms/{vmid}' and Sys.Incoming on '/'. Further permission checks happen during the actual migration."
+ },
+ "protected" : 1,
+ "returns" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "socket" : {
+ "type" : "string"
+ },
+ "ticket" : {
+ "type" : "string"
+ },
+ "upid" : {
+ "type" : "string"
+ }
+ }
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/qemu/{vmid}/mtunnel",
+ "text" : "mtunnel"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Migration tunnel endpoint for websocket upgrade - only for internal use by VM migration.",
+ "method" : "GET",
+ "name" : "mtunnelwebsocket",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "socket" : {
+ "description" : "unix socket to forward to",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ticket" : {
+ "description" : "ticket return by initial 'mtunnel' API call, or retrieved via 'ticket' tunnel command",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "You need to pass a ticket valid for the selected socket. Tickets can be created via the mtunnel API call, which will check permissions accordingly.",
+ "user" : "all"
+ },
+ "returns" : {
+ "properties" : {
+ "port" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "socket" : {
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/qemu/{vmid}/mtunnelwebsocket",
+ "text" : "mtunnelwebsocket"
}
],
"info" : {
"DELETE" : {
- "description" : "Destroy the vm (also delete all used/owned volumes).",
+ "allowtoken" : 1,
+ "description" : "Destroy the VM and all used/owned volumes. Removes any VM specific permissions and firewall rules",
"method" : "DELETE",
"name" : "destroy_vm",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "destroy-unreferenced-disks" : {
+ "default" : 0,
+ "description" : "If set, destroy additionally all disks not referenced in the config but with a matching VMID from all enabled storages.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
},
+ "purge" : {
+ "description" : "Remove VMID from configurations, like backup & replication jobs and HA.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"skiplock" : {
"description" : "Ignore locks - only root is allowed to use this option.",
"optional" : 1,
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index",
"method" : "GET",
"name" : "vmdiridx",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Virtual machine index (per node).",
"method" : "GET",
"name" : "vmlist",
"optional" : 1,
"type" : "number"
},
+ "lock" : {
+ "description" : "The current config lock, if any.",
+ "optional" : 1,
+ "type" : "string"
+ },
"maxdisk" : {
"description" : "Root disk size in bytes.",
"optional" : 1,
"type" : "integer"
},
"qmpstatus" : {
- "description" : "Qemu QMP agent status.",
+ "description" : "VM run state from the 'query-status' QMP monitor command.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "running-machine" : {
+ "description" : "The currently running machine type (if running).",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "running-qemu" : {
+ "description" : "The currently running QEMU version (if running).",
"optional" : 1,
"type" : "string"
},
"status" : {
- "description" : "Qemu process status.",
+ "description" : "QEMU process status.",
"enum" : [
"stopped",
"running"
],
"type" : "string"
},
+ "tags" : {
+ "description" : "The current configured tags, if any",
+ "optional" : 1,
+ "type" : "string"
+ },
"uptime" : {
"description" : "Uptime.",
"optional" : 1,
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer"
}
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create or restore a virtual machine.",
"method" : "POST",
"name" : "create_vm",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "affinity" : {
+ "description" : "List of host cores used to execute guest processes, for example: 0,5,8-11",
+ "format" : "pve-cpuset",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"agent" : {
- "description" : "Enable/disable Qemu GuestAgent and its properties.",
+ "description" : "Enable/disable communication with the QEMU Guest Agent and its properties.",
"format" : {
"enabled" : {
"default" : 0,
"default_key" : 1,
- "description" : "Enable/disable Qemu GuestAgent.",
+ "description" : "Enable/disable communication with a QEMU Guest Agent (QGA) running in the VM.",
+ "type" : "boolean"
+ },
+ "freeze-fs-on-backup" : {
+ "default" : 1,
+ "description" : "Freeze/thaw guest filesystems on backup for consistency.",
+ "optional" : 1,
"type" : "boolean"
},
"fstrim_cloned_disks" : {
"default" : 0,
- "description" : "Run fstrim after cloning/moving a disk.",
+ "description" : "Run fstrim after moving a disk or migrating the VM.",
"optional" : 1,
"type" : "boolean"
+ },
+ "type" : {
+ "default" : "virtio",
+ "description" : "Select the agent type",
+ "enum" : [
+ "virtio",
+ "isa"
+ ],
+ "optional" : 1,
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[enabled=]<1|0> [,fstrim_cloned_disks=<1|0>]"
+ "typetext" : "[enabled=]<1|0> [,freeze-fs-on-backup=<1|0>] [,fstrim_cloned_disks=<1|0>] [,type=<virtio|isa>]"
},
"arch" : {
"description" : "Virtual processor architecture. Defaults to the host.",
"type" : "string"
},
"archive" : {
- "description" : "The backup file.",
+ "description" : "The backup archive. Either the file system path to a .tar or .vma file (use '-' to pipe data from stdin) or a proxmox storage backup volume identifier.",
"maxLength" : 255,
"optional" : 1,
"type" : "string",
"optional" : 1,
"type" : "string",
"typetext" : "<string>",
- "verbose_description" : "Arbitrary arguments passed to kvm, for example:\n\nargs: -no-reboot -no-hpet\n\nNOTE: this option is for experts only.\n"
+ "verbose_description" : "Arbitrary arguments passed to kvm, for example:\n\nargs: -no-reboot -smbios 'type=0,vendor=FOO'\n\nNOTE: this option is for experts only.\n"
+ },
+ "audio0" : {
+ "description" : "Configure a audio device, useful in combination with QXL/Spice.",
+ "format" : {
+ "device" : {
+ "description" : "Configure an audio device.",
+ "enum" : [
+ "ich9-intel-hda",
+ "intel-hda",
+ "AC97"
+ ],
+ "type" : "string"
+ },
+ "driver" : {
+ "default" : "spice",
+ "description" : "Driver backend for the audio device.",
+ "enum" : [
+ "spice",
+ "none"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "device=<ich9-intel-hda|intel-hda|AC97> [,driver=<spice|none>]"
},
"autostart" : {
"default" : 0,
"typetext" : "<boolean>"
},
"balloon" : {
- "description" : "Amount of target RAM for the VM in MB. Using zero disables the ballon driver.",
+ "description" : "Amount of target RAM for the VM in MiB. Using zero disables the ballon driver.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"type" : "string"
},
"boot" : {
- "default" : "cdn",
- "description" : "Boot on floppy (a), hard disk (c), CD-ROM (d), or network (n).",
+ "description" : "Specify guest boot order. Use the 'order=' sub-property as usage with no key or 'legacy=' is deprecated.",
+ "format" : "pve-qm-boot",
"optional" : 1,
- "pattern" : "[acdn]{1,4}",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "[[legacy=]<[acdn]{1,4}>] [,order=<device[;device...]>]"
},
"bootdisk" : {
- "description" : "Enable booting from specified disk.",
+ "description" : "Enable booting from specified disk. Deprecated: Use 'boot: order=foo;bar' instead.",
"format" : "pve-qm-bootdisk",
"optional" : 1,
"pattern" : "(ide|sata|scsi|virtio)\\d+",
"type" : "string"
},
"bwlimit" : {
- "description" : "Override i/o bandwidth limit (in KiB/s).",
+ "default" : "restore limit from datacenter or storage config",
+ "description" : "Override I/O bandwidth limit (in KiB/s).",
"minimum" : "0",
"optional" : 1,
"type" : "integer",
"type" : "string",
"typetext" : "<volume>"
},
+ "cicustom" : {
+ "description" : "cloud-init: Specify custom files to replace the automatically generated ones at start.",
+ "format" : "pve-qm-cicustom",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[meta=<volume>] [,network=<volume>] [,user=<volume>] [,vendor=<volume>]"
+ },
"cipassword" : {
"description" : "cloud-init: Password to assign the user. Using this is generally not recommended. Use ssh keys instead. Also note that older cloud-init versions do not support hashed passwords.",
"optional" : 1,
"description" : "Specifies the cloud-init configuration format. The default depends on the configured operating system type (`ostype`. We use the `nocloud` format for Linux, and `configdrive2` for windows.",
"enum" : [
"configdrive2",
- "nocloud"
+ "nocloud",
+ "opennebula"
],
"optional" : 1,
"type" : "string"
},
+ "ciupgrade" : {
+ "default" : 1,
+ "description" : "cloud-init: do an automatic package upgrade after the first boot.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"ciuser" : {
"description" : "cloud-init: User name to change ssh keys and password for instead of the image's configured default user.",
"optional" : 1,
},
"cpu" : {
"description" : "Emulated CPU type.",
- "format" : {
- "cputype" : {
- "default" : "kvm64",
- "default_key" : 1,
- "description" : "Emulated CPU type.",
- "enum" : [
- "486",
- "athlon",
- "Broadwell",
- "Broadwell-IBRS",
- "Broadwell-noTSX",
- "Broadwell-noTSX-IBRS",
- "Conroe",
- "core2duo",
- "coreduo",
- "EPYC",
- "EPYC-IBPB",
- "Haswell",
- "Haswell-IBRS",
- "Haswell-noTSX",
- "Haswell-noTSX-IBRS",
- "host",
- "IvyBridge",
- "IvyBridge-IBRS",
- "kvm32",
- "kvm64",
- "max",
- "Nehalem",
- "Nehalem-IBRS",
- "Opteron_G1",
- "Opteron_G2",
- "Opteron_G3",
- "Opteron_G4",
- "Opteron_G5",
- "Penryn",
- "pentium",
- "pentium2",
- "pentium3",
- "phenom",
- "qemu32",
- "qemu64",
- "SandyBridge",
- "SandyBridge-IBRS",
- "Skylake-Client",
- "Skylake-Client-IBRS",
- "Skylake-Server",
- "Skylake-Server-IBRS",
- "Westmere",
- "Westmere-IBRS"
- ],
- "type" : "string"
- },
- "flags" : {
- "description" : "List of additional CPU flags separated by ';'. Use '+FLAG' to enable, '-FLAG' to disable a flag. Currently supported flags: 'pcid', 'spec-ctrl', 'ibpb', 'ssbd', 'virt-ssbd', 'amd-ssbd', 'amd-no-ssb', 'pdpe1gb'.",
- "format_description" : "+FLAG[;-FLAG...]",
- "optional" : 1,
- "pattern" : "(?^:(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb))(;(?^:[+-](pcid|spec-ctrl|ibpb|ssbd|virt-ssbd|amd-ssbd|amd-no-ssb|pdpe1gb)))*)",
- "type" : "string"
- },
- "hidden" : {
- "default" : 0,
- "description" : "Do not identify as a KVM virtual machine.",
- "optional" : 1,
- "type" : "boolean"
- }
- },
+ "format" : "pve-vm-cpu-conf",
"optional" : 1,
"type" : "string",
- "typetext" : "[cputype=]<enum> [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>]"
+ "typetext" : "[[cputype=]<string>] [,flags=<+FLAG[;-FLAG...]>] [,hidden=<1|0>] [,hv-vendor-id=<vendor-id>] [,phys-bits=<8-64|host>] [,reported-model=<enum>]"
},
"cpulimit" : {
"default" : 0,
"verbose_description" : "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has total of '2' CPU time. Value '0' indicates no CPU limit."
},
"cpuunits" : {
- "default" : 1024,
- "description" : "CPU weight for a VM.",
+ "default" : "cgroup v1: 1024, cgroup v2: 100",
+ "description" : "CPU weight for a VM, will be clamped to [1, 10000] in cgroup v2.",
"maximum" : 262144,
- "minimum" : 2,
+ "minimum" : 1,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (2 - 262144)",
+ "typetext" : "<integer> (1 - 262144)",
"verbose_description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to weights of all the other running VMs."
},
"description" : {
- "description" : "Description for the VM. Only used on the configuration web interface. This is saved as comment inside the configuration file.",
+ "description" : "Description for the VM. Shown in the web-interface VM's summary. This is saved as comment inside the configuration file.",
+ "maxLength" : 8192,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"efidisk0" : {
- "description" : "Configure a Disk for storing EFI vars",
+ "description" : "Configure a disk for storing EFI vars. Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Note that SIZE_IN_GiB is ignored here and that the default EFI vars are copied to the volume instead. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
+ "efitype" : {
+ "default" : "2m",
+ "description" : "Size and type of the OVMF EFI vars. '4m' is newer and recommended, and required for Secure Boot. For backwards compatibility, '2m' is used if not otherwise specified. Ignored for VMs with arch=aarch64 (ARM).",
+ "enum" : [
+ "2m",
+ "4m"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"file" : {
"default_key" : 1,
"description" : "The drive's backing volume.",
"optional" : 1,
"type" : "string"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "pre-enrolled-keys" : {
+ "default" : 0,
+ "description" : "Use am EFI vars template with distribution-specific and Microsoft Standard keys enrolled, if used with 'efitype=4m'. Note that this will enable Secure Boot by default, though it can still be turned off from within the VM.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"size" : {
"description" : "Disk size. This is purely informational and has no effect.",
"format" : "disk-size",
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,format=<enum>] [,size=<DiskSize>]"
+ "typetext" : "[file=]<volume> [,efitype=<2m|4m>] [,format=<enum>] [,import-from=<source volume>] [,pre-enrolled-keys=<1|0>] [,size=<DiskSize>]"
},
"force" : {
"description" : "Allow to overwrite existing VM.",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "hookscript" : {
+ "description" : "Script that will be executed during various steps in the vms lifetime.",
+ "format" : "pve-volume-id",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"hostpci[n]" : {
"description" : "Map host PCI devices into guest.",
"format" : "pve-qm-hostpci",
"optional" : 1,
"type" : "string",
- "typetext" : "[host=]<HOSTPCIID[;HOSTPCIID2...]> [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,x-vga=<1|0>]",
- "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer \npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "typetext" : "[[host=]<HOSTPCIID[;HOSTPCIID2...]>] [,device-id=<hex id>] [,legacy-igd=<1|0>] [,mapping=<mapping-id>] [,mdev=<string>] [,pcie=<1|0>] [,rombar=<1|0>] [,romfile=<string>] [,sub-device-id=<hex id>] [,sub-vendor-id=<hex id>] [,vendor-id=<hex id>] [,x-vga=<1|0>]",
+ "verbose_description" : "Map host PCI devices into guest.\n\nNOTE: This option allows direct access to host hardware. So it is no longer\npossible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"hotplug" : {
"default" : "network,disk,usb",
- "description" : "Selectively enable hotplug features. This is a comma separated list of hotplug features: 'network', 'disk', 'cpu', 'memory' and 'usb'. Use '0' to disable hotplug completely. Value '1' is an alias for the default 'network,disk,usb'.",
+ "description" : "Selectively enable hotplug features. This is a comma separated list of hotplug features: 'network', 'disk', 'cpu', 'memory', 'usb' and 'cloudinit'. Use '0' to disable hotplug completely. Using '1' as value is an alias for the default `network,disk,usb`. USB hotplugging is possible for guests with machine version >= 7.1 and ostype l26 or windows > 7.",
"format" : "pve-hotplug-features",
"optional" : 1,
"type" : "string",
"type" : "string"
},
"ide[n]" : {
- "description" : "Use volume as IDE hard disk or CD-ROM (n is 0 to 3).",
+ "description" : "Use volume as IDE hard disk or CD-ROM (n is 0 to 3). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,model=<model>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,model=<model>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>] [,wwn=<wwn>]"
},
"ipconfig[n]" : {
- "description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit gateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using dhcp on IPv4.\n",
+ "description" : "cloud-init: Specify IP addresses and gateways for the corresponding interface.\n\nIP addresses use CIDR notation, gateways are optional but need an IP of the same type specified.\n\nThe special string 'dhcp' can be used for IP addresses to use DHCP, in which case no explicit\ngateway should be provided.\nFor IPv6 the special string 'auto' can be used to use stateless autoconfiguration. This requires\ncloud-init 19.4 or newer.\n\nIf cloud-init is enabled and neither an IPv4 nor an IPv6 address is specified, it defaults to using\ndhcp on IPv4.\n",
"format" : "pve-qm-ipconfig",
"optional" : 1,
"type" : "string",
"typetext" : "[gw=<GatewayIPv4>] [,gw6=<GatewayIPv6>] [,ip=<IPv4Format/CIDR>] [,ip6=<IPv6Format/CIDR>]"
},
+ "ivshmem" : {
+ "description" : "Inter-VM shared memory. Useful for direct communication between VMs, or to the host.",
+ "format" : {
+ "name" : {
+ "description" : "The name of the file. Will be prefixed with 'pve-shm-'. Default is the VMID. Will be deleted when the VM is stopped.",
+ "format_description" : "string",
+ "optional" : 1,
+ "pattern" : "[a-zA-Z0-9\\-]+",
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "The size of the file in MB.",
+ "minimum" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "size=<integer> [,name=<string>]"
+ },
+ "keephugepages" : {
+ "default" : 0,
+ "description" : "Use together with hugepages. If enabled, hugepages will not not be deleted after VM shutdown and can be used for subsequent starts.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"keyboard" : {
"default" : null,
- "description" : "Keybord layout for vnc server. Default is read from the '/etc/pve/datacenter.cfg' configuration file.It should not be necessary to set it.",
+ "description" : "Keyboard layout for VNC server. This option is generally not required and is often better handled from within the guest OS.",
"enum" : [
"de",
"de-ch",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "live-restore" : {
+ "description" : "Start the VM immediately while importing or restoring in the background.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"localtime" : {
- "description" : "Set the real time clock to local time. This is enabled by default if ostype indicates a Microsoft OS.",
+ "description" : "Set the real time clock (RTC) to local time. This is enabled by default if the `ostype` indicates a Microsoft Windows OS.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"lock" : {
"description" : "Lock/unlock the VM.",
"enum" : [
- "migrate",
"backup",
+ "clone",
+ "create",
+ "migrate",
+ "rollback",
"snapshot",
- "rollback"
+ "snapshot-delete",
+ "suspending",
+ "suspended"
],
"optional" : 1,
"type" : "string"
},
"machine" : {
- "description" : "Specifies the Qemu machine type.",
- "maxLength" : 40,
+ "description" : "Specify the QEMU machine.",
+ "format" : {
+ "type" : {
+ "default_key" : 1,
+ "description" : "Specifies the QEMU machine type.",
+ "format_description" : "machine type",
+ "maxLength" : 40,
+ "optional" : 1,
+ "pattern" : "(pc|pc(-i440fx)?-\\d+(\\.\\d+)+(\\+pve\\d+)?(\\.pxe)?|q35|pc-q35-\\d+(\\.\\d+)+(\\+pve\\d+)?(\\.pxe)?|virt(?:-\\d+(\\.\\d+)+)?(\\+pve\\d+)?)",
+ "type" : "string"
+ },
+ "viommu" : {
+ "description" : "Enable and set guest vIOMMU variant (Intel vIOMMU needs q35 to be set as machine type).",
+ "enum" : [
+ "intel",
+ "virtio"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
"optional" : 1,
- "pattern" : "(pc|pc(-i440fx)?-\\d+\\.\\d+(\\.pxe)?|q35|pc-q35-\\d+\\.\\d+(\\.pxe)?|virt(?:-\\d+\\.\\d+)?)",
- "type" : "string"
+ "type" : "string",
+ "typetext" : "[[type=]<machine type>] [,viommu=<intel|virtio>]"
},
"memory" : {
- "default" : 512,
- "description" : "Amount of RAM for the VM in MB. This is the maximum available memory when you use the balloon device.",
- "minimum" : 16,
+ "description" : "Memory properties.",
+ "format" : {
+ "current" : {
+ "default" : 512,
+ "default_key" : 1,
+ "description" : "Current amount of online RAM for the VM in MiB. This is the maximum available memory when you use the balloon device.",
+ "minimum" : 16,
+ "type" : "integer"
+ }
+ },
"optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (16 - N)"
+ "type" : "string",
+ "typetext" : "[current=]<integer>"
},
"migrate_downtime" : {
"default" : 0.1,
"format" : {
"bridge" : {
"description" : "Bridge to attach the network device to. The Proxmox VE standard bridge\nis called 'vmbr0'.\n\nIf you do not specify a bridge, we create a kvm user (NATed) network\ndevice, which provides DHCP and DNS services. The following addresses\nare used:\n\n 10.0.2.2 Gateway\n 10.0.2.3 DNS Server\n 10.0.2.4 SMB Server\n\nThe DHCP server assign addresses to the guest starting from 10.0.2.15.\n",
+ "format" : "pve-bridge-id",
"format_description" : "bridge",
"optional" : 1,
"type" : "string"
"alias" : "macaddr",
"keyAlias" : "model"
},
+ "e1000e" : {
+ "alias" : "macaddr",
+ "keyAlias" : "model"
+ },
"firewall" : {
"description" : "Whether this interface should be protected by the firewall.",
"optional" : 1,
},
"macaddr" : {
"description" : "MAC address. That address must be unique withing your network. This is automatically generated if not specified.",
+ "format" : "mac-addr",
"format_description" : "XX:XX:XX:XX:XX:XX",
"optional" : 1,
- "pattern" : "(?^i:[0-9a-f]{2}(?::[0-9a-f]{2}){5})",
- "type" : "string"
+ "type" : "string",
+ "verbose_description" : "A common MAC address with the I/G (Individual/Group) bit not set."
},
"model" : {
"default_key" : 1,
"description" : "Network Card Model. The 'virtio' model provides the best performance with very low CPU overhead. If your guest does not support this driver, it is usually best to use 'e1000'.",
"enum" : [
- "rtl8139",
- "ne2k_pci",
"e1000",
- "pcnet",
- "virtio",
- "ne2k_isa",
+ "e1000-82540em",
+ "e1000-82544gc",
+ "e1000-82545em",
+ "e1000e",
"i82551",
"i82557b",
"i82559er",
- "vmxnet3",
- "e1000-82540em",
- "e1000-82544gc",
- "e1000-82545em"
+ "ne2k_isa",
+ "ne2k_pci",
+ "pcnet",
+ "rtl8139",
+ "virtio",
+ "vmxnet3"
],
"type" : "string"
},
+ "mtu" : {
+ "description" : "Force MTU, for VirtIO only. Set to '1' to use the bridge MTU",
+ "maximum" : 65520,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer"
+ },
"ne2k_isa" : {
"alias" : "macaddr",
"keyAlias" : "model"
},
"queues" : {
"description" : "Number of packet queues to be used on the device.",
- "maximum" : 16,
+ "maximum" : 64,
"minimum" : 0,
"optional" : 1,
"type" : "integer"
},
"optional" : 1,
"type" : "string",
- "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
+ "typetext" : "[model=]<enum> [,bridge=<bridge>] [,firewall=<1|0>] [,link_down=<1|0>] [,macaddr=<XX:XX:XX:XX:XX:XX>] [,mtu=<integer>] [,queues=<integer>] [,rate=<number>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,<model>=<macaddr>]"
},
"node" : {
"description" : "The cluster node name.",
"win7",
"win8",
"win10",
+ "win11",
"l24",
"l26",
"solaris"
],
"optional" : 1,
"type" : "string",
- "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6/3.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
+ "verbose_description" : "Specify guest operating system. This is used to enable special\noptimization/features for specific operating systems:\n\n[horizontal]\nother;; unspecified OS\nwxp;; Microsoft Windows XP\nw2k;; Microsoft Windows 2000\nw2k3;; Microsoft Windows 2003\nw2k8;; Microsoft Windows 2008\nwvista;; Microsoft Windows Vista\nwin7;; Microsoft Windows 7\nwin8;; Microsoft Windows 8/2012/2012r2\nwin10;; Microsoft Windows 10/2016/2019\nwin11;; Microsoft Windows 11/2022/2025\nl24;; Linux 2.4 Kernel\nl26;; Linux 2.6 - 6.X Kernel\nsolaris;; Solaris/OpenSolaris/OpenIndiania kernel\n"
},
"parallel[n]" : {
"description" : "Map host parallel devices (n is 0 to 2).",
"optional" : 1,
"pattern" : "/dev/parport\\d+|/dev/usb/lp\\d+",
"type" : "string",
- "verbose_description" : "Map host parallel devices (n is 0 to 2).\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Map host parallel devices (n is 0 to 2).\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such\nmachines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"pool" : {
"description" : "Add the VM to the specified pool.",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "rng0" : {
+ "description" : "Configure a VirtIO-based Random Number Generator.",
+ "format" : {
+ "max_bytes" : {
+ "default" : 1024,
+ "description" : "Maximum bytes of entropy allowed to get injected into the guest every 'period' milliseconds. Prefer a lower value when using '/dev/random' as source. Use `0` to disable limiting (potentially dangerous!).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "period" : {
+ "default" : 1000,
+ "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "source" : {
+ "default_key" : 1,
+ "description" : "The file on the host to gather entropy from. In most cases '/dev/urandom' should be preferred over '/dev/random' to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. '/dev/hwrng' can be used to pass through a hardware RNG from the host.",
+ "enum" : [
+ "/dev/urandom",
+ "/dev/random",
+ "/dev/hwrng"
+ ],
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[source=]</dev/urandom|/dev/random|/dev/hwrng> [,max_bytes=<integer>] [,period=<integer>]"
+ },
"sata[n]" : {
- "description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5).",
+ "description" : "Use volume as SATA hard disk or CD-ROM (n is 0 to 5). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>] [,wwn=<wwn>]"
},
"scsi[n]" : {
- "description" : "Use volume as SCSI hard disk or CD-ROM (n is 0 to 13).",
+ "description" : "Use volume as SCSI hard disk or CD-ROM (n is 0 to 30). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
"optional" : 1,
"type" : "string"
},
+ "product" : {
+ "description" : "The drive's product name, up to 16 bytes long.",
+ "format_description" : "product",
+ "optional" : 1,
+ "pattern" : "[A-Za-z0-9\\-_\\s]{,16}",
+ "type" : "string"
+ },
"queues" : {
"description" : "Number of queues.",
"minimum" : 2,
"optional" : 1,
"type" : "string"
},
+ "ro" : {
+ "description" : "Whether the drive is read-only.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"scsiblock" : {
"default" : 0,
"description" : "whether to use scsi-block for full passthrough of host block device\n\nWARNING: can lead to I/O errors in combination with low memory or high memory fragmentation on host",
"optional" : 1,
"type" : "string"
},
+ "vendor" : {
+ "description" : "The drive's vendor name, up to 8 bytes long.",
+ "format_description" : "vendor",
+ "optional" : 1,
+ "pattern" : "[A-Za-z0-9\\-_\\s]{,8}",
+ "type" : "string"
+ },
"volume" : {
"alias" : "file"
},
],
"optional" : 1,
"type" : "string"
+ },
+ "wwn" : {
+ "description" : "The drive's worldwide name, encoded as 16 bytes hex string, prefixed by '0x'.",
+ "format_description" : "wwn",
+ "optional" : 1,
+ "pattern" : "(?^:^(0x)[0-9a-fA-F]{16})",
+ "type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,queues=<integer>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,scsiblock=<1|0>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,product=<product>] [,queues=<integer>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,ro=<1|0>] [,scsiblock=<1|0>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=<none|lba|auto>] [,vendor=<vendor>] [,werror=<enum>] [,wwn=<wwn>]"
},
"scsihw" : {
"default" : "lsi",
"optional" : 1,
"pattern" : "(/dev/.+|socket)",
"type" : "string",
- "verbose_description" : "Create a serial device inside the VM (n is 0 to 3), and pass through a\nhost serial device (i.e. /dev/ttyS0), or create a unix socket on the\nhost side (use 'qm terminal' to open a terminal connection).\n\nNOTE: If you pass through a host serial device, it is no longer possible to migrate such machines - use with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
+ "verbose_description" : "Create a serial device inside the VM (n is 0 to 3), and pass through a\nhost serial device (i.e. /dev/ttyS0), or create a unix socket on the\nhost side (use 'qm terminal' to open a terminal connection).\n\nNOTE: If you pass through a host serial device, it is no longer possible to migrate such machines -\nuse with special care.\n\nCAUTION: Experimental! User reported problems with this option.\n"
},
"shares" : {
"default" : 1000,
"smbios1" : {
"description" : "Specify SMBIOS type 1 fields.",
"format" : "pve-qm-smbios1",
- "maxLength" : 256,
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
- "typetext" : "[family=<string>] [,manufacturer=<string>] [,product=<string>] [,serial=<string>] [,sku=<string>] [,uuid=<UUID>] [,version=<string>]"
+ "typetext" : "[base64=<1|0>] [,family=<Base64 encoded string>] [,manufacturer=<Base64 encoded string>] [,product=<Base64 encoded string>] [,serial=<Base64 encoded string>] [,sku=<Base64 encoded string>] [,uuid=<UUID>] [,version=<Base64 encoded string>]"
},
"smp" : {
"default" : 1,
"type" : "integer",
"typetext" : "<integer> (1 - N)"
},
+ "spice_enhancements" : {
+ "description" : "Configure additional enhancements for SPICE.",
+ "format" : {
+ "foldersharing" : {
+ "default" : "0",
+ "description" : "Enable folder sharing via SPICE. Needs Spice-WebDAV daemon installed in the VM.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "videostreaming" : {
+ "default" : "off",
+ "description" : "Enable video streaming. Uses compression for detected video streams.",
+ "enum" : [
+ "off",
+ "all",
+ "filter"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[foldersharing=<1|0>] [,videostreaming=<off|all|filter>]"
+ },
"sshkeys" : {
"description" : "cloud-init: Setup public SSH keys (one key per line, OpenSSH format).",
"format" : "urlencoded",
},
"startdate" : {
"default" : "now",
- "description" : "Set the initial date of the real time clock. Valid format for date are: 'now' or '2006-06-17T16:01:21' or '2006-06-17'.",
+ "description" : "Set the initial date of the real time clock. Valid format for date are:'now' or '2006-06-17T16:01:21' or '2006-06-17'.",
"optional" : 1,
"pattern" : "(now|\\d{4}-\\d{1,2}-\\d{1,2}(T\\d{1,2}:\\d{1,2}:\\d{1,2})?)",
"type" : "string",
"storage" : {
"description" : "Default storage.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"tablet" : {
"default" : 1,
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>",
- "verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (-vga=qxl)."
+ "verbose_description" : "Enable/disable the USB tablet device. This device is usually needed to allow absolute mouse positioning with VNC. Else the mouse runs out of sync with normal VNC clients. If you're running lots of console-only guests on one host, you may consider disabling this to save some context switches. This is turned off by default if you use spice (`qm set <vmid> --vga qxl`)."
+ },
+ "tags" : {
+ "description" : "Tags of the VM. This is only meta information.",
+ "format" : "pve-tag-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"tdf" : {
"default" : 0,
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "tpmstate0" : {
+ "description" : "Configure a Disk for storing TPM state. The format is fixed to 'raw'. Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Note that SIZE_IN_GiB is ignored here and 4 MiB will be used instead. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id-or-qm-path",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "Disk size. This is purely informational and has no effect.",
+ "format" : "disk-size",
+ "format_description" : "DiskSize",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "version" : {
+ "default" : "v2.0",
+ "description" : "The TPM interface version. v2.0 is newer and should be preferred. Note that this cannot be changed later on.",
+ "enum" : [
+ "v1.2",
+ "v2.0"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[file=]<volume> [,import-from=<source volume>] [,size=<DiskSize>] [,version=<v1.2|v2.0>]"
+ },
"unique" : {
"description" : "Assign a unique random ethernet address.",
"optional" : 1,
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "file" : {
+ "default_key" : 1,
+ "description" : "The drive's backing volume.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ },
+ "volume" : {
+ "alias" : "file"
+ }
+ },
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[file=]<volume>"
},
"usb[n]" : {
- "description" : "Configure an USB device (n is 0 to 4).",
+ "description" : "Configure an USB device (n is 0 to 4, for machine version >= 7.1 and ostype l26 or windows > 7, n can be up to 14).",
"format" : {
"host" : {
"default_key" : 1,
- "description" : "The Host USB device or port or the value 'spice'. HOSTUSBDEVICE syntax is:\n\n 'bus-port(.port)*' (decimal numbers) or\n 'vendor_id:product_id' (hexadeciaml numbers) or\n 'spice'\n\nYou can use the 'lsusb -t' command to list existing usb devices.\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such machines - use with special care.\n\nThe value 'spice' can be used to add a usb redirection devices for spice.\n",
- "format" : "pve-qm-usb-device",
+ "description" : "The Host USB device or port or the value 'spice'. HOSTUSBDEVICE syntax is:\n\n 'bus-port(.port)*' (decimal numbers) or\n 'vendor_id:product_id' (hexadeciaml numbers) or\n 'spice'\n\nYou can use the 'lsusb -t' command to list existing usb devices.\n\nNOTE: This option allows direct access to host hardware. So it is no longer possible to migrate such\nmachines - use with special care.\n\nThe value 'spice' can be used to add a usb redirection devices for spice.\n\nEither this or the 'mapping' key must be set.\n",
"format_description" : "HOSTUSBDEVICE|spice",
+ "optional" : 1,
+ "pattern" : "(?^:(?:(?:(?^:(0x)?([0-9A-Fa-f]{4}):(0x)?([0-9A-Fa-f]{4})))|(?:(?^:(\\d+)\\-(\\d+(\\.\\d+)*)))|[Ss][Pp][Ii][Cc][Ee]))",
+ "type" : "string"
+ },
+ "mapping" : {
+ "description" : "The ID of a cluster wide mapping. Either this or the default-key 'host' must be set.",
+ "format" : "pve-configid",
+ "format_description" : "mapping-id",
+ "optional" : 1,
"type" : "string"
},
"usb3" : {
"default" : 0,
- "description" : "Specifies whether if given host option is a USB3 device or port (this does currently not work reliably with spice redirection and is then ignored).",
+ "description" : "Specifies whether if given host option is a USB3 device or port. For modern guests (machine version >= 7.1 and ostype l26 and windows > 7), this flag is irrelevant (all devices are plugged into a xhci controller).",
"optional" : 1,
"type" : "boolean"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "[host=]<HOSTUSBDEVICE|spice> [,usb3=<1|0>]"
+ "typetext" : "[[host=]<HOSTUSBDEVICE|spice>] [,mapping=<mapping-id>] [,usb3=<1|0>]"
},
"vcpus" : {
"default" : 0,
"vga" : {
"description" : "Configure the VGA hardware.",
"format" : {
+ "clipboard" : {
+ "description" : "Enable a specific clipboard. If not set, depending on the display type the SPICE one will be added. Migration with VNC clipboard is not yet supported!",
+ "enum" : [
+ "vnc"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"memory" : {
"description" : "Sets the VGA memory (in MiB). Has no effect with serial display.",
"maximum" : 512,
"qxl2",
"qxl3",
"qxl4",
+ "none",
"serial0",
"serial1",
"serial2",
"serial3",
"std",
"virtio",
+ "virtio-gl",
"vmware"
],
"optional" : 1,
},
"optional" : 1,
"type" : "string",
- "typetext" : "[[type=]<enum>] [,memory=<integer>]",
+ "typetext" : "[[type=]<enum>] [,clipboard=<vnc>] [,memory=<integer>]",
"verbose_description" : "Configure the VGA Hardware. If you want to use high resolution modes (>= 1280x1024x16) you may need to increase the vga memory option. Since QEMU 2.9 the default VGA display type is 'std' for all OS types besides some Windows versions (XP and older) which use 'cirrus'. The 'qxl' option enables the SPICE display server. For win* OS you can select how many independent displays you want, Linux guests can add displays them self.\nYou can also run without any graphic card, using a serial device as terminal."
},
"virtio[n]" : {
- "description" : "Use volume as VIRTIO hard disk (n is 0 to 15).",
+ "description" : "Use volume as VIRTIO hard disk (n is 0 to 15). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume.",
"format" : {
"aio" : {
"description" : "AIO type to use.",
"enum" : [
"native",
- "threads"
+ "threads",
+ "io_uring"
],
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "import-from" : {
+ "description" : "Create a new disk, importing from this source (volume ID or absolute path). When an absolute path is specified, it's up to you to ensure that the source is not actively used by another process during the import!",
+ "format" : "pve-volume-id-or-absolute-path",
+ "format_description" : "source volume",
+ "optional" : 1,
+ "type" : "string"
+ },
"iops" : {
"description" : "Maximum r/w I/O in operations per second.",
"format_description" : "iops",
"optional" : 1,
"type" : "string"
},
+ "ro" : {
+ "description" : "Whether the drive is read-only.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"secs" : {
"description" : "Force the drive's physical geometry to have a specific sector count.",
"optional" : 1,
},
"optional" : 1,
"type" : "string",
- "typetext" : "[file=]<volume> [,aio=<native|threads>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
+ "typetext" : "[file=]<volume> [,aio=<native|threads|io_uring>] [,backup=<1|0>] [,bps=<bps>] [,bps_max_length=<seconds>] [,bps_rd=<bps>] [,bps_rd_max_length=<seconds>] [,bps_wr=<bps>] [,bps_wr_max_length=<seconds>] [,cache=<enum>] [,cyls=<integer>] [,detect_zeroes=<1|0>] [,discard=<ignore|on>] [,format=<enum>] [,heads=<integer>] [,import-from=<source volume>] [,iops=<iops>] [,iops_max=<iops>] [,iops_max_length=<seconds>] [,iops_rd=<iops>] [,iops_rd_max=<iops>] [,iops_rd_max_length=<seconds>] [,iops_wr=<iops>] [,iops_wr_max=<iops>] [,iops_wr_max_length=<seconds>] [,iothread=<1|0>] [,mbps=<mbps>] [,mbps_max=<mbps>] [,mbps_rd=<mbps>] [,mbps_rd_max=<mbps>] [,mbps_wr=<mbps>] [,mbps_wr_max=<mbps>] [,media=<cdrom|disk>] [,replicate=<1|0>] [,rerror=<ignore|report|stop>] [,ro=<1|0>] [,secs=<integer>] [,serial=<serial>] [,shared=<1|0>] [,size=<DiskSize>] [,snapshot=<1|0>] [,trans=<none|lba|auto>] [,werror=<enum>]"
},
"vmgenid" : {
"default" : "1 (autogenerated)",
"optional" : 1,
"pattern" : "(?:[a-fA-F0-9]{8}(?:-[a-fA-F0-9]{4}){3}-[a-fA-F0-9]{12}|[01])",
"type" : "string",
- "verbose_description" : "The VM generation ID (vmgenid) device exposes a 128-bit integer value identifier to the guest OS. This allows to notify the guest operating system when the virtual machine is executed with a different configuration (e.g. snapshot execution or creation from a template). The guest operating system notices the change, and is then able to react as appropriate by marking its copies of distributed databases as dirty, re-initializing its random number generator, etc.\nNote that auto-creation only works when done throug API/CLI create or update methods, but not when manually editing the config file."
+ "verbose_description" : "The VM generation ID (vmgenid) device exposes a 128-bit integer value identifier to the guest OS. This allows to notify the guest operating system when the virtual machine is executed with a different configuration (e.g. snapshot execution or creation from a template). The guest operating system notices the change, and is then able to react as appropriate by marking its copies of distributed databases as dirty, re-initializing its random number generator, etc.\nNote that auto-creation only works when done through API/CLI create or update methods, but not when manually editing the config file."
},
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"vmstatestorage" : {
"description" : "Default storage for VM state volumes/files.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"watchdog" : {
"description" : "Create a virtual hardware watchdog device.",
}
},
"permissions" : {
- "description" : "You need 'VM.Allocate' permissions on /vms/{vmid} or on the VM pool /pool/{pool}. For restore (option 'archive'), it is enough if the user has 'VM.Backup' permission and the VM already exists. If you create disks you need 'Datastore.AllocateSpace' on any used storage.",
+ "description" : "You need 'VM.Allocate' permissions on /vms/{vmid} or on the VM pool /pool/{pool}. For restore (option 'archive'), it is enough if the user has 'VM.Backup' permission and the VM already exists. If you create disks you need 'Datastore.AllocateSpace' on any used storage.If you use a bridge/vlan, you need 'SDN.Use' on any used bridge/vlan.",
"user" : "all"
},
"protected" : 1,
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get container configuration.",
"method" : "GET",
"name" : "vm_config",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "current" : {
+ "default" : 0,
+ "description" : "Get current values (instead of pending values).",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
},
+ "snapshot" : {
+ "description" : "Fetch config values from given snapshot.",
+ "format" : "pve-configid",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"amd64",
"i386",
"arm64",
- "armhf"
+ "armhf",
+ "riscv32",
+ "riscv64"
],
"optional" : 1,
"type" : "string"
},
"cores" : {
"description" : "The number of cores assigned to the container. A container can use all available cores by default.",
- "maximum" : 128,
+ "maximum" : 8192,
"minimum" : 1,
"optional" : 1,
"type" : "integer"
"cpulimit" : {
"default" : 0,
"description" : "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has a total of '2' CPU time. Value '0' indicates no CPU limit.",
- "maximum" : 128,
+ "maximum" : 8192,
"minimum" : 0,
"optional" : 1,
"type" : "number"
},
"cpuunits" : {
- "default" : 1024,
- "description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to the weights of all the other running VMs.\n\nNOTE: You can disable fair-scheduler configuration by setting this to 0.",
+ "default" : "cgroup v1: 1024, cgroup v2: 100",
+ "description" : "CPU weight for a container, will be clamped to [1, 10000] in cgroup v2.",
"maximum" : 500000,
"minimum" : 0,
"optional" : 1,
- "type" : "integer"
+ "type" : "integer",
+ "verbose_description" : "CPU weight for a container. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this container gets. Number is relative to the weights of all the other running guests."
+ },
+ "debug" : {
+ "default" : 0,
+ "description" : "Try to be more verbose. For now this only enables debug log-level on start.",
+ "optional" : 1,
+ "type" : "boolean"
},
"description" : {
- "description" : "Container description. Only used on the configuration web interface.",
+ "description" : "Description for the Container. Shown in the web-interface CT's summary. This is saved as comment inside the configuration file.",
+ "maxLength" : 8192,
+ "optional" : 1,
+ "type" : "string"
+ },
+ "dev[n]" : {
+ "description" : "Device to pass through to the container",
+ "format" : {
+ "gid" : {
+ "description" : "Group ID to be assigned to the device node",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "mode" : {
+ "description" : "Access mode to be set on the device node",
+ "format_description" : "Octal access mode",
+ "optional" : 1,
+ "pattern" : "0[0-7]{3}",
+ "type" : "string"
+ },
+ "path" : {
+ "default_key" : 1,
+ "description" : "Device to pass through to the container",
+ "format" : "pve-lxc-dev-string",
+ "format_description" : "Path",
+ "optional" : 1,
+ "type" : "string",
+ "verbose_description" : "Path to the device to pass through to the container"
+ },
+ "uid" : {
+ "description" : "User ID to be assigned to the device node",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ }
+ },
"optional" : 1,
"type" : "string"
},
"features" : {
"description" : "Allow containers access to advanced features.",
"format" : {
+ "force_rw_sys" : {
+ "default" : 0,
+ "description" : "Mount /sys in unprivileged containers as `rw` instead of `mixed`. This can break networking under newer (>= v245) systemd-network use.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"fuse" : {
"default" : 0,
"description" : "Allow using 'fuse' file systems in a container. Note that interactions between fuse and the freezer cgroup can potentially cause I/O deadlocks.",
"optional" : 1,
"type" : "boolean"
},
+ "mknod" : {
+ "default" : 0,
+ "description" : "Allow unprivileged containers to use mknod() to add certain device nodes. This requires a kernel with seccomp trap to user space support (5.3 or newer). This is experimental.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mount" : {
"description" : "Allow mounting file systems of specific types. This should be a list of file system types as used with the mount command. Note that this can have negative effects on the container's security. With access to a loop device, mounting a file can circumvent the mknod permission of the devices cgroup, mounting an NFS file system can block the host's I/O completely and prevent it from rebooting, etc.",
"format_description" : "fstype;fstype;...",
"optional" : 1,
- "pattern" : "(?^:[a-zA-Z0-9; ]+)",
+ "pattern" : "(?^:[a-zA-Z0-9_; ]+)",
"type" : "string"
},
"nesting" : {
"optional" : 1,
"type" : "string"
},
+ "hookscript" : {
+ "description" : "Script that will be exectued during various steps in the containers lifetime.",
+ "format" : "pve-volume-id",
+ "optional" : 1,
+ "type" : "string"
+ },
"hostname" : {
"description" : "Set a host name for the container.",
"format" : "dns-name",
"type" : "string"
},
"lock" : {
- "description" : "Lock/unlock the VM.",
+ "description" : "Lock/unlock the container.",
"enum" : [
"backup",
+ "create",
+ "destroyed",
"disk",
+ "fstrim",
"migrate",
"mounted",
"rollback",
},
"memory" : {
"default" : 512,
- "description" : "Amount of RAM for the VM in MB.",
+ "description" : "Amount of RAM for the container in MB.",
"minimum" : 16,
"optional" : 1,
"type" : "integer"
},
"mp[n]" : {
- "description" : "Use volume as container mount point.",
+ "description" : "Use volume as container mount point. Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume.",
"format" : {
"acl" : {
"description" : "Explicitly enable or disable ACL support.",
"type" : "boolean",
"verbose_description" : "Whether to include the mount point in backups (only used for volume mount points)."
},
+ "mountoptions" : {
+ "description" : "Extra mount options for rootfs/mps.",
+ "format_description" : "opt[;opt...]",
+ "optional" : 1,
+ "pattern" : "(?^:(?^:(noatime|lazytime|nodev|nosuid|noexec))(;(?^:(noatime|lazytime|nodev|nosuid|noexec)))*)",
+ "type" : "string"
+ },
"mp" : {
"description" : "Path to the mount point as seen from inside the container (must not contain symlinks).",
"format" : "pve-lxc-mp-string",
},
"nameserver" : {
"description" : "Sets DNS server IP address for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
- "format" : "address-list",
+ "format" : "lxc-ip-with-ll-iface-list",
"optional" : 1,
"type" : "string"
},
},
"hwaddr" : {
"description" : "The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)",
+ "format" : "mac-addr",
"format_description" : "XX:XX:XX:XX:XX:XX",
"optional" : 1,
- "pattern" : "(?^i:(?:[a-f0-9]{2}:){5}[a-f0-9]{2})",
- "type" : "string"
+ "type" : "string",
+ "verbose_description" : "A common MAC address with the I/G (Individual/Group) bit not set."
},
"ip" : {
"description" : "IPv4 address in CIDR format.",
"optional" : 1,
"type" : "string"
},
+ "link_down" : {
+ "description" : "Whether this interface should be disconnected (like pulling the plug).",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mtu" : {
"description" : "Maximum transfer unit of the interface. (lxc.network.mtu)",
+ "maximum" : 65535,
"minimum" : 64,
"optional" : 1,
"type" : "integer"
},
"onboot" : {
"default" : 0,
- "description" : "Specifies whether a VM will be started during system bootup.",
+ "description" : "Specifies whether a container will be started during system bootup.",
"optional" : 1,
"type" : "boolean"
},
"description" : "OS type. This is used to setup configuration inside the container, and corresponds to lxc setup scripts in /usr/share/lxc/config/<ostype>.common.conf. Value 'unmanaged' can be used to skip and OS specific setup.",
"enum" : [
"debian",
+ "devuan",
"ubuntu",
"centos",
"fedora",
"archlinux",
"alpine",
"gentoo",
+ "nixos",
"unmanaged"
],
"optional" : 1,
"optional" : 1,
"type" : "boolean"
},
+ "mountoptions" : {
+ "description" : "Extra mount options for rootfs/mps.",
+ "format_description" : "opt[;opt...]",
+ "optional" : 1,
+ "pattern" : "(?^:(?^:(noatime|lazytime|nodev|nosuid|noexec))(;(?^:(noatime|lazytime|nodev|nosuid|noexec)))*)",
+ "type" : "string"
+ },
"quota" : {
"description" : "Enable user quotas inside the container (not supported with zfs subvolumes)",
"optional" : 1,
},
"swap" : {
"default" : 512,
- "description" : "Amount of SWAP for the VM in MB.",
+ "description" : "Amount of SWAP for the container in MB.",
"minimum" : 0,
"optional" : 1,
"type" : "integer"
},
+ "tags" : {
+ "description" : "Tags of the Container. This is only meta information.",
+ "format" : "pve-tag-list",
+ "optional" : 1,
+ "type" : "string"
+ },
"template" : {
"default" : 0,
"description" : "Enable/disable Template.",
"optional" : 1,
"type" : "boolean"
},
+ "timezone" : {
+ "description" : "Time zone to use in the container. If option isn't set, then nothing will be done. Can be set to 'host' to match the host time zone, or an arbitrary time zone option from /usr/share/zoneinfo/zone.tab",
+ "format" : "pve-ct-timezone",
+ "optional" : 1,
+ "type" : "string"
+ },
"tty" : {
"default" : 2,
"description" : "Specify the number of tty available to the container",
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "volume" : {
+ "default_key" : 1,
+ "description" : "The volume that is not used currently.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ }
+ },
"optional" : 1,
"type" : "string"
}
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Set container options.",
"method" : "PUT",
"name" : "update_vm",
"amd64",
"i386",
"arm64",
- "armhf"
+ "armhf",
+ "riscv32",
+ "riscv64"
],
"optional" : 1,
"type" : "string"
},
"cores" : {
"description" : "The number of cores assigned to the container. A container can use all available cores by default.",
- "maximum" : 128,
+ "maximum" : 8192,
"minimum" : 1,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (1 - 128)"
+ "typetext" : "<integer> (1 - 8192)"
},
"cpulimit" : {
"default" : 0,
"description" : "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has a total of '2' CPU time. Value '0' indicates no CPU limit.",
- "maximum" : 128,
+ "maximum" : 8192,
"minimum" : 0,
"optional" : 1,
"type" : "number",
- "typetext" : "<number> (0 - 128)"
+ "typetext" : "<number> (0 - 8192)"
},
"cpuunits" : {
- "default" : 1024,
- "description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to the weights of all the other running VMs.\n\nNOTE: You can disable fair-scheduler configuration by setting this to 0.",
+ "default" : "cgroup v1: 1024, cgroup v2: 100",
+ "description" : "CPU weight for a container, will be clamped to [1, 10000] in cgroup v2.",
"maximum" : 500000,
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (0 - 500000)"
+ "typetext" : "<integer> (0 - 500000)",
+ "verbose_description" : "CPU weight for a container. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this container gets. Number is relative to the weights of all the other running guests."
+ },
+ "debug" : {
+ "default" : 0,
+ "description" : "Try to be more verbose. For now this only enables debug log-level on start.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"delete" : {
"description" : "A list of settings you want to delete.",
"typetext" : "<string>"
},
"description" : {
- "description" : "Container description. Only used on the configuration web interface.",
+ "description" : "Description for the Container. Shown in the web-interface CT's summary. This is saved as comment inside the configuration file.",
+ "maxLength" : 8192,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "dev[n]" : {
+ "description" : "Device to pass through to the container",
+ "format" : {
+ "gid" : {
+ "description" : "Group ID to be assigned to the device node",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "mode" : {
+ "description" : "Access mode to be set on the device node",
+ "format_description" : "Octal access mode",
+ "optional" : 1,
+ "pattern" : "0[0-7]{3}",
+ "type" : "string"
+ },
+ "path" : {
+ "default_key" : 1,
+ "description" : "Device to pass through to the container",
+ "format" : "pve-lxc-dev-string",
+ "format_description" : "Path",
+ "optional" : 1,
+ "type" : "string",
+ "verbose_description" : "Path to the device to pass through to the container"
+ },
+ "uid" : {
+ "description" : "User ID to be assigned to the device node",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[[path=]<Path>] [,gid=<integer>] [,mode=<Octal access mode>] [,uid=<integer>]"
+ },
"digest" : {
"description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
"maxLength" : 40,
"features" : {
"description" : "Allow containers access to advanced features.",
"format" : {
+ "force_rw_sys" : {
+ "default" : 0,
+ "description" : "Mount /sys in unprivileged containers as `rw` instead of `mixed`. This can break networking under newer (>= v245) systemd-network use.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"fuse" : {
"default" : 0,
"description" : "Allow using 'fuse' file systems in a container. Note that interactions between fuse and the freezer cgroup can potentially cause I/O deadlocks.",
"optional" : 1,
"type" : "boolean"
},
+ "mknod" : {
+ "default" : 0,
+ "description" : "Allow unprivileged containers to use mknod() to add certain device nodes. This requires a kernel with seccomp trap to user space support (5.3 or newer). This is experimental.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mount" : {
"description" : "Allow mounting file systems of specific types. This should be a list of file system types as used with the mount command. Note that this can have negative effects on the container's security. With access to a loop device, mounting a file can circumvent the mknod permission of the devices cgroup, mounting an NFS file system can block the host's I/O completely and prevent it from rebooting, etc.",
"format_description" : "fstype;fstype;...",
"optional" : 1,
- "pattern" : "(?^:[a-zA-Z0-9; ]+)",
+ "pattern" : "(?^:[a-zA-Z0-9_; ]+)",
"type" : "string"
},
"nesting" : {
},
"optional" : 1,
"type" : "string",
- "typetext" : "[fuse=<1|0>] [,keyctl=<1|0>] [,mount=<fstype;fstype;...>] [,nesting=<1|0>]"
+ "typetext" : "[force_rw_sys=<1|0>] [,fuse=<1|0>] [,keyctl=<1|0>] [,mknod=<1|0>] [,mount=<fstype;fstype;...>] [,nesting=<1|0>]"
+ },
+ "hookscript" : {
+ "description" : "Script that will be exectued during various steps in the containers lifetime.",
+ "format" : "pve-volume-id",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
},
"hostname" : {
"description" : "Set a host name for the container.",
"typetext" : "<string>"
},
"lock" : {
- "description" : "Lock/unlock the VM.",
+ "description" : "Lock/unlock the container.",
"enum" : [
"backup",
+ "create",
+ "destroyed",
"disk",
+ "fstrim",
"migrate",
"mounted",
"rollback",
},
"memory" : {
"default" : 512,
- "description" : "Amount of RAM for the VM in MB.",
+ "description" : "Amount of RAM for the container in MB.",
"minimum" : 16,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (16 - N)"
},
"mp[n]" : {
- "description" : "Use volume as container mount point.",
+ "description" : "Use volume as container mount point. Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume.",
"format" : {
"acl" : {
"description" : "Explicitly enable or disable ACL support.",
"type" : "boolean",
"verbose_description" : "Whether to include the mount point in backups (only used for volume mount points)."
},
+ "mountoptions" : {
+ "description" : "Extra mount options for rootfs/mps.",
+ "format_description" : "opt[;opt...]",
+ "optional" : 1,
+ "pattern" : "(?^:(?^:(noatime|lazytime|nodev|nosuid|noexec))(;(?^:(noatime|lazytime|nodev|nosuid|noexec)))*)",
+ "type" : "string"
+ },
"mp" : {
"description" : "Path to the mount point as seen from inside the container (must not contain symlinks).",
"format" : "pve-lxc-mp-string",
},
"optional" : 1,
"type" : "string",
- "typetext" : "[volume=]<volume> ,mp=<Path> [,acl=<1|0>] [,backup=<1|0>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]"
+ "typetext" : "[volume=]<volume> ,mp=<Path> [,acl=<1|0>] [,backup=<1|0>] [,mountoptions=<opt[;opt...]>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]"
},
"nameserver" : {
"description" : "Sets DNS server IP address for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
- "format" : "address-list",
+ "format" : "lxc-ip-with-ll-iface-list",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"hwaddr" : {
"description" : "The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)",
+ "format" : "mac-addr",
"format_description" : "XX:XX:XX:XX:XX:XX",
"optional" : 1,
- "pattern" : "(?^i:(?:[a-f0-9]{2}:){5}[a-f0-9]{2})",
- "type" : "string"
+ "type" : "string",
+ "verbose_description" : "A common MAC address with the I/G (Individual/Group) bit not set."
},
"ip" : {
"description" : "IPv4 address in CIDR format.",
"optional" : 1,
"type" : "string"
},
+ "link_down" : {
+ "description" : "Whether this interface should be disconnected (like pulling the plug).",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mtu" : {
"description" : "Maximum transfer unit of the interface. (lxc.network.mtu)",
+ "maximum" : 65535,
"minimum" : 64,
"optional" : 1,
"type" : "integer"
},
"optional" : 1,
"type" : "string",
- "typetext" : "name=<string> [,bridge=<bridge>] [,firewall=<1|0>] [,gw=<GatewayIPv4>] [,gw6=<GatewayIPv6>] [,hwaddr=<XX:XX:XX:XX:XX:XX>] [,ip=<(IPv4/CIDR|dhcp|manual)>] [,ip6=<(IPv6/CIDR|auto|dhcp|manual)>] [,mtu=<integer>] [,rate=<mbps>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,type=<veth>]"
+ "typetext" : "name=<string> [,bridge=<bridge>] [,firewall=<1|0>] [,gw=<GatewayIPv4>] [,gw6=<GatewayIPv6>] [,hwaddr=<XX:XX:XX:XX:XX:XX>] [,ip=<(IPv4/CIDR|dhcp|manual)>] [,ip6=<(IPv6/CIDR|auto|dhcp|manual)>] [,link_down=<1|0>] [,mtu=<integer>] [,rate=<mbps>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,type=<veth>]"
},
"node" : {
"description" : "The cluster node name.",
},
"onboot" : {
"default" : 0,
- "description" : "Specifies whether a VM will be started during system bootup.",
+ "description" : "Specifies whether a container will be started during system bootup.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"description" : "OS type. This is used to setup configuration inside the container, and corresponds to lxc setup scripts in /usr/share/lxc/config/<ostype>.common.conf. Value 'unmanaged' can be used to skip and OS specific setup.",
"enum" : [
"debian",
+ "devuan",
"ubuntu",
"centos",
"fedora",
"archlinux",
"alpine",
"gentoo",
+ "nixos",
"unmanaged"
],
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "revert" : {
+ "description" : "Revert a pending change.",
+ "format" : "pve-configid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"rootfs" : {
"description" : "Use volume as container root.",
"format" : {
"optional" : 1,
"type" : "boolean"
},
+ "mountoptions" : {
+ "description" : "Extra mount options for rootfs/mps.",
+ "format_description" : "opt[;opt...]",
+ "optional" : 1,
+ "pattern" : "(?^:(?^:(noatime|lazytime|nodev|nosuid|noexec))(;(?^:(noatime|lazytime|nodev|nosuid|noexec)))*)",
+ "type" : "string"
+ },
"quota" : {
"description" : "Enable user quotas inside the container (not supported with zfs subvolumes)",
"optional" : 1,
},
"optional" : 1,
"type" : "string",
- "typetext" : "[volume=]<volume> [,acl=<1|0>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]"
+ "typetext" : "[volume=]<volume> [,acl=<1|0>] [,mountoptions=<opt[;opt...]>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]"
},
"searchdomain" : {
"description" : "Sets DNS search domains for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
},
"swap" : {
"default" : 512,
- "description" : "Amount of SWAP for the VM in MB.",
+ "description" : "Amount of SWAP for the container in MB.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
+ "tags" : {
+ "description" : "Tags of the Container. This is only meta information.",
+ "format" : "pve-tag-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"template" : {
"default" : 0,
"description" : "Enable/disable Template.",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "timezone" : {
+ "description" : "Time zone to use in the container. If option isn't set, then nothing will be done. Can be set to 'host' to match the host time zone, or an arbitrary time zone option from /usr/share/zoneinfo/zone.tab",
+ "format" : "pve-ct-timezone",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"tty" : {
"default" : 2,
"description" : "Specify the number of tty available to the container",
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "volume" : {
+ "default_key" : 1,
+ "description" : "The volume that is not used currently.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ }
+ },
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[volume=]<volume>"
},
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get virtual machine status.",
"method" : "GET",
"name" : "vm_status",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"description" : "HA manager service status.",
"type" : "object"
},
+ "lock" : {
+ "description" : "The current config lock, if any.",
+ "optional" : 1,
+ "type" : "string"
+ },
"maxdisk" : {
"description" : "Root disk size in bytes.",
"optional" : 1,
],
"type" : "string"
},
+ "tags" : {
+ "description" : "The current configured tags, if any.",
+ "optional" : 1,
+ "type" : "string"
+ },
"uptime" : {
"description" : "Uptime.",
"optional" : 1,
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer"
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Start the container.",
"method" : "POST",
"name" : "vm_start",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "debug" : {
+ "default" : 0,
+ "description" : "If set, enables very verbose debug log-level on start.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Stop the container. This will abruptly stop all processes running in the container.",
"method" : "POST",
"name" : "vm_stop",
"type" : "string",
"typetext" : "<string>"
},
+ "overrule-shutdown" : {
+ "default" : 0,
+ "description" : "Try to abort active 'vzshutdown' tasks before stopping.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"skiplock" : {
"description" : "Ignore locks - only root is allowed to use this option.",
"optional" : 1,
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Shutdown the container. This will trigger a clean shutdown of the container, see lxc-stop(1) for details.",
"method" : "POST",
"name" : "vm_shutdown",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
- "description" : "Suspend the container.",
+ "allowtoken" : 1,
+ "description" : "Suspend the container. This is experimental.",
"method" : "POST",
"name" : "vm_suspend",
"parameters" : {
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Resume the container.",
"method" : "POST",
"name" : "vm_resume",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"leaf" : 1,
"path" : "/nodes/{node}/lxc/{vmid}/status/resume",
"text" : "resume"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Reboot the container by shutting it down, and starting it again. Applies pending changes.",
+ "method" : "POST",
+ "name" : "vm_reboot",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "timeout" : {
+ "description" : "Wait maximal timeout seconds for the shutdown.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.PowerMgmt"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/lxc/{vmid}/status/reboot",
+ "text" : "reboot"
}
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index",
"method" : "GET",
"name" : "vmcmdidx",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Rollback LXC state to specified snapshot.",
"method" : "POST",
"name" : "rollback",
"type" : "string",
"typetext" : "<string>"
},
+ "start" : {
+ "default" : 0,
+ "description" : "Whether the container should get started after rolling back successfully",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get snapshot configuration",
"method" : "GET",
"name" : "get_snapshot_config",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"/vms/{vmid}",
[
"VM.Snapshot",
- "VM.Snapshot.Rollback"
+ "VM.Snapshot.Rollback",
+ "VM.Audit"
],
"any",
1
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Update snapshot metadata.",
"method" : "PUT",
"name" : "update_snapshot_config",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete a LXC snapshot.",
"method" : "DELETE",
"name" : "delsnapshot",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "",
"method" : "GET",
"name" : "snapshot_cmd_idx",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List all snapshots.",
"method" : "GET",
"name" : "list",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Snapshot a container.",
"method" : "POST",
"name" : "snapshot",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete rule.",
"method" : "DELETE",
"name" : "delete_rule",
"additionalProperties" : 0,
"properties" : {
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Get single rule data.",
"method" : "GET",
"name" : "get_rule",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"optional" : 1,
"type" : "integer"
},
+ "icmp-type" : {
+ "optional" : 1,
+ "type" : "string"
+ },
"iface" : {
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "log" : {
+ "description" : "Log level for firewall rule",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"macro" : {
"optional" : 1,
- "type" : "integer"
+ "type" : "string"
},
"pos" : {
"type" : "integer"
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Modify rule data.",
"method" : "PUT",
"name" : "update_rule",
"dest" : {
"description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
+ "icmp-type" : {
+ "description" : "Specify icmp-type. Only valid if proto equals 'icmp' or 'icmpv6'/'ipv6-icmp'.",
+ "format" : "pve-fw-icmp-type-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"iface" : {
"description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
"format" : "pve-iface",
"type" : "string",
"typetext" : "<string>"
},
+ "log" : {
+ "description" : "Log level for firewall rule.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"macro" : {
"description" : "Use predefined standard macro.",
"maxLength" : 128,
"source" : {
"description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List rules.",
"method" : "GET",
"name" : "get_rules",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create new rule.",
"method" : "POST",
"name" : "create_rule",
"dest" : {
"description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
+ "icmp-type" : {
+ "description" : "Specify icmp-type. Only valid if proto equals 'icmp' or 'icmpv6'/'ipv6-icmp'.",
+ "format" : "pve-fw-icmp-type-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"iface" : {
"description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
"format" : "pve-iface",
"type" : "string",
"typetext" : "<string>"
},
+ "log" : {
+ "description" : "Log level for firewall rule.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"macro" : {
"description" : "Use predefined standard macro.",
"maxLength" : 128,
"source" : {
"description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Remove IP or Network alias.",
"method" : "DELETE",
"name" : "remove_alias",
"additionalProperties" : 0,
"properties" : {
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Read alias.",
"method" : "GET",
"name" : "read_alias",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Update IP or Network alias.",
"method" : "PUT",
"name" : "update_alias",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List aliases",
"method" : "GET",
"name" : "get_aliases",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"type" : "string"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 0,
"type" : "string"
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create IP or Network Alias.",
"method" : "POST",
"name" : "create_alias",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Remove IP or Network from IPSet.",
"method" : "DELETE",
"name" : "remove_ip",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Read IP or Network settings from IPSet.",
"method" : "GET",
"name" : "read_ip",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Update IP or Network settings",
"method" : "PUT",
"name" : "update_ip",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete IPSet",
"method" : "DELETE",
"name" : "delete_ipset",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "force" : {
+ "description" : "Delete all members of the IPSet, if there are any.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"name" : {
"description" : "IP set name.",
"maxLength" : 64,
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "List IPSet content",
"method" : "GET",
"name" : "get_ipset",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"type" : "string"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 0,
"type" : "string"
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Add IP or Network to IPSet.",
"method" : "POST",
"name" : "create_ip",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List IPSets",
"method" : "GET",
"name" : "ipset_index",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"type" : "string"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 0,
"type" : "string"
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create new IPSet",
"method" : "POST",
"name" : "create_ipset",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get VM firewall options.",
"method" : "GET",
"name" : "get_options",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"returns" : {
"properties" : {
"dhcp" : {
+ "default" : 0,
"description" : "Enable DHCP.",
"optional" : 1,
"type" : "boolean"
},
"enable" : {
+ "default" : 0,
"description" : "Enable/disable firewall rules.",
"optional" : 1,
"type" : "boolean"
"type" : "string"
},
"macfilter" : {
+ "default" : 1,
"description" : "Enable/disable MAC address filter.",
"optional" : 1,
"type" : "boolean"
},
"ndp" : {
- "description" : "Enable NDP.",
+ "default" : 0,
+ "description" : "Enable NDP (Neighbor Discovery Protocol).",
"optional" : 1,
"type" : "boolean"
},
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Set Firewall options.",
"method" : "PUT",
"name" : "set_options",
"typetext" : "<string>"
},
"dhcp" : {
+ "default" : 0,
"description" : "Enable DHCP.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"enable" : {
+ "default" : 0,
"description" : "Enable/disable firewall rules.",
"optional" : 1,
"type" : "boolean",
"type" : "string"
},
"macfilter" : {
+ "default" : 1,
"description" : "Enable/disable MAC address filter.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
"ndp" : {
- "description" : "Enable NDP.",
+ "default" : 0,
+ "description" : "Enable NDP (Neighbor Discovery Protocol).",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read firewall log",
"method" : "GET",
"name" : "log",
"type" : "string",
"typetext" : "<string>"
},
+ "since" : {
+ "description" : "Display log since this UNIX epoch.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
"start" : {
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
+ "until" : {
+ "description" : "Display log until this UNIX epoch.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Lists possible IPSet/Alias reference which are allowed in source/dest properties.",
"method" : "GET",
"name" : "refs",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"name" : {
"type" : "string"
},
+ "ref" : {
+ "type" : "string"
+ },
+ "scope" : {
+ "type" : "string"
+ },
"type" : {
"enum" : [
"alias",
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index.",
"method" : "GET",
"name" : "index",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read VM RRD statistics (returns PNG)",
"method" : "GET",
"name" : "rrd",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read VM RRD statistics",
"method" : "GET",
"name" : "rrddata",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Creates a TCP VNC proxy connections.",
"method" : "POST",
"name" : "vncproxy",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"websocket" : {
"description" : "use websocket instead of standard VNC.",
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Creates a TCP proxy connection.",
"method" : "POST",
"name" : "termproxy",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Opens a weksocket for VNC traffic.",
"method" : "GET",
"name" : "vncwebsocket",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"vncticket" : {
"description" : "Ticket from previous call to vncproxy.",
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Returns a SPICE configuration to connect to the CT.",
"method" : "POST",
"name" : "spiceproxy",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
- "description" : "Migrate the container to another node. Creates a new migration task.",
+ "allowtoken" : 1,
+ "description" : "Migrate the container to another cluster. Creates a new migration task. EXPERIMENTAL feature!",
"method" : "POST",
- "name" : "migrate_vm",
+ "name" : "remote_migrate_vm",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "force" : {
- "description" : "Force migration despite local bind / device mounts. NOTE: deprecated, use 'shared' property of mount point instead.",
+ "bwlimit" : {
+ "default" : "migrate limit from datacenter or storage config",
+ "description" : "Override I/O bandwidth limit (in KiB/s).",
+ "minimum" : "0",
+ "optional" : 1,
+ "type" : "number",
+ "typetext" : "<number> (0 - N)"
+ },
+ "delete" : {
+ "default" : 0,
+ "description" : "Delete the original CT and related data after successful migration. By default the original CT is kept on the source cluster in a stopped state.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "online" : {
+ "description" : "Use online/live migration.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "restart" : {
+ "description" : "Use restart migration",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "target-bridge" : {
+ "description" : "Mapping from source to target bridges. Providing only a single bridge ID maps all source bridges to that bridge. Providing the special value '1' will map each source bridge to itself.",
+ "format" : "bridge-pair-list",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "target-endpoint" : {
+ "description" : "Remote target endpoint",
+ "format" : "proxmox-remote",
+ "type" : "string",
+ "typetext" : "apitoken=<PVEAPIToken=user@realm!token=SECRET> ,host=<ADDRESS> [,fingerprint=<FINGERPRINT>] [,port=<PORT>]"
+ },
+ "target-storage" : {
+ "description" : "Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself.",
+ "format" : "storage-pair-list",
+ "optional" : 0,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "target-vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ },
+ "timeout" : {
+ "default" : 180,
+ "description" : "Timeout in seconds for shutdown for restart migration",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Migrate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "description" : "the task ID.",
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/lxc/{vmid}/remote_migrate",
+ "text" : "remote_migrate"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Migrate the container to another node. Creates a new migration task.",
+ "method" : "POST",
+ "name" : "migrate_vm",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "bwlimit" : {
+ "default" : "migrate limit from datacenter or storage config",
+ "description" : "Override I/O bandwidth limit (in KiB/s).",
+ "minimum" : "0",
+ "optional" : 1,
+ "type" : "number",
+ "typetext" : "<number> (0 - N)"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
},
+ "target-storage" : {
+ "description" : "Mapping from source to target storages. Providing only a single storage ID maps all source storages to that storage. Providing the special value '1' will map each source storage to itself.",
+ "format" : "storage-pair-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"timeout" : {
"default" : 180,
"description" : "Timeout in seconds for shutdown for restart migration",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Check if feature for virtual machine is available.",
"method" : "GET",
"name" : "vm_feature",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Create a Template.",
"method" : "POST",
"name" : "template",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Create a container clone/copy",
"method" : "POST",
"name" : "clone_vm",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "bwlimit" : {
+ "default" : "clone limit from datacenter or storage config",
+ "description" : "Override I/O bandwidth limit (in KiB/s).",
+ "minimum" : "0",
+ "optional" : 1,
+ "type" : "number",
+ "typetext" : "<number> (0 - N)"
+ },
"description" : {
"description" : "Description for the new CT.",
"optional" : 1,
"newid" : {
"description" : "VMID for the clone.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"node" : {
"description" : "The cluster node name.",
"storage" : {
"description" : "Target storage for full clone.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"target" : {
"description" : "Target node. Only allowed if the original VM is on shared storage.",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
]
]
],
- "description" : "You need 'VM.Clone' permissions on /vms/{vmid}, and 'VM.Allocate' permissions on /vms/{newid} (or on the VM pool /pool/{pool}). You also need 'Datastore.AllocateSpace' on any used storage."
+ "description" : "You need 'VM.Clone' permissions on /vms/{vmid}, and 'VM.Allocate' permissions on /vms/{newid} (or on the VM pool /pool/{pool}). You also need 'Datastore.AllocateSpace' on any used storage, and 'SDN.Use' on any bridge."
},
"protected" : 1,
"proxyto" : "node",
{
"info" : {
"PUT" : {
+ "allowtoken" : 1,
"description" : "Resize a container mount point.",
"method" : "PUT",
"name" : "resize_vm",
"mp252",
"mp253",
"mp254",
- "mp255"
+ "mp255"
+ ],
+ "type" : "string"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "size" : {
+ "description" : "The new size. With the '+' sign the value is added to the actual size of the volume and without it, the value is taken as an absolute one. Shrinking disk size is not supported.",
+ "pattern" : "\\+?\\d+(\\.\\d+)?[KMGT]?",
+ "type" : "string"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Config.Disk"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "description" : "the task ID.",
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/lxc/{vmid}/resize",
+ "text" : "resize"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Move a rootfs-/mp-volume to a different storage or to a different container.",
+ "method" : "POST",
+ "name" : "move_volume",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "bwlimit" : {
+ "default" : "clone limit from datacenter or storage config",
+ "description" : "Override I/O bandwidth limit (in KiB/s).",
+ "minimum" : "0",
+ "optional" : 1,
+ "type" : "number",
+ "typetext" : "<number> (0 - N)"
+ },
+ "delete" : {
+ "default" : 0,
+ "description" : "Delete the original volume after successful copy. By default the original is kept as an unused volume entry.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 \" .\n\t\t \"digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "storage" : {
+ "description" : "Target Storage.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "target-digest" : {
+ "description" : "Prevent changes if current configuration file of the target \" .\n\t\t \"container has a different SHA1 digest. This can be used to prevent \" .\n\t\t \"concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "target-vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ },
+ "target-volume" : {
+ "description" : "The config key the volume will be moved to. Default is the source volume key.",
+ "enum" : [
+ "rootfs",
+ "mp0",
+ "mp1",
+ "mp2",
+ "mp3",
+ "mp4",
+ "mp5",
+ "mp6",
+ "mp7",
+ "mp8",
+ "mp9",
+ "mp10",
+ "mp11",
+ "mp12",
+ "mp13",
+ "mp14",
+ "mp15",
+ "mp16",
+ "mp17",
+ "mp18",
+ "mp19",
+ "mp20",
+ "mp21",
+ "mp22",
+ "mp23",
+ "mp24",
+ "mp25",
+ "mp26",
+ "mp27",
+ "mp28",
+ "mp29",
+ "mp30",
+ "mp31",
+ "mp32",
+ "mp33",
+ "mp34",
+ "mp35",
+ "mp36",
+ "mp37",
+ "mp38",
+ "mp39",
+ "mp40",
+ "mp41",
+ "mp42",
+ "mp43",
+ "mp44",
+ "mp45",
+ "mp46",
+ "mp47",
+ "mp48",
+ "mp49",
+ "mp50",
+ "mp51",
+ "mp52",
+ "mp53",
+ "mp54",
+ "mp55",
+ "mp56",
+ "mp57",
+ "mp58",
+ "mp59",
+ "mp60",
+ "mp61",
+ "mp62",
+ "mp63",
+ "mp64",
+ "mp65",
+ "mp66",
+ "mp67",
+ "mp68",
+ "mp69",
+ "mp70",
+ "mp71",
+ "mp72",
+ "mp73",
+ "mp74",
+ "mp75",
+ "mp76",
+ "mp77",
+ "mp78",
+ "mp79",
+ "mp80",
+ "mp81",
+ "mp82",
+ "mp83",
+ "mp84",
+ "mp85",
+ "mp86",
+ "mp87",
+ "mp88",
+ "mp89",
+ "mp90",
+ "mp91",
+ "mp92",
+ "mp93",
+ "mp94",
+ "mp95",
+ "mp96",
+ "mp97",
+ "mp98",
+ "mp99",
+ "mp100",
+ "mp101",
+ "mp102",
+ "mp103",
+ "mp104",
+ "mp105",
+ "mp106",
+ "mp107",
+ "mp108",
+ "mp109",
+ "mp110",
+ "mp111",
+ "mp112",
+ "mp113",
+ "mp114",
+ "mp115",
+ "mp116",
+ "mp117",
+ "mp118",
+ "mp119",
+ "mp120",
+ "mp121",
+ "mp122",
+ "mp123",
+ "mp124",
+ "mp125",
+ "mp126",
+ "mp127",
+ "mp128",
+ "mp129",
+ "mp130",
+ "mp131",
+ "mp132",
+ "mp133",
+ "mp134",
+ "mp135",
+ "mp136",
+ "mp137",
+ "mp138",
+ "mp139",
+ "mp140",
+ "mp141",
+ "mp142",
+ "mp143",
+ "mp144",
+ "mp145",
+ "mp146",
+ "mp147",
+ "mp148",
+ "mp149",
+ "mp150",
+ "mp151",
+ "mp152",
+ "mp153",
+ "mp154",
+ "mp155",
+ "mp156",
+ "mp157",
+ "mp158",
+ "mp159",
+ "mp160",
+ "mp161",
+ "mp162",
+ "mp163",
+ "mp164",
+ "mp165",
+ "mp166",
+ "mp167",
+ "mp168",
+ "mp169",
+ "mp170",
+ "mp171",
+ "mp172",
+ "mp173",
+ "mp174",
+ "mp175",
+ "mp176",
+ "mp177",
+ "mp178",
+ "mp179",
+ "mp180",
+ "mp181",
+ "mp182",
+ "mp183",
+ "mp184",
+ "mp185",
+ "mp186",
+ "mp187",
+ "mp188",
+ "mp189",
+ "mp190",
+ "mp191",
+ "mp192",
+ "mp193",
+ "mp194",
+ "mp195",
+ "mp196",
+ "mp197",
+ "mp198",
+ "mp199",
+ "mp200",
+ "mp201",
+ "mp202",
+ "mp203",
+ "mp204",
+ "mp205",
+ "mp206",
+ "mp207",
+ "mp208",
+ "mp209",
+ "mp210",
+ "mp211",
+ "mp212",
+ "mp213",
+ "mp214",
+ "mp215",
+ "mp216",
+ "mp217",
+ "mp218",
+ "mp219",
+ "mp220",
+ "mp221",
+ "mp222",
+ "mp223",
+ "mp224",
+ "mp225",
+ "mp226",
+ "mp227",
+ "mp228",
+ "mp229",
+ "mp230",
+ "mp231",
+ "mp232",
+ "mp233",
+ "mp234",
+ "mp235",
+ "mp236",
+ "mp237",
+ "mp238",
+ "mp239",
+ "mp240",
+ "mp241",
+ "mp242",
+ "mp243",
+ "mp244",
+ "mp245",
+ "mp246",
+ "mp247",
+ "mp248",
+ "mp249",
+ "mp250",
+ "mp251",
+ "mp252",
+ "mp253",
+ "mp254",
+ "mp255",
+ "unused0",
+ "unused1",
+ "unused2",
+ "unused3",
+ "unused4",
+ "unused5",
+ "unused6",
+ "unused7",
+ "unused8",
+ "unused9",
+ "unused10",
+ "unused11",
+ "unused12",
+ "unused13",
+ "unused14",
+ "unused15",
+ "unused16",
+ "unused17",
+ "unused18",
+ "unused19",
+ "unused20",
+ "unused21",
+ "unused22",
+ "unused23",
+ "unused24",
+ "unused25",
+ "unused26",
+ "unused27",
+ "unused28",
+ "unused29",
+ "unused30",
+ "unused31",
+ "unused32",
+ "unused33",
+ "unused34",
+ "unused35",
+ "unused36",
+ "unused37",
+ "unused38",
+ "unused39",
+ "unused40",
+ "unused41",
+ "unused42",
+ "unused43",
+ "unused44",
+ "unused45",
+ "unused46",
+ "unused47",
+ "unused48",
+ "unused49",
+ "unused50",
+ "unused51",
+ "unused52",
+ "unused53",
+ "unused54",
+ "unused55",
+ "unused56",
+ "unused57",
+ "unused58",
+ "unused59",
+ "unused60",
+ "unused61",
+ "unused62",
+ "unused63",
+ "unused64",
+ "unused65",
+ "unused66",
+ "unused67",
+ "unused68",
+ "unused69",
+ "unused70",
+ "unused71",
+ "unused72",
+ "unused73",
+ "unused74",
+ "unused75",
+ "unused76",
+ "unused77",
+ "unused78",
+ "unused79",
+ "unused80",
+ "unused81",
+ "unused82",
+ "unused83",
+ "unused84",
+ "unused85",
+ "unused86",
+ "unused87",
+ "unused88",
+ "unused89",
+ "unused90",
+ "unused91",
+ "unused92",
+ "unused93",
+ "unused94",
+ "unused95",
+ "unused96",
+ "unused97",
+ "unused98",
+ "unused99",
+ "unused100",
+ "unused101",
+ "unused102",
+ "unused103",
+ "unused104",
+ "unused105",
+ "unused106",
+ "unused107",
+ "unused108",
+ "unused109",
+ "unused110",
+ "unused111",
+ "unused112",
+ "unused113",
+ "unused114",
+ "unused115",
+ "unused116",
+ "unused117",
+ "unused118",
+ "unused119",
+ "unused120",
+ "unused121",
+ "unused122",
+ "unused123",
+ "unused124",
+ "unused125",
+ "unused126",
+ "unused127",
+ "unused128",
+ "unused129",
+ "unused130",
+ "unused131",
+ "unused132",
+ "unused133",
+ "unused134",
+ "unused135",
+ "unused136",
+ "unused137",
+ "unused138",
+ "unused139",
+ "unused140",
+ "unused141",
+ "unused142",
+ "unused143",
+ "unused144",
+ "unused145",
+ "unused146",
+ "unused147",
+ "unused148",
+ "unused149",
+ "unused150",
+ "unused151",
+ "unused152",
+ "unused153",
+ "unused154",
+ "unused155",
+ "unused156",
+ "unused157",
+ "unused158",
+ "unused159",
+ "unused160",
+ "unused161",
+ "unused162",
+ "unused163",
+ "unused164",
+ "unused165",
+ "unused166",
+ "unused167",
+ "unused168",
+ "unused169",
+ "unused170",
+ "unused171",
+ "unused172",
+ "unused173",
+ "unused174",
+ "unused175",
+ "unused176",
+ "unused177",
+ "unused178",
+ "unused179",
+ "unused180",
+ "unused181",
+ "unused182",
+ "unused183",
+ "unused184",
+ "unused185",
+ "unused186",
+ "unused187",
+ "unused188",
+ "unused189",
+ "unused190",
+ "unused191",
+ "unused192",
+ "unused193",
+ "unused194",
+ "unused195",
+ "unused196",
+ "unused197",
+ "unused198",
+ "unused199",
+ "unused200",
+ "unused201",
+ "unused202",
+ "unused203",
+ "unused204",
+ "unused205",
+ "unused206",
+ "unused207",
+ "unused208",
+ "unused209",
+ "unused210",
+ "unused211",
+ "unused212",
+ "unused213",
+ "unused214",
+ "unused215",
+ "unused216",
+ "unused217",
+ "unused218",
+ "unused219",
+ "unused220",
+ "unused221",
+ "unused222",
+ "unused223",
+ "unused224",
+ "unused225",
+ "unused226",
+ "unused227",
+ "unused228",
+ "unused229",
+ "unused230",
+ "unused231",
+ "unused232",
+ "unused233",
+ "unused234",
+ "unused235",
+ "unused236",
+ "unused237",
+ "unused238",
+ "unused239",
+ "unused240",
+ "unused241",
+ "unused242",
+ "unused243",
+ "unused244",
+ "unused245",
+ "unused246",
+ "unused247",
+ "unused248",
+ "unused249",
+ "unused250",
+ "unused251",
+ "unused252",
+ "unused253",
+ "unused254",
+ "unused255"
],
- "type" : "string"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- },
- "size" : {
- "description" : "The new size. With the '+' sign the value is added to the actual size of the volume and without it, the value is taken as an absolute one. Shrinking disk size is not supported.",
- "pattern" : "\\+?\\d+(\\.\\d+)?[KMGT]?",
- "type" : "string"
- },
- "vmid" : {
- "description" : "The (unique) ID of the VM.",
- "format" : "pve-vmid",
- "minimum" : 1,
- "type" : "integer",
- "typetext" : "<integer> (1 - N)"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/vms/{vmid}",
- [
- "VM.Config.Disk"
- ],
- "any",
- 1
- ]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "description" : "the task ID.",
- "type" : "string"
- }
- }
- },
- "leaf" : 1,
- "path" : "/nodes/{node}/lxc/{vmid}/resize",
- "text" : "resize"
- },
- {
- "info" : {
- "POST" : {
- "description" : "Move a rootfs-/mp-volume to a different storage",
- "method" : "POST",
- "name" : "move_volume",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "delete" : {
- "default" : 0,
- "description" : "Delete the original volume after successful copy. By default the original is kept as an unused volume entry.",
"optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- },
- "storage" : {
- "description" : "Target Storage.",
- "format" : "pve-storage-id",
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "string"
},
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"volume" : {
"description" : "Volume which will be moved.",
"mp252",
"mp253",
"mp254",
- "mp255"
+ "mp255",
+ "unused0",
+ "unused1",
+ "unused2",
+ "unused3",
+ "unused4",
+ "unused5",
+ "unused6",
+ "unused7",
+ "unused8",
+ "unused9",
+ "unused10",
+ "unused11",
+ "unused12",
+ "unused13",
+ "unused14",
+ "unused15",
+ "unused16",
+ "unused17",
+ "unused18",
+ "unused19",
+ "unused20",
+ "unused21",
+ "unused22",
+ "unused23",
+ "unused24",
+ "unused25",
+ "unused26",
+ "unused27",
+ "unused28",
+ "unused29",
+ "unused30",
+ "unused31",
+ "unused32",
+ "unused33",
+ "unused34",
+ "unused35",
+ "unused36",
+ "unused37",
+ "unused38",
+ "unused39",
+ "unused40",
+ "unused41",
+ "unused42",
+ "unused43",
+ "unused44",
+ "unused45",
+ "unused46",
+ "unused47",
+ "unused48",
+ "unused49",
+ "unused50",
+ "unused51",
+ "unused52",
+ "unused53",
+ "unused54",
+ "unused55",
+ "unused56",
+ "unused57",
+ "unused58",
+ "unused59",
+ "unused60",
+ "unused61",
+ "unused62",
+ "unused63",
+ "unused64",
+ "unused65",
+ "unused66",
+ "unused67",
+ "unused68",
+ "unused69",
+ "unused70",
+ "unused71",
+ "unused72",
+ "unused73",
+ "unused74",
+ "unused75",
+ "unused76",
+ "unused77",
+ "unused78",
+ "unused79",
+ "unused80",
+ "unused81",
+ "unused82",
+ "unused83",
+ "unused84",
+ "unused85",
+ "unused86",
+ "unused87",
+ "unused88",
+ "unused89",
+ "unused90",
+ "unused91",
+ "unused92",
+ "unused93",
+ "unused94",
+ "unused95",
+ "unused96",
+ "unused97",
+ "unused98",
+ "unused99",
+ "unused100",
+ "unused101",
+ "unused102",
+ "unused103",
+ "unused104",
+ "unused105",
+ "unused106",
+ "unused107",
+ "unused108",
+ "unused109",
+ "unused110",
+ "unused111",
+ "unused112",
+ "unused113",
+ "unused114",
+ "unused115",
+ "unused116",
+ "unused117",
+ "unused118",
+ "unused119",
+ "unused120",
+ "unused121",
+ "unused122",
+ "unused123",
+ "unused124",
+ "unused125",
+ "unused126",
+ "unused127",
+ "unused128",
+ "unused129",
+ "unused130",
+ "unused131",
+ "unused132",
+ "unused133",
+ "unused134",
+ "unused135",
+ "unused136",
+ "unused137",
+ "unused138",
+ "unused139",
+ "unused140",
+ "unused141",
+ "unused142",
+ "unused143",
+ "unused144",
+ "unused145",
+ "unused146",
+ "unused147",
+ "unused148",
+ "unused149",
+ "unused150",
+ "unused151",
+ "unused152",
+ "unused153",
+ "unused154",
+ "unused155",
+ "unused156",
+ "unused157",
+ "unused158",
+ "unused159",
+ "unused160",
+ "unused161",
+ "unused162",
+ "unused163",
+ "unused164",
+ "unused165",
+ "unused166",
+ "unused167",
+ "unused168",
+ "unused169",
+ "unused170",
+ "unused171",
+ "unused172",
+ "unused173",
+ "unused174",
+ "unused175",
+ "unused176",
+ "unused177",
+ "unused178",
+ "unused179",
+ "unused180",
+ "unused181",
+ "unused182",
+ "unused183",
+ "unused184",
+ "unused185",
+ "unused186",
+ "unused187",
+ "unused188",
+ "unused189",
+ "unused190",
+ "unused191",
+ "unused192",
+ "unused193",
+ "unused194",
+ "unused195",
+ "unused196",
+ "unused197",
+ "unused198",
+ "unused199",
+ "unused200",
+ "unused201",
+ "unused202",
+ "unused203",
+ "unused204",
+ "unused205",
+ "unused206",
+ "unused207",
+ "unused208",
+ "unused209",
+ "unused210",
+ "unused211",
+ "unused212",
+ "unused213",
+ "unused214",
+ "unused215",
+ "unused216",
+ "unused217",
+ "unused218",
+ "unused219",
+ "unused220",
+ "unused221",
+ "unused222",
+ "unused223",
+ "unused224",
+ "unused225",
+ "unused226",
+ "unused227",
+ "unused228",
+ "unused229",
+ "unused230",
+ "unused231",
+ "unused232",
+ "unused233",
+ "unused234",
+ "unused235",
+ "unused236",
+ "unused237",
+ "unused238",
+ "unused239",
+ "unused240",
+ "unused241",
+ "unused242",
+ "unused243",
+ "unused244",
+ "unused245",
+ "unused246",
+ "unused247",
+ "unused248",
+ "unused249",
+ "unused250",
+ "unused251",
+ "unused252",
+ "unused253",
+ "unused254",
+ "unused255"
],
"type" : "string"
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Config.Disk"
+ ]
+ ],
+ "description" : "You need 'VM.Config.Disk' permissions on /vms/{vmid}, and 'Datastore.AllocateSpace' permissions on the storage. To move a volume to another container, you need the permissions on the target container as well."
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/lxc/{vmid}/move_volume",
+ "text" : "move_volume"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get container configuration, including pending changes.",
+ "method" : "GET",
+ "name" : "vm_pending",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Audit"
+ ]
+ ]
+ },
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "delete" : {
+ "description" : "Indicates a pending delete request if present and not 0.",
+ "maximum" : 2,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "key" : {
+ "description" : "Configuration option name.",
+ "type" : "string"
+ },
+ "pending" : {
+ "description" : "Pending value.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "value" : {
+ "description" : "Current value.",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/lxc/{vmid}/pending",
+ "text" : "pending"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get IP addresses of the specified container interface.",
+ "method" : "GET",
+ "name" : "ip",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/vms/{vmid}",
+ [
+ "VM.Audit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "hwaddr" : {
+ "description" : "The MAC address of the interface",
+ "optional" : 0,
+ "type" : "string"
+ },
+ "inet" : {
+ "description" : "The IPv4 address of the interface",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "inet6" : {
+ "description" : "The IPv6 address of the interface",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "The name of the interface",
+ "optional" : 0,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/lxc/{vmid}/interfaces",
+ "text" : "interfaces"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Migration tunnel endpoint - only for internal use by CT migration.",
+ "method" : "POST",
+ "name" : "mtunnel",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "bridges" : {
+ "description" : "List of network bridges to check availability. Will be checked again for actually used bridges during migration.",
+ "format" : "pve-bridge-id-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "storages" : {
+ "description" : "List of storages to check permission and availability. Will be checked again for all actually used storages during migration.",
+ "format" : "pve-storage-id-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
"permissions" : {
"check" : [
"and",
"perm",
"/vms/{vmid}",
[
- "VM.Config.Disk"
+ "VM.Allocate"
]
],
[
"perm",
- "/storage/{storage}",
+ "/",
[
- "Datastore.AllocateSpace"
+ "Sys.Incoming"
]
]
],
- "description" : "You need 'VM.Config.Disk' permissions on /vms/{vmid}, and 'Datastore.AllocateSpace' permissions on the storage."
+ "description" : "You need 'VM.Allocate' permissions on '/vms/{vmid}' and Sys.Incoming on '/'. Further permission checks happen during the actual migration."
},
"protected" : 1,
- "proxyto" : "node",
"returns" : {
- "type" : "string"
+ "additionalProperties" : 0,
+ "properties" : {
+ "socket" : {
+ "type" : "string"
+ },
+ "ticket" : {
+ "type" : "string"
+ },
+ "upid" : {
+ "type" : "string"
+ }
+ }
}
}
},
"leaf" : 1,
- "path" : "/nodes/{node}/lxc/{vmid}/move_volume",
- "text" : "move_volume"
+ "path" : "/nodes/{node}/lxc/{vmid}/mtunnel",
+ "text" : "mtunnel"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Migration tunnel endpoint for websocket upgrade - only for internal use by VM migration.",
+ "method" : "GET",
+ "name" : "mtunnelwebsocket",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "socket" : {
+ "description" : "unix socket to forward to",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "ticket" : {
+ "description" : "ticket return by initial 'mtunnel' API call, or retrieved via 'ticket' tunnel command",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vmid" : {
+ "description" : "The (unique) ID of the VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "You need to pass a ticket valid for the selected socket. Tickets can be created via the mtunnel API call, which will check permissions accordingly.",
+ "user" : "all"
+ },
+ "returns" : {
+ "properties" : {
+ "port" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "socket" : {
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/lxc/{vmid}/mtunnelwebsocket",
+ "text" : "mtunnelwebsocket"
}
],
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Destroy the container (also delete all uses files).",
"method" : "DELETE",
"name" : "destroy_vm",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "destroy-unreferenced-disks" : {
+ "description" : "If set, destroy additionally all disks with the VMID from all enabled storages which are not referenced in the config.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "force" : {
+ "default" : 0,
+ "description" : "Force destroy, even if running.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
},
+ "purge" : {
+ "default" : 0,
+ "description" : "Remove container from all related configurations. For example, backup jobs, replication jobs or HA. Related ACLs and Firewall entries will *always* be removed.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index",
"method" : "GET",
"name" : "vmdiridx",
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "LXC container index (per node).",
"method" : "GET",
"name" : "vmlist",
"optional" : 1,
"type" : "number"
},
+ "lock" : {
+ "description" : "The current config lock, if any.",
+ "optional" : 1,
+ "type" : "string"
+ },
"maxdisk" : {
"description" : "Root disk size in bytes.",
"optional" : 1,
],
"type" : "string"
},
+ "tags" : {
+ "description" : "The current configured tags, if any.",
+ "optional" : 1,
+ "type" : "string"
+ },
"uptime" : {
"description" : "Uptime.",
"optional" : 1,
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer"
}
},
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create or restore a container.",
"method" : "POST",
"name" : "create_vm",
"amd64",
"i386",
"arm64",
- "armhf"
+ "armhf",
+ "riscv32",
+ "riscv64"
],
"optional" : 1,
"type" : "string"
},
"bwlimit" : {
- "description" : "Override i/o bandwidth limit (in KiB/s).",
+ "default" : "restore limit from datacenter or storage config",
+ "description" : "Override I/O bandwidth limit (in KiB/s).",
"minimum" : "0",
"optional" : 1,
"type" : "number",
},
"cores" : {
"description" : "The number of cores assigned to the container. A container can use all available cores by default.",
- "maximum" : 128,
+ "maximum" : 8192,
"minimum" : 1,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (1 - 128)"
+ "typetext" : "<integer> (1 - 8192)"
},
"cpulimit" : {
"default" : 0,
"description" : "Limit of CPU usage.\n\nNOTE: If the computer has 2 CPUs, it has a total of '2' CPU time. Value '0' indicates no CPU limit.",
- "maximum" : 128,
+ "maximum" : 8192,
"minimum" : 0,
"optional" : 1,
"type" : "number",
- "typetext" : "<number> (0 - 128)"
+ "typetext" : "<number> (0 - 8192)"
},
"cpuunits" : {
- "default" : 1024,
- "description" : "CPU weight for a VM. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this VM gets. Number is relative to the weights of all the other running VMs.\n\nNOTE: You can disable fair-scheduler configuration by setting this to 0.",
+ "default" : "cgroup v1: 1024, cgroup v2: 100",
+ "description" : "CPU weight for a container, will be clamped to [1, 10000] in cgroup v2.",
"maximum" : 500000,
"minimum" : 0,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (0 - 500000)"
+ "typetext" : "<integer> (0 - 500000)",
+ "verbose_description" : "CPU weight for a container. Argument is used in the kernel fair scheduler. The larger the number is, the more CPU time this container gets. Number is relative to the weights of all the other running guests."
+ },
+ "debug" : {
+ "default" : 0,
+ "description" : "Try to be more verbose. For now this only enables debug log-level on start.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
"description" : {
- "description" : "Container description. Only used on the configuration web interface.",
+ "description" : "Description for the Container. Shown in the web-interface CT's summary. This is saved as comment inside the configuration file.",
+ "maxLength" : 8192,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "dev[n]" : {
+ "description" : "Device to pass through to the container",
+ "format" : {
+ "gid" : {
+ "description" : "Group ID to be assigned to the device node",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "mode" : {
+ "description" : "Access mode to be set on the device node",
+ "format_description" : "Octal access mode",
+ "optional" : 1,
+ "pattern" : "0[0-7]{3}",
+ "type" : "string"
+ },
+ "path" : {
+ "default_key" : 1,
+ "description" : "Device to pass through to the container",
+ "format" : "pve-lxc-dev-string",
+ "format_description" : "Path",
+ "optional" : 1,
+ "type" : "string",
+ "verbose_description" : "Path to the device to pass through to the container"
+ },
+ "uid" : {
+ "description" : "User ID to be assigned to the device node",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[[path=]<Path>] [,gid=<integer>] [,mode=<Octal access mode>] [,uid=<integer>]"
+ },
"features" : {
"description" : "Allow containers access to advanced features.",
"format" : {
+ "force_rw_sys" : {
+ "default" : 0,
+ "description" : "Mount /sys in unprivileged containers as `rw` instead of `mixed`. This can break networking under newer (>= v245) systemd-network use.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"fuse" : {
"default" : 0,
"description" : "Allow using 'fuse' file systems in a container. Note that interactions between fuse and the freezer cgroup can potentially cause I/O deadlocks.",
"optional" : 1,
"type" : "boolean"
},
+ "mknod" : {
+ "default" : 0,
+ "description" : "Allow unprivileged containers to use mknod() to add certain device nodes. This requires a kernel with seccomp trap to user space support (5.3 or newer). This is experimental.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mount" : {
"description" : "Allow mounting file systems of specific types. This should be a list of file system types as used with the mount command. Note that this can have negative effects on the container's security. With access to a loop device, mounting a file can circumvent the mknod permission of the devices cgroup, mounting an NFS file system can block the host's I/O completely and prevent it from rebooting, etc.",
"format_description" : "fstype;fstype;...",
"optional" : 1,
- "pattern" : "(?^:[a-zA-Z0-9; ]+)",
+ "pattern" : "(?^:[a-zA-Z0-9_; ]+)",
"type" : "string"
},
"nesting" : {
},
"optional" : 1,
"type" : "string",
- "typetext" : "[fuse=<1|0>] [,keyctl=<1|0>] [,mount=<fstype;fstype;...>] [,nesting=<1|0>]"
+ "typetext" : "[force_rw_sys=<1|0>] [,fuse=<1|0>] [,keyctl=<1|0>] [,mknod=<1|0>] [,mount=<fstype;fstype;...>] [,nesting=<1|0>]"
},
"force" : {
"description" : "Allow to overwrite existing container.",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "hookscript" : {
+ "description" : "Script that will be exectued during various steps in the containers lifetime.",
+ "format" : "pve-volume-id",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"hostname" : {
"description" : "Set a host name for the container.",
"format" : "dns-name",
"typetext" : "<boolean>"
},
"lock" : {
- "description" : "Lock/unlock the VM.",
+ "description" : "Lock/unlock the container.",
"enum" : [
"backup",
+ "create",
+ "destroyed",
"disk",
+ "fstrim",
"migrate",
"mounted",
"rollback",
},
"memory" : {
"default" : 512,
- "description" : "Amount of RAM for the VM in MB.",
+ "description" : "Amount of RAM for the container in MB.",
"minimum" : 16,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (16 - N)"
},
"mp[n]" : {
- "description" : "Use volume as container mount point.",
+ "description" : "Use volume as container mount point. Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume.",
"format" : {
"acl" : {
"description" : "Explicitly enable or disable ACL support.",
"type" : "boolean",
"verbose_description" : "Whether to include the mount point in backups (only used for volume mount points)."
},
+ "mountoptions" : {
+ "description" : "Extra mount options for rootfs/mps.",
+ "format_description" : "opt[;opt...]",
+ "optional" : 1,
+ "pattern" : "(?^:(?^:(noatime|lazytime|nodev|nosuid|noexec))(;(?^:(noatime|lazytime|nodev|nosuid|noexec)))*)",
+ "type" : "string"
+ },
"mp" : {
"description" : "Path to the mount point as seen from inside the container (must not contain symlinks).",
"format" : "pve-lxc-mp-string",
},
"optional" : 1,
"type" : "string",
- "typetext" : "[volume=]<volume> ,mp=<Path> [,acl=<1|0>] [,backup=<1|0>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]"
+ "typetext" : "[volume=]<volume> ,mp=<Path> [,acl=<1|0>] [,backup=<1|0>] [,mountoptions=<opt[;opt...]>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]"
},
"nameserver" : {
"description" : "Sets DNS server IP address for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
- "format" : "address-list",
+ "format" : "lxc-ip-with-ll-iface-list",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"hwaddr" : {
"description" : "The interface MAC address. This is dynamically allocated by default, but you can set that statically if needed, for example to always have the same link-local IPv6 address. (lxc.network.hwaddr)",
+ "format" : "mac-addr",
"format_description" : "XX:XX:XX:XX:XX:XX",
"optional" : 1,
- "pattern" : "(?^i:(?:[a-f0-9]{2}:){5}[a-f0-9]{2})",
- "type" : "string"
+ "type" : "string",
+ "verbose_description" : "A common MAC address with the I/G (Individual/Group) bit not set."
},
"ip" : {
"description" : "IPv4 address in CIDR format.",
"optional" : 1,
"type" : "string"
},
+ "link_down" : {
+ "description" : "Whether this interface should be disconnected (like pulling the plug).",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"mtu" : {
"description" : "Maximum transfer unit of the interface. (lxc.network.mtu)",
+ "maximum" : 65535,
"minimum" : 64,
"optional" : 1,
"type" : "integer"
},
"optional" : 1,
"type" : "string",
- "typetext" : "name=<string> [,bridge=<bridge>] [,firewall=<1|0>] [,gw=<GatewayIPv4>] [,gw6=<GatewayIPv6>] [,hwaddr=<XX:XX:XX:XX:XX:XX>] [,ip=<(IPv4/CIDR|dhcp|manual)>] [,ip6=<(IPv6/CIDR|auto|dhcp|manual)>] [,mtu=<integer>] [,rate=<mbps>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,type=<veth>]"
+ "typetext" : "name=<string> [,bridge=<bridge>] [,firewall=<1|0>] [,gw=<GatewayIPv4>] [,gw6=<GatewayIPv6>] [,hwaddr=<XX:XX:XX:XX:XX:XX>] [,ip=<(IPv4/CIDR|dhcp|manual)>] [,ip6=<(IPv6/CIDR|auto|dhcp|manual)>] [,link_down=<1|0>] [,mtu=<integer>] [,rate=<mbps>] [,tag=<integer>] [,trunks=<vlanid[;vlanid...]>] [,type=<veth>]"
},
"node" : {
"description" : "The cluster node name.",
},
"onboot" : {
"default" : 0,
- "description" : "Specifies whether a VM will be started during system bootup.",
+ "description" : "Specifies whether a container will be started during system bootup.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"description" : "OS type. This is used to setup configuration inside the container, and corresponds to lxc setup scripts in /usr/share/lxc/config/<ostype>.common.conf. Value 'unmanaged' can be used to skip and OS specific setup.",
"enum" : [
"debian",
+ "devuan",
"ubuntu",
"centos",
"fedora",
"archlinux",
"alpine",
"gentoo",
+ "nixos",
"unmanaged"
],
"optional" : 1,
"optional" : 1,
"type" : "boolean"
},
+ "mountoptions" : {
+ "description" : "Extra mount options for rootfs/mps.",
+ "format_description" : "opt[;opt...]",
+ "optional" : 1,
+ "pattern" : "(?^:(?^:(noatime|lazytime|nodev|nosuid|noexec))(;(?^:(noatime|lazytime|nodev|nosuid|noexec)))*)",
+ "type" : "string"
+ },
"quota" : {
"description" : "Enable user quotas inside the container (not supported with zfs subvolumes)",
"optional" : 1,
},
"optional" : 1,
"type" : "string",
- "typetext" : "[volume=]<volume> [,acl=<1|0>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]"
+ "typetext" : "[volume=]<volume> [,acl=<1|0>] [,mountoptions=<opt[;opt...]>] [,quota=<1|0>] [,replicate=<1|0>] [,ro=<1|0>] [,shared=<1|0>] [,size=<DiskSize>]"
},
"searchdomain" : {
"description" : "Sets DNS search domains for a container. Create will automatically use the setting from the host if you neither set searchdomain nor nameserver.",
"default" : "local",
"description" : "Default Storage.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"swap" : {
"default" : 512,
- "description" : "Amount of SWAP for the VM in MB.",
+ "description" : "Amount of SWAP for the container in MB.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
+ "tags" : {
+ "description" : "Tags of the Container. This is only meta information.",
+ "format" : "pve-tag-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"template" : {
"default" : 0,
"description" : "Enable/disable Template.",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "timezone" : {
+ "description" : "Time zone to use in the container. If option isn't set, then nothing will be done. Can be set to 'host' to match the host time zone, or an arbitrary time zone option from /usr/share/zoneinfo/zone.tab",
+ "format" : "pve-ct-timezone",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"tty" : {
"default" : 2,
"description" : "Specify the number of tty available to the container",
"type" : "integer",
"typetext" : "<integer> (0 - 6)"
},
+ "unique" : {
+ "description" : "Assign a unique random ethernet address.",
+ "optional" : 1,
+ "requires" : "restore",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"unprivileged" : {
"default" : 0,
"description" : "Makes the container run as unprivileged user. (Should not be modified manually.)",
},
"unused[n]" : {
"description" : "Reference to unused volumes. This is used internally, and should not be modified manually.",
- "format" : "pve-volume-id",
+ "format" : {
+ "volume" : {
+ "default_key" : 1,
+ "description" : "The volume that is not used currently.",
+ "format" : "pve-volume-id",
+ "format_description" : "volume",
+ "type" : "string"
+ }
+ },
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[volume=]<volume>"
},
"vmid" : {
"description" : "The (unique) ID of the VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "You need 'VM.Allocate' permissions on /vms/{vmid} or on the VM pool /pool/{pool}. For restore, it is enough if the user has 'VM.Backup' permission and the VM already exists. You also need 'Datastore.AllocateSpace' permissions on the storage.",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/lxc",
+ "text" : "lxc"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get the Ceph configuration file.",
+ "method" : "GET",
+ "name" : "raw",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit",
+ "Datastore.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/cfg/raw",
+ "text" : "raw"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get the Ceph configuration database.",
+ "method" : "GET",
+ "name" : "db",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit",
+ "Datastore.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "can_update_at_runtime" : {
+ "type" : "boolean"
+ },
+ "level" : {
+ "type" : "string"
+ },
+ "mask" : {
+ "type" : "string"
+ },
+ "name" : {
+ "type" : "string"
+ },
+ "section" : {
+ "type" : "string"
+ },
+ "value" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/cfg/db",
+ "text" : "db"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get configured values from either the config file or config DB.",
+ "method" : "GET",
+ "name" : "value",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "config-keys" : {
+ "description" : "List of <section>:<config key> items.",
+ "pattern" : "(?^:^(:?(?^i:[0-9a-z\\-_\\.]+:[0-9a-zA-Z\\-_]+))(:?[;, ](?^i:[0-9a-z\\-_\\.]+:[0-9a-zA-Z\\-_]+))*$)",
+ "type" : "string",
+ "typetext" : "<section>:<config key>[;<section>:<config key>]"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "description" : "Contains {section}->{key} children with the values",
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/cfg/value",
+ "text" : "value"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Directory index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
}
}
},
- "permissions" : {
- "description" : "You need 'VM.Allocate' permissions on /vms/{vmid} or on the VM pool /pool/{pool}. For restore, it is enough if the user has 'VM.Backup' permission and the VM already exists. You also need 'Datastore.AllocateSpace' permissions on the storage.",
- "user" : "all"
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "string"
- }
- }
- },
- "leaf" : 0,
- "path" : "/nodes/{node}/lxc",
- "text" : "lxc"
- },
- {
- "children" : [
+ "leaf" : 0,
+ "path" : "/nodes/{node}/ceph/cfg",
+ "text" : "cfg"
+ },
{
"children" : [
{
"children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get OSD details",
+ "method" : "GET",
+ "name" : "osddetails",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "osdid" : {
+ "description" : "OSD ID",
+ "type" : "integer",
+ "typetext" : "<integer>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "properties" : {
+ "devices" : {
+ "description" : "Array containing data about devices",
+ "items" : {
+ "properties" : {
+ "dev_node" : {
+ "description" : "Device node",
+ "type" : "string"
+ },
+ "device" : {
+ "description" : "Kind of OSD device",
+ "enum" : [
+ "block",
+ "db",
+ "wal"
+ ],
+ "type" : "string"
+ },
+ "devices" : {
+ "description" : "Physical disks used",
+ "type" : "string"
+ },
+ "size" : {
+ "description" : "Size in bytes",
+ "type" : "integer"
+ },
+ "support_discard" : {
+ "description" : "Discard support of the physical device",
+ "type" : "boolean"
+ },
+ "type" : {
+ "description" : "Type of device. For example, hdd or ssd",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ },
+ "osd" : {
+ "description" : "General information about the OSD",
+ "properties" : {
+ "back_addr" : {
+ "description" : "Address and port used to talk to other OSDs.",
+ "type" : "string"
+ },
+ "front_addr" : {
+ "description" : "Address and port used to talk to clients and monitors.",
+ "type" : "string"
+ },
+ "hb_back_addr" : {
+ "description" : "Heartbeat address and port for other OSDs.",
+ "type" : "string"
+ },
+ "hb_front_addr" : {
+ "description" : "Heartbeat address and port for clients and monitors.",
+ "type" : "string"
+ },
+ "hostname" : {
+ "description" : "Name of the host containing the OSD.",
+ "type" : "string"
+ },
+ "id" : {
+ "description" : "ID of the OSD.",
+ "type" : "integer"
+ },
+ "mem_usage" : {
+ "description" : "Memory usage of the OSD service.",
+ "type" : "integer"
+ },
+ "osd_data" : {
+ "description" : "Path to the OSD's data directory.",
+ "type" : "string"
+ },
+ "osd_objectstore" : {
+ "description" : "The type of object store used.",
+ "type" : "string"
+ },
+ "pid" : {
+ "description" : "OSD process ID.",
+ "type" : "integer"
+ },
+ "version" : {
+ "description" : "Ceph version of the OSD service.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/osd/{osdid}/metadata",
+ "text" : "metadata"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get OSD volume details",
+ "method" : "GET",
+ "name" : "osdvolume",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "osdid" : {
+ "description" : "OSD ID",
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "type" : {
+ "default" : "block",
+ "description" : "OSD device type",
+ "enum" : [
+ "block",
+ "db",
+ "wal"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "properties" : {
+ "creation_time" : {
+ "description" : "Creation time as reported by `lvs`.",
+ "type" : "string"
+ },
+ "lv_name" : {
+ "description" : "Name of the logical volume (LV).",
+ "type" : "string"
+ },
+ "lv_path" : {
+ "description" : "Path to the logical volume (LV).",
+ "type" : "string"
+ },
+ "lv_size" : {
+ "description" : "Size of the logical volume (LV).",
+ "type" : "integer"
+ },
+ "lv_uuid" : {
+ "description" : "UUID of the logical volume (LV).",
+ "type" : "string"
+ },
+ "vg_name" : {
+ "description" : "Name of the volume group (VG).",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/osd/{osdid}/lv-info",
+ "text" : "lv-info"
+ },
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "ceph osd in",
"method" : "POST",
"name" : "in",
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "ceph osd out",
"method" : "POST",
"name" : "out",
}
}
},
- "leaf" : 1,
- "path" : "/nodes/{node}/ceph/osd/{osdid}/out",
- "text" : "out"
- }
- ],
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/osd/{osdid}/out",
+ "text" : "out"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Instruct the OSD to scrub.",
+ "method" : "POST",
+ "name" : "scrub",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "deep" : {
+ "default" : 0,
+ "description" : "If set, instructs a deep scrub instead of a normal one.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "osdid" : {
+ "description" : "OSD ID",
+ "type" : "integer",
+ "typetext" : "<integer>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/osd/{osdid}/scrub",
+ "text" : "scrub"
+ }
+ ],
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Destroy OSD",
+ "method" : "DELETE",
+ "name" : "destroyosd",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "cleanup" : {
+ "default" : 0,
+ "description" : "If set, we remove partition table entries.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "osdid" : {
+ "description" : "OSD ID",
+ "type" : "integer",
+ "typetext" : "<integer>"
+ }
+ }
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "OSD index.",
+ "method" : "GET",
+ "name" : "osdindex",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "osdid" : {
+ "description" : "OSD ID",
+ "type" : "integer",
+ "typetext" : "<integer>"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/ceph/osd/{osdid}",
+ "text" : "{osdid}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get Ceph osd list/tree.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit",
+ "Datastore.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "flags" : {
+ "type" : "string"
+ },
+ "root" : {
+ "description" : "Tree with OSDs in the CRUSH map structure.",
+ "type" : "object"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "object"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create OSD",
+ "method" : "POST",
+ "name" : "createosd",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "crush-device-class" : {
+ "description" : "Set the device class of the OSD in crush.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "db_dev" : {
+ "description" : "Block device name for block.db.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "db_dev_size" : {
+ "default" : "bluestore_block_db_size or 10% of OSD size",
+ "description" : "Size in GiB for block.db.",
+ "minimum" : 1,
+ "optional" : 1,
+ "requires" : "db_dev",
+ "type" : "number",
+ "typetext" : "<number> (1 - N)",
+ "verbose_description" : "If a block.db is requested but the size is not given, will be automatically selected by: bluestore_block_db_size from the ceph database (osd or global section) or config (osd or global section) in that order. If this is not available, it will be sized 10% of the size of the OSD device. Fails if the available size is not enough."
+ },
+ "dev" : {
+ "description" : "Block device name.",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "encrypted" : {
+ "default" : 0,
+ "description" : "Enables encryption of the OSD.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "osds-per-device" : {
+ "description" : "OSD services per physical device. Only useful for fast NVMe devices\"\n\t\t .\" to utilize their performance better.",
+ "minimum" : "1",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - N)"
+ },
+ "wal_dev" : {
+ "description" : "Block device name for block.wal.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "wal_dev_size" : {
+ "default" : "bluestore_block_wal_size or 1% of OSD size",
+ "description" : "Size in GiB for block.wal.",
+ "minimum" : 0.5,
+ "optional" : 1,
+ "requires" : "wal_dev",
+ "type" : "number",
+ "typetext" : "<number> (0.5 - N)",
+ "verbose_description" : "If a block.wal is requested but the size is not given, will be automatically selected by: bluestore_block_wal_size from the ceph database (osd or global section) or config (osd or global section) in that order. If this is not available, it will be sized 1% of the size of the OSD device. Fails if the available size is not enough."
+ }
+ }
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/ceph/osd",
+ "text" : "osd"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Destroy Ceph Metadata Server",
+ "method" : "DELETE",
+ "name" : "destroymds",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "name" : {
+ "description" : "The name (ID) of the mds",
+ "pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
+ "type" : "string"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create Ceph Metadata Server (MDS)",
+ "method" : "POST",
+ "name" : "createmds",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "hotstandby" : {
+ "default" : "0",
+ "description" : "Determines whether a ceph-mds daemon should poll and replay the log of an active MDS. Faster switch on MDS failure, but needs more idle resources.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "name" : {
+ "default" : "nodename",
+ "description" : "The ID for the mds, when omitted the same as the nodename",
+ "maxLength" : 200,
+ "optional" : 1,
+ "pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
+ "type" : "string"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/mds/{name}",
+ "text" : "{name}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "MDS directory index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit",
+ "Datastore.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "addr" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "host" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "The name (ID) for the MDS"
+ },
+ "rank" : {
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "standby_replay" : {
+ "description" : "If true, the standby MDS is polling the active MDS for faster recovery (hot standby).",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "state" : {
+ "description" : "State of the MDS",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/ceph/mds",
+ "text" : "mds"
+ },
+ {
+ "children" : [
+ {
"info" : {
"DELETE" : {
- "description" : "Destroy OSD",
+ "allowtoken" : 1,
+ "description" : "Destroy Ceph Manager.",
"method" : "DELETE",
- "name" : "destroyosd",
+ "name" : "destroymgr",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "cleanup" : {
- "default" : 0,
- "description" : "If set, we remove partition table entries.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
+ "id" : {
+ "description" : "The ID of the manager",
+ "pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
+ "type" : "string"
},
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create Ceph Manager",
+ "method" : "POST",
+ "name" : "createmgr",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "description" : "The ID for the manager, when omitted the same as the nodename",
+ "maxLength" : 200,
+ "optional" : 1,
+ "pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
+ "type" : "string"
},
- "osdid" : {
- "description" : "OSD ID",
- "type" : "integer",
- "typetext" : "<integer>"
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"proxyto" : "node",
"returns" : {
}
}
},
- "leaf" : 0,
- "path" : "/nodes/{node}/ceph/osd/{osdid}",
- "text" : "{osdid}"
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/mgr/{id}",
+ "text" : "{id}"
}
],
"info" : {
"GET" : {
- "description" : "Get Ceph osd list/tree.",
+ "allowtoken" : 1,
+ "description" : "MGR directory index.",
"method" : "GET",
"name" : "index",
"parameters" : {
"protected" : 1,
"proxyto" : "node",
"returns" : {
- "type" : "object"
- }
- },
- "POST" : {
- "description" : "Create OSD",
- "method" : "POST",
- "name" : "createosd",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "bluestore" : {
- "default" : 1,
- "description" : "Use bluestore instead of filestore. This is the default.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "dev" : {
- "description" : "Block device name.",
- "type" : "string",
- "typetext" : "<string>"
- },
- "fstype" : {
- "default" : "xfs",
- "description" : "File system type (filestore only).",
- "enum" : [
- "xfs",
- "ext4"
- ],
- "optional" : 1,
- "type" : "string"
- },
- "journal_dev" : {
- "description" : "Block device name for journal (filestore) or block.db (bluestore).",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
+ "items" : {
+ "properties" : {
+ "addr" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "host" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "The name (ID) for the MGR"
+ },
+ "state" : {
+ "description" : "State of the MGR",
+ "type" : "string"
+ }
},
- "wal_dev" : {
- "description" : "Block device name for block.wal (bluestore only).",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
}
- }
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "string"
+ ],
+ "type" : "array"
}
}
},
"leaf" : 0,
- "path" : "/nodes/{node}/ceph/osd",
- "text" : "osd"
+ "path" : "/nodes/{node}/ceph/mgr",
+ "text" : "mgr"
},
{
"children" : [
{
"info" : {
"DELETE" : {
- "description" : "Destroy Ceph Metadata Server",
+ "allowtoken" : 1,
+ "description" : "Destroy Ceph Monitor and Manager.",
"method" : "DELETE",
- "name" : "destroymds",
+ "name" : "destroymon",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "name" : {
- "description" : "The name (ID) of the mds",
+ "monid" : {
+ "description" : "Monitor ID",
"pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
"type" : "string"
},
}
},
"POST" : {
- "description" : "Create Ceph Metadata Server (MDS)",
+ "allowtoken" : 1,
+ "description" : "Create Ceph Monitor and Manager",
"method" : "POST",
- "name" : "createmds",
+ "name" : "createmon",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "hotstandby" : {
- "default" : "0",
- "description" : "Determines whether a ceph-mds daemon should poll and replay the log of an active MDS. Faster switch on MDS failure, but needs more idle resources.",
+ "mon-address" : {
+ "description" : "Overwrites autodetected monitor IP address(es). Must be in the public network(s) of Ceph.",
+ "format" : "ip-list",
"optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "name" : {
- "default" : "nodename",
- "description" : "The ID for the mds, when omitted the same as the nodename",
+ "monid" : {
+ "description" : "The ID for the monitor, when omitted the same as the nodename",
+ "maxLength" : 200,
"optional" : 1,
"pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
"type" : "string"
}
},
"leaf" : 1,
- "path" : "/nodes/{node}/ceph/mds/{name}",
- "text" : "{name}"
+ "path" : "/nodes/{node}/ceph/mon/{monid}",
+ "text" : "{monid}"
}
],
"info" : {
"GET" : {
- "description" : "MDS directory index.",
+ "allowtoken" : 1,
+ "description" : "Get Ceph monitor list.",
"method" : "GET",
- "name" : "index",
+ "name" : "listmon",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
"optional" : 1,
"type" : "string"
},
- "host" : {
+ "ceph_version" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "ceph_version_short" : {
"optional" : 1,
"type" : "string"
},
+ "direxists" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "host" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
"name" : {
- "description" : "The name (ID) for the MDS"
+ "type" : "string"
+ },
+ "quorum" : {
+ "optional" : 1,
+ "type" : "boolean"
},
"rank" : {
"optional" : 1,
"type" : "integer"
},
- "standby_replay" : {
- "description" : "If true, the standby MDS is polling the active MDS for faster recovery (hot standby).",
+ "service" : {
"optional" : 1,
- "type" : "boolean"
+ "type" : "integer"
},
"state" : {
- "description" : "State of the MDS",
+ "optional" : 1,
"type" : "string"
}
},
}
},
"leaf" : 0,
- "path" : "/nodes/{node}/ceph/mds",
- "text" : "mds"
+ "path" : "/nodes/{node}/ceph/mon",
+ "text" : "mon"
},
{
"children" : [
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Create a Ceph filesystem",
"method" : "POST",
"name" : "createfs",
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index.",
"method" : "GET",
"name" : "index",
]
},
"protected" : 1,
+ "proxyto" : "node",
"returns" : {
"items" : {
"properties" : {
"text" : "fs"
},
{
- "info" : {
- "GET" : {
- "description" : "List local disks.",
- "method" : "GET",
- "name" : "disks",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Show the current pool status.",
+ "method" : "GET",
+ "name" : "getpool",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "name" : {
+ "description" : "The name of the pool. It must be unique.",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "verbose" : {
+ "default" : 0,
+ "description" : "If enabled, will display additional data(eg. statistics).",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit",
+ "Datastore.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "properties" : {
+ "application" : {
+ "default" : "rbd",
+ "description" : "The application of the pool.",
+ "enum" : [
+ "rbd",
+ "cephfs",
+ "rgw"
+ ],
+ "optional" : 1,
+ "title" : "Application",
+ "type" : "string"
+ },
+ "application_list" : {
+ "optional" : 1,
+ "title" : "Application",
+ "type" : "array"
+ },
+ "autoscale_status" : {
+ "optional" : 1,
+ "title" : "Autoscale Status",
+ "type" : "object"
+ },
+ "crush_rule" : {
+ "description" : "The rule to use for mapping object placement in the cluster.",
+ "optional" : 1,
+ "title" : "Crush Rule Name",
+ "type" : "string"
+ },
+ "fast_read" : {
+ "title" : "Fast Read",
+ "type" : "boolean"
+ },
+ "hashpspool" : {
+ "title" : "hashpspool",
+ "type" : "boolean"
+ },
+ "id" : {
+ "title" : "ID",
+ "type" : "integer"
+ },
+ "min_size" : {
+ "default" : 2,
+ "description" : "Minimum number of replicas per object",
+ "maximum" : 7,
+ "minimum" : 1,
+ "optional" : 1,
+ "title" : "Min Size",
+ "type" : "integer"
+ },
+ "name" : {
+ "description" : "The name of the pool. It must be unique.",
+ "title" : "Name",
+ "type" : "string"
+ },
+ "nodeep-scrub" : {
+ "title" : "nodeep-scrub",
+ "type" : "boolean"
+ },
+ "nodelete" : {
+ "title" : "nodelete",
+ "type" : "boolean"
+ },
+ "nopgchange" : {
+ "title" : "nopgchange",
+ "type" : "boolean"
+ },
+ "noscrub" : {
+ "title" : "noscrub",
+ "type" : "boolean"
+ },
+ "nosizechange" : {
+ "title" : "nosizechange",
+ "type" : "boolean"
+ },
+ "pg_autoscale_mode" : {
+ "default" : "warn",
+ "description" : "The automatic PG scaling mode of the pool.",
+ "enum" : [
+ "on",
+ "off",
+ "warn"
+ ],
+ "optional" : 1,
+ "title" : "PG Autoscale Mode",
+ "type" : "string"
+ },
+ "pg_num" : {
+ "default" : 128,
+ "description" : "Number of placement groups.",
+ "maximum" : 32768,
+ "minimum" : 1,
+ "optional" : 1,
+ "title" : "PG Num",
+ "type" : "integer"
+ },
+ "pg_num_min" : {
+ "description" : "Minimal number of placement groups.",
+ "maximum" : 32768,
+ "optional" : 1,
+ "title" : "min. PG Num",
+ "type" : "integer"
+ },
+ "pgp_num" : {
+ "title" : "PGP num",
+ "type" : "integer"
+ },
+ "size" : {
+ "default" : 3,
+ "description" : "Number of replicas per object",
+ "maximum" : 7,
+ "minimum" : 1,
+ "optional" : 1,
+ "title" : "Size",
+ "type" : "integer"
+ },
+ "statistics" : {
+ "optional" : 1,
+ "title" : "Statistics",
+ "type" : "object"
+ },
+ "target_size" : {
+ "description" : "The estimated target size of the pool for the PG autoscaler.",
+ "optional" : 1,
+ "pattern" : "^(\\d+(\\.\\d+)?)([KMGT])?$",
+ "title" : "PG Autoscale Target Size",
+ "type" : "string"
+ },
+ "target_size_ratio" : {
+ "description" : "The estimated target ratio of the pool for the PG autoscaler.",
+ "optional" : 1,
+ "title" : "PG Autoscale Target Ratio",
+ "type" : "number"
+ },
+ "use_gmt_hitset" : {
+ "title" : "use_gmt_hitset",
+ "type" : "boolean"
+ },
+ "write_fadvise_dontneed" : {
+ "title" : "write_fadvise_dontneed",
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ }
+ }
},
- "type" : {
- "description" : "Only list specific types of disks.",
- "enum" : [
- "unused",
- "journal_disks"
- ],
- "optional" : 1,
- "type" : "string"
- }
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/pool/{name}/status",
+ "text" : "status"
}
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit",
- "Datastore.Audit"
- ],
- "any",
- 1
- ]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "items" : {
- "properties" : {
- "dev" : {
- "type" : "string"
- },
- "gpt" : {
- "type" : "boolean"
- },
- "model" : {
- "optional" : 1,
- "type" : "string"
- },
- "osdid" : {
- "type" : "integer"
- },
- "serial" : {
- "optional" : 1,
- "type" : "string"
- },
- "size" : {
- "type" : "integer"
- },
- "used" : {
- "optional" : 1,
- "type" : "string"
- },
- "vendor" : {
- "optional" : 1,
- "type" : "string"
+ ],
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Destroy pool",
+ "method" : "DELETE",
+ "name" : "destroypool",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "force" : {
+ "default" : 0,
+ "description" : "If true, destroys pool even if in use",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "name" : {
+ "description" : "The name of the pool. It must be unique.",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "remove_ecprofile" : {
+ "default" : 1,
+ "description" : "Remove the erasure code profile. Defaults to true, if applicable.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "remove_storages" : {
+ "default" : 0,
+ "description" : "Remove all pveceph-managed storages configured for this pool",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
}
},
- "type" : "object"
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
},
- "type" : "array"
- }
- }
- },
- "leaf" : 1,
- "path" : "/nodes/{node}/ceph/disks",
- "text" : "disks"
- },
- {
- "info" : {
- "GET" : {
- "description" : "Get Ceph configuration.",
- "method" : "GET",
- "name" : "config",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Pool index.",
+ "method" : "GET",
+ "name" : "poolindex",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "name" : {
+ "description" : "The name of the pool.",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit",
+ "Datastore.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
}
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit",
- "Datastore.Audit"
- ],
- "any",
- 1
- ]
- },
- "returns" : {
- "type" : "string"
- }
- }
- },
- "leaf" : 1,
- "path" : "/nodes/{node}/ceph/config",
- "text" : "config"
- },
- {
- "children" : [
- {
- "info" : {
- "DELETE" : {
- "description" : "Destroy Ceph Monitor and Manager.",
- "method" : "DELETE",
- "name" : "destroymon",
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Change POOL settings",
+ "method" : "PUT",
+ "name" : "setpool",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "exclude-manager" : {
- "default" : 0,
- "description" : "When set, removes only the monitor, not the manager",
+ "application" : {
+ "description" : "The application of the pool.",
+ "enum" : [
+ "rbd",
+ "cephfs",
+ "rgw"
+ ],
"optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "monid" : {
- "description" : "Monitor ID",
- "pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
+ "title" : "Application",
"type" : "string"
},
+ "crush_rule" : {
+ "description" : "The rule to use for mapping object placement in the cluster.",
+ "optional" : 1,
+ "title" : "Crush Rule Name",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "min_size" : {
+ "description" : "Minimum number of replicas per object",
+ "maximum" : 7,
+ "minimum" : 1,
+ "optional" : 1,
+ "title" : "Min Size",
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 7)"
+ },
+ "name" : {
+ "description" : "The name of the pool. It must be unique.",
+ "title" : "Name",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
+ },
+ "pg_autoscale_mode" : {
+ "description" : "The automatic PG scaling mode of the pool.",
+ "enum" : [
+ "on",
+ "off",
+ "warn"
+ ],
+ "optional" : 1,
+ "title" : "PG Autoscale Mode",
+ "type" : "string"
+ },
+ "pg_num" : {
+ "description" : "Number of placement groups.",
+ "maximum" : 32768,
+ "minimum" : 1,
+ "optional" : 1,
+ "title" : "PG Num",
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 32768)"
+ },
+ "pg_num_min" : {
+ "description" : "Minimal number of placement groups.",
+ "maximum" : 32768,
+ "optional" : 1,
+ "title" : "min. PG Num",
+ "type" : "integer",
+ "typetext" : "<integer> (-N - 32768)"
+ },
+ "size" : {
+ "description" : "Number of replicas per object",
+ "maximum" : 7,
+ "minimum" : 1,
+ "optional" : 1,
+ "title" : "Size",
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 7)"
+ },
+ "target_size" : {
+ "description" : "The estimated target size of the pool for the PG autoscaler.",
+ "optional" : 1,
+ "pattern" : "^(\\d+(\\.\\d+)?)([KMGT])?$",
+ "title" : "PG Autoscale Target Size",
+ "type" : "string"
+ },
+ "target_size_ratio" : {
+ "description" : "The estimated target ratio of the pool for the PG autoscaler.",
+ "optional" : 1,
+ "title" : "PG Autoscale Target Ratio",
+ "type" : "number",
+ "typetext" : "<number>"
}
}
},
}
}
},
- "leaf" : 1,
- "path" : "/nodes/{node}/ceph/mon/{monid}",
- "text" : "{monid}"
+ "leaf" : 0,
+ "path" : "/nodes/{node}/ceph/pool/{name}",
+ "text" : "{name}"
}
],
"info" : {
"GET" : {
- "description" : "Get Ceph monitor list.",
+ "allowtoken" : 1,
+ "description" : "List all pools and their settings (which are settable by the POST/PUT endpoints).",
"method" : "GET",
- "name" : "listmon",
+ "name" : "lspools",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
"returns" : {
"items" : {
"properties" : {
- "addr" : {
+ "application_metadata" : {
+ "optional" : 1,
+ "title" : "Associated Applications",
+ "type" : "object"
+ },
+ "autoscale_status" : {
+ "optional" : 1,
+ "title" : "Autoscale Status",
+ "type" : "object"
+ },
+ "bytes_used" : {
+ "title" : "Used",
+ "type" : "integer"
+ },
+ "crush_rule" : {
+ "title" : "Crush Rule",
+ "type" : "integer"
+ },
+ "crush_rule_name" : {
+ "title" : "Crush Rule Name",
"type" : "string"
},
- "name" : {
+ "min_size" : {
+ "title" : "Min Size",
+ "type" : "integer"
+ },
+ "percent_used" : {
+ "title" : "%-Used",
+ "type" : "number"
+ },
+ "pg_autoscale_mode" : {
+ "optional" : 1,
+ "title" : "PG Autoscale Mode",
+ "type" : "string"
+ },
+ "pg_num" : {
+ "title" : "PG Num",
+ "type" : "integer"
+ },
+ "pg_num_final" : {
+ "optional" : 1,
+ "title" : "Optimal PG Num",
+ "type" : "integer"
+ },
+ "pg_num_min" : {
+ "optional" : 1,
+ "title" : "min. PG Num",
+ "type" : "integer"
+ },
+ "pool" : {
+ "title" : "ID",
+ "type" : "integer"
+ },
+ "pool_name" : {
+ "title" : "Name",
+ "type" : "string"
+ },
+ "size" : {
+ "title" : "Size",
+ "type" : "integer"
+ },
+ "target_size" : {
+ "optional" : 1,
+ "title" : "PG Autoscale Target Size",
+ "type" : "integer"
+ },
+ "target_size_ratio" : {
+ "optional" : 1,
+ "title" : "PG Autoscale Target Ratio",
+ "type" : "number"
+ },
+ "type" : {
+ "enum" : [
+ "replicated",
+ "erasure",
+ "unknown"
+ ],
+ "title" : "Type",
"type" : "string"
}
},
},
"links" : [
{
- "href" : "{name}",
+ "href" : "{pool_name}",
"rel" : "child"
}
],
}
},
"POST" : {
- "description" : "Create Ceph Monitor and Manager",
+ "allowtoken" : 1,
+ "description" : "Create Ceph pool",
"method" : "POST",
- "name" : "createmon",
+ "name" : "createpool",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "exclude-manager" : {
- "default" : 0,
- "description" : "When set, only a monitor will be created.",
+ "add_storages" : {
+ "default" : "0; for erasure coded pools: 1",
+ "description" : "Configure VM and CT storage using the new pool.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
- "id" : {
- "description" : "The ID for the monitor, when omitted the same as the nodename",
+ "application" : {
+ "default" : "rbd",
+ "description" : "The application of the pool.",
+ "enum" : [
+ "rbd",
+ "cephfs",
+ "rgw"
+ ],
"optional" : 1,
- "pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
+ "title" : "Application",
"type" : "string"
},
- "mon-address" : {
- "description" : "Overwrites autodetected monitor IP address. Must be in the public network of ceph.",
- "format" : "ip",
+ "crush_rule" : {
+ "description" : "The rule to use for mapping object placement in the cluster.",
+ "optional" : 1,
+ "title" : "Crush Rule Name",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "erasure-coding" : {
+ "description" : "Create an erasure coded pool for RBD with an accompaning replicated pool for metadata storage. With EC, the common ceph options 'size', 'min_size' and 'crush_rule' parameters will be applied to the metadata pool.",
+ "format" : {
+ "device-class" : {
+ "description" : "CRUSH device class. Will create an erasure coded pool plus a replicated pool for metadata.",
+ "format_description" : "class",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "failure-domain" : {
+ "default" : "host",
+ "description" : "CRUSH failure domain. Default is 'host'. Will create an erasure coded pool plus a replicated pool for metadata.",
+ "format_description" : "domain",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "k" : {
+ "description" : "Number of data chunks. Will create an erasure coded pool plus a replicated pool for metadata.",
+ "minimum" : 2,
+ "type" : "integer"
+ },
+ "m" : {
+ "description" : "Number of coding chunks. Will create an erasure coded pool plus a replicated pool for metadata.",
+ "minimum" : 1,
+ "type" : "integer"
+ },
+ "profile" : {
+ "description" : "Override the erasure code (EC) profile to use. Will create an erasure coded pool plus a replicated pool for metadata.",
+ "format_description" : "profile",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "k=<integer> ,m=<integer> [,device-class=<class>] [,failure-domain=<domain>] [,profile=<profile>]"
+ },
+ "min_size" : {
+ "default" : 2,
+ "description" : "Minimum number of replicas per object",
+ "maximum" : 7,
+ "minimum" : 1,
"optional" : 1,
+ "title" : "Min Size",
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 7)"
+ },
+ "name" : {
+ "description" : "The name of the pool. It must be unique.",
+ "title" : "Name",
"type" : "string",
"typetext" : "<string>"
},
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
+ },
+ "pg_autoscale_mode" : {
+ "default" : "warn",
+ "description" : "The automatic PG scaling mode of the pool.",
+ "enum" : [
+ "on",
+ "off",
+ "warn"
+ ],
+ "optional" : 1,
+ "title" : "PG Autoscale Mode",
+ "type" : "string"
+ },
+ "pg_num" : {
+ "default" : 128,
+ "description" : "Number of placement groups.",
+ "maximum" : 32768,
+ "minimum" : 1,
+ "optional" : 1,
+ "title" : "PG Num",
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 32768)"
+ },
+ "pg_num_min" : {
+ "description" : "Minimal number of placement groups.",
+ "maximum" : 32768,
+ "optional" : 1,
+ "title" : "min. PG Num",
+ "type" : "integer",
+ "typetext" : "<integer> (-N - 32768)"
+ },
+ "size" : {
+ "default" : 3,
+ "description" : "Number of replicas per object",
+ "maximum" : 7,
+ "minimum" : 1,
+ "optional" : 1,
+ "title" : "Size",
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 7)"
+ },
+ "target_size" : {
+ "description" : "The estimated target size of the pool for the PG autoscaler.",
+ "optional" : 1,
+ "pattern" : "^(\\d+(\\.\\d+)?)([KMGT])?$",
+ "title" : "PG Autoscale Target Size",
+ "type" : "string"
+ },
+ "target_size_ratio" : {
+ "description" : "The estimated target ratio of the pool for the PG autoscaler.",
+ "optional" : 1,
+ "title" : "PG Autoscale Target Ratio",
+ "type" : "number",
+ "typetext" : "<number>"
}
}
},
}
},
"leaf" : 0,
- "path" : "/nodes/{node}/ceph/mon",
- "text" : "mon"
+ "path" : "/nodes/{node}/ceph/pool",
+ "text" : "pool"
},
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Create initial ceph default configuration and setup symlinks.",
"method" : "POST",
"name" : "init",
},
"disable_cephx" : {
"default" : 0,
- "description" : "Disable cephx authentification.\n\nWARNING: cephx is a security feature protecting against man-in-the-middle attacks. Only consider disabling cephx if your network is private!",
+ "description" : "Disable cephx authentication.\n\nWARNING: cephx is a security feature protecting against man-in-the-middle attacks. Only consider disabling cephx if your network is private!",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
"pg_bits" : {
"default" : 6,
- "description" : "Placement group bits, used to specify the default number of placement groups.\n\nNOTE: 'osd pool default pg num' does not work for default pools.",
+ "description" : "Placement group bits, used to specify the default number of placement groups.\n\nDepreacted. This setting was deprecated in recent Ceph versions.",
"maximum" : 14,
"minimum" : 6,
"optional" : 1,
"path" : "/nodes/{node}/ceph/init",
"text" : "init"
},
- {
- "children" : [
- {
- "info" : {
- "DELETE" : {
- "description" : "Destroy Ceph Manager.",
- "method" : "DELETE",
- "name" : "destroymgr",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "id" : {
- "description" : "The ID of the manager",
- "pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
- "type" : "string"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "string"
- }
- }
- },
- "leaf" : 1,
- "path" : "/nodes/{node}/ceph/mgr/{id}",
- "text" : "{id}"
- }
- ],
- "info" : {
- "POST" : {
- "description" : "Create Ceph Manager",
- "method" : "POST",
- "name" : "createmgr",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "id" : {
- "description" : "The ID for the manager, when omitted the same as the nodename",
- "optional" : 1,
- "pattern" : "[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?",
- "type" : "string"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "string"
- }
- }
- },
- "leaf" : 0,
- "path" : "/nodes/{node}/ceph/mgr",
- "text" : "mgr"
- },
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Stop ceph services.",
"method" : "POST",
"name" : "stop",
"default" : "ceph.target",
"description" : "Ceph service name.",
"optional" : 1,
- "pattern" : "(mon|mds|osd|mgr)\\.[A-Za-z0-9\\-]{1,32}",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "string"
- }
- }
- },
- "leaf" : 1,
- "path" : "/nodes/{node}/ceph/stop",
- "text" : "stop"
- },
- {
- "info" : {
- "POST" : {
- "description" : "Start ceph services.",
- "method" : "POST",
- "name" : "start",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- },
- "service" : {
- "default" : "ceph.target",
- "description" : "Ceph service name.",
- "optional" : 1,
- "pattern" : "(mon|mds|osd|mgr)\\.[A-Za-z0-9\\-]{1,32}",
- "type" : "string"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "string"
- }
- }
- },
- "leaf" : 1,
- "path" : "/nodes/{node}/ceph/start",
- "text" : "start"
- },
- {
- "info" : {
- "POST" : {
- "description" : "Restart ceph services.",
- "method" : "POST",
- "name" : "restart",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- },
- "service" : {
- "default" : "ceph.target",
- "description" : "Ceph service name.",
- "optional" : 1,
- "pattern" : "(mon|mds|osd|mgr)\\.[A-Za-z0-9\\-]{1,32}",
+ "pattern" : "(ceph|mon|mds|osd|mgr)(\\.[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?)?",
"type" : "string"
}
}
"Sys.Modify"
]
]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "string"
- }
- }
- },
- "leaf" : 1,
- "path" : "/nodes/{node}/ceph/restart",
- "text" : "restart"
- },
- {
- "info" : {
- "GET" : {
- "description" : "Get ceph status.",
- "method" : "GET",
- "name" : "status",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Audit",
- "Datastore.Audit"
- ],
- "any",
- 1
- ]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "object"
- }
- }
- },
- "leaf" : 1,
- "path" : "/nodes/{node}/ceph/status",
- "text" : "status"
- },
- {
- "children" : [
- {
- "info" : {
- "DELETE" : {
- "description" : "Destroy pool",
- "method" : "DELETE",
- "name" : "destroypool",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "force" : {
- "default" : 0,
- "description" : "If true, destroys pool even if in use",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "name" : {
- "description" : "The name of the pool. It must be unique.",
- "type" : "string",
- "typetext" : "<string>"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- },
- "remove_storages" : {
- "default" : 0,
- "description" : "Remove all pveceph-managed storages configured for this pool",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "string"
- }
- }
- },
- "leaf" : 1,
- "path" : "/nodes/{node}/ceph/pools/{name}",
- "text" : "{name}"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
}
- ],
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/stop",
+ "text" : "stop"
+ },
+ {
"info" : {
- "GET" : {
- "description" : "List all pools.",
- "method" : "GET",
- "name" : "lspools",
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Start ceph services.",
+ "method" : "POST",
+ "name" : "start",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
+ },
+ "service" : {
+ "default" : "ceph.target",
+ "description" : "Ceph service name.",
+ "optional" : 1,
+ "pattern" : "(ceph|mon|mds|osd|mgr)(\\.[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?)?",
+ "type" : "string"
}
}
},
"perm",
"/",
[
- "Sys.Audit",
- "Datastore.Audit"
- ],
- "any",
- 1
+ "Sys.Modify"
+ ]
]
},
"protected" : 1,
"proxyto" : "node",
"returns" : {
- "items" : {
- "properties" : {
- "pool" : {
- "type" : "integer"
- },
- "pool_name" : {
- "type" : "string"
- },
- "size" : {
- "type" : "integer"
- }
- },
- "type" : "object"
- },
- "links" : [
- {
- "href" : "{pool_name}",
- "rel" : "child"
- }
- ],
- "type" : "array"
+ "type" : "string"
}
- },
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/start",
+ "text" : "start"
+ },
+ {
+ "info" : {
"POST" : {
- "description" : "Create POOL",
+ "allowtoken" : 1,
+ "description" : "Restart ceph services.",
"method" : "POST",
- "name" : "createpool",
+ "name" : "restart",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "add_storages" : {
- "description" : "Configure VM and CT storage using the new pool.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "application" : {
- "description" : "The application of the pool, 'rbd' by default.",
- "enum" : [
- "rbd",
- "cephfs",
- "rgw"
- ],
- "optional" : 1,
- "type" : "string"
- },
- "crush_rule" : {
- "description" : "The rule to use for mapping object placement in the cluster.",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "min_size" : {
- "default" : 2,
- "description" : "Minimum number of replicas per object",
- "maximum" : 7,
- "minimum" : 1,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (1 - 7)"
- },
- "name" : {
- "description" : "The name of the pool. It must be unique.",
- "type" : "string",
- "typetext" : "<string>"
- },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
},
- "pg_num" : {
- "default" : 128,
- "description" : "Number of placement groups.",
- "maximum" : 32768,
- "minimum" : 8,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (8 - 32768)"
- },
- "size" : {
- "default" : 3,
- "description" : "Number of replicas per object",
- "maximum" : 7,
- "minimum" : 1,
+ "service" : {
+ "default" : "ceph.target",
+ "description" : "Ceph service name.",
"optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (1 - 7)"
+ "pattern" : "(mon|mds|osd|mgr)(\\.[a-zA-Z0-9]([a-zA-Z0-9\\-]*[a-zA-Z0-9])?)?",
+ "type" : "string"
}
}
},
}
}
},
- "leaf" : 0,
- "path" : "/nodes/{node}/ceph/pools",
- "text" : "pools"
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/restart",
+ "text" : "restart"
},
{
- "children" : [
- {
- "info" : {
- "DELETE" : {
- "description" : "Unset a ceph flag",
- "method" : "DELETE",
- "name" : "unset_flag",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "flag" : {
- "description" : "The ceph flag to set/unset",
- "enum" : [
- "full",
- "pause",
- "noup",
- "nodown",
- "noout",
- "noin",
- "nobackfill",
- "norebalance",
- "norecover",
- "noscrub",
- "nodeep-scrub",
- "notieragent"
- ],
- "type" : "string"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "null"
- }
- },
- "POST" : {
- "description" : "Set a ceph flag",
- "method" : "POST",
- "name" : "set_flag",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "flag" : {
- "description" : "The ceph flag to set/unset",
- "enum" : [
- "full",
- "pause",
- "noup",
- "nodown",
- "noout",
- "noin",
- "nobackfill",
- "norebalance",
- "norecover",
- "noscrub",
- "nodeep-scrub",
- "notieragent"
- ],
- "type" : "string"
- },
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "proxyto" : "node",
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 1,
- "path" : "/nodes/{node}/ceph/flags/{flag}",
- "text" : "{flag}"
- }
- ],
"info" : {
"GET" : {
- "description" : "get all set ceph flags",
+ "allowtoken" : 1,
+ "description" : "Get ceph status.",
"method" : "GET",
- "name" : "get_flags",
+ "name" : "status",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
"perm",
"/",
[
- "Sys.Audit"
- ]
+ "Sys.Audit",
+ "Datastore.Audit"
+ ],
+ "any",
+ 1
]
},
"protected" : 1,
"proxyto" : "node",
"returns" : {
- "type" : "string"
+ "type" : "object"
}
}
},
- "leaf" : 0,
- "path" : "/nodes/{node}/ceph/flags",
- "text" : "flags"
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/status",
+ "text" : "status"
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get OSD crush map",
"method" : "GET",
"name" : "crush",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read ceph log",
"method" : "GET",
"name" : "log",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List ceph rules.",
"method" : "GET",
"name" : "rules",
"proxyto" : "node",
"returns" : {
"items" : {
- "properties" : {},
+ "properties" : {
+ "name" : {
+ "description" : "Name of the CRUSH rule.",
+ "type" : "string"
+ }
+ },
"type" : "object"
},
"links" : [
"leaf" : 1,
"path" : "/nodes/{node}/ceph/rules",
"text" : "rules"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Heuristical check if it is safe to perform an action.",
+ "method" : "GET",
+ "name" : "cmd_safety",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "action" : {
+ "description" : "Action to check",
+ "enum" : [
+ "stop",
+ "destroy"
+ ],
+ "type" : "string"
+ },
+ "id" : {
+ "description" : "ID of the service",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "service" : {
+ "description" : "Service type",
+ "enum" : [
+ "osd",
+ "mon",
+ "mds"
+ ],
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "properties" : {
+ "safe" : {
+ "description" : "If it is safe to run the command.",
+ "type" : "boolean"
+ },
+ "status" : {
+ "description" : "Status message given by Ceph.",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/ceph/cmd-safety",
+ "text" : "cmd-safety"
}
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index.",
"method" : "GET",
"name" : "index",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
+ "description" : "Get the currently configured vzdump defaults.",
+ "method" : "GET",
+ "name" : "defaults",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "storage" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "The user needs 'Datastore.Audit' or 'Datastore.AllocateSpace' permissions for the specified storage (or default storage if none specified). Some properties are only returned when the user has 'Sys.Audit' permissions for the node.",
+ "user" : "all"
+ },
+ "proxyto" : "node",
+ "returns" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "all" : {
+ "default" : 0,
+ "description" : "Backup all known guest systems on this host.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "bwlimit" : {
+ "default" : 0,
+ "description" : "Limit I/O bandwidth (in KiB/s).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "compress" : {
+ "default" : "0",
+ "description" : "Compress dump file.",
+ "enum" : [
+ "0",
+ "1",
+ "gzip",
+ "lzo",
+ "zstd"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "dumpdir" : {
+ "description" : "Store resulting files to specified directory.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "exclude" : {
+ "description" : "Exclude specified guest systems (assumes --all)",
+ "format" : "pve-vmid-list",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "exclude-path" : {
+ "description" : "Exclude certain files/directories (shell globs). Paths starting with '/' are anchored to the container's root, other paths match relative to each subdirectory.",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "fleecing" : {
+ "description" : "Options for backup fleecing (VM only).",
+ "format" : "backup-fleecing",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "ionice" : {
+ "default" : 7,
+ "description" : "Set IO priority when using the BFQ scheduler. For snapshot and suspend mode backups of VMs, this only affects the compressor. A value of 8 means the idle priority is used, otherwise the best-effort priority is used with the specified value.",
+ "maximum" : 8,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "lockwait" : {
+ "default" : 180,
+ "description" : "Maximal time to wait for the global lock (minutes).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "mailnotification" : {
+ "default" : "always",
+ "description" : "Deprecated: use notification targets/matchers instead. Specify when to send a notification mail",
+ "enum" : [
+ "always",
+ "failure"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "mailto" : {
+ "description" : "Deprecated: Use notification targets/matchers instead. Comma-separated list of email addresses or users that should receive email notifications.",
+ "format" : "email-or-username-list",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "maxfiles" : {
+ "description" : "Deprecated: use 'prune-backups' instead. Maximal number of backup files per guest system.",
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "mode" : {
+ "default" : "snapshot",
+ "description" : "Backup mode.",
+ "enum" : [
+ "snapshot",
+ "suspend",
+ "stop"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "node" : {
+ "description" : "Only run if executed on this node.",
+ "format" : "pve-node",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "notes-template" : {
+ "description" : "Template string for generating notes for the backup(s). It can contain variables which will be replaced by their values. Currently supported are {{cluster}}, {{guestname}}, {{node}}, and {{vmid}}, but more might be added in the future. Needs to be a single line, newline and backslash need to be escaped as '\\n' and '\\\\' respectively.",
+ "maxLength" : 1024,
+ "optional" : 1,
+ "requires" : "storage",
+ "type" : "string"
+ },
+ "notification-mode" : {
+ "default" : "auto",
+ "description" : "Determine which notification system to use. If set to 'legacy-sendmail', vzdump will consider the mailto/mailnotification parameters and send emails to the specified address(es) via the 'sendmail' command. If set to 'notification-system', a notification will be sent via PVE's notification system, and the mailto and mailnotification will be ignored. If set to 'auto' (default setting), an email will be sent if mailto is set, and the notification system will be used if not.",
+ "enum" : [
+ "auto",
+ "legacy-sendmail",
+ "notification-system"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "notification-policy" : {
+ "default" : "always",
+ "description" : "Deprecated: Do not use",
+ "enum" : [
+ "always",
+ "failure",
+ "never"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "notification-target" : {
+ "description" : "Deprecated: Do not use",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "performance" : {
+ "description" : "Other performance-related settings.",
+ "format" : "backup-performance",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "pigz" : {
+ "default" : 0,
+ "description" : "Use pigz instead of gzip when N>0. N=1 uses half of cores, N>1 uses N as thread count.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "pool" : {
+ "description" : "Backup all known guest systems included in the specified pool.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "protected" : {
+ "description" : "If true, mark backup(s) as protected.",
+ "optional" : 1,
+ "requires" : "storage",
+ "type" : "boolean"
+ },
+ "prune-backups" : {
+ "default" : "keep-all=1",
+ "description" : "Use these retention options instead of those from the storage configuration.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "quiet" : {
+ "default" : 0,
+ "description" : "Be quiet.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "remove" : {
+ "default" : 1,
+ "description" : "Prune older backups according to 'prune-backups'.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "script" : {
+ "description" : "Use specified hook script.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "stdexcludes" : {
+ "default" : 1,
+ "description" : "Exclude temporary files and logs.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "stop" : {
+ "default" : 0,
+ "description" : "Stop running backup jobs on this host.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "stopwait" : {
+ "default" : 10,
+ "description" : "Maximal time to wait until a guest system is stopped (minutes).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "storage" : {
+ "description" : "Store resulting file to this storage.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "tmpdir" : {
+ "description" : "Store temporary files to specified directory.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vmid" : {
+ "description" : "The ID of the guest system you want to backup.",
+ "format" : "pve-vmid-list",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "zstd" : {
+ "default" : 1,
+ "description" : "Zstd threads. N=0 uses half of the available cores, if N is set to a value bigger than 0, N is used as thread count.",
+ "optional" : 1,
+ "type" : "integer"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/vzdump/defaults",
+ "text" : "defaults"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
"description" : "Extract configuration from vzdump backup archive.",
"method" : "GET",
"name" : "extractconfig",
],
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Create backup.",
"method" : "POST",
"name" : "vzdump",
},
"bwlimit" : {
"default" : 0,
- "description" : "Limit I/O bandwidth (KBytes per second).",
+ "description" : "Limit I/O bandwidth (in KiB/s).",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"0",
"1",
"gzip",
- "lzo"
+ "lzo",
+ "zstd"
],
"optional" : 1,
"type" : "string"
"typetext" : "<string>"
},
"exclude-path" : {
- "description" : "Exclude certain files/directories (shell globs).",
- "format" : "string-alist",
+ "description" : "Exclude certain files/directories (shell globs). Paths starting with '/' are anchored to the container's root, other paths match relative to each subdirectory.",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array",
+ "typetext" : "<array>"
+ },
+ "fleecing" : {
+ "description" : "Options for backup fleecing (VM only).",
+ "format" : "backup-fleecing",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "[[enabled=]<1|0>] [,storage=<storage ID>]"
},
"ionice" : {
"default" : 7,
- "description" : "Set CFQ ionice priority.",
+ "description" : "Set IO priority when using the BFQ scheduler. For snapshot and suspend mode backups of VMs, this only affects the compressor. A value of 8 means the idle priority is used, otherwise the best-effort priority is used with the specified value.",
"maximum" : 8,
"minimum" : 0,
"optional" : 1,
},
"mailnotification" : {
"default" : "always",
- "description" : "Specify when to send an email",
+ "description" : "Deprecated: use notification targets/matchers instead. Specify when to send a notification mail",
"enum" : [
"always",
"failure"
"type" : "string"
},
"mailto" : {
- "description" : "Comma-separated list of email addresses that should receive email notifications.",
- "format" : "string-list",
+ "description" : "Deprecated: Use notification targets/matchers instead. Comma-separated list of email addresses or users that should receive email notifications.",
+ "format" : "email-or-username-list",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"maxfiles" : {
- "default" : 1,
- "description" : "Maximal number of backup files per guest system.",
+ "description" : "Deprecated: use 'prune-backups' instead. Maximal number of backup files per guest system.",
"minimum" : 1,
"optional" : 1,
"type" : "integer",
"type" : "string",
"typetext" : "<string>"
},
+ "notes-template" : {
+ "description" : "Template string for generating notes for the backup(s). It can contain variables which will be replaced by their values. Currently supported are {{cluster}}, {{guestname}}, {{node}}, and {{vmid}}, but more might be added in the future. Needs to be a single line, newline and backslash need to be escaped as '\\n' and '\\\\' respectively.",
+ "maxLength" : 1024,
+ "optional" : 1,
+ "requires" : "storage",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "notification-mode" : {
+ "default" : "auto",
+ "description" : "Determine which notification system to use. If set to 'legacy-sendmail', vzdump will consider the mailto/mailnotification parameters and send emails to the specified address(es) via the 'sendmail' command. If set to 'notification-system', a notification will be sent via PVE's notification system, and the mailto and mailnotification will be ignored. If set to 'auto' (default setting), an email will be sent if mailto is set, and the notification system will be used if not.",
+ "enum" : [
+ "auto",
+ "legacy-sendmail",
+ "notification-system"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "notification-policy" : {
+ "default" : "always",
+ "description" : "Deprecated: Do not use",
+ "enum" : [
+ "always",
+ "failure",
+ "never"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "notification-target" : {
+ "description" : "Deprecated: Do not use",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "performance" : {
+ "description" : "Other performance-related settings.",
+ "format" : "backup-performance",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[max-workers=<integer>] [,pbs-entries-max=<integer>]"
+ },
"pigz" : {
"default" : 0,
"description" : "Use pigz instead of gzip when N>0. N=1 uses half of cores, N>1 uses N as thread count.",
"type" : "integer",
"typetext" : "<integer>"
},
+ "pool" : {
+ "description" : "Backup all known guest systems included in the specified pool.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "protected" : {
+ "description" : "If true, mark backup(s) as protected.",
+ "optional" : 1,
+ "requires" : "storage",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "prune-backups" : {
+ "default" : "keep-all=1",
+ "description" : "Use these retention options instead of those from the storage configuration.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-all=<1|0>] [,keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
"quiet" : {
"default" : 0,
"description" : "Be quiet.",
},
"remove" : {
"default" : 1,
- "description" : "Remove old backup files if there are more than 'maxfiles' backup files.",
+ "description" : "Prune older backups according to 'prune-backups'.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"type" : "string",
"typetext" : "<string>"
},
- "size" : {
- "default" : 1024,
- "description" : "Unused, will be removed in a future release.",
- "minimum" : 500,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (500 - N)"
- },
"stdexcludes" : {
"default" : 1,
"description" : "Exclude temporary files and logs.",
},
"stop" : {
"default" : 0,
- "description" : "Stop runnig backup jobs on this host.",
+ "description" : "Stop running backup jobs on this host.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"storage" : {
"description" : "Store resulting file to this storage.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"tmpdir" : {
"description" : "Store temporary files to specified directory.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
+ },
+ "zstd" : {
+ "default" : 1,
+ "description" : "Zstd threads. N=0 uses half of the available cores, if N is set to a value bigger than 0, N is used as thread count.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
}
}
},
"permissions" : {
- "description" : "The user needs 'VM.Backup' permissions on any VM, and 'Datastore.AllocateSpace' on the backup storage. The 'maxfiles', 'tmpdir', 'dumpdir', 'script', 'bwlimit' and 'ionice' parameters are restricted to the 'root@pam' user.",
+ "description" : "The user needs 'VM.Backup' permissions on any VM, and 'Datastore.AllocateSpace' on the backup storage (and fleecing storage when fleecing is used). The 'tmpdir', 'dumpdir' and 'script' parameters are restricted to the 'root@pam' user. The 'maxfiles' and 'prune-backups' settings require 'Datastore.Allocate' on the backup storage. The 'bwlimit', 'performance' and 'ionice' parameters require 'Sys.Modify' on '/'.",
"user" : "all"
},
"protected" : 1,
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read service properties",
"method" : "GET",
"name" : "service_state",
"service" : {
"description" : "Service ID",
"enum" : [
- "pveproxy",
- "pvedaemon",
- "spiceproxy",
- "pvestatd",
- "pve-cluster",
+ "chrony",
"corosync",
+ "cron",
+ "ksmtuned",
+ "postfix",
+ "pve-cluster",
"pve-firewall",
- "pvefw-logger",
"pve-ha-crm",
"pve-ha-lrm",
+ "pvedaemon",
+ "pvefw-logger",
+ "pveproxy",
+ "pvescheduler",
+ "pvestatd",
+ "spiceproxy",
"sshd",
"syslog",
- "cron",
- "postfix",
- "ksmtuned",
+ "systemd-journald",
"systemd-timesyncd"
],
"type" : "string"
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Start service.",
"method" : "POST",
"name" : "service_start",
"service" : {
"description" : "Service ID",
"enum" : [
- "pveproxy",
- "pvedaemon",
- "spiceproxy",
- "pvestatd",
- "pve-cluster",
+ "chrony",
"corosync",
+ "cron",
+ "ksmtuned",
+ "postfix",
+ "pve-cluster",
"pve-firewall",
- "pvefw-logger",
"pve-ha-crm",
"pve-ha-lrm",
+ "pvedaemon",
+ "pvefw-logger",
+ "pveproxy",
+ "pvescheduler",
+ "pvestatd",
+ "spiceproxy",
"sshd",
"syslog",
- "cron",
- "postfix",
- "ksmtuned",
+ "systemd-journald",
"systemd-timesyncd"
],
"type" : "string"
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Stop service.",
"method" : "POST",
"name" : "service_stop",
"service" : {
"description" : "Service ID",
"enum" : [
- "pveproxy",
- "pvedaemon",
- "spiceproxy",
- "pvestatd",
- "pve-cluster",
+ "chrony",
"corosync",
+ "cron",
+ "ksmtuned",
+ "postfix",
+ "pve-cluster",
"pve-firewall",
- "pvefw-logger",
"pve-ha-crm",
"pve-ha-lrm",
+ "pvedaemon",
+ "pvefw-logger",
+ "pveproxy",
+ "pvescheduler",
+ "pvestatd",
+ "spiceproxy",
"sshd",
"syslog",
- "cron",
- "postfix",
- "ksmtuned",
+ "systemd-journald",
"systemd-timesyncd"
],
"type" : "string"
{
"info" : {
"POST" : {
- "description" : "Restart service.",
+ "allowtoken" : 1,
+ "description" : "Hard restart service. Use reload if you want to reduce interruptions.",
"method" : "POST",
"name" : "service_restart",
"parameters" : {
"service" : {
"description" : "Service ID",
"enum" : [
- "pveproxy",
- "pvedaemon",
- "spiceproxy",
- "pvestatd",
- "pve-cluster",
+ "chrony",
"corosync",
+ "cron",
+ "ksmtuned",
+ "postfix",
+ "pve-cluster",
"pve-firewall",
- "pvefw-logger",
"pve-ha-crm",
"pve-ha-lrm",
+ "pvedaemon",
+ "pvefw-logger",
+ "pveproxy",
+ "pvescheduler",
+ "pvestatd",
+ "spiceproxy",
"sshd",
"syslog",
- "cron",
- "postfix",
- "ksmtuned",
+ "systemd-journald",
"systemd-timesyncd"
],
"type" : "string"
{
"info" : {
"POST" : {
- "description" : "Reload service.",
+ "allowtoken" : 1,
+ "description" : "Reload service. Falls back to restart if service cannot be reloaded.",
"method" : "POST",
"name" : "service_reload",
"parameters" : {
"service" : {
"description" : "Service ID",
"enum" : [
- "pveproxy",
- "pvedaemon",
- "spiceproxy",
- "pvestatd",
- "pve-cluster",
+ "chrony",
"corosync",
+ "cron",
+ "ksmtuned",
+ "postfix",
+ "pve-cluster",
"pve-firewall",
- "pvefw-logger",
"pve-ha-crm",
"pve-ha-lrm",
+ "pvedaemon",
+ "pvefw-logger",
+ "pveproxy",
+ "pvescheduler",
+ "pvestatd",
+ "spiceproxy",
"sshd",
"syslog",
- "cron",
- "postfix",
- "ksmtuned",
+ "systemd-journald",
"systemd-timesyncd"
],
"type" : "string"
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index",
"method" : "GET",
"name" : "srvcmdidx",
"service" : {
"description" : "Service ID",
"enum" : [
- "pveproxy",
- "pvedaemon",
- "spiceproxy",
- "pvestatd",
- "pve-cluster",
+ "chrony",
"corosync",
+ "cron",
+ "ksmtuned",
+ "postfix",
+ "pve-cluster",
"pve-firewall",
- "pvefw-logger",
"pve-ha-crm",
"pve-ha-lrm",
+ "pvedaemon",
+ "pvefw-logger",
+ "pveproxy",
+ "pvescheduler",
+ "pvestatd",
+ "spiceproxy",
"sshd",
"syslog",
- "cron",
- "postfix",
- "ksmtuned",
+ "systemd-journald",
"systemd-timesyncd"
],
"type" : "string"
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Service list.",
"method" : "GET",
"name" : "index",
},
{
"info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete subscription key of this node.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "null"
+ }
+ },
"GET" : {
+ "allowtoken" : 1,
"description" : "Read subscription info.",
"method" : "GET",
"name" : "get",
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Update subscription info.",
"method" : "POST",
"name" : "update",
"properties" : {
"force" : {
"default" : 0,
- "description" : "Always connect to server, even if we have up to date info inside local cache.",
+ "description" : "Always connect to server, even if local cache is still valid.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Set subscription key.",
"method" : "PUT",
"name" : "set",
"key" : {
"description" : "Proxmox VE subscription key",
"maxLength" : 32,
- "pattern" : "pve([124])([cbsp])-[0-9a-f]{10}",
+ "pattern" : "\\s*pve([1248])([cbsp])-[0-9a-f]{10}\\s*",
"type" : "string"
},
"node" : {
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete network device configuration",
"method" : "DELETE",
"name" : "delete_network",
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Read network device configuration",
"method" : "GET",
"name" : "network_config",
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Update network device configuration",
"method" : "PUT",
"name" : "update_network",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "bond-primary" : {
+ "description" : "Specify the primary interface for active-backup bond.",
+ "format" : "pve-iface",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"bond_mode" : {
"description" : "Bonding mode.",
"enum" : [
"type" : "string"
},
"bridge_ports" : {
- "description" : "Specify the iterfaces you want to add to your bridge.",
+ "description" : "Specify the interfaces you want to add to your bridge.",
"format" : "pve-iface-list",
"optional" : 1,
"type" : "string",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "cidr" : {
+ "description" : "IPv4 CIDR.",
+ "format" : "CIDRv4",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "cidr6" : {
+ "description" : "IPv6 CIDR.",
+ "format" : "CIDRv6",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"comments" : {
"description" : "Comments",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "mtu" : {
+ "description" : "MTU.",
+ "maximum" : 65520,
+ "minimum" : 1280,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1280 - 65520)"
+ },
"netmask" : {
"description" : "Network mask.",
"format" : "ipv4mask",
"typetext" : "<string>"
},
"ovs_ports" : {
- "description" : "Specify the iterfaces you want to add to your bridge.",
+ "description" : "Specify the interfaces you want to add to your bridge.",
"format" : "pve-iface-list",
"optional" : 1,
"type" : "string",
"unknown"
],
"type" : "string"
+ },
+ "vlan-id" : {
+ "description" : "vlan-id for a custom named vlan interface (ifupdown2 only).",
+ "maximum" : 4094,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 4094)"
+ },
+ "vlan-raw-device" : {
+ "description" : "Specify the raw interface for the vlan interface.",
+ "format" : "pve-iface",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
],
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Revert network configuration changes.",
"method" : "DELETE",
"name" : "revert_network_changes",
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "List available networks",
"method" : "GET",
"name" : "index",
"OVSBond",
"OVSPort",
"OVSIntPort",
- "any_bridge"
+ "any_bridge",
+ "any_local_bridge"
],
"optional" : 1,
"type" : "string"
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create network device configuration",
"method" : "POST",
"name" : "create_network",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "bond-primary" : {
+ "description" : "Specify the primary interface for active-backup bond.",
+ "format" : "pve-iface",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"bond_mode" : {
"description" : "Bonding mode.",
"enum" : [
"type" : "string"
},
"bridge_ports" : {
- "description" : "Specify the iterfaces you want to add to your bridge.",
+ "description" : "Specify the interfaces you want to add to your bridge.",
"format" : "pve-iface-list",
"optional" : 1,
"type" : "string",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "cidr" : {
+ "description" : "IPv4 CIDR.",
+ "format" : "CIDRv4",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "cidr6" : {
+ "description" : "IPv6 CIDR.",
+ "format" : "CIDRv6",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"comments" : {
"description" : "Comments",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "mtu" : {
+ "description" : "MTU.",
+ "maximum" : 65520,
+ "minimum" : 1280,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1280 - 65520)"
+ },
"netmask" : {
"description" : "Network mask.",
"format" : "ipv4mask",
"typetext" : "<string>"
},
"ovs_ports" : {
- "description" : "Specify the iterfaces you want to add to your bridge.",
+ "description" : "Specify the interfaces you want to add to your bridge.",
"format" : "pve-iface-list",
"optional" : 1,
"type" : "string",
"unknown"
],
"type" : "string"
+ },
+ "vlan-id" : {
+ "description" : "vlan-id for a custom named vlan interface (ifupdown2 only).",
+ "maximum" : 4094,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 4094)"
+ },
+ "vlan-raw-device" : {
+ "description" : "Specify the raw interface for the vlan interface.",
+ "format" : "pve-iface",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Reload network configuration",
"method" : "PUT",
"name" : "reload_network_config",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read task log.",
"method" : "GET",
"name" : "read_task_log",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "download" : {
+ "description" : "Whether the tasklog file should be downloaded. This parameter can't be used in conjunction with other parameters",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"limit" : {
"default" : 50,
+ "description" : "The amount of lines to read from the tasklog.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
},
"start" : {
"default" : 0,
+ "description" : "Start at this line when reading the tasklog",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
"upid" : {
+ "description" : "The task's unique ID.",
"type" : "string",
"typetext" : "<string>"
}
}
},
"permissions" : {
- "description" : "The user needs 'Sys.Audit' permissions on '/nodes/<node>' if the task does not belong to him.",
+ "description" : "The user needs 'Sys.Audit' permissions on '/nodes/<node>' if they aren't the owner of the task.",
"user" : "all"
},
"protected" : 1,
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read task status.",
"method" : "GET",
"name" : "read_task_status",
"typetext" : "<string>"
},
"upid" : {
+ "description" : "The task's unique ID.",
"type" : "string",
"typetext" : "<string>"
}
}
},
"permissions" : {
- "description" : "The user needs 'Sys.Audit' permissions on '/nodes/<node>' if the task does not belong to him.",
+ "description" : "The user needs 'Sys.Audit' permissions on '/nodes/<node>' if they are not the owner of the task.",
"user" : "all"
},
"protected" : 1,
"proxyto" : "node",
"returns" : {
"properties" : {
+ "exitstatus" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "id" : {
+ "type" : "string"
+ },
+ "node" : {
+ "type" : "string"
+ },
"pid" : {
"type" : "integer"
},
+ "starttime" : {
+ "type" : "number"
+ },
"status" : {
"enum" : [
"running",
"stopped"
],
"type" : "string"
+ },
+ "type" : {
+ "type" : "string"
+ },
+ "upid" : {
+ "type" : "string"
+ },
+ "user" : {
+ "type" : "string"
}
},
"type" : "object"
],
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Stop a task.",
"method" : "DELETE",
"name" : "stop_task",
}
},
"permissions" : {
- "description" : "The user needs 'Sys.Modify' permissions on '/nodes/<node>' if the task does not belong to him.",
+ "description" : "The user needs 'Sys.Modify' permissions on '/nodes/<node>' if they aren't the owner of the task.",
"user" : "all"
},
"protected" : 1,
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "",
"method" : "GET",
"name" : "upid_index",
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read task list for one node (finished tasks).",
"method" : "GET",
"name" : "node_tasks",
"properties" : {
"errors" : {
"default" : 0,
+ "description" : "Only list tasks with a status of ERROR.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"type" : "string",
"typetext" : "<string>"
},
+ "since" : {
+ "description" : "Only list tasks since this UNIX epoch.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "source" : {
+ "default" : "archive",
+ "description" : "List archived, active or all tasks.",
+ "enum" : [
+ "archive",
+ "active",
+ "all"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"start" : {
"default" : 0,
"description" : "List tasks beginning from this offset.",
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
+ "statusfilter" : {
+ "description" : "List of Task States that should be returned.",
+ "format" : "pve-task-status-type-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "typefilter" : {
+ "description" : "Only list tasks of this type (e.g., vzstart, vzdump).",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "until" : {
+ "description" : "Only list tasks until this UNIX epoch.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
"userfilter" : {
"description" : "Only list tasks from this user.",
"optional" : 1,
"vmid" : {
"description" : "Only list tasks for this VM.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"type" : "integer"
},
"id" : {
- "optional" : 1,
"title" : "ID",
"type" : "string"
},
"node" : {
- "optional" : 1,
"title" : "Node",
"type" : "string"
},
"pid" : {
- "optional" : 1,
"title" : "PID",
"type" : "integer"
},
"pstart" : {
- "optional" : 1,
"type" : "integer"
},
"starttime" : {
- "optional" : 1,
"title" : "Starttime",
"type" : "integer"
},
"type" : "string"
},
"type" : {
- "optional" : 1,
"title" : "Type",
"type" : "string"
},
"type" : "string"
},
"user" : {
- "optional" : 1,
"title" : "User",
"type" : "string"
}
{
"info" : {
"GET" : {
- "description" : "Scan zfs pool list on local node.",
+ "allowtoken" : 1,
+ "description" : "Scan remote NFS server.",
"method" : "GET",
- "name" : "zfsscan",
+ "name" : "nfsscan",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
+ },
+ "server" : {
+ "description" : "The server address (name or IP).",
+ "format" : "pve-storage-server",
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
"returns" : {
"items" : {
"properties" : {
- "pool" : {
- "description" : "ZFS pool name.",
+ "options" : {
+ "description" : "NFS export options.",
+ "type" : "string"
+ },
+ "path" : {
+ "description" : "The exported path.",
"type" : "string"
}
},
}
},
"leaf" : 1,
- "path" : "/nodes/{node}/scan/zfs",
- "text" : "zfs"
+ "path" : "/nodes/{node}/scan/nfs",
+ "text" : "nfs"
},
{
"info" : {
"GET" : {
- "description" : "Scan remote NFS server.",
+ "allowtoken" : 1,
+ "description" : "Scan remote CIFS server.",
"method" : "GET",
- "name" : "nfsscan",
+ "name" : "cifsscan",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "domain" : {
+ "description" : "SMB domain (Workgroup).",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
},
+ "password" : {
+ "description" : "User password.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"server" : {
"description" : "The server address (name or IP).",
"format" : "pve-storage-server",
"type" : "string",
"typetext" : "<string>"
+ },
+ "username" : {
+ "description" : "User name.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
"returns" : {
"items" : {
"properties" : {
- "options" : {
- "description" : "NFS export options.",
+ "description" : {
+ "description" : "Descriptive text from server.",
"type" : "string"
},
- "path" : {
- "description" : "The exported path.",
+ "share" : {
+ "description" : "The cifs share name.",
"type" : "string"
}
},
}
},
"leaf" : 1,
- "path" : "/nodes/{node}/scan/nfs",
- "text" : "nfs"
+ "path" : "/nodes/{node}/scan/cifs",
+ "text" : "cifs"
},
{
"info" : {
"GET" : {
- "description" : "Scan remote CIFS server.",
+ "allowtoken" : 1,
+ "description" : "Scan remote Proxmox Backup Server.",
"method" : "GET",
- "name" : "cifsscan",
+ "name" : "pbsscan",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "domain" : {
- "description" : "SMB domain (Workgroup).",
+ "fingerprint" : {
+ "description" : "Certificate SHA 256 fingerprint.",
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
+ "type" : "string"
},
"node" : {
"description" : "The cluster node name.",
"typetext" : "<string>"
},
"password" : {
- "description" : "User password.",
- "optional" : 1,
+ "description" : "User password or API token secret.",
"type" : "string",
"typetext" : "<string>"
},
+ "port" : {
+ "default" : 8007,
+ "description" : "Optional port.",
+ "maximum" : 65535,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 65535)"
+ },
"server" : {
"description" : "The server address (name or IP).",
"format" : "pve-storage-server",
"typetext" : "<string>"
},
"username" : {
- "description" : "User name.",
- "optional" : 1,
+ "description" : "User-name or API token-ID.",
"type" : "string",
"typetext" : "<string>"
}
"returns" : {
"items" : {
"properties" : {
- "description" : {
- "description" : "Descriptive text from server.",
+ "comment" : {
+ "description" : "Comment from server.",
+ "optional" : 1,
"type" : "string"
},
- "share" : {
- "description" : "The cifs share name.",
+ "store" : {
+ "description" : "The datastore name.",
"type" : "string"
}
},
}
},
"leaf" : 1,
- "path" : "/nodes/{node}/scan/cifs",
- "text" : "cifs"
+ "path" : "/nodes/{node}/scan/pbs",
+ "text" : "pbs"
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Scan remote GlusterFS server.",
"method" : "GET",
"name" : "glusterfsscan",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Scan remote iSCSI server.",
"method" : "GET",
"name" : "iscsiscan",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List local LVM volume groups.",
"method" : "GET",
"name" : "lvmscan",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List local LVM Thin Pools.",
"method" : "GET",
"name" : "lvmthinscan",
{
"info" : {
"GET" : {
- "description" : "List local USB devices.",
+ "allowtoken" : 1,
+ "description" : "Scan zfs pool list on local node.",
"method" : "GET",
- "name" : "usbscan",
+ "name" : "zfsscan",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
"permissions" : {
"check" : [
"perm",
- "/",
+ "/storage",
[
- "Sys.Modify"
+ "Datastore.Allocate"
]
]
},
"returns" : {
"items" : {
"properties" : {
- "busnum" : {
- "type" : "integer"
- },
- "class" : {
- "type" : "integer"
- },
- "devnum" : {
- "type" : "integer"
- },
- "level" : {
- "type" : "integer"
- },
- "manufacturer" : {
- "optional" : 1,
- "type" : "string"
- },
- "port" : {
- "type" : "integer"
- },
- "prodid" : {
- "type" : "string"
- },
- "product" : {
- "optional" : 1,
- "type" : "string"
- },
- "serial" : {
- "optional" : 1,
- "type" : "string"
- },
- "speed" : {
- "type" : "string"
- },
- "usbpath" : {
- "optional" : 1,
- "type" : "string"
- },
- "vendid" : {
+ "pool" : {
+ "description" : "ZFS pool name.",
"type" : "string"
}
},
}
},
"leaf" : 1,
- "path" : "/nodes/{node}/scan/usb",
- "text" : "usb"
+ "path" : "/nodes/{node}/scan/zfs",
+ "text" : "zfs"
}
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Index of available scan methods",
"method" : "GET",
"name" : "index",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List mediated device types for given PCI device.",
"method" : "GET",
"name" : "mdevscan",
"perm",
"/",
[
+ "Sys.Audit",
"Sys.Modify"
- ]
+ ],
+ "any",
+ 1
]
},
"protected" : 1,
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Index of available pci methods",
"method" : "GET",
"name" : "pciindex",
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List local PCI devices.",
"method" : "GET",
"name" : "pciscan",
"typetext" : "<string>"
},
"pci-class-blacklist" : {
- "default" : "05;06;08;0b",
- "description" : "A list of blacklisted PCI classes, which will not be returned. Following are filtered by default: Memory Controller (05), Bridge (06), Generic System Peripheral (08) and Processor (0b).",
+ "default" : "05;06;0b",
+ "description" : "A list of blacklisted PCI classes, which will not be returned. Following are filtered by default: Memory Controller (05), Bridge (06) and Processor (0b).",
"format" : "string-list",
"optional" : 1,
"type" : "string",
"perm",
"/",
[
+ "Sys.Audit",
"Sys.Modify"
- ]
+ ],
+ "any",
+ 1
]
},
"protected" : 1,
"href" : "{id}",
"rel" : "child"
}
- ],
- "type" : "array"
- }
- }
- },
- "leaf" : 0,
- "path" : "/nodes/{node}/hardware/pci",
- "text" : "pci"
- }
- ],
- "info" : {
- "GET" : {
- "description" : "Index of hardware types",
- "method" : "GET",
- "name" : "index",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "node" : {
- "description" : "The cluster node name.",
- "format" : "pve-node",
- "type" : "string",
- "typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "user" : "all"
- },
- "returns" : {
- "items" : {
- "properties" : {
- "type" : {
- "type" : "string"
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/hardware/pci",
+ "text" : "pci"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List local USB devices.",
+ "method" : "GET",
+ "name" : "usbscan",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "busnum" : {
+ "type" : "integer"
+ },
+ "class" : {
+ "type" : "integer"
+ },
+ "devnum" : {
+ "type" : "integer"
+ },
+ "level" : {
+ "type" : "integer"
+ },
+ "manufacturer" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "port" : {
+ "type" : "integer"
+ },
+ "prodid" : {
+ "type" : "string"
+ },
+ "product" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "serial" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "speed" : {
+ "type" : "string"
+ },
+ "usbpath" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vendid" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/hardware/usb",
+ "text" : "usb"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Index of hardware types",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "type" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{type}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/hardware",
+ "text" : "hardware"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List all custom and default CPU models.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Only returns custom models when the current user has Sys.Audit on /nodes.",
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "custom" : {
+ "description" : "True if this is a custom CPU model.",
+ "type" : "boolean"
+ },
+ "name" : {
+ "description" : "Name of the CPU model. Identifies it for subsequent API calls. Prefixed with 'custom-' for custom models.",
+ "type" : "string"
+ },
+ "vendor" : {
+ "description" : "CPU vendor visible to the guest when this model is selected. Vendor of 'reported-model' in case of custom models.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/capabilities/qemu/cpu",
+ "text" : "cpu"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get available QEMU/KVM machine types.",
+ "method" : "GET",
+ "name" : "types",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "additionalProperties" : 1,
+ "properties" : {
+ "id" : {
+ "description" : "Full name of machine type and version.",
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "The machine type.",
+ "enum" : [
+ "q35",
+ "i440fx"
+ ],
+ "type" : "string"
+ },
+ "version" : {
+ "description" : "The machine version.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/capabilities/qemu/machines",
+ "text" : "machines"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "QEMU capabilities index.",
+ "method" : "GET",
+ "name" : "qemu_caps_index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/capabilities/qemu",
+ "text" : "qemu"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Node capabilities index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/capabilities",
+ "text" : "capabilities"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Prune backups. Only those using the standard naming scheme are considered.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "prune-backups" : {
+ "description" : "Use these retention options instead of those from the storage configuration.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-all=<1|0>] [,keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
+ "storage" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "type" : {
+ "description" : "Either 'qemu' or 'lxc'. Only consider backups for guests of this type.",
+ "enum" : [
+ "qemu",
+ "lxc"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vmid" : {
+ "description" : "Only prune backups for this VM.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "You need the 'Datastore.Allocate' privilege on the storage (or if a VM ID is specified, 'Datastore.AllocateSpace' and 'VM.Backup' for the VM).",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get prune information for backups. NOTE: this is only a preview and might not be what a subsequent prune call does if backups are removed/added in the meantime.",
+ "method" : "GET",
+ "name" : "dryrun",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "prune-backups" : {
+ "description" : "Use these retention options instead of those from the storage configuration.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-all=<1|0>] [,keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
+ },
+ "storage" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "type" : {
+ "description" : "Either 'qemu' or 'lxc'. Only consider backups for guests of this type.",
+ "enum" : [
+ "qemu",
+ "lxc"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vmid" : {
+ "description" : "Only consider backups for this guest.",
+ "format" : "pve-vmid",
+ "maximum" : 999999999,
+ "minimum" : 100,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (100 - 999999999)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/storage/{storage}",
+ [
+ "Datastore.Audit",
+ "Datastore.AllocateSpace"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "ctime" : {
+ "description" : "Creation time of the backup (seconds since the UNIX epoch).",
+ "type" : "integer"
+ },
+ "mark" : {
+ "description" : "Whether the backup would be kept or removed. Backups that are protected or don't use the standard naming scheme are not removed.",
+ "enum" : [
+ "keep",
+ "remove",
+ "protected",
+ "renamed"
+ ],
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "One of 'qemu', 'lxc', 'openvz' or 'unknown'.",
+ "type" : "string"
+ },
+ "vmid" : {
+ "description" : "The VM the backup belongs to.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "volid" : {
+ "description" : "Backup volume ID.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
}
},
- "type" : "object"
+ "leaf" : 1,
+ "path" : "/nodes/{node}/storage/{storage}/prunebackups",
+ "text" : "prunebackups"
},
- "links" : [
- {
- "href" : "{type}",
- "rel" : "child"
- }
- ],
- "type" : "array"
- }
- }
- },
- "leaf" : 0,
- "path" : "/nodes/{node}/hardware",
- "text" : "hardware"
- },
- {
- "children" : [
- {
- "children" : [
{
"children" : [
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete volume",
"method" : "DELETE",
"name" : "delete",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "delay" : {
+ "description" : "Time to wait for the task to finish. We return 'null' if the task finish within that time.",
+ "maximum" : 30,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 30)"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"volume" : {
"description" : "Volume identifier",
"protected" : 1,
"proxyto" : "node",
"returns" : {
- "type" : "null"
+ "optional" : 1,
+ "type" : "string"
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Get volume attributes",
"method" : "GET",
"name" : "info",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"volume" : {
"description" : "Volume identifier",
"protected" : 1,
"proxyto" : "node",
"returns" : {
+ "properties" : {
+ "format" : {
+ "description" : "Format identifier ('raw', 'qcow2', 'subvol', 'iso', 'tgz' ...)",
+ "type" : "string"
+ },
+ "notes" : {
+ "description" : "Optional notes.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "path" : {
+ "description" : "The Path",
+ "type" : "string"
+ },
+ "protected" : {
+ "description" : "Protection status. Currently only supported for backups.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "size" : {
+ "description" : "Volume size in bytes.",
+ "renderer" : "bytes",
+ "type" : "integer"
+ },
+ "used" : {
+ "description" : "Used space. Please note that most storage plugins do not report anything useful here.",
+ "renderer" : "bytes",
+ "type" : "integer"
+ }
+ },
"type" : "object"
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Copy a volume. This is experimental code - do not use.",
"method" : "POST",
"name" : "copy",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"target" : {
"description" : "Target volume identifier",
"returns" : {
"type" : "string"
}
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update volume attributes",
+ "method" : "PUT",
+ "name" : "updateattributes",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "notes" : {
+ "description" : "The new notes.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "protected" : {
+ "description" : "Protection status. Currently only supported for backups.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "storage" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "volume" : {
+ "description" : "Volume identifier",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "You need read access for the volume.",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "null"
+ }
}
},
"leaf" : 1,
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List storage content.",
"method" : "GET",
"name" : "index",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"vmid" : {
"description" : "Only list images for this VM",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"returns" : {
"items" : {
"properties" : {
+ "ctime" : {
+ "description" : "Creation time (seconds since the UNIX Epoch).",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "encrypted" : {
+ "description" : "If whole backup is encrypted, value is the fingerprint or '1' if encrypted. Only useful for the Proxmox Backup Server storage type.",
+ "optional" : 1,
+ "type" : "string"
+ },
"format" : {
"description" : "Format identifier ('raw', 'qcow2', 'subvol', 'iso', 'tgz' ...)",
"type" : "string"
},
+ "notes" : {
+ "description" : "Optional notes. If they contain multiple lines, only the first one is returned here.",
+ "optional" : 1,
+ "type" : "string"
+ },
"parent" : {
"description" : "Volume identifier of parent (for linked cloned).",
"optional" : 1,
"type" : "string"
},
+ "protected" : {
+ "description" : "Protection status. Currently only supported for backups.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"size" : {
"description" : "Volume size in bytes.",
"renderer" : "bytes",
"type" : "integer"
},
"used" : {
- "description" : "Used space. Please note that most storage plugins does not report anything useful here.",
+ "description" : "Used space. Please note that most storage plugins do not report anything useful here.",
"optional" : 1,
"renderer" : "bytes",
"type" : "integer"
},
+ "verification" : {
+ "description" : "Last backup verification result, only useful for PBS storages.",
+ "optional" : 1,
+ "properties" : {
+ "state" : {
+ "description" : "Last backup verification state.",
+ "type" : "string"
+ },
+ "upid" : {
+ "description" : "Last backup verification UPID.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
"vmid" : {
"description" : "Associated Owner VMID.",
"optional" : 1,
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Allocate disk images.",
"method" : "POST",
"name" : "create",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"vmid" : {
"description" : "Specify owner VM",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
}
}
},
"path" : "/nodes/{node}/storage/{storage}/content",
"text" : "content"
},
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List files and directories for single file restore under the given path.",
+ "method" : "GET",
+ "name" : "list",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "filepath" : {
+ "description" : "base64-path to the directory or file being listed, or \"/\".",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "storage" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "volume" : {
+ "description" : "Backup volume ID or name. Currently only PBS snapshots are supported.",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "You need read access for the volume.",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "filepath" : {
+ "description" : "base64 path of the current entry",
+ "type" : "string"
+ },
+ "leaf" : {
+ "description" : "If this entry is a leaf in the directory graph.",
+ "type" : "boolean"
+ },
+ "mtime" : {
+ "description" : "Entry last-modified time (unix timestamp).",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "size" : {
+ "description" : "Entry file size.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "text" : {
+ "description" : "Entry display text.",
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "Entry type.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/storage/{storage}/file-restore/list",
+ "text" : "list"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Extract a file or directory (as zip archive) from a PBS backup.",
+ "method" : "GET",
+ "name" : "download",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "filepath" : {
+ "description" : "base64-path to the directory or file to download.",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "storage" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "tar" : {
+ "default" : 0,
+ "description" : "Download dirs as 'tar.zst' instead of 'zip'.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "volume" : {
+ "description" : "Backup volume ID or name. Currently only PBS snapshots are supported.",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "You need read access for the volume.",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "any"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/storage/{storage}/file-restore/download",
+ "text" : "download"
+ }
+ ],
+ "leaf" : 0,
+ "path" : "/nodes/{node}/storage/{storage}/file-restore",
+ "text" : "file-restore"
+ },
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read storage status.",
"method" : "GET",
"name" : "read_status",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
}
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read storage RRD statistics (returns PNG).",
"method" : "GET",
"name" : "rrd",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"timeframe" : {
"description" : "Specify the time frame you are interested in.",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read storage RRD statistics.",
"method" : "GET",
"name" : "rrddata",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"timeframe" : {
"description" : "Specify the time frame you are interested in.",
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Upload templates and ISO images.",
"method" : "POST",
"name" : "upload",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "checksum" : {
+ "description" : "The expected checksum of the file.",
+ "optional" : 1,
+ "requires" : "checksum-algorithm",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "checksum-algorithm" : {
+ "description" : "The algorithm to calculate the checksum of the file.",
+ "enum" : [
+ "md5",
+ "sha1",
+ "sha224",
+ "sha256",
+ "sha384",
+ "sha512"
+ ],
+ "optional" : 1,
+ "requires" : "checksum",
+ "type" : "string"
+ },
"content" : {
"description" : "Content type.",
+ "enum" : [
+ "iso",
+ "vztmpl"
+ ],
"format" : "pve-storage-content",
- "type" : "string",
- "typetext" : "<string>"
+ "type" : "string"
},
"filename" : {
- "description" : "The name of the file to create.",
+ "description" : "The name of the file to create. Caution: This will be normalized!",
+ "maxLength" : 255,
"type" : "string",
"typetext" : "<string>"
},
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"tmpfilename" : {
- "description" : "The source file name. This parameter is usually set by the REST handler. You can only overwrite it when connecting to the trustet port on localhost.",
+ "description" : "The source file name. This parameter is usually set by the REST handler. You can only overwrite it when connecting to the trusted port on localhost.",
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "pattern" : "/var/tmp/pveupload-[0-9a-f]+",
+ "type" : "string"
}
}
},
"leaf" : 1,
"path" : "/nodes/{node}/storage/{storage}/upload",
"text" : "upload"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Download templates and ISO images by using an URL.",
+ "method" : "POST",
+ "name" : "download_url",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "checksum" : {
+ "description" : "The expected checksum of the file.",
+ "optional" : 1,
+ "requires" : "checksum-algorithm",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "checksum-algorithm" : {
+ "description" : "The algorithm to calculate the checksum of the file.",
+ "enum" : [
+ "md5",
+ "sha1",
+ "sha224",
+ "sha256",
+ "sha384",
+ "sha512"
+ ],
+ "optional" : 1,
+ "requires" : "checksum",
+ "type" : "string"
+ },
+ "compression" : {
+ "description" : "Decompress the downloaded file using the specified compression algorithm.",
+ "enum" : null,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "content" : {
+ "description" : "Content type.",
+ "enum" : [
+ "iso",
+ "vztmpl"
+ ],
+ "format" : "pve-storage-content",
+ "type" : "string"
+ },
+ "filename" : {
+ "description" : "The name of the file to create. Caution: This will be normalized!",
+ "maxLength" : 255,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "storage" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "url" : {
+ "description" : "The URL to download the file from.",
+ "pattern" : "https?://.*",
+ "type" : "string"
+ },
+ "verify-certificates" : {
+ "default" : 1,
+ "description" : "If false, no SSL/TLS certificates will be verified.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "and",
+ [
+ "perm",
+ "/storage/{storage}",
+ [
+ "Datastore.AllocateTemplate"
+ ]
+ ],
+ [
+ "or",
+ [
+ "perm",
+ "/",
+ [
+ "Sys.Audit",
+ "Sys.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.AccessNetwork"
+ ]
+ ]
+ ]
+ ],
+ "description" : "Requires allocation access on the storage and as this allows one to probe the (local!) host network indirectly it also requires one of Sys.Modify on / (for backwards compatibility) or the newer Sys.AccessNetwork privilege on the node."
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/storage/{storage}/download-url",
+ "text" : "download-url"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get the base parameters for creating a guest which imports data from a foreign importable guest, like an ESXi VM",
+ "method" : "GET",
+ "name" : "get_import_metadata",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "storage" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "volume" : {
+ "description" : "Volume identifier for the guest archive/entry.",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "You need read access for the volume.",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "additionalProperties" : 0,
+ "description" : "Information about how to import a guest.",
+ "properties" : {
+ "create-args" : {
+ "additionalProperties" : 1,
+ "description" : "Parameters which can be used in a call to create a VM or container.",
+ "type" : "object"
+ },
+ "disks" : {
+ "additionalProperties" : 1,
+ "description" : "Recognised disk volumes as `$bus$id` => `$storeid:$path` map.",
+ "optional" : 1,
+ "type" : "object"
+ },
+ "net" : {
+ "additionalProperties" : 1,
+ "description" : "Recognised network interfaces as `net$id` => { ...params } object.",
+ "optional" : 1,
+ "type" : "object"
+ },
+ "source" : {
+ "description" : "The type of the import-source of this guest volume.",
+ "enum" : [
+ "esxi"
+ ],
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "The type of guest this is going to produce.",
+ "enum" : [
+ "vm"
+ ],
+ "type" : "string"
+ },
+ "warnings" : {
+ "description" : "List of known issues that can affect the import of a guest. Note that lack of warning does not imply that there cannot be any problems.",
+ "items" : {
+ "additionalProperties" : 1,
+ "properties" : {
+ "key" : {
+ "description" : "Related subject (config) key of warning.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "What this warning is about.",
+ "enum" : [
+ "cdrom-image-ignored",
+ "efi-state-lost",
+ "guest-is-running",
+ "nvme-unsupported",
+ "ovmf-with-lsi-unsupported",
+ "serial-port-socket-only"
+ ],
+ "type" : "string"
+ },
+ "value" : {
+ "description" : "Related subject (config) value of warning.",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "optional" : 1,
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/storage/{storage}/import-metadata",
+ "text" : "import-metadata"
}
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "",
"method" : "GET",
"name" : "diridx",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get status for all datastores.",
"method" : "GET",
"name" : "index",
"storage" : {
"description" : "Only list status for specified storage",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"target" : {
"description" : "If target is different to 'node', we only lists shared storages which content is accessible on this 'node' and the specified 'target' node.",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string"
},
"total" : {
{
"children" : [
{
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Remove an LVM Volume Group.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "cleanup-config" : {
+ "default" : 0,
+ "description" : "Marks associated storage(s) as not available on this node anymore or removes them from the configuration (if configured for this node only).",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "cleanup-disks" : {
+ "default" : 0,
+ "description" : "Also wipe disks so they can be repurposed afterwards.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "name" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ],
+ "description" : "Requires additionally 'Datastore.Allocate' on /storage when setting 'cleanup-config'"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/disks/lvm/{name}",
+ "text" : "{name}"
+ }
+ ],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List LVM Volume Groups",
"method" : "GET",
"name" : "index",
"perm",
"/",
[
- "Sys.Audit",
- "Datastore.Audit"
- ],
- "any",
- 1
+ "Sys.Audit"
+ ]
]
},
"protected" : 1,
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create an LVM Volume Group",
"method" : "POST",
"name" : "create",
"name" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"node" : {
"description" : "The cluster node name.",
"perm",
"/",
[
- "Sys.Modify",
- "Datastore.Allocate"
+ "Sys.Modify"
]
- ]
+ ],
+ "description" : "Requires additionally 'Datastore.Allocate' on /storage when setting 'add_storage'"
},
"protected" : 1,
"proxyto" : "node",
}
}
},
- "leaf" : 1,
+ "leaf" : 0,
"path" : "/nodes/{node}/disks/lvm",
"text" : "lvm"
},
{
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Remove an LVM thin pool.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "cleanup-config" : {
+ "default" : 0,
+ "description" : "Marks associated storage(s) as not available on this node anymore or removes them from the configuration (if configured for this node only).",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "cleanup-disks" : {
+ "default" : 0,
+ "description" : "Also wipe disks so they can be repurposed afterwards.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "name" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "volume-group" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ],
+ "description" : "Requires additionally 'Datastore.Allocate' on /storage when setting 'cleanup-config'"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/disks/lvmthin/{name}",
+ "text" : "{name}"
+ }
+ ],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List LVM thinpools",
"method" : "GET",
"name" : "index",
"perm",
"/",
[
- "Sys.Audit",
- "Datastore.Audit"
- ],
- "any",
- 1
+ "Sys.Audit"
+ ]
]
},
"protected" : 1,
"used" : {
"description" : "The used bytes of the thinpool.",
"type" : "integer"
+ },
+ "vg" : {
+ "description" : "The associated volume group.",
+ "type" : "string"
}
},
"type" : "object"
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create an LVM thinpool",
"method" : "POST",
"name" : "create",
"name" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"node" : {
"description" : "The cluster node name.",
"perm",
"/",
[
- "Sys.Modify",
- "Datastore.Allocate"
+ "Sys.Modify"
]
- ]
+ ],
+ "description" : "Requires additionally 'Datastore.Allocate' on /storage when setting 'add_storage'"
},
"protected" : 1,
"proxyto" : "node",
}
}
},
- "leaf" : 1,
+ "leaf" : 0,
"path" : "/nodes/{node}/disks/lvmthin",
"text" : "lvmthin"
},
{
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Unmounts the storage and removes the mount unit.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "cleanup-config" : {
+ "default" : 0,
+ "description" : "Marks associated storage(s) as not available on this node anymore or removes them from the configuration (if configured for this node only).",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "cleanup-disks" : {
+ "default" : 0,
+ "description" : "Also wipe disk so it can be repurposed afterwards.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "name" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ],
+ "description" : "Requires additionally 'Datastore.Allocate' on /storage when setting 'cleanup-config'"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/disks/directory/{name}",
+ "text" : "{name}"
+ }
+ ],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "PVE Managed Directory storages.",
"method" : "GET",
"name" : "index",
"perm",
"/",
[
- "Sys.Audit",
- "Datastore.Audit"
- ],
- "any",
- 1
+ "Sys.Audit"
+ ]
]
},
"protected" : 1,
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create a Filesystem on an unused disk. Will be mounted under '/mnt/pve/NAME'.",
"method" : "POST",
"name" : "create",
"name" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"node" : {
"description" : "The cluster node name.",
"perm",
"/",
[
- "Sys.Modify",
- "Datastore.Allocate"
+ "Sys.Modify"
]
- ]
+ ],
+ "description" : "Requires additionally 'Datastore.Allocate' on /storage when setting 'add_storage'"
},
"protected" : 1,
"proxyto" : "node",
}
}
},
- "leaf" : 1,
+ "leaf" : 0,
"path" : "/nodes/{node}/disks/directory",
"text" : "directory"
},
"children" : [
{
"info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Destroy a ZFS pool.",
+ "method" : "DELETE",
+ "name" : "delete",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "cleanup-config" : {
+ "default" : 0,
+ "description" : "Marks associated storage(s) as not available on this node anymore or removes them from the configuration (if configured for this node only).",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "cleanup-disks" : {
+ "default" : 0,
+ "description" : "Also wipe disks so they can be repurposed afterwards.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "name" : {
+ "description" : "The storage identifier.",
+ "format" : "pve-storage-id",
+ "format_description" : "storage ID",
+ "type" : "string",
+ "typetext" : "<storage ID>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/",
+ [
+ "Sys.Modify"
+ ]
+ ],
+ "description" : "Requires additionally 'Datastore.Allocate' on /storage when setting 'cleanup-config'"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ },
"GET" : {
+ "allowtoken" : 1,
"description" : "Get details about a zpool.",
"method" : "GET",
"name" : "detail",
"name" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"node" : {
"description" : "The cluster node name.",
"perm",
"/",
[
- "Sys.Audit",
- "Datastore.Audit"
- ],
- "any",
- 1
+ "Sys.Audit"
+ ]
]
},
"protected" : 1,
},
"scan" : {
"description" : "Information about the last/current scrub.",
+ "optional" : 1,
"type" : "string"
},
"state" : {
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List Zpools.",
"method" : "GET",
"name" : "index",
"perm",
"/",
[
- "Sys.Audit",
- "Datastore.Audit"
- ],
- "any",
- 1
+ "Sys.Audit"
+ ]
]
},
"protected" : 1,
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create a ZFS pool.",
"method" : "POST",
"name" : "create",
"gzip",
"lz4",
"lzjb",
- "zle"
+ "zle",
+ "zstd"
],
"optional" : 1,
"type" : "string"
"type" : "string",
"typetext" : "<string>"
},
+ "draid-config" : {
+ "format" : {
+ "data" : {
+ "description" : "The number of data devices per redundancy group. (dRAID)",
+ "minimum" : 1,
+ "type" : "integer"
+ },
+ "spares" : {
+ "description" : "Number of dRAID spares.",
+ "minimum" : 0,
+ "type" : "integer"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "data=<integer> ,spares=<integer>"
+ },
"name" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"node" : {
"description" : "The cluster node name.",
"raid10",
"raidz",
"raidz2",
- "raidz3"
+ "raidz3",
+ "draid",
+ "draid2",
+ "draid3"
],
"type" : "string"
}
"perm",
"/",
[
- "Sys.Modify",
- "Datastore.Allocate"
+ "Sys.Modify"
]
- ]
+ ],
+ "description" : "Requires additionally 'Datastore.Allocate' on /storage when setting 'add_storage'"
},
"protected" : 1,
"proxyto" : "node",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List local disks.",
"method" : "GET",
"name" : "list",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "include-partitions" : {
+ "default" : 0,
+ "description" : "Also include partitions.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
},
"permissions" : {
"check" : [
- "perm",
- "/",
+ "or",
[
- "Sys.Audit",
- "Datastore.Audit"
+ "perm",
+ "/",
+ [
+ "Sys.Audit"
+ ]
],
- "any",
- 1
+ [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Audit"
+ ]
+ ]
]
},
"protected" : 1,
"optional" : 1,
"type" : "string"
},
+ "mounted" : {
+ "type" : "boolean"
+ },
"osdid" : {
"type" : "integer"
},
+ "osdid-list" : {
+ "items" : {
+ "type" : "integer"
+ },
+ "type" : "array"
+ },
+ "parent" : {
+ "description" : "For partitions only. The device path of the disk the partition resides on.",
+ "optional" : 1,
+ "type" : "string"
+ },
"serial" : {
"optional" : 1,
"type" : "string"
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get SMART Health of a disk.",
"method" : "GET",
"name" : "smart",
"perm",
"/",
[
- "Sys.Audit",
- "Datastore.Audit"
- ],
- "any",
- 1
+ "Sys.Audit"
+ ]
]
},
"protected" : 1,
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Initialize Disk with GPT",
"method" : "POST",
"name" : "initgpt",
"leaf" : 1,
"path" : "/nodes/{node}/disks/initgpt",
"text" : "initgpt"
+ },
+ {
+ "info" : {
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Wipe a disk or partition.",
+ "method" : "PUT",
+ "name" : "wipe_disk",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "disk" : {
+ "description" : "Block device name",
+ "pattern" : "^/dev/[a-zA-Z0-9\\/]+$",
+ "type" : "string"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/disks/wipedisk",
+ "text" : "wipedisk"
}
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Node index.",
"method" : "GET",
"name" : "index",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List available updates.",
"method" : "GET",
"name" : "list_updates",
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "This is used to resynchronize the package index files from their sources (apt-get update).",
"method" : "POST",
"name" : "update_database",
},
"notify" : {
"default" : 0,
- "description" : "Send notification mail about new packages (to email address specified for user 'root@pam').",
+ "description" : "Send notification about new packages.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get package changelogs.",
"method" : "GET",
"name" : "changelog",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
+ "description" : "Get APT repository information.",
+ "method" : "GET",
+ "name" : "repositories",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Audit"
+ ]
+ ]
+ },
+ "proxyto" : "node",
+ "returns" : {
+ "description" : "Result from parsing the APT repository files in /etc/apt/.",
+ "properties" : {
+ "digest" : {
+ "description" : "Common digest of all files.",
+ "type" : "string"
+ },
+ "errors" : {
+ "description" : "List of problematic repository files.",
+ "items" : {
+ "properties" : {
+ "error" : {
+ "description" : "The error message",
+ "type" : "string"
+ },
+ "path" : {
+ "description" : "Path to the problematic file.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ },
+ "files" : {
+ "description" : "List of parsed repository files.",
+ "items" : {
+ "properties" : {
+ "digest" : {
+ "description" : "Digest of the file as bytes.",
+ "items" : {
+ "type" : "integer"
+ },
+ "type" : "array"
+ },
+ "file-type" : {
+ "description" : "Format of the file.",
+ "enum" : [
+ "list",
+ "sources"
+ ],
+ "type" : "string"
+ },
+ "path" : {
+ "description" : "Path to the problematic file.",
+ "type" : "string"
+ },
+ "repositories" : {
+ "description" : "The parsed repositories.",
+ "items" : {
+ "properties" : {
+ "Comment" : {
+ "description" : "Associated comment",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "Components" : {
+ "description" : "List of repository components",
+ "items" : {
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "Enabled" : {
+ "description" : "Whether the repository is enabled or not",
+ "type" : "boolean"
+ },
+ "FileType" : {
+ "description" : "Format of the defining file.",
+ "enum" : [
+ "list",
+ "sources"
+ ],
+ "type" : "string"
+ },
+ "Options" : {
+ "description" : "Additional options",
+ "items" : {
+ "properties" : {
+ "Key" : {
+ "type" : "string"
+ },
+ "Values" : {
+ "items" : {
+ "type" : "string"
+ },
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "Suites" : {
+ "description" : "List of package distribuitions",
+ "items" : {
+ "type" : "string"
+ },
+ "type" : "array"
+ },
+ "Types" : {
+ "description" : "List of package types.",
+ "items" : {
+ "enum" : [
+ "deb",
+ "deb-src"
+ ],
+ "type" : "string"
+ },
+ "type" : "array"
+ },
+ "URIs" : {
+ "description" : "List of repository URIs.",
+ "items" : {
+ "type" : "string"
+ },
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ },
+ "infos" : {
+ "description" : "Additional information/warnings for APT repositories.",
+ "items" : {
+ "properties" : {
+ "index" : {
+ "description" : "Index of the associated repository within the file.",
+ "type" : "string"
+ },
+ "kind" : {
+ "description" : "Kind of the information (e.g. warning).",
+ "type" : "string"
+ },
+ "message" : {
+ "description" : "Information message.",
+ "type" : "string"
+ },
+ "path" : {
+ "description" : "Path to the associated file.",
+ "type" : "string"
+ },
+ "property" : {
+ "description" : "Property from which the info originates.",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ },
+ "standard-repos" : {
+ "description" : "List of standard repositories and their configuration status",
+ "items" : {
+ "properties" : {
+ "handle" : {
+ "description" : "Handle to identify the repository.",
+ "type" : "string"
+ },
+ "name" : {
+ "description" : "Full name of the repository.",
+ "type" : "string"
+ },
+ "status" : {
+ "description" : "Indicating enabled/disabled status, if the repository is configured.",
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Change the properties of a repository. Currently only allows enabling/disabling.",
+ "method" : "POST",
+ "name" : "change_repository",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "digest" : {
+ "description" : "Digest to detect modifications.",
+ "maxLength" : 80,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enabled" : {
+ "description" : "Whether the repository should be enabled or not.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "index" : {
+ "description" : "Index within the file (starting from 0).",
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "path" : {
+ "description" : "Path to the containing file.",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Add a standard repository to the configuration",
+ "method" : "PUT",
+ "name" : "add_repository",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "digest" : {
+ "description" : "Digest to detect modifications.",
+ "maxLength" : 80,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "handle" : {
+ "description" : "Handle that identifies a repository.",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/apt/repositories",
+ "text" : "repositories"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
"description" : "Get package information for important Proxmox packages.",
"method" : "GET",
"name" : "versions",
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index for apt (Advanced Package Tool).",
"method" : "GET",
"name" : "index",
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete rule.",
"method" : "DELETE",
"name" : "delete_rule",
"additionalProperties" : 0,
"properties" : {
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Get single rule data.",
"method" : "GET",
"name" : "get_rule",
"optional" : 1,
"type" : "integer"
},
+ "icmp-type" : {
+ "optional" : 1,
+ "type" : "string"
+ },
"iface" : {
"optional" : 1,
"type" : "string"
"optional" : 1,
"type" : "integer"
},
+ "log" : {
+ "description" : "Log level for firewall rule",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"macro" : {
"optional" : 1,
- "type" : "integer"
+ "type" : "string"
},
"pos" : {
"type" : "integer"
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Modify rule data.",
"method" : "PUT",
"name" : "update_rule",
"dest" : {
"description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
+ "icmp-type" : {
+ "description" : "Specify icmp-type. Only valid if proto equals 'icmp' or 'icmpv6'/'ipv6-icmp'.",
+ "format" : "pve-fw-icmp-type-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"iface" : {
"description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
"format" : "pve-iface",
"type" : "string",
"typetext" : "<string>"
},
+ "log" : {
+ "description" : "Log level for firewall rule.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"macro" : {
"description" : "Use predefined standard macro.",
"maxLength" : 128,
"source" : {
"description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List rules.",
"method" : "GET",
"name" : "get_rules",
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create new rule.",
"method" : "POST",
"name" : "create_rule",
"dest" : {
"description" : "Restrict packet destination address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"type" : "integer",
"typetext" : "<integer> (0 - N)"
},
+ "icmp-type" : {
+ "description" : "Specify icmp-type. Only valid if proto equals 'icmp' or 'icmpv6'/'ipv6-icmp'.",
+ "format" : "pve-fw-icmp-type-spec",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"iface" : {
"description" : "Network interface name. You have to use network configuration key names for VMs and containers ('net\\d+'). Host related rules can use arbitrary strings.",
"format" : "pve-iface",
"type" : "string",
"typetext" : "<string>"
},
+ "log" : {
+ "description" : "Log level for firewall rule.",
+ "enum" : [
+ "emerg",
+ "alert",
+ "crit",
+ "err",
+ "warning",
+ "notice",
+ "info",
+ "debug",
+ "nolog"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"macro" : {
"description" : "Use predefined standard macro.",
"maxLength" : 128,
"source" : {
"description" : "Restrict packet source address. This can refer to a single IP address, an IP set ('+ipsetname') or an IP alias definition. You can also specify an address range like '20.34.101.207-201.3.9.99', or a list of IP addresses and networks (entries are separated by comma). Please do not mix IPv4 and IPv6 addresses inside such lists.",
"format" : "pve-fw-addr-spec",
+ "maxLength" : 512,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get host firewall options.",
"method" : "GET",
"name" : "get_options",
"optional" : 1,
"type" : "string"
},
+ "log_nf_conntrack" : {
+ "default" : 0,
+ "description" : "Enable logging of conntrack information.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"ndp" : {
- "description" : "Enable NDP.",
+ "default" : 0,
+ "description" : "Enable NDP (Neighbor Discovery Protocol).",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "nf_conntrack_allow_invalid" : {
+ "default" : 0,
+ "description" : "Allow invalid packets on connection tracking.",
"optional" : 1,
"type" : "boolean"
},
+ "nf_conntrack_helpers" : {
+ "default" : "",
+ "description" : "Enable conntrack helpers for specific protocols. Supported protocols: amanda, ftp, irc, netbios-ns, pptp, sane, sip, snmp, tftp",
+ "format" : "pve-fw-conntrack-helper",
+ "optional" : 1,
+ "type" : "string"
+ },
"nf_conntrack_max" : {
+ "default" : 262144,
"description" : "Maximum number of tracked connections.",
"minimum" : 32768,
"optional" : 1,
"type" : "integer"
},
"nf_conntrack_tcp_timeout_established" : {
+ "default" : 432000,
"description" : "Conntrack established timeout.",
"minimum" : 7875,
"optional" : 1,
"type" : "integer"
},
+ "nf_conntrack_tcp_timeout_syn_recv" : {
+ "default" : 60,
+ "description" : "Conntrack syn recv timeout.",
+ "maximum" : 60,
+ "minimum" : 30,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "nftables" : {
+ "default" : 0,
+ "description" : "Enable nftables based firewall (tech preview)",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"nosmurfs" : {
"description" : "Enable SMURFS filter.",
"optional" : 1,
"type" : "boolean"
},
+ "protection_synflood" : {
+ "default" : 0,
+ "description" : "Enable synflood protection",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "protection_synflood_burst" : {
+ "default" : 1000,
+ "description" : "Synflood protection rate burst by ip src.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "protection_synflood_rate" : {
+ "default" : 200,
+ "description" : "Synflood protection rate syn/sec by ip src.",
+ "optional" : 1,
+ "type" : "integer"
+ },
"smurf_log_level" : {
"description" : "Log level for SMURFS filter.",
"enum" : [
"type" : "string"
},
"tcpflags" : {
+ "default" : 0,
"description" : "Filter illegal combinations of TCP flags.",
"optional" : 1,
"type" : "boolean"
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Set Firewall options.",
"method" : "PUT",
"name" : "set_options",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"optional" : 1,
"type" : "string"
},
+ "log_nf_conntrack" : {
+ "default" : 0,
+ "description" : "Enable logging of conntrack information.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"ndp" : {
- "description" : "Enable NDP.",
+ "default" : 0,
+ "description" : "Enable NDP (Neighbor Discovery Protocol).",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "nf_conntrack_allow_invalid" : {
+ "default" : 0,
+ "description" : "Allow invalid packets on connection tracking.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "nf_conntrack_helpers" : {
+ "default" : "",
+ "description" : "Enable conntrack helpers for specific protocols. Supported protocols: amanda, ftp, irc, netbios-ns, pptp, sane, sip, snmp, tftp",
+ "format" : "pve-fw-conntrack-helper",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"nf_conntrack_max" : {
+ "default" : 262144,
"description" : "Maximum number of tracked connections.",
"minimum" : 32768,
"optional" : 1,
"typetext" : "<integer> (32768 - N)"
},
"nf_conntrack_tcp_timeout_established" : {
+ "default" : 432000,
"description" : "Conntrack established timeout.",
"minimum" : 7875,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (7875 - N)"
},
+ "nf_conntrack_tcp_timeout_syn_recv" : {
+ "default" : 60,
+ "description" : "Conntrack syn recv timeout.",
+ "maximum" : 60,
+ "minimum" : 30,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (30 - 60)"
+ },
+ "nftables" : {
+ "default" : 0,
+ "description" : "Enable nftables based firewall (tech preview)",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "boolean",
"typetext" : "<boolean>"
},
+ "protection_synflood" : {
+ "default" : 0,
+ "description" : "Enable synflood protection",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "protection_synflood_burst" : {
+ "default" : 1000,
+ "description" : "Synflood protection rate burst by ip src.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
+ "protection_synflood_rate" : {
+ "default" : 200,
+ "description" : "Synflood protection rate syn/sec by ip src.",
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer>"
+ },
"smurf_log_level" : {
"description" : "Log level for SMURFS filter.",
"enum" : [
"type" : "string"
},
"tcpflags" : {
+ "default" : 0,
"description" : "Filter illegal combinations of TCP flags.",
"optional" : 1,
"type" : "boolean",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read firewall log",
"method" : "GET",
"name" : "log",
"type" : "string",
"typetext" : "<string>"
},
+ "since" : {
+ "description" : "Display log since this UNIX epoch.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
"start" : {
"minimum" : 0,
"optional" : 1,
"type" : "integer",
"typetext" : "<integer> (0 - N)"
+ },
+ "until" : {
+ "description" : "Display log until this UNIX epoch.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index.",
"method" : "GET",
"name" : "index",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get replication job status.",
"method" : "GET",
"name" : "job_status",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read replication job log.",
"method" : "GET",
"name" : "read_job_log",
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Schedule replication job to start as soon as possible.",
"method" : "POST",
"name" : "schedule_now",
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index.",
"method" : "GET",
"name" : "index",
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "List status of all replication jobs on this node.",
"method" : "GET",
"name" : "status",
"guest" : {
"description" : "Only list replication jobs for this guest.",
"format" : "pve-vmid",
- "minimum" : 1,
+ "maximum" : 999999999,
+ "minimum" : 100,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (1 - N)"
+ "typetext" : "<integer> (100 - 999999999)"
},
"node" : {
"description" : "The cluster node name.",
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Revoke existing certificate from CA.",
"method" : "DELETE",
"name" : "revoke_certificate",
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"proxyto" : "node",
"returns" : {
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Order a new certificate from ACME-compatible CA.",
"method" : "POST",
"name" : "new_certificate",
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"proxyto" : "node",
"returns" : {
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Renew existing certificate from CA.",
"method" : "PUT",
"name" : "renew_certificate",
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"proxyto" : "node",
"returns" : {
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "ACME index.",
"method" : "GET",
"name" : "index",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get information about node's certificates.",
"method" : "GET",
"name" : "info",
"optional" : 1,
"type" : "string"
},
+ "public-key-bits" : {
+ "description" : "Certificate's public key size",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "public-key-type" : {
+ "description" : "Certificate's public key algorithm",
+ "optional" : 1,
+ "type" : "string"
+ },
"san" : {
"description" : "List of Certificate's SubjectAlternativeName entries.",
"items" : {
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "DELETE custom certificate chain and key.",
"method" : "DELETE",
"name" : "remove_custom_cert",
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"proxyto" : "node",
"returns" : {
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Upload or update custom certificate chain and key.",
"method" : "POST",
"name" : "upload_custom_cert",
}
}
},
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
"protected" : 1,
"proxyto" : "node",
"returns" : {
"optional" : 1,
"type" : "string"
},
+ "public-key-bits" : {
+ "description" : "Certificate's public key size",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "public-key-type" : {
+ "description" : "Certificate's public key algorithm",
+ "optional" : 1,
+ "type" : "string"
+ },
"san" : {
"description" : "List of Certificate's SubjectAlternativeName entries.",
"items" : {
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Node index.",
"method" : "GET",
"name" : "index",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get node configuration options.",
"method" : "GET",
"name" : "get_config",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
+ },
+ "property" : {
+ "default" : "all",
+ "description" : "Return only a specific property from the node configuration.",
+ "enum" : [
+ "acme",
+ "acmedomain0",
+ "acmedomain1",
+ "acmedomain2",
+ "acmedomain3",
+ "acmedomain4",
+ "acmedomain5",
+ "description",
+ "startall-onboot-delay",
+ "wakeonlan"
+ ],
+ "optional" : 1,
+ "type" : "string"
}
}
},
},
"proxyto" : "node",
"returns" : {
+ "properties" : {
+ "acme" : {
+ "description" : "Node specific ACME settings.",
+ "format" : {
+ "account" : {
+ "default" : "default",
+ "description" : "ACME account config file name.",
+ "format" : "pve-configid",
+ "format_description" : "name",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "domains" : {
+ "description" : "List of domains for this node's ACME certificate",
+ "format" : "pve-acme-domain-list",
+ "format_description" : "domain[;domain;...]",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ },
+ "acmedomain[n]" : {
+ "description" : "ACME domain and validation plugin",
+ "format" : {
+ "alias" : {
+ "description" : "Alias for the Domain to verify ACME Challenge over DNS",
+ "format" : "pve-acme-alias",
+ "format_description" : "domain",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "domain" : {
+ "default_key" : 1,
+ "description" : "domain for this node's ACME certificate",
+ "format" : "pve-acme-domain",
+ "format_description" : "domain",
+ "type" : "string"
+ },
+ "plugin" : {
+ "default" : "standalone",
+ "description" : "The ACME plugin ID",
+ "format" : "pve-configid",
+ "format_description" : "name of the plugin configuration",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ },
+ "description" : {
+ "description" : "Description for the Node. Shown in the web-interface node notes panel. This is saved as comment inside the configuration file.",
+ "maxLength" : 65536,
+ "optional" : 1,
+ "type" : "string"
+ },
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 40,
+ "optional" : 1,
+ "type" : "string"
+ },
+ "startall-onboot-delay" : {
+ "default" : 0,
+ "description" : "Initial delay in seconds, before starting all the Virtual Guests with on-boot enabled.",
+ "maximum" : 300,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "wakeonlan" : {
+ "description" : "Node specific wake on LAN settings.",
+ "format" : {
+ "bind-interface" : {
+ "default" : "The interface carrying the default route",
+ "description" : "Bind to this interface when sending wake on LAN packet",
+ "format" : "pve-iface",
+ "format_description" : "bind interface",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "broadcast-address" : {
+ "default" : "255.255.255.255",
+ "description" : "IPv4 broadcast address to use when sending wake on LAN packet",
+ "format" : "ipv4",
+ "format_description" : "IPv4 broadcast address",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "mac" : {
+ "default_key" : 1,
+ "description" : "MAC address for wake on LAN",
+ "format" : "mac-addr",
+ "format_description" : "MAC address",
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
"type" : "object"
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Set node configuration options.",
"method" : "PUT",
"name" : "set_options",
"description" : "List of domains for this node's ACME certificate",
"format" : "pve-acme-domain-list",
"format_description" : "domain[;domain;...]",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[account=<name>] [,domains=<domain[;domain;...]>]"
+ },
+ "acmedomain[n]" : {
+ "description" : "ACME domain and validation plugin",
+ "format" : {
+ "alias" : {
+ "description" : "Alias for the Domain to verify ACME Challenge over DNS",
+ "format" : "pve-acme-alias",
+ "format_description" : "domain",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "domain" : {
+ "default_key" : 1,
+ "description" : "domain for this node's ACME certificate",
+ "format" : "pve-acme-domain",
+ "format_description" : "domain",
+ "type" : "string"
+ },
+ "plugin" : {
+ "default" : "standalone",
+ "description" : "The ACME plugin ID",
+ "format" : "pve-configid",
+ "format_description" : "name of the plugin configuration",
+ "optional" : 1,
"type" : "string"
}
},
"optional" : 1,
"type" : "string",
- "typetext" : "domains=<domain[;domain;...]> [,account=<name>]"
+ "typetext" : "[domain=]<domain> [,alias=<domain>] [,plugin=<name of the plugin configuration>]"
},
"delete" : {
"description" : "A list of settings you want to delete.",
"typetext" : "<string>"
},
"description" : {
- "description" : "Node description/comment.",
+ "description" : "Description for the Node. Shown in the web-interface node notes panel. This is saved as comment inside the configuration file.",
+ "maxLength" : 65536,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
+ },
+ "startall-onboot-delay" : {
+ "default" : 0,
+ "description" : "Initial delay in seconds, before starting all the Virtual Guests with on-boot enabled.",
+ "maximum" : 300,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 300)"
+ },
+ "wakeonlan" : {
+ "description" : "Node specific wake on LAN settings.",
+ "format" : {
+ "bind-interface" : {
+ "default" : "The interface carrying the default route",
+ "description" : "Bind to this interface when sending wake on LAN packet",
+ "format" : "pve-iface",
+ "format_description" : "bind interface",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "broadcast-address" : {
+ "default" : "255.255.255.255",
+ "description" : "IPv4 broadcast address to use when sending wake on LAN packet",
+ "format" : "ipv4",
+ "format_description" : "IPv4 broadcast address",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "mac" : {
+ "default_key" : 1,
+ "description" : "MAC address for wake on LAN",
+ "format" : "mac-addr",
+ "format_description" : "MAC address",
+ "type" : "string"
+ }
+ },
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[mac=]<MAC address> [,bind-interface=<bind interface>] [,broadcast-address=<IPv4 broadcast address>]"
}
}
},
"text" : "config"
},
{
+ "children" : [
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List zone content.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}",
+ [
+ "SDN.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "status" : {
+ "description" : "Status.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "statusmsg" : {
+ "description" : "Status details",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "vnet" : {
+ "description" : "Vnet identifier.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{vnet}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/sdn/zones/{zone}/content",
+ "text" : "content"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "",
+ "method" : "GET",
+ "name" : "diridx",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/sdn/zones/{zone}",
+ [
+ "SDN.Audit"
+ ],
+ "any",
+ 1
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "subdir" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{subdir}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/sdn/zones/{zone}",
+ "text" : "{zone}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get status for all zones.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Only list entries where you have 'SDN.Audit'",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "status" : {
+ "description" : "Status of zone",
+ "enum" : [
+ "available",
+ "pending",
+ "error"
+ ],
+ "type" : "string"
+ },
+ "zone" : {
+ "description" : "The SDN zone object identifier.",
+ "format" : "pve-sdn-zone-id",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{zone}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/sdn/zones",
+ "text" : "zones"
+ }
+ ],
"info" : {
"GET" : {
+ "allowtoken" : 1,
+ "description" : "SDN index.",
+ "method" : "GET",
+ "name" : "sdnindex",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{name}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/nodes/{node}/sdn",
+ "text" : "sdn"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
"description" : "API version details",
"method" : "GET",
"name" : "version",
"returns" : {
"properties" : {
"release" : {
+ "description" : "The current installed Proxmox VE Release",
"type" : "string"
},
"repoid" : {
+ "description" : "The short git commit hash ID from which this version was build",
"type" : "string"
},
"version" : {
+ "description" : "The current installed pve-manager package version",
"type" : "string"
}
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read node status",
"method" : "GET",
"name" : "status",
},
"proxyto" : "node",
"returns" : {
+ "additionalProperties" : 1,
+ "properties" : {
+ "boot-info" : {
+ "description" : "Meta-information about the boot mode.",
+ "properties" : {
+ "mode" : {
+ "description" : "Through which firmware the system got booted.",
+ "enum" : [
+ "efi",
+ "legacy-bios"
+ ],
+ "type" : "string"
+ },
+ "secureboot" : {
+ "description" : "System is booted in secure mode, only applicable for the \"efi\" mode.",
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ },
+ "current-kernel" : {
+ "description" : "The uptime of the system in seconds.",
+ "properties" : {
+ "machine" : {
+ "description" : "Hardware (architecture) type",
+ "type" : "string"
+ },
+ "release" : {
+ "description" : "OS kernel release (e.g., \"6.8.0\")",
+ "type" : "string"
+ },
+ "sysname" : {
+ "description" : "OS kernel name (e.g., \"Linux\")",
+ "type" : "string"
+ },
+ "version" : {
+ "description" : "OS kernel version with build info",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
"type" : "object"
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Reboot or shutdown a node.",
"method" : "POST",
"name" : "node_cmd",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read tap/vm network device interface counters",
"method" : "GET",
"name" : "netstat",
{
"info" : {
"POST" : {
- "description" : "Execute multiple commands in order.",
+ "allowtoken" : 1,
+ "description" : "Execute multiple commands in order, root only.",
"method" : "POST",
"name" : "execute",
"parameters" : {
"properties" : {
"commands" : {
"description" : "JSON encoded array of commands.",
+ "format" : "pve-command-batch",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<string>",
+ "verbose_description" : "JSON encoded array of commands, where each command is an object with the following properties:\n args: <object>\n\t A set of parameter names and their values.\n\n method: (GET|POST|PUT|DELETE)\n\t A method related to the API endpoint (GET, POST etc.).\n\n path: <string>\n\t A relative path to an API endpoint on this node.\n\n"
},
"node" : {
"description" : "The cluster node name.",
}
}
},
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "properties" : {},
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/execute",
+ "text" : "execute"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Try to wake a node via 'wake on LAN' network packet.",
+ "method" : "POST",
+ "name" : "wakeonlan",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "target node for wake on LAN packet",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
"permissions" : {
"check" : [
"perm",
"/nodes/{node}",
[
- "Sys.Audit"
+ "Sys.PowerMgmt"
]
]
},
"protected" : 1,
- "proxyto" : "node",
"returns" : {
- "type" : "array"
+ "description" : "MAC address used to assemble the WoL magic packet.",
+ "format" : "mac-addr",
+ "type" : "string"
}
}
},
"leaf" : 1,
- "path" : "/nodes/{node}/execute",
- "text" : "execute"
+ "path" : "/nodes/{node}/wakeonlan",
+ "text" : "wakeonlan"
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read node RRD statistics (returns PNG)",
"method" : "GET",
"name" : "rrd",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read node RRD statistics",
"method" : "GET",
"name" : "rrddata",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read system log",
"method" : "GET",
"name" : "syslog",
"path" : "/nodes/{node}/syslog",
"text" : "syslog"
},
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Read Journal",
+ "method" : "GET",
+ "name" : "journal",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "endcursor" : {
+ "description" : "End before the given Cursor. Conflicts with 'until'",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "lastentries" : {
+ "description" : "Limit to the last X lines. Conflicts with a range.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "since" : {
+ "description" : "Display all log since this UNIX epoch. Conflicts with 'startcursor'.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "startcursor" : {
+ "description" : "Start after the given Cursor. Conflicts with 'since'",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "until" : {
+ "description" : "Display all log until this UNIX epoch. Conflicts with 'endcursor'.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.Syslog"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "items" : {
+ "type" : "string"
+ },
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/journal",
+ "text" : "journal"
+ },
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Creates a VNC Shell proxy.",
"method" : "POST",
"name" : "vncshell",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "cmd" : {
+ "default" : "login",
+ "description" : "Run specific command or default to login (requires 'root@pam')",
+ "enum" : [
+ "upgrade",
+ "ceph_install",
+ "login"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "cmd-opts" : {
+ "default" : "",
+ "description" : "Add parameters to a command. Encoded as null terminated strings.",
+ "optional" : 1,
+ "requires" : "cmd",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"height" : {
"description" : "sets the height of the console in pixels.",
"maximum" : 2160,
"type" : "string",
"typetext" : "<string>"
},
- "upgrade" : {
- "default" : 0,
- "description" : "Run 'apt-get dist-upgrade' instead of normal shell.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
"websocket" : {
"description" : "use websocket instead of standard vnc.",
"optional" : 1,
[
"Sys.Console"
]
- ],
- "description" : "Restricted to users on realm 'pam'"
+ ]
},
"protected" : 1,
"returns" : {
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Creates a VNC Shell proxy.",
"method" : "POST",
"name" : "termproxy",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "cmd" : {
+ "default" : "login",
+ "description" : "Run specific command or default to login (requires 'root@pam')",
+ "enum" : [
+ "upgrade",
+ "ceph_install",
+ "login"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "cmd-opts" : {
+ "default" : "",
+ "description" : "Add parameters to a command. Encoded as null terminated strings.",
+ "optional" : 1,
+ "requires" : "cmd",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
- },
- "upgrade" : {
- "default" : 0,
- "description" : "Run 'apt-get dist-upgrade' instead of normal shell.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
}
}
},
[
"Sys.Console"
]
- ],
- "description" : "Restricted to users on realm 'pam'"
+ ]
},
"protected" : 1,
"returns" : {
{
"info" : {
"GET" : {
- "description" : "Opens a weksocket for VNC traffic.",
+ "allowtoken" : 1,
+ "description" : "Opens a websocket for VNC traffic.",
"method" : "GET",
"name" : "vncwebsocket",
"parameters" : {
"Sys.Console"
]
],
- "description" : "Restricted to users on realm 'pam'. You also need to pass a valid ticket (vncticket)."
+ "description" : "You also need to pass a valid ticket (vncticket)."
},
"returns" : {
"properties" : {
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Creates a SPICE shell.",
"method" : "POST",
"name" : "spiceshell",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "cmd" : {
+ "default" : "login",
+ "description" : "Run specific command or default to login (requires 'root@pam')",
+ "enum" : [
+ "upgrade",
+ "ceph_install",
+ "login"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "cmd-opts" : {
+ "default" : "",
+ "description" : "Add parameters to a command. Encoded as null terminated strings.",
+ "optional" : 1,
+ "requires" : "cmd",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
- },
- "upgrade" : {
- "default" : 0,
- "description" : "Run 'apt-get dist-upgrade' instead of normal shell.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
}
}
},
[
"Sys.Console"
]
- ],
- "description" : "Restricted to users on realm 'pam'"
+ ]
},
"protected" : 1,
"proxyto" : "node",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read DNS settings.",
"method" : "GET",
"name" : "dns",
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Write DNS settings.",
"method" : "PUT",
"name" : "update_dns",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Read server time and time zone settings.",
"method" : "GET",
"name" : "time",
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Set time zone.",
"method" : "PUT",
"name" : "set_timezone",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get list of appliances.",
"method" : "GET",
"name" : "aplinfo",
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Download appliance templates.",
"method" : "POST",
"name" : "apl_download",
"storage" : {
"description" : "The storage where the template will be stored",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"template" : {
- "description" : "The template wich will downloaded",
+ "description" : "The template which will downloaded",
"maxLength" : 255,
"type" : "string",
"typetext" : "<string>"
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
+ "description" : "Query metadata of an URL: file size, file name and mime type.",
+ "method" : "GET",
+ "name" : "query_url_metadata",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "url" : {
+ "description" : "The URL to query the metadata from.",
+ "pattern" : "https?://.*",
+ "type" : "string"
+ },
+ "verify-certificates" : {
+ "default" : 1,
+ "description" : "If false, no SSL/TLS certificates will be verified.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "perm",
+ "/",
+ [
+ "Sys.Audit",
+ "Sys.Modify"
+ ]
+ ],
+ [
+ "perm",
+ "/nodes/{node}",
+ [
+ "Sys.AccessNetwork"
+ ]
+ ]
+ ]
+ },
+ "proxyto" : "node",
+ "returns" : {
+ "properties" : {
+ "filename" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "mimetype" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "size" : {
+ "optional" : 1,
+ "renderer" : "bytes",
+ "type" : "integer"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/query-url-metadata",
+ "text" : "query-url-metadata"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
"description" : "Gather various systems information about a node",
"method" : "GET",
"name" : "report",
{
"info" : {
"POST" : {
- "description" : "Start all VMs and containers (when onboot=1).",
+ "allowtoken" : 1,
+ "description" : "Start all VMs and containers located on this node (by default only those with onboot=1).",
"method" : "POST",
"name" : "startall",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
"force" : {
- "description" : "force if onboot=0.",
+ "default" : "off",
+ "description" : "Issue start command even if virtual guest have 'onboot' not set or set to off.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"typetext" : "<string>"
},
"vms" : {
- "description" : "Only consider Guests with these IDs.",
+ "description" : "Only consider guests from this comma separated list of VMIDs.",
"format" : "pve-vmid-list",
"optional" : 1,
"type" : "string",
}
},
"permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "VM.PowerMgmt"
- ]
- ]
+ "description" : "The 'VM.PowerMgmt' permission is required on '/' or on '/vms/<ID>' for each ID passed via the 'vms' parameter.",
+ "user" : "all"
},
"protected" : 1,
"proxyto" : "node",
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
"description" : "Stop all VMs and Containers.",
"method" : "POST",
"name" : "stopall",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "force-stop" : {
+ "default" : 1,
+ "description" : "Force a hard-stop after the timeout.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"node" : {
"description" : "The cluster node name.",
"format" : "pve-node",
"type" : "string",
"typetext" : "<string>"
},
+ "timeout" : {
+ "default" : 180,
+ "description" : "Timeout for each guest shutdown task. Depending on `force-stop`, the shutdown gets then simply aborted or a hard-stop is forced.",
+ "maximum" : 7200,
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - 7200)"
+ },
"vms" : {
"description" : "Only consider Guests with these IDs.",
"format" : "pve-vmid-list",
}
},
"permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "VM.PowerMgmt"
- ]
- ]
+ "description" : "The 'VM.PowerMgmt' permission is required on '/' or on '/vms/<ID>' for each ID passed via the 'vms' parameter.",
+ "user" : "all"
},
"protected" : 1,
"proxyto" : "node",
{
"info" : {
"POST" : {
+ "allowtoken" : 1,
+ "description" : "Suspend all VMs.",
+ "method" : "POST",
+ "name" : "suspendall",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "node" : {
+ "description" : "The cluster node name.",
+ "format" : "pve-node",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vms" : {
+ "description" : "Only consider Guests with these IDs.",
+ "format" : "pve-vmid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "The 'VM.PowerMgmt' permission is required on '/' or on '/vms/<ID>' for each ID passed via the 'vms' parameter. Additionally, you need 'VM.Config.Disk' on the '/vms/{vmid}' path and 'Datastore.AllocateSpace' for the configured state-storage(s)",
+ "user" : "all"
+ },
+ "protected" : 1,
+ "proxyto" : "node",
+ "returns" : {
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/nodes/{node}/suspendall",
+ "text" : "suspendall"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
"description" : "Migrate all VMs and Containers.",
"method" : "POST",
"name" : "migrateall",
"additionalProperties" : 0,
"properties" : {
"maxworkers" : {
- "description" : "Maximal number of parallel migration job. If not set use 'max_workers' from datacenter.cfg, one of both must be set!",
+ "description" : "Maximal number of parallel migration job. If not set, uses'max_workers' from datacenter.cfg. One of both must be set!",
"minimum" : 1,
"optional" : 1,
"type" : "integer",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
+ },
+ "with-local-disks" : {
+ "description" : "Enable live storage migration for local disk",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
}
}
},
"permissions" : {
- "check" : [
- "perm",
- "/",
- [
- "VM.Migrate"
- ]
- ]
+ "description" : "The 'VM.Migrate' permission is required on '/' or on '/vms/<ID>' for each ID passed via the 'vms' parameter.",
+ "user" : "all"
},
"protected" : 1,
"proxyto" : "node",
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Get the content of /etc/hosts.",
"method" : "GET",
"name" : "get_etc_hosts",
"type" : "string"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string"
}
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Write /etc/hosts.",
"method" : "POST",
"name" : "write_etc_hosts",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Node index.",
"method" : "GET",
"name" : "index",
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Cluster node index.",
"method" : "GET",
"name" : "index",
"description" : "Used memory in bytes.",
"optional" : 1,
"renderer" : "bytes",
- "type" : "string"
+ "type" : "integer"
},
"node" : {
"description" : "The cluster node name.",
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete storage configuration.",
"method" : "DELETE",
"name" : "delete",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
}
}
},
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Read storage configuration.",
"method" : "GET",
"name" : "read",
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
}
}
},
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Update storage configuration.",
"method" : "PUT",
"name" : "update",
"typetext" : "<string>"
},
"bwlimit" : {
- "description" : "Set bandwidth/io limits various operations.",
+ "description" : "Set I/O bandwidth limit for various operations (in KiB/s).",
"format" : {
"clone" : {
- "description" : "bandwidth limit in MiB/s for cloning disks",
+ "description" : "bandwidth limit in KiB/s for cloning disks",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"default" : {
- "description" : "default bandwidth limit in MiB/s",
+ "description" : "default bandwidth limit in KiB/s",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"migration" : {
- "description" : "bandwidth limit in MiB/s for migrating guests",
+ "description" : "bandwidth limit in KiB/s for migrating guests (including moving local disks)",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"move" : {
- "description" : "bandwidth limit in MiB/s for moving disks",
+ "description" : "bandwidth limit in KiB/s for moving disks",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"restore" : {
- "description" : "bandwidth limit in MiB/s for restoring guests from backups",
+ "description" : "bandwidth limit in KiB/s for restoring guests from backups",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "content-dirs" : {
+ "description" : "Overrides for default content type directories.",
+ "format" : "pve-dir-override-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "create-base-path" : {
+ "default" : "yes",
+ "description" : "Create the base directory if it doesn't exist.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "create-subdirs" : {
+ "default" : "yes",
+ "description" : "Populate the directory with the default structure.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "data-pool" : {
+ "description" : "Data Pool (for erasure coding only)",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"delete" : {
"description" : "A list of settings you want to delete.",
"format" : "pve-configid-list",
"typetext" : "<string>"
},
"digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"type" : "string",
"typetext" : "<string>"
},
+ "encryption-key" : {
+ "description" : "Encryption key. Use 'autogen' to generate one automatically without passphrase.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "fingerprint" : {
+ "description" : "Certificate SHA 256 fingerprint.",
+ "optional" : 1,
+ "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
+ "type" : "string"
+ },
"format" : {
"description" : "Default image format.",
"format" : "pve-storage-format",
"type" : "string",
"typetext" : "<string>"
},
+ "fs-name" : {
+ "description" : "The Ceph filesystem name.",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"fuse" : {
"description" : "Mount CephFS through FUSE.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "keyring" : {
+ "description" : "Client keyring contents (for external clusters).",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"krbd" : {
"description" : "Always access rbd through krbd kernel module.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "master-pubkey" : {
+ "description" : "Base64-encoded, PEM-formatted public RSA key. Used to encrypt a copy of the encryption-key which will be added to each encrypted backup.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "max-protected-backups" : {
+ "default" : "Unlimited for users with Datastore.Allocate privilege, 5 for other users",
+ "description" : "Maximal number of protected backups per guest. Use '-1' for unlimited.",
+ "minimum" : -1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (-1 - N)"
+ },
"maxfiles" : {
- "description" : "Maximal number of backup files per VM. Use '0' for unlimted.",
+ "description" : "Deprecated: use 'prune-backups' instead. Maximal number of backup files per VM. Use '0' for unlimited.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
},
"mkdir" : {
"default" : "yes",
- "description" : "Create the directory if it doesn't exist.",
+ "description" : "Create the directory if it doesn't exist and populate it with default sub-dirs. NOTE: Deprecated, use the 'create-base-path' and 'create-subdirs' options instead.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"type" : "string",
"typetext" : "<string>"
},
+ "mountpoint" : {
+ "description" : "mount point",
+ "format" : "pve-storage-path",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "namespace" : {
+ "description" : "Namespace.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nocow" : {
+ "default" : 0,
+ "description" : "Set the NOCOW flag on files. Disables data checksumming and causes data errors to be unrecoverable from while allowing direct I/O. Only use this if data does not need to be any more safe than on a single ext4 formatted disk with no underlying raid system.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"nodes" : {
- "description" : "List of cluster node names.",
+ "description" : "List of nodes for which the storage configuration applies.",
"format" : "pve-node-list",
"optional" : 1,
"type" : "string",
"typetext" : "<boolean>"
},
"options" : {
- "description" : "NFS mount options (see 'man nfs')",
+ "description" : "NFS/CIFS mount options (see 'man nfs' or 'man mount.cifs')",
"format" : "pve-storage-options",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"password" : {
- "description" : "Password for CIFS share.",
+ "description" : "Password for accessing the share/datastore.",
"maxLength" : 256,
"optional" : 1,
"type" : "string",
"type" : "string",
"typetext" : "<string>"
},
- "redundancy" : {
- "default" : 2,
- "description" : "The redundancy count specifies the number of nodes to which the resource should be deployed. It must be at least 1 and at most the number of nodes in the cluster.",
- "maximum" : 16,
+ "port" : {
+ "description" : "For non default port.",
+ "maximum" : 65535,
"minimum" : 1,
"optional" : 1,
"type" : "integer",
- "typetext" : "<integer> (1 - 16)"
+ "typetext" : "<integer> (1 - 65535)"
+ },
+ "preallocation" : {
+ "default" : "metadata",
+ "description" : "Preallocation mode for raw and qcow2 images. Using 'metadata' on raw images results in preallocation=off.",
+ "enum" : [
+ "off",
+ "metadata",
+ "falloc",
+ "full"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "prune-backups" : {
+ "description" : "The retention options with shorter intervals are processed first with --keep-last being the very first one. Each option covers a specific period of time. We say that backups within this period are covered by this option. The next option does not take care of already covered backups and only considers older backups.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-all=<1|0>] [,keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
},
"saferemove" : {
"description" : "Zero-out data when removing LVs.",
"typetext" : "<string>"
},
"shared" : {
- "description" : "Mark storage as shared.",
+ "description" : "Indicate that this is a single storage with the same contents on all nodes (or all listed in the 'nodes' option). It will not make the contents of a local storage automatically accessible to other nodes, it just marks an already shared storage as such!",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "skip-cert-verification" : {
+ "default" : "false",
+ "description" : "Disable TLS certificate verification, only enable on fully trusted networks!",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
"smbversion" : {
- "description" : "SMB protocol version",
+ "default" : "default",
+ "description" : "SMB protocol version. 'default' if not set, negotiates the highest SMB2+ version supported by both the client and server.",
"enum" : [
+ "default",
"2.0",
"2.1",
- "3.0"
+ "3",
+ "3.0",
+ "3.11"
],
"optional" : 1,
"type" : "string"
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"subdir" : {
"description" : "Subdir to mount.",
},
"protected" : 1,
"returns" : {
- "type" : "null"
+ "properties" : {
+ "config" : {
+ "additionalProperties" : 1,
+ "description" : "Partial, possible server generated, configuration properties.",
+ "optional" : 1,
+ "properties" : {
+ "encryption-key" : {
+ "description" : "The, possible auto-generated, encryption-key.",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "storage" : {
+ "description" : "The ID of the created storage.",
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "The type of the created storage.",
+ "enum" : [
+ "btrfs",
+ "cephfs",
+ "cifs",
+ "dir",
+ "esxi",
+ "glusterfs",
+ "iscsi",
+ "iscsidirect",
+ "lvm",
+ "lvmthin",
+ "nfs",
+ "pbs",
+ "rbd",
+ "zfs",
+ "zfspool"
+ ],
+ "type" : "string"
+ }
+ },
+ "type" : "object"
}
}
},
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Storage index.",
"method" : "GET",
"name" : "index",
"type" : {
"description" : "Only list storage of specific type",
"enum" : [
+ "btrfs",
"cephfs",
"cifs",
"dir",
- "drbd",
- "fake",
+ "esxi",
"glusterfs",
"iscsi",
"iscsidirect",
"lvm",
"lvmthin",
"nfs",
+ "pbs",
"rbd",
- "sheepdog",
"zfs",
"zfspool"
],
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create a new storage.",
"method" : "POST",
"name" : "create",
"typetext" : "<string>"
},
"bwlimit" : {
- "description" : "Set bandwidth/io limits various operations.",
+ "description" : "Set I/O bandwidth limit for various operations (in KiB/s).",
"format" : {
"clone" : {
- "description" : "bandwidth limit in MiB/s for cloning disks",
+ "description" : "bandwidth limit in KiB/s for cloning disks",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"default" : {
- "description" : "default bandwidth limit in MiB/s",
+ "description" : "default bandwidth limit in KiB/s",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"migration" : {
- "description" : "bandwidth limit in MiB/s for migrating guests",
+ "description" : "bandwidth limit in KiB/s for migrating guests (including moving local disks)",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"move" : {
- "description" : "bandwidth limit in MiB/s for moving disks",
+ "description" : "bandwidth limit in KiB/s for moving disks",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "number"
},
"restore" : {
- "description" : "bandwidth limit in MiB/s for restoring guests from backups",
+ "description" : "bandwidth limit in KiB/s for restoring guests from backups",
"format_description" : "LIMIT",
"minimum" : "0",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "content-dirs" : {
+ "description" : "Overrides for default content type directories.",
+ "format" : "pve-dir-override-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "create-base-path" : {
+ "default" : "yes",
+ "description" : "Create the base directory if it doesn't exist.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "create-subdirs" : {
+ "default" : "yes",
+ "description" : "Populate the directory with the default structure.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "data-pool" : {
+ "description" : "Data Pool (for erasure coding only)",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "datastore" : {
+ "description" : "Proxmox Backup Server datastore name.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"disable" : {
"description" : "Flag to disable the storage.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "encryption-key" : {
+ "description" : "Encryption key. Use 'autogen' to generate one automatically without passphrase.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"export" : {
"description" : "NFS export path.",
"format" : "pve-storage-path",
"type" : "string",
"typetext" : "<string>"
},
+ "fingerprint" : {
+ "description" : "Certificate SHA 256 fingerprint.",
+ "optional" : 1,
+ "pattern" : "([A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2}",
+ "type" : "string"
+ },
"format" : {
"description" : "Default image format.",
"format" : "pve-storage-format",
"type" : "string",
"typetext" : "<string>"
},
+ "fs-name" : {
+ "description" : "The Ceph filesystem name.",
+ "format" : "pve-configid",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"fuse" : {
"description" : "Mount CephFS through FUSE.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "keyring" : {
+ "description" : "Client keyring contents (for external clusters).",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"krbd" : {
"description" : "Always access rbd through krbd kernel module.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "master-pubkey" : {
+ "description" : "Base64-encoded, PEM-formatted public RSA key. Used to encrypt a copy of the encryption-key which will be added to each encrypted backup.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "max-protected-backups" : {
+ "default" : "Unlimited for users with Datastore.Allocate privilege, 5 for other users",
+ "description" : "Maximal number of protected backups per guest. Use '-1' for unlimited.",
+ "minimum" : -1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (-1 - N)"
+ },
"maxfiles" : {
- "description" : "Maximal number of backup files per VM. Use '0' for unlimted.",
+ "description" : "Deprecated: use 'prune-backups' instead. Maximal number of backup files per VM. Use '0' for unlimited.",
"minimum" : 0,
"optional" : 1,
"type" : "integer",
},
"mkdir" : {
"default" : "yes",
- "description" : "Create the directory if it doesn't exist.",
+ "description" : "Create the directory if it doesn't exist and populate it with default sub-dirs. NOTE: Deprecated, use the 'create-base-path' and 'create-subdirs' options instead.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"type" : "string",
"typetext" : "<string>"
},
+ "mountpoint" : {
+ "description" : "mount point",
+ "format" : "pve-storage-path",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "namespace" : {
+ "description" : "Namespace.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "nocow" : {
+ "default" : 0,
+ "description" : "Set the NOCOW flag on files. Disables data checksumming and causes data errors to be unrecoverable from while allowing direct I/O. Only use this if data does not need to be any more safe than on a single ext4 formatted disk with no underlying raid system.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"nodes" : {
- "description" : "List of cluster node names.",
+ "description" : "List of nodes for which the storage configuration applies.",
"format" : "pve-node-list",
"optional" : 1,
"type" : "string",
"typetext" : "<boolean>"
},
"options" : {
- "description" : "NFS mount options (see 'man nfs')",
+ "description" : "NFS/CIFS mount options (see 'man nfs' or 'man mount.cifs')",
"format" : "pve-storage-options",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"password" : {
- "description" : "Password for CIFS share.",
+ "description" : "Password for accessing the share/datastore.",
"maxLength" : 256,
"optional" : 1,
"type" : "string",
"type" : "string",
"typetext" : "<string>"
},
+ "port" : {
+ "description" : "For non default port.",
+ "maximum" : 65535,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 65535)"
+ },
"portal" : {
"description" : "iSCSI portal (IP or DNS name with optional port).",
"format" : "pve-storage-portal-dns",
"type" : "string",
"typetext" : "<string>"
},
- "redundancy" : {
- "default" : 2,
- "description" : "The redundancy count specifies the number of nodes to which the resource should be deployed. It must be at least 1 and at most the number of nodes in the cluster.",
- "maximum" : 16,
- "minimum" : 1,
+ "preallocation" : {
+ "default" : "metadata",
+ "description" : "Preallocation mode for raw and qcow2 images. Using 'metadata' on raw images results in preallocation=off.",
+ "enum" : [
+ "off",
+ "metadata",
+ "falloc",
+ "full"
+ ],
"optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (1 - 16)"
+ "type" : "string"
+ },
+ "prune-backups" : {
+ "description" : "The retention options with shorter intervals are processed first with --keep-last being the very first one. Each option covers a specific period of time. We say that backups within this period are covered by this option. The next option does not take care of already covered backups and only considers older backups.",
+ "format" : "prune-backups",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[keep-all=<1|0>] [,keep-daily=<N>] [,keep-hourly=<N>] [,keep-last=<N>] [,keep-monthly=<N>] [,keep-weekly=<N>] [,keep-yearly=<N>]"
},
"saferemove" : {
"description" : "Zero-out data when removing LVs.",
"typetext" : "<string>"
},
"shared" : {
- "description" : "Mark storage as shared.",
+ "description" : "Indicate that this is a single storage with the same contents on all nodes (or all listed in the 'nodes' option). It will not make the contents of a local storage automatically accessible to other nodes, it just marks an already shared storage as such!",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "skip-cert-verification" : {
+ "default" : "false",
+ "description" : "Disable TLS certificate verification, only enable on fully trusted networks!",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
"smbversion" : {
- "description" : "SMB protocol version",
+ "default" : "default",
+ "description" : "SMB protocol version. 'default' if not set, negotiates the highest SMB2+ version supported by both the client and server.",
"enum" : [
+ "default",
"2.0",
"2.1",
- "3.0"
+ "3",
+ "3.0",
+ "3.11"
],
"optional" : 1,
"type" : "string"
"storage" : {
"description" : "The storage identifier.",
"format" : "pve-storage-id",
+ "format_description" : "storage ID",
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "<storage ID>"
},
"subdir" : {
"description" : "Subdir to mount.",
"type" : {
"description" : "Storage type.",
"enum" : [
+ "btrfs",
"cephfs",
"cifs",
"dir",
- "drbd",
- "fake",
+ "esxi",
"glusterfs",
"iscsi",
"iscsidirect",
"lvm",
"lvmthin",
"nfs",
+ "pbs",
"rbd",
- "sheepdog",
"zfs",
"zfspool"
],
},
"protected" : 1,
"returns" : {
- "type" : "null"
+ "properties" : {
+ "config" : {
+ "additionalProperties" : 1,
+ "description" : "Partial, possible server generated, configuration properties.",
+ "optional" : 1,
+ "properties" : {
+ "encryption-key" : {
+ "description" : "The, possible auto-generated, encryption-key.",
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "storage" : {
+ "description" : "The ID of the created storage.",
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "The type of the created storage.",
+ "enum" : [
+ "btrfs",
+ "cephfs",
+ "cifs",
+ "dir",
+ "esxi",
+ "glusterfs",
+ "iscsi",
+ "iscsidirect",
+ "lvm",
+ "lvmthin",
+ "nfs",
+ "pbs",
+ "rbd",
+ "zfs",
+ "zfspool"
+ ],
+ "type" : "string"
+ }
+ },
+ "type" : "object"
}
}
},
{
"children" : [
{
+ "children" : [
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get user TFA types (Personal and Realm).",
+ "method" : "GET",
+ "name" : "read_user_tfa_type",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "multiple" : {
+ "default" : 0,
+ "description" : "Request all entries as an array.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify",
+ "Sys.Audit"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "realm" : {
+ "description" : "The type of TFA the users realm has set, if any.",
+ "enum" : [
+ "oath",
+ "yubico"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "types" : {
+ "description" : "Array of the user configured TFA types, if any. Only available if 'multiple' was not passed.",
+ "items" : {
+ "description" : "A TFA type.",
+ "enum" : [
+ "totp",
+ "u2f",
+ "yubico",
+ "webauthn",
+ "recovedry"
+ ],
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "user" : {
+ "description" : "The type of TFA the user has set, if any. Only set if 'multiple' was not passed.",
+ "enum" : [
+ "oath",
+ "u2f"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/access/users/{userid}/tfa",
+ "text" : "tfa"
+ },
+ {
+ "info" : {
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Unlock a user's TFA authentication.",
+ "method" : "PUT",
+ "name" : "unlock_tfa",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "userid-group",
+ [
+ "User.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "boolean"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/access/users/{userid}/unlock-tfa",
+ "text" : "unlock-tfa"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Remove API token for a specific user.",
+ "method" : "DELETE",
+ "name" : "remove_token",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "tokenid" : {
+ "description" : "User-specific token identifier.",
+ "pattern" : "(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+)",
+ "type" : "string"
+ },
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get specific API token information.",
+ "method" : "GET",
+ "name" : "read_token",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "tokenid" : {
+ "description" : "User-specific token identifier.",
+ "pattern" : "(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+)",
+ "type" : "string"
+ },
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify"
+ ]
+ ]
+ ]
+ },
+ "returns" : {
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "expire" : {
+ "default" : "same as user",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Generate a new API token for a specific user. NOTE: returns API token value, which needs to be stored as it cannot be retrieved afterwards!",
+ "method" : "POST",
+ "name" : "generate_token",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "expire" : {
+ "default" : "same as user",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "tokenid" : {
+ "description" : "User-specific token identifier.",
+ "pattern" : "(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+)",
+ "type" : "string"
+ },
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "full-tokenid" : {
+ "description" : "The full token id.",
+ "format_description" : "<userid>!<tokenid>",
+ "type" : "string"
+ },
+ "info" : {
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "expire" : {
+ "default" : "same as user",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ },
+ "value" : {
+ "description" : "API token value used for authentication.",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update API token for a specific user.",
+ "method" : "PUT",
+ "name" : "update_token_info",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "expire" : {
+ "default" : "same as user",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (0 - N)"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "tokenid" : {
+ "description" : "User-specific token identifier.",
+ "pattern" : "(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+)",
+ "type" : "string"
+ },
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "Updated token information.",
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "expire" : {
+ "default" : "same as user",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/access/users/{userid}/token/{tokenid}",
+ "text" : "{tokenid}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get user API tokens.",
+ "method" : "GET",
+ "name" : "token_index",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify"
+ ]
+ ]
+ ]
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "expire" : {
+ "default" : "same as user",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "tokenid" : {
+ "description" : "User-specific token identifier.",
+ "pattern" : "(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+)",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{tokenid}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/access/users/{userid}/token",
+ "text" : "token"
+ }
+ ],
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete user.",
"method" : "DELETE",
"name" : "delete_user",
"additionalProperties" : 0,
"properties" : {
"userid" : {
- "description" : "User ID",
+ "description" : "Full User ID, in the `name@realm` format.",
"format" : "pve-userid",
"maxLength" : 64,
"type" : "string",
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Get user configuration.",
"method" : "GET",
"name" : "read_user",
"additionalProperties" : 0,
"properties" : {
"userid" : {
- "description" : "User ID",
+ "description" : "Full User ID, in the `name@realm` format.",
"format" : "pve-userid",
"maxLength" : 64,
"type" : "string",
"additionalProperties" : 0,
"properties" : {
"comment" : {
+ "maxLength" : 2048,
"optional" : 1,
"type" : "string"
},
"email" : {
"format" : "email-opt",
+ "maxLength" : 254,
"optional" : 1,
"type" : "string"
},
"type" : "integer"
},
"firstname" : {
+ "maxLength" : 1024,
"optional" : 1,
"type" : "string"
},
"groups" : {
+ "items" : {
+ "format" : "pve-groupid",
+ "type" : "string"
+ },
+ "optional" : 1,
"type" : "array"
},
"keys" : {
"description" : "Keys for two factor auth (yubico).",
"optional" : 1,
+ "pattern" : "[0-9a-zA-Z!=]{0,4096}",
"type" : "string"
},
"lastname" : {
+ "maxLength" : 1024,
"optional" : 1,
"type" : "string"
+ },
+ "tokens" : {
+ "additionalProperties" : {
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "expire" : {
+ "default" : "same as user",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ },
+ "optional" : 1,
+ "type" : "object"
}
},
"type" : "object"
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Update user configuration.",
"method" : "PUT",
"name" : "update_user",
"typetext" : "<boolean>"
},
"comment" : {
+ "maxLength" : 2048,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"email" : {
"format" : "email-opt",
+ "maxLength" : 254,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"typetext" : "<integer> (0 - N)"
},
"firstname" : {
+ "maxLength" : 1024,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"keys" : {
"description" : "Keys for two factor auth (yubico).",
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "pattern" : "[0-9a-zA-Z!=]{0,4096}",
+ "type" : "string"
},
"lastname" : {
+ "maxLength" : 1024,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"userid" : {
- "description" : "User ID",
+ "description" : "Full User ID, in the `name@realm` format.",
"format" : "pve-userid",
"maxLength" : 64,
"type" : "string",
"User.Modify"
],
"groups_param",
- 1
+ "update"
]
},
"protected" : 1,
}
}
},
- "leaf" : 1,
+ "leaf" : 0,
"path" : "/access/users/{userid}",
"text" : "{userid}"
}
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "User index.",
"method" : "GET",
"name" : "index",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
+ },
+ "full" : {
+ "default" : 0,
+ "description" : "Include group and token information.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
}
}
},
"description" : "The returned list is restricted to users where you have 'User.Modify' or 'Sys.Audit' permissions on '/access/groups' or on a group the user belongs too. But it always includes the current (authenticated) user.",
"user" : "all"
},
+ "protected" : 1,
"returns" : {
"items" : {
"properties" : {
"comment" : {
+ "maxLength" : 2048,
"optional" : 1,
"type" : "string"
},
"email" : {
"format" : "email-opt",
+ "maxLength" : 254,
"optional" : 1,
"type" : "string"
},
"type" : "integer"
},
"firstname" : {
+ "maxLength" : 1024,
+ "optional" : 1,
+ "type" : "string"
+ },
+ "groups" : {
+ "format" : "pve-groupid-list",
"optional" : 1,
"type" : "string"
},
"keys" : {
"description" : "Keys for two factor auth (yubico).",
"optional" : 1,
+ "pattern" : "[0-9a-zA-Z!=]{0,4096}",
"type" : "string"
},
"lastname" : {
+ "maxLength" : 1024,
"optional" : 1,
"type" : "string"
},
+ "realm-type" : {
+ "description" : "The type of the users realm",
+ "format" : "pve-realm",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "tfa-locked-until" : {
+ "description" : "Contains a timestamp until when a user is locked out of 2nd factors.",
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "tokens" : {
+ "items" : {
+ "properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "expire" : {
+ "default" : "same as user",
+ "description" : "API token expiration date (seconds since epoch). '0' means no expiration date.",
+ "minimum" : 0,
+ "optional" : 1,
+ "type" : "integer"
+ },
+ "privsep" : {
+ "default" : 1,
+ "description" : "Restrict API token privileges with separate ACLs (default), or give full privileges of corresponding user.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "tokenid" : {
+ "description" : "User-specific token identifier.",
+ "pattern" : "(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+)",
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
+ "totp-locked" : {
+ "description" : "True if the user is currently locked out of TOTP factors.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
"userid" : {
- "description" : "User ID",
+ "description" : "Full User ID, in the `name@realm` format.",
"format" : "pve-userid",
"maxLength" : 64,
"type" : "string"
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create new user.",
"method" : "POST",
"name" : "create_user",
"additionalProperties" : 0,
"properties" : {
"comment" : {
+ "maxLength" : 2048,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"email" : {
"format" : "email-opt",
+ "maxLength" : 254,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"typetext" : "<integer> (0 - N)"
},
"firstname" : {
+ "maxLength" : 1024,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"keys" : {
"description" : "Keys for two factor auth (yubico).",
"optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "pattern" : "[0-9a-zA-Z!=]{0,4096}",
+ "type" : "string"
},
"lastname" : {
+ "maxLength" : 1024,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
"typetext" : "<string>"
},
"userid" : {
- "description" : "User ID",
+ "description" : "Full User ID, in the `name@realm` format.",
"format" : "pve-userid",
"maxLength" : 64,
"type" : "string",
"User.Modify"
],
"groups_param",
- 1
+ "create"
]
],
"description" : "You need 'Realm.AllocateUser' on '/access/realm/<realm>' on the realm of user <userid>, and 'User.Modify' permissions to '/access/groups/<group>' for any group specified (or 'User.Modify' on '/access/groups' if you pass no groups."
{
"info" : {
"DELETE" : {
+ "allowtoken" : 1,
"description" : "Delete group.",
"method" : "DELETE",
"name" : "delete_group",
}
},
"GET" : {
+ "allowtoken" : 1,
"description" : "Get group configuration.",
"method" : "GET",
"name" : "read_group",
},
"members" : {
"items" : {
- "description" : "User ID",
+ "description" : "Full User ID, in the `name@realm` format.",
"format" : "pve-userid",
"maxLength" : 64,
"type" : "string"
}
},
"PUT" : {
+ "allowtoken" : 1,
"description" : "Update group data.",
"method" : "PUT",
"name" : "update_group",
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Group index.",
"method" : "GET",
"name" : "index",
"groupid" : {
"format" : "pve-groupid",
"type" : "string"
+ },
+ "users" : {
+ "description" : "list of users which form this group",
+ "format" : "pve-userid-list",
+ "optional" : 1,
+ "type" : "string"
}
},
"type" : "object"
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create new group.",
"method" : "POST",
"name" : "create_group",
"type" : "string",
"typetext" : "<string>"
},
- "groupid" : {
- "format" : "pve-groupid",
+ "groupid" : {
+ "format" : "pve-groupid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/access/groups",
+ [
+ "Group.Allocate"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/access/groups",
+ "text" : "groups"
+ },
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete role.",
+ "method" : "DELETE",
+ "name" : "delete_role",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "roleid" : {
+ "format" : "pve-roleid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/access",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get role configuration.",
+ "method" : "GET",
+ "name" : "read_role",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "roleid" : {
+ "format" : "pve-roleid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "Datastore.Allocate" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Datastore.AllocateSpace" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Datastore.AllocateTemplate" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Datastore.Audit" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Group.Allocate" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Mapping.Audit" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Mapping.Modify" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Mapping.Use" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Permissions.Modify" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Pool.Allocate" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Pool.Audit" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Realm.Allocate" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Realm.AllocateUser" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "SDN.Allocate" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "SDN.Audit" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "SDN.Use" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Sys.AccessNetwork" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Sys.Audit" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Sys.Console" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Sys.Incoming" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Sys.Modify" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Sys.PowerMgmt" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "Sys.Syslog" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "User.Modify" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Allocate" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Audit" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Backup" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Clone" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Config.CDROM" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Config.CPU" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Config.Cloudinit" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Config.Disk" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Config.HWType" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Config.Memory" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Config.Network" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Config.Options" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Console" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Migrate" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Monitor" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.PowerMgmt" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Snapshot" : {
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "VM.Snapshot.Rollback" : {
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update an existing role.",
+ "method" : "PUT",
+ "name" : "update_role",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "append" : {
+ "optional" : 1,
+ "requires" : "privs",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "privs" : {
+ "format" : "pve-priv-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "roleid" : {
+ "format" : "pve-roleid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/access",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/access/roles/{roleid}",
+ "text" : "{roleid}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Role index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "privs" : {
+ "format" : "pve-priv-list",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "roleid" : {
+ "format" : "pve-roleid",
+ "type" : "string"
+ },
+ "special" : {
+ "default" : 0,
+ "optional" : 1,
+ "type" : "boolean"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{roleid}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Create new role.",
+ "method" : "POST",
+ "name" : "create_role",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "privs" : {
+ "format" : "pve-priv-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "roleid" : {
+ "format" : "pve-roleid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/access",
+ [
+ "Sys.Modify"
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/access/roles",
+ "text" : "roles"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Get Access Control List (ACLs).",
+ "method" : "GET",
+ "name" : "read_acl",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "description" : "The returned list is restricted to objects where you have rights to modify permissions.",
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "path" : {
+ "description" : "Access control path",
+ "type" : "string"
+ },
+ "propagate" : {
+ "default" : 1,
+ "description" : "Allow to propagate (inherit) permissions.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "roleid" : {
+ "type" : "string"
+ },
+ "type" : {
+ "enum" : [
+ "user",
+ "group",
+ "token"
+ ],
+ "type" : "string"
+ },
+ "ugid" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update Access Control List (add or remove permissions).",
+ "method" : "PUT",
+ "name" : "update_acl",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "delete" : {
+ "description" : "Remove permissions (instead of adding it).",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "groups" : {
+ "description" : "List of groups.",
+ "format" : "pve-groupid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "path" : {
+ "description" : "Access control path",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "propagate" : {
+ "default" : 1,
+ "description" : "Allow to propagate (inherit) permissions.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "roles" : {
+ "description" : "List of roles.",
+ "format" : "pve-roleid-list",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "tokens" : {
+ "description" : "List of API tokens.",
+ "format" : "pve-tokenid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "users" : {
+ "description" : "List of users.",
+ "format" : "pve-userid-list",
+ "optional" : 1,
"type" : "string",
"typetext" : "<string>"
}
},
"permissions" : {
"check" : [
- "perm",
- "/access/groups",
- [
- "Group.Allocate"
- ]
+ "perm-modify",
+ "{path}"
]
},
"protected" : 1,
}
}
},
- "leaf" : 0,
- "path" : "/access/groups",
- "text" : "groups"
+ "leaf" : 1,
+ "path" : "/access/acl",
+ "text" : "acl"
},
{
"children" : [
{
+ "children" : [
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Syncs users and/or groups from the configured LDAP to user.cfg. NOTE: Synced groups will have the name 'name-$realm', so make sure those groups do not exist to prevent overwriting.",
+ "method" : "POST",
+ "name" : "sync",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "dry-run" : {
+ "default" : 0,
+ "description" : "If set, does not write anything.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "enable-new" : {
+ "default" : "1",
+ "description" : "Enable newly synced users immediately.",
+ "optional" : "1",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "full" : {
+ "description" : "DEPRECATED: use 'remove-vanished' instead. If set, uses the LDAP Directory as source of truth, deleting users or groups not returned from the sync and removing all locally modified properties of synced users. If not set, only syncs information which is present in the synced data, and does not delete or modify anything else.",
+ "optional" : "1",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "purge" : {
+ "description" : "DEPRECATED: use 'remove-vanished' instead. Remove ACLs for users or groups which were removed from the config during a sync.",
+ "optional" : "1",
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "realm" : {
+ "description" : "Authentication domain ID",
+ "format" : "pve-realm",
+ "maxLength" : 32,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "remove-vanished" : {
+ "default" : "none",
+ "description" : "A semicolon-seperated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).",
+ "optional" : "1",
+ "pattern" : "(?:(?:(?:acl|properties|entry);)*(?:acl|properties|entry))|none",
+ "type" : "string",
+ "typetext" : "([acl];[properties];[entry])|none"
+ },
+ "scope" : {
+ "description" : "Select what to sync.",
+ "enum" : [
+ "users",
+ "groups",
+ "both"
+ ],
+ "optional" : "1",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "and",
+ [
+ "perm",
+ "/access/realm/{realm}",
+ [
+ "Realm.AllocateUser"
+ ]
+ ],
+ [
+ "perm",
+ "/access/groups",
+ [
+ "User.Modify"
+ ]
+ ]
+ ],
+ "description" : "'Realm.AllocateUser' on '/access/realm/<realm>' and 'User.Modify' permissions to '/access/groups/'."
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "Worker Task-UPID",
+ "type" : "string"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/access/domains/{realm}/sync",
+ "text" : "sync"
+ }
+ ],
"info" : {
"DELETE" : {
- "description" : "Delete role.",
+ "allowtoken" : 1,
+ "description" : "Delete an authentication server.",
"method" : "DELETE",
- "name" : "delete_role",
+ "name" : "delete",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "roleid" : {
- "format" : "pve-roleid",
+ "realm" : {
+ "description" : "Authentication domain ID",
+ "format" : "pve-realm",
+ "maxLength" : 32,
"type" : "string",
"typetext" : "<string>"
}
"permissions" : {
"check" : [
"perm",
- "/access",
+ "/access/realm",
[
- "Sys.Modify"
+ "Realm.Allocate"
]
]
},
}
},
"GET" : {
- "description" : "Get role configuration.",
+ "allowtoken" : 1,
+ "description" : "Get auth server configuration.",
"method" : "GET",
- "name" : "read_role",
+ "name" : "read",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "roleid" : {
- "format" : "pve-roleid",
+ "realm" : {
+ "description" : "Authentication domain ID",
+ "format" : "pve-realm",
+ "maxLength" : 32,
"type" : "string",
"typetext" : "<string>"
}
}
},
"permissions" : {
- "user" : "all"
+ "check" : [
+ "perm",
+ "/access/realm",
+ [
+ "Realm.Allocate",
+ "Sys.Audit"
+ ],
+ "any",
+ 1
+ ]
},
- "returns" : {
+ "returns" : {}
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update authentication server settings.",
+ "method" : "PUT",
+ "name" : "update",
+ "parameters" : {
"additionalProperties" : 0,
"properties" : {
- "Datastore.Allocate" : {
+ "acr-values" : {
+ "description" : "Specifies the Authentication Context Class Reference values that theAuthorization Server is being requested to use for the Auth Request.",
"optional" : 1,
- "type" : "boolean"
+ "pattern" : "^[^\\x00-\\x1F\\x7F <>#\"]*$",
+ "type" : "string"
},
- "Datastore.AllocateSpace" : {
+ "autocreate" : {
+ "default" : 0,
+ "description" : "Automatically create users if they do not exist.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "Datastore.AllocateTemplate" : {
+ "base_dn" : {
+ "description" : "LDAP base domain name",
+ "maxLength" : 256,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "Datastore.Audit" : {
+ "bind_dn" : {
+ "description" : "LDAP bind domain name",
+ "maxLength" : 256,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "Group.Allocate" : {
+ "capath" : {
+ "default" : "/etc/ssl/certs",
+ "description" : "Path to the CA certificate store",
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "Permissions.Modify" : {
+ "case-sensitive" : {
+ "default" : 1,
+ "description" : "username is case-sensitive",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "Pool.Allocate" : {
+ "cert" : {
+ "description" : "Path to the client certificate",
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "Realm.Allocate" : {
+ "certkey" : {
+ "description" : "Path to the client certificate key",
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "Realm.AllocateUser" : {
+ "check-connection" : {
+ "default" : 0,
+ "description" : "Check bind connection to the server.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "Sys.Audit" : {
+ "client-id" : {
+ "description" : "OpenID Client ID",
+ "maxLength" : 256,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "Sys.Console" : {
+ "client-key" : {
+ "description" : "OpenID Client Key",
+ "maxLength" : 256,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "Sys.Modify" : {
+ "comment" : {
+ "description" : "Description.",
+ "maxLength" : 4096,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "Sys.PowerMgmt" : {
+ "default" : {
+ "description" : "Use this as default realm",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "Sys.Syslog" : {
+ "delete" : {
+ "description" : "A list of settings you want to delete.",
+ "format" : "pve-configid-list",
+ "maxLength" : 4096,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "User.Modify" : {
+ "digest" : {
+ "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.",
+ "maxLength" : 64,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "VM.Allocate" : {
+ "domain" : {
+ "description" : "AD domain name",
+ "maxLength" : 256,
"optional" : 1,
- "type" : "boolean"
+ "pattern" : "\\S+",
+ "type" : "string"
},
- "VM.Audit" : {
+ "filter" : {
+ "description" : "LDAP filter for user sync.",
+ "maxLength" : 2048,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "VM.Backup" : {
+ "group_classes" : {
+ "default" : "groupOfNames, group, univentionGroup, ipausergroup",
+ "description" : "The objectclasses for groups.",
+ "format" : "ldap-simple-attr-list",
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "VM.Clone" : {
+ "group_dn" : {
+ "description" : "LDAP base domain name for group sync. If not set, the base_dn will be used.",
+ "maxLength" : 256,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "VM.Config.CDROM" : {
+ "group_filter" : {
+ "description" : "LDAP filter for group sync.",
+ "maxLength" : 2048,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "VM.Config.CPU" : {
+ "group_name_attr" : {
+ "description" : "LDAP attribute representing a groups name. If not set or found, the first value of the DN will be used as name.",
+ "format" : "ldap-simple-attr",
+ "maxLength" : 256,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "VM.Config.Disk" : {
+ "issuer-url" : {
+ "description" : "OpenID Issuer Url",
+ "maxLength" : 256,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "VM.Config.HWType" : {
+ "mode" : {
+ "default" : "ldap",
+ "description" : "LDAP protocol mode.",
+ "enum" : [
+ "ldap",
+ "ldaps",
+ "ldap+starttls"
+ ],
"optional" : 1,
- "type" : "boolean"
+ "type" : "string"
},
- "VM.Config.Memory" : {
+ "password" : {
+ "description" : "LDAP bind password. Will be stored in '/etc/pve/priv/realm/<REALM>.pw'.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "VM.Config.Network" : {
+ "port" : {
+ "description" : "Server port.",
+ "maximum" : 65535,
+ "minimum" : 1,
"optional" : 1,
- "type" : "boolean"
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 65535)"
},
- "VM.Config.Options" : {
+ "prompt" : {
+ "description" : "Specifies whether the Authorization Server prompts the End-User for reauthentication and consent.",
"optional" : 1,
- "type" : "boolean"
+ "pattern" : "(?:none|login|consent|select_account|\\S+)",
+ "type" : "string"
},
- "VM.Console" : {
+ "realm" : {
+ "description" : "Authentication domain ID",
+ "format" : "pve-realm",
+ "maxLength" : 32,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "scopes" : {
+ "default" : "email profile",
+ "description" : "Specifies the scopes (user details) that should be authorized and returned, for example 'email' or 'profile'.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "VM.Migrate" : {
+ "secure" : {
+ "description" : "Use secure LDAPS protocol. DEPRECATED: use 'mode' instead.",
"optional" : 1,
- "type" : "boolean"
+ "type" : "boolean",
+ "typetext" : "<boolean>"
},
- "VM.Monitor" : {
+ "server1" : {
+ "description" : "Server IP address (or DNS name)",
+ "format" : "address",
+ "maxLength" : 256,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "VM.PowerMgmt" : {
+ "server2" : {
+ "description" : "Fallback Server IP address (or DNS name)",
+ "format" : "address",
+ "maxLength" : 256,
"optional" : 1,
- "type" : "boolean"
+ "type" : "string",
+ "typetext" : "<string>"
},
- "VM.Snapshot" : {
+ "sslversion" : {
+ "description" : "LDAPS TLS/SSL version. It's not recommended to use version older than 1.2!",
+ "enum" : [
+ "tlsv1",
+ "tlsv1_1",
+ "tlsv1_2",
+ "tlsv1_3"
+ ],
"optional" : 1,
- "type" : "boolean"
+ "type" : "string"
},
- "VM.Snapshot.Rollback" : {
+ "sync-defaults-options" : {
+ "description" : "The default options for behavior of synchronizations.",
+ "format" : "realm-sync-options",
"optional" : 1,
- "type" : "boolean"
- }
- },
- "type" : "object"
- }
- },
- "PUT" : {
- "description" : "Update an existing role.",
- "method" : "PUT",
- "name" : "update_role",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "append" : {
+ "type" : "string",
+ "typetext" : "[enable-new=<1|0>] [,full=<1|0>] [,purge=<1|0>] [,remove-vanished=([acl];[properties];[entry])|none] [,scope=<users|groups|both>]"
+ },
+ "sync_attributes" : {
+ "description" : "Comma separated list of key=value pairs for specifying which LDAP attributes map to which PVE user field. For example, to map the LDAP attribute 'mail' to PVEs 'email', write 'email=mail'. By default, each PVE user field is represented by an LDAP attribute of the same name.",
"optional" : 1,
- "requires" : "privs",
- "type" : "boolean",
- "typetext" : "<boolean>"
+ "pattern" : "\\w+=[^,]+(,\\s*\\w+=[^,]+)*",
+ "type" : "string"
},
- "privs" : {
- "format" : "pve-priv-list",
+ "tfa" : {
+ "description" : "Use Two-factor authentication.",
+ "format" : "pve-tfa-config",
+ "maxLength" : 128,
"optional" : 1,
"type" : "string",
- "typetext" : "<string>"
+ "typetext" : "type=<TFATYPE> [,digits=<COUNT>] [,id=<ID>] [,key=<KEY>] [,step=<SECONDS>] [,url=<URL>]"
},
- "roleid" : {
- "format" : "pve-roleid",
+ "user_attr" : {
+ "description" : "LDAP user attribute name",
+ "maxLength" : 256,
+ "optional" : 1,
+ "pattern" : "\\S{2,}",
+ "type" : "string"
+ },
+ "user_classes" : {
+ "default" : "inetorgperson, posixaccount, person, user",
+ "description" : "The objectclasses for users.",
+ "format" : "ldap-simple-attr-list",
+ "optional" : 1,
"type" : "string",
"typetext" : "<string>"
+ },
+ "verify" : {
+ "default" : 0,
+ "description" : "Verify the server's SSL certificate",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
}
- }
+ },
+ "type" : "object"
},
"permissions" : {
"check" : [
"perm",
- "/access",
+ "/access/realm",
[
- "Sys.Modify"
+ "Realm.Allocate"
]
]
},
}
}
},
- "leaf" : 1,
- "path" : "/access/roles/{roleid}",
- "text" : "{roleid}"
+ "leaf" : 0,
+ "path" : "/access/domains/{realm}",
+ "text" : "{realm}"
}
],
"info" : {
"GET" : {
- "description" : "Role index.",
+ "allowtoken" : 1,
+ "description" : "Authentication domain index.",
"method" : "GET",
"name" : "index",
"parameters" : {
"additionalProperties" : 0
},
"permissions" : {
- "user" : "all"
+ "description" : "Anyone can access that, because we need that list for the login box (before the user is authenticated).",
+ "user" : "world"
},
"returns" : {
"items" : {
"properties" : {
- "privs" : {
- "format" : "pve-priv-list",
+ "comment" : {
+ "description" : "A comment. The GUI use this text when you select a domain (Realm) on the login window.",
"optional" : 1,
"type" : "string"
},
- "roleid" : {
- "format" : "pve-roleid",
+ "realm" : {
"type" : "string"
},
- "special" : {
- "default" : 0,
+ "tfa" : {
+ "description" : "Two-factor authentication provider.",
+ "enum" : [
+ "yubico",
+ "oath"
+ ],
"optional" : 1,
- "type" : "boolean"
+ "type" : "string"
+ },
+ "type" : {
+ "type" : "string"
}
},
- "type" : "object"
- },
- "links" : [
- {
- "href" : "{roleid}",
- "rel" : "child"
- }
- ],
- "type" : "array"
- }
- },
- "POST" : {
- "description" : "Create new role.",
- "method" : "POST",
- "name" : "create_role",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "privs" : {
- "format" : "pve-priv-list",
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{realm}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Add an authentication server.",
+ "method" : "POST",
+ "name" : "create",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "acr-values" : {
+ "description" : "Specifies the Authentication Context Class Reference values that theAuthorization Server is being requested to use for the Auth Request.",
+ "optional" : 1,
+ "pattern" : "^[^\\x00-\\x1F\\x7F <>#\"]*$",
+ "type" : "string"
+ },
+ "autocreate" : {
+ "default" : 0,
+ "description" : "Automatically create users if they do not exist.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "base_dn" : {
+ "description" : "LDAP base domain name",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "bind_dn" : {
+ "description" : "LDAP bind domain name",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "capath" : {
+ "default" : "/etc/ssl/certs",
+ "description" : "Path to the CA certificate store",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "case-sensitive" : {
+ "default" : 1,
+ "description" : "username is case-sensitive",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "cert" : {
+ "description" : "Path to the client certificate",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "certkey" : {
+ "description" : "Path to the client certificate key",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "check-connection" : {
+ "default" : 0,
+ "description" : "Check bind connection to the server.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "client-id" : {
+ "description" : "OpenID Client ID",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "client-key" : {
+ "description" : "OpenID Client Key",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "comment" : {
+ "description" : "Description.",
+ "maxLength" : 4096,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "default" : {
+ "description" : "Use this as default realm",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "domain" : {
+ "description" : "AD domain name",
+ "maxLength" : 256,
+ "optional" : 1,
+ "pattern" : "\\S+",
+ "type" : "string"
+ },
+ "filter" : {
+ "description" : "LDAP filter for user sync.",
+ "maxLength" : 2048,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group_classes" : {
+ "default" : "groupOfNames, group, univentionGroup, ipausergroup",
+ "description" : "The objectclasses for groups.",
+ "format" : "ldap-simple-attr-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group_dn" : {
+ "description" : "LDAP base domain name for group sync. If not set, the base_dn will be used.",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group_filter" : {
+ "description" : "LDAP filter for group sync.",
+ "maxLength" : 2048,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "group_name_attr" : {
+ "description" : "LDAP attribute representing a groups name. If not set or found, the first value of the DN will be used as name.",
+ "format" : "ldap-simple-attr",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "issuer-url" : {
+ "description" : "OpenID Issuer Url",
+ "maxLength" : 256,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "mode" : {
+ "default" : "ldap",
+ "description" : "LDAP protocol mode.",
+ "enum" : [
+ "ldap",
+ "ldaps",
+ "ldap+starttls"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
+ "password" : {
+ "description" : "LDAP bind password. Will be stored in '/etc/pve/priv/realm/<REALM>.pw'.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "roleid" : {
- "format" : "pve-roleid",
+ "port" : {
+ "description" : "Server port.",
+ "maximum" : 65535,
+ "minimum" : 1,
+ "optional" : 1,
+ "type" : "integer",
+ "typetext" : "<integer> (1 - 65535)"
+ },
+ "prompt" : {
+ "description" : "Specifies whether the Authorization Server prompts the End-User for reauthentication and consent.",
+ "optional" : 1,
+ "pattern" : "(?:none|login|consent|select_account|\\S+)",
+ "type" : "string"
+ },
+ "realm" : {
+ "description" : "Authentication domain ID",
+ "format" : "pve-realm",
+ "maxLength" : 32,
"type" : "string",
"typetext" : "<string>"
- }
- }
- },
- "permissions" : {
- "check" : [
- "perm",
- "/access",
- [
- "Sys.Modify"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
- }
- },
- "leaf" : 0,
- "path" : "/access/roles",
- "text" : "roles"
- },
- {
- "info" : {
- "GET" : {
- "description" : "Get Access Control List (ACLs).",
- "method" : "GET",
- "name" : "read_acl",
- "parameters" : {
- "additionalProperties" : 0
- },
- "permissions" : {
- "description" : "The returned list is restricted to objects where you have rights to modify permissions.",
- "user" : "all"
- },
- "returns" : {
- "items" : {
- "additionalProperties" : 0,
- "properties" : {
- "path" : {
- "description" : "Access control path",
- "type" : "string"
- },
- "propagate" : {
- "default" : 1,
- "description" : "Allow to propagate (inherit) permissions.",
- "optional" : 1,
- "type" : "boolean"
- },
- "roleid" : {
- "type" : "string"
- },
- "type" : {
- "enum" : [
- "user",
- "group"
- ],
- "type" : "string"
- },
- "ugid" : {
- "type" : "string"
- }
},
- "type" : "object"
- },
- "type" : "array"
- }
- },
- "PUT" : {
- "description" : "Update Access Control List (add or remove permissions).",
- "method" : "PUT",
- "name" : "update_acl",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "delete" : {
- "description" : "Remove permissions (instead of adding it).",
+ "scopes" : {
+ "default" : "email profile",
+ "description" : "Specifies the scopes (user details) that should be authorized and returned, for example 'email' or 'profile'.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "secure" : {
+ "description" : "Use secure LDAPS protocol. DEPRECATED: use 'mode' instead.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
},
- "groups" : {
- "description" : "List of groups.",
- "format" : "pve-groupid-list",
+ "server1" : {
+ "description" : "Server IP address (or DNS name)",
+ "format" : "address",
+ "maxLength" : 256,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "path" : {
- "description" : "Access control path",
+ "server2" : {
+ "description" : "Fallback Server IP address (or DNS name)",
+ "format" : "address",
+ "maxLength" : 256,
+ "optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "propagate" : {
- "default" : 1,
- "description" : "Allow to propagate (inherit) permissions.",
+ "sslversion" : {
+ "description" : "LDAPS TLS/SSL version. It's not recommended to use version older than 1.2!",
+ "enum" : [
+ "tlsv1",
+ "tlsv1_1",
+ "tlsv1_2",
+ "tlsv1_3"
+ ],
"optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
+ "type" : "string"
},
- "roles" : {
- "description" : "List of roles.",
- "format" : "pve-roleid-list",
+ "sync-defaults-options" : {
+ "description" : "The default options for behavior of synchronizations.",
+ "format" : "realm-sync-options",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "[enable-new=<1|0>] [,full=<1|0>] [,purge=<1|0>] [,remove-vanished=([acl];[properties];[entry])|none] [,scope=<users|groups|both>]"
+ },
+ "sync_attributes" : {
+ "description" : "Comma separated list of key=value pairs for specifying which LDAP attributes map to which PVE user field. For example, to map the LDAP attribute 'mail' to PVEs 'email', write 'email=mail'. By default, each PVE user field is represented by an LDAP attribute of the same name.",
+ "optional" : 1,
+ "pattern" : "\\w+=[^,]+(,\\s*\\w+=[^,]+)*",
+ "type" : "string"
+ },
+ "tfa" : {
+ "description" : "Use Two-factor authentication.",
+ "format" : "pve-tfa-config",
+ "maxLength" : 128,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "type=<TFATYPE> [,digits=<COUNT>] [,id=<ID>] [,key=<KEY>] [,step=<SECONDS>] [,url=<URL>]"
+ },
+ "type" : {
+ "description" : "Realm type.",
+ "enum" : [
+ "ad",
+ "ldap",
+ "openid",
+ "pam",
+ "pve"
+ ],
+ "type" : "string"
+ },
+ "user_attr" : {
+ "description" : "LDAP user attribute name",
+ "maxLength" : 256,
+ "optional" : 1,
+ "pattern" : "\\S{2,}",
+ "type" : "string"
+ },
+ "user_classes" : {
+ "default" : "inetorgperson, posixaccount, person, user",
+ "description" : "The objectclasses for users.",
+ "format" : "ldap-simple-attr-list",
+ "optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "users" : {
- "description" : "List of users.",
- "format" : "pve-userid-list",
+ "username-claim" : {
+ "description" : "OpenID claim used to generate the unique username.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
+ },
+ "verify" : {
+ "default" : 0,
+ "description" : "Verify the server's SSL certificate",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
}
- }
+ },
+ "type" : "object"
},
"permissions" : {
"check" : [
- "perm-modify",
- "{path}"
+ "perm",
+ "/access/realm",
+ [
+ "Realm.Allocate"
+ ]
]
},
"protected" : 1,
}
}
},
- "leaf" : 1,
- "path" : "/access/acl",
- "text" : "acl"
+ "leaf" : 0,
+ "path" : "/access/domains",
+ "text" : "domains"
},
{
"children" : [
{
"info" : {
- "DELETE" : {
- "description" : "Delete an authentication server.",
- "method" : "DELETE",
- "name" : "delete",
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : "Get the OpenId Authorization Url for the specified realm.",
+ "method" : "POST",
+ "name" : "auth_url",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
"maxLength" : 32,
"type" : "string",
"typetext" : "<string>"
+ },
+ "redirect-url" : {
+ "description" : "Redirection Url. The client should set this to the used server url (location.origin).",
+ "maxLength" : 255,
+ "type" : "string",
+ "typetext" : "<string>"
}
}
},
"permissions" : {
- "check" : [
- "perm",
- "/access/realm",
- [
- "Realm.Allocate"
- ]
- ]
+ "user" : "world"
},
"protected" : 1,
"returns" : {
- "type" : "null"
+ "description" : "Redirection URL.",
+ "type" : "string"
}
- },
- "GET" : {
- "description" : "Get auth server configuration.",
- "method" : "GET",
- "name" : "read",
+ }
+ },
+ "leaf" : 1,
+ "path" : "/access/openid/auth-url",
+ "text" : "auth-url"
+ },
+ {
+ "info" : {
+ "POST" : {
+ "allowtoken" : 1,
+ "description" : " Verify OpenID authorization code and create a ticket.",
+ "method" : "POST",
+ "name" : "login",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
- "realm" : {
- "description" : "Authentication domain ID",
- "format" : "pve-realm",
- "maxLength" : 32,
+ "code" : {
+ "description" : "OpenId authorization code.",
+ "maxLength" : 4096,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "redirect-url" : {
+ "description" : "Redirection Url. The client should set this to the used server url (location.origin).",
+ "maxLength" : 255,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "state" : {
+ "description" : "OpenId state.",
+ "maxLength" : 1024,
"type" : "string",
"typetext" : "<string>"
}
}
},
"permissions" : {
- "check" : [
- "perm",
- "/access/realm",
- [
- "Realm.Allocate",
- "Sys.Audit"
- ],
- "any",
- 1
- ]
+ "user" : "world"
},
- "returns" : {}
- },
- "PUT" : {
- "description" : "Update authentication server settings.",
- "method" : "PUT",
- "name" : "update",
- "parameters" : {
- "additionalProperties" : 0,
+ "protected" : 1,
+ "returns" : {
"properties" : {
- "base_dn" : {
- "description" : "LDAP base domain name",
- "maxLength" : 256,
- "optional" : 1,
- "pattern" : "\\w+=[^,]+(,\\s*\\w+=[^,]+)*",
+ "CSRFPreventionToken" : {
"type" : "string"
},
- "bind_dn" : {
- "description" : "LDAP bind domain name",
- "maxLength" : 256,
+ "cap" : {
+ "type" : "object"
+ },
+ "clustername" : {
"optional" : 1,
- "pattern" : "\\w+=[^,]+(,\\s*\\w+=[^,]+)*",
"type" : "string"
},
- "capath" : {
- "default" : "/etc/ssl/certs",
- "description" : "Path to the CA certificate store",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
+ "ticket" : {
+ "type" : "string"
},
- "cert" : {
- "description" : "Path to the client certificate",
- "optional" : 1,
+ "username" : {
+ "type" : "string"
+ }
+ }
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/access/openid/login",
+ "text" : "login"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Directory index.",
+ "method" : "GET",
+ "name" : "index",
+ "parameters" : {
+ "additionalProperties" : 0
+ },
+ "permissions" : {
+ "user" : "all"
+ },
+ "returns" : {
+ "items" : {
+ "properties" : {
+ "subdir" : {
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{subdir}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ }
+ },
+ "leaf" : 0,
+ "path" : "/access/openid",
+ "text" : "openid"
+ },
+ {
+ "children" : [
+ {
+ "children" : [
+ {
+ "info" : {
+ "DELETE" : {
+ "allowtoken" : 0,
+ "description" : "Delete a TFA entry by ID.",
+ "method" : "DELETE",
+ "name" : "delete_tfa",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "description" : "A TFA entry id.",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "password" : {
+ "description" : "The current password of the user performing the change.",
+ "maxLength" : 64,
+ "minLength" : 5,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Fetch a requested TFA entry if present.",
+ "method" : "GET",
+ "name" : "get_tfa_entry",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "id" : {
+ "description" : "A TFA entry id.",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify",
+ "Sys.Audit"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "TFA Entry.",
+ "properties" : {
+ "created" : {
+ "description" : "Creation time of this entry as unix epoch.",
+ "type" : "integer"
+ },
+ "description" : {
+ "description" : "User chosen description for this entry.",
+ "type" : "string"
+ },
+ "enable" : {
+ "default" : 1,
+ "description" : "Whether this TFA entry is currently enabled.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "id" : {
+ "description" : "The id used to reference this entry.",
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "TFA Entry Type.",
+ "enum" : [
+ "totp",
+ "u2f",
+ "webauthn",
+ "recovery",
+ "yubico"
+ ],
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ }
+ },
+ "PUT" : {
+ "allowtoken" : 0,
+ "description" : "Add a TFA entry for a user.",
+ "method" : "PUT",
+ "name" : "update_tfa_entry",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "description" : {
+ "description" : "A description to distinguish multiple entries from one another",
+ "maxLength" : 255,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "enable" : {
+ "description" : "Whether the entry should be enabled for login.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "id" : {
+ "description" : "A TFA entry id.",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "password" : {
+ "description" : "The current password of the user performing the change.",
+ "maxLength" : 64,
+ "minLength" : 5,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/access/tfa/{userid}/{id}",
+ "text" : "{id}"
+ }
+ ],
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "List TFA configurations of users.",
+ "method" : "GET",
+ "name" : "list_user_tfa",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
"type" : "string",
"typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "or",
+ [
+ "userid-param",
+ "self"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify",
+ "Sys.Audit"
+ ]
+ ]
+ ]
+ },
+ "protected" : 1,
+ "returns" : {
+ "description" : "A list of the user's TFA entries.",
+ "items" : {
+ "description" : "TFA Entry.",
+ "properties" : {
+ "created" : {
+ "description" : "Creation time of this entry as unix epoch.",
+ "type" : "integer"
+ },
+ "description" : {
+ "description" : "User chosen description for this entry.",
+ "type" : "string"
+ },
+ "enable" : {
+ "default" : 1,
+ "description" : "Whether this TFA entry is currently enabled.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "id" : {
+ "description" : "The id used to reference this entry.",
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "TFA Entry Type.",
+ "enum" : [
+ "totp",
+ "u2f",
+ "webauthn",
+ "recovery",
+ "yubico"
+ ],
+ "type" : "string"
+ }
},
- "certkey" : {
- "description" : "Path to the client certificate key",
+ "type" : "object"
+ },
+ "links" : [
+ {
+ "href" : "{id}",
+ "rel" : "child"
+ }
+ ],
+ "type" : "array"
+ }
+ },
+ "POST" : {
+ "allowtoken" : 0,
+ "description" : "Add a TFA entry for a user.",
+ "method" : "POST",
+ "name" : "add_tfa_entry",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "challenge" : {
+ "description" : "When responding to a u2f challenge: the original challenge string",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "comment" : {
- "description" : "Description.",
- "maxLength" : 4096,
+ "description" : {
+ "description" : "A description to distinguish multiple entries from one another",
+ "maxLength" : 255,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "default" : {
- "description" : "Use this as default realm",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "delete" : {
- "description" : "A list of settings you want to delete.",
- "format" : "pve-configid-list",
- "maxLength" : 4096,
+ "password" : {
+ "description" : "The current password of the user performing the change.",
+ "maxLength" : 64,
+ "minLength" : 5,
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "digest" : {
- "description" : "Prevent changes if current configuration file has different SHA1 digest. This can be used to prevent concurrent modifications.",
- "maxLength" : 40,
+ "totp" : {
+ "description" : "A totp URI.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
- "domain" : {
- "description" : "AD domain name",
- "maxLength" : 256,
- "optional" : 1,
- "pattern" : "\\S+",
+ "type" : {
+ "description" : "TFA Entry Type.",
+ "enum" : [
+ "totp",
+ "u2f",
+ "webauthn",
+ "recovery",
+ "yubico"
+ ],
"type" : "string"
},
- "port" : {
- "description" : "Server port.",
- "maximum" : 65535,
- "minimum" : 1,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (1 - 65535)"
- },
- "realm" : {
- "description" : "Authentication domain ID",
- "format" : "pve-realm",
- "maxLength" : 32,
- "type" : "string",
- "typetext" : "<string>"
- },
- "secure" : {
- "description" : "Use secure LDAPS protocol.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "server1" : {
- "description" : "Server IP address (or DNS name)",
- "format" : "address",
- "maxLength" : 256,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "server2" : {
- "description" : "Fallback Server IP address (or DNS name)",
- "format" : "address",
- "maxLength" : 256,
- "optional" : 1,
+ "userid" : {
+ "description" : "Full User ID, in the `name@realm` format.",
+ "format" : "pve-userid",
+ "maxLength" : 64,
"type" : "string",
"typetext" : "<string>"
},
- "tfa" : {
- "description" : "Use Two-factor authentication.",
- "format" : "pve-tfa-config",
- "maxLength" : 128,
+ "value" : {
+ "description" : "The current value for the provided totp URI, or a Webauthn/U2F challenge response",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
- },
- "user_attr" : {
- "description" : "LDAP user attribute name",
- "maxLength" : 256,
- "optional" : 1,
- "pattern" : "\\S{2,}",
- "type" : "string"
- },
- "verify" : {
- "default" : 0,
- "description" : "Verify the server's SSL certificate",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
}
- },
- "type" : "object"
+ }
},
"permissions" : {
"check" : [
- "perm",
- "/access/realm",
+ "or",
[
- "Realm.Allocate"
+ "userid-param",
+ "self"
+ ],
+ [
+ "userid-group",
+ [
+ "User.Modify"
+ ]
]
]
},
"protected" : 1,
"returns" : {
- "type" : "null"
+ "properties" : {
+ "challenge" : {
+ "description" : "When adding u2f entries, this contains a challenge the user must respond to in order to finish the registration.",
+ "optional" : 1,
+ "type" : "string"
+ },
+ "id" : {
+ "description" : "The id of a newly added TFA entry.",
+ "type" : "string"
+ },
+ "recovery" : {
+ "description" : "When adding recovery codes, this contains the list of codes to be displayed to the user",
+ "items" : {
+ "description" : "A recovery entry.",
+ "type" : "string"
+ },
+ "optional" : 1,
+ "type" : "array"
+ }
+ },
+ "type" : "object"
}
}
},
- "leaf" : 1,
- "path" : "/access/domains/{realm}",
- "text" : "{realm}"
+ "leaf" : 0,
+ "path" : "/access/tfa/{userid}",
+ "text" : "{userid}"
}
],
"info" : {
"GET" : {
- "description" : "Authentication domain index.",
+ "allowtoken" : 1,
+ "description" : "List TFA configurations of users.",
"method" : "GET",
- "name" : "index",
+ "name" : "list_tfa",
"parameters" : {
"additionalProperties" : 0
},
"permissions" : {
- "description" : "Anyone can access that, because we need that list for the login box (before the user is authenticated).",
- "user" : "world"
+ "description" : "Returns all or just the logged-in user, depending on privileges.",
+ "user" : "all"
},
+ "protected" : 1,
"returns" : {
+ "description" : "The list tuples of user and TFA entries.",
"items" : {
"properties" : {
- "comment" : {
- "description" : "A comment. The GUI use this text when you select a domain (Realm) on the login window.",
- "optional" : 1,
- "type" : "string"
+ "entries" : {
+ "items" : {
+ "description" : "TFA Entry.",
+ "properties" : {
+ "created" : {
+ "description" : "Creation time of this entry as unix epoch.",
+ "type" : "integer"
+ },
+ "description" : {
+ "description" : "User chosen description for this entry.",
+ "type" : "string"
+ },
+ "enable" : {
+ "default" : 1,
+ "description" : "Whether this TFA entry is currently enabled.",
+ "optional" : 1,
+ "type" : "boolean"
+ },
+ "id" : {
+ "description" : "The id used to reference this entry.",
+ "type" : "string"
+ },
+ "type" : {
+ "description" : "TFA Entry Type.",
+ "enum" : [
+ "totp",
+ "u2f",
+ "webauthn",
+ "recovery",
+ "yubico"
+ ],
+ "type" : "string"
+ }
+ },
+ "type" : "object"
+ },
+ "type" : "array"
},
- "realm" : {
- "type" : "string"
+ "tfa-locked-until" : {
+ "description" : "Contains a timestamp until when a user is locked out of 2nd factors.",
+ "optional" : 1,
+ "type" : "integer"
},
- "tfa" : {
- "description" : "Two-factor authentication provider.",
- "enum" : [
- "yubico",
- "oath"
- ],
+ "totp-locked" : {
+ "description" : "True if the user is currently locked out of TOTP factors.",
"optional" : 1,
+ "type" : "boolean"
+ },
+ "userid" : {
+ "description" : "User this entry belongs to.",
"type" : "string"
}
},
},
"links" : [
{
- "href" : "{realm}",
+ "href" : "{userid}",
"rel" : "child"
}
],
"type" : "array"
}
- },
- "POST" : {
- "description" : "Add an authentication server.",
- "method" : "POST",
- "name" : "create",
- "parameters" : {
- "additionalProperties" : 0,
- "properties" : {
- "base_dn" : {
- "description" : "LDAP base domain name",
- "maxLength" : 256,
- "optional" : 1,
- "pattern" : "\\w+=[^,]+(,\\s*\\w+=[^,]+)*",
- "type" : "string"
- },
- "bind_dn" : {
- "description" : "LDAP bind domain name",
- "maxLength" : 256,
- "optional" : 1,
- "pattern" : "\\w+=[^,]+(,\\s*\\w+=[^,]+)*",
- "type" : "string"
- },
- "capath" : {
- "default" : "/etc/ssl/certs",
- "description" : "Path to the CA certificate store",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "cert" : {
- "description" : "Path to the client certificate",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "certkey" : {
- "description" : "Path to the client certificate key",
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "comment" : {
- "description" : "Description.",
- "maxLength" : 4096,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "default" : {
- "description" : "Use this as default realm",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "domain" : {
- "description" : "AD domain name",
- "maxLength" : 256,
- "optional" : 1,
- "pattern" : "\\S+",
- "type" : "string"
- },
- "port" : {
- "description" : "Server port.",
- "maximum" : 65535,
- "minimum" : 1,
- "optional" : 1,
- "type" : "integer",
- "typetext" : "<integer> (1 - 65535)"
- },
- "realm" : {
- "description" : "Authentication domain ID",
- "format" : "pve-realm",
- "maxLength" : 32,
- "type" : "string",
- "typetext" : "<string>"
- },
- "secure" : {
- "description" : "Use secure LDAPS protocol.",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- },
- "server1" : {
- "description" : "Server IP address (or DNS name)",
- "format" : "address",
- "maxLength" : 256,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "server2" : {
- "description" : "Fallback Server IP address (or DNS name)",
- "format" : "address",
- "maxLength" : 256,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "tfa" : {
- "description" : "Use Two-factor authentication.",
- "format" : "pve-tfa-config",
- "maxLength" : 128,
- "optional" : 1,
- "type" : "string",
- "typetext" : "<string>"
- },
- "type" : {
- "description" : "Realm type.",
- "enum" : [
- "ad",
- "ldap",
- "pam",
- "pve"
- ],
- "type" : "string"
- },
- "user_attr" : {
- "description" : "LDAP user attribute name",
- "maxLength" : 256,
- "optional" : 1,
- "pattern" : "\\S{2,}",
- "type" : "string"
- },
- "verify" : {
- "default" : 0,
- "description" : "Verify the server's SSL certificate",
- "optional" : 1,
- "type" : "boolean",
- "typetext" : "<boolean>"
- }
- },
- "type" : "object"
- },
- "permissions" : {
- "check" : [
- "perm",
- "/access/realm",
- [
- "Realm.Allocate"
- ]
- ]
- },
- "protected" : 1,
- "returns" : {
- "type" : "null"
- }
}
},
"leaf" : 0,
- "path" : "/access/domains",
- "text" : "domains"
+ "path" : "/access/tfa",
+ "text" : "tfa"
},
{
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Dummy. Useful for formatters which want to provide a login page.",
"method" : "GET",
"name" : "get_ticket",
}
},
"POST" : {
+ "allowtoken" : 0,
"description" : "Create or verify authentication ticket.",
"method" : "POST",
"name" : "create_ticket",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "new-format" : {
+ "default" : 1,
+ "description" : "This parameter is now ignored and assumed to be 1.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"otp" : {
"description" : "One-time password for Two-factor authentication.",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
+ "tfa-challenge" : {
+ "description" : "The signed TFA challenge string the user wants to respond to.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"username" : {
"description" : "User name",
"maxLength" : 64,
{
"info" : {
"PUT" : {
+ "allowtoken" : 0,
"description" : "Change user password.",
"method" : "PUT",
"name" : "change_password",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "confirmation-password" : {
+ "description" : "The current password of the user performing the change.",
+ "maxLength" : 64,
+ "minLength" : 5,
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
"password" : {
"description" : "The new password.",
"maxLength" : 64,
"typetext" : "<string>"
},
"userid" : {
- "description" : "User ID",
+ "description" : "Full User ID, in the `name@realm` format.",
"format" : "pve-userid",
"maxLength" : 64,
"type" : "string",
"leaf" : 1,
"path" : "/access/password",
"text" : "password"
+ },
+ {
+ "info" : {
+ "GET" : {
+ "allowtoken" : 1,
+ "description" : "Retrieve effective permissions of given user/token.",
+ "method" : "GET",
+ "name" : "permissions",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "path" : {
+ "description" : "Only dump this specific path, not the whole tree.",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "userid" : {
+ "description" : "User ID or full API token ID",
+ "optional" : 1,
+ "pattern" : "(?^:^(?^:[^\\s:/]+)\\@(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+)(?:!(?^:[A-Za-z][A-Za-z0-9\\.\\-_]+))?$)",
+ "type" : "string"
+ }
+ }
+ },
+ "permissions" : {
+ "description" : "Each user/token is allowed to dump their own permissions. A user can dump the permissions of another user if they have 'Sys.Audit' permission on /access.",
+ "user" : "all"
+ },
+ "returns" : {
+ "description" : "Map of \"path\" => (Map of \"privilege\" => \"propagate boolean\").",
+ "type" : "object"
+ }
+ }
+ },
+ "leaf" : 1,
+ "path" : "/access/permissions",
+ "text" : "permissions"
}
],
"info" : {
"GET" : {
+ "allowtoken" : 1,
"description" : "Directory index.",
"method" : "GET",
"name" : "index",
{
"info" : {
"DELETE" : {
- "description" : "Delete pool.",
+ "allowtoken" : 1,
+ "description" : "Delete pool (deprecated, no support for nested pools, use 'DELETE /pools/?poolid={poolid}').",
"method" : "DELETE",
- "name" : "delete_pool",
+ "name" : "delete_pool_deprecated",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
}
},
"GET" : {
- "description" : "Get pool configuration.",
+ "allowtoken" : 1,
+ "description" : "Get pool configuration (deprecated, no support for nested pools, use 'GET /pools/?poolid={poolid}').",
"method" : "GET",
"name" : "read_pool",
"parameters" : {
"format" : "pve-poolid",
"type" : "string",
"typetext" : "<string>"
+ },
+ "type" : {
+ "enum" : [
+ "qemu",
+ "lxc",
+ "storage"
+ ],
+ "optional" : 1,
+ "type" : "string"
}
}
},
"perm",
"/pool/{poolid}",
[
- "Pool.Allocate"
+ "Pool.Audit"
]
]
},
}
},
"PUT" : {
- "description" : "Update pool data.",
+ "allowtoken" : 1,
+ "description" : "Update pool data (deprecated, no support for nested pools - use 'PUT /pools/?poolid={poolid}' instead).",
"method" : "PUT",
- "name" : "update_pool",
+ "name" : "update_pool_deprecated",
"parameters" : {
"additionalProperties" : 0,
"properties" : {
+ "allow-move" : {
+ "default" : 0,
+ "description" : "Allow adding a guest even if already in another pool. The guest will be removed from its current pool and added to this one.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
"comment" : {
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"delete" : {
- "description" : "Remove vms/storage (instead of adding it).",
+ "default" : 0,
+ "description" : "Remove the passed VMIDs and/or storage IDs instead of adding them.",
"optional" : 1,
"type" : "boolean",
"typetext" : "<boolean>"
"typetext" : "<string>"
},
"storage" : {
- "description" : "List of storage IDs.",
+ "description" : "List of storage IDs to add or remove from this pool.",
"format" : "pve-storage-id-list",
"optional" : 1,
"type" : "string",
"typetext" : "<string>"
},
"vms" : {
- "description" : "List of virtual machines.",
+ "description" : "List of guest VMIDs to add or remove from this pool.",
"format" : "pve-vmid-list",
"optional" : 1,
"type" : "string",
}
],
"info" : {
+ "DELETE" : {
+ "allowtoken" : 1,
+ "description" : "Delete pool.",
+ "method" : "DELETE",
+ "name" : "delete_pool",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "poolid" : {
+ "format" : "pve-poolid",
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/pool/{poolid}",
+ [
+ "Pool.Allocate"
+ ]
+ ],
+ "description" : "You can only delete empty pools (no members)."
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
+ },
"GET" : {
- "description" : "Pool index.",
+ "allowtoken" : 1,
+ "description" : "List pools or get pool configuration.",
"method" : "GET",
"name" : "index",
"parameters" : {
- "additionalProperties" : 0
+ "additionalProperties" : 0,
+ "properties" : {
+ "poolid" : {
+ "format" : "pve-poolid",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "type" : {
+ "enum" : [
+ "qemu",
+ "lxc",
+ "storage"
+ ],
+ "optional" : 1,
+ "requires" : "poolid",
+ "type" : "string"
+ }
+ }
},
"permissions" : {
- "description" : "List all pools where you have Pool.Allocate or VM.Allocate permissions on /pool/<pool>.",
+ "description" : "List all pools where you have Pool.Audit permissions on /pool/<pool>, or the pool specific with {poolid}",
"user" : "all"
},
"returns" : {
"items" : {
"properties" : {
+ "comment" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "members" : {
+ "items" : {
+ "additionalProperties" : 1,
+ "properties" : {
+ "id" : {
+ "type" : "string"
+ },
+ "node" : {
+ "type" : "string"
+ },
+ "storage" : {
+ "optional" : 1,
+ "type" : "string"
+ },
+ "type" : {
+ "enum" : [
+ "qemu",
+ "lxc",
+ "openvz",
+ "storage"
+ ],
+ "type" : "string"
+ },
+ "vmid" : {
+ "optional" : 1,
+ "type" : "integer"
+ }
+ },
+ "type" : "object"
+ },
+ "optional" : 1,
+ "type" : "array"
+ },
"poolid" : {
"type" : "string"
}
}
},
"POST" : {
+ "allowtoken" : 1,
"description" : "Create new pool.",
"method" : "POST",
"name" : "create_pool",
"returns" : {
"type" : "null"
}
+ },
+ "PUT" : {
+ "allowtoken" : 1,
+ "description" : "Update pool.",
+ "method" : "PUT",
+ "name" : "update_pool",
+ "parameters" : {
+ "additionalProperties" : 0,
+ "properties" : {
+ "allow-move" : {
+ "default" : 0,
+ "description" : "Allow adding a guest even if already in another pool. The guest will be removed from its current pool and added to this one.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "comment" : {
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "delete" : {
+ "default" : 0,
+ "description" : "Remove the passed VMIDs and/or storage IDs instead of adding them.",
+ "optional" : 1,
+ "type" : "boolean",
+ "typetext" : "<boolean>"
+ },
+ "poolid" : {
+ "format" : "pve-poolid",
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "storage" : {
+ "description" : "List of storage IDs to add or remove from this pool.",
+ "format" : "pve-storage-id-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ },
+ "vms" : {
+ "description" : "List of guest VMIDs to add or remove from this pool.",
+ "format" : "pve-vmid-list",
+ "optional" : 1,
+ "type" : "string",
+ "typetext" : "<string>"
+ }
+ }
+ },
+ "permissions" : {
+ "check" : [
+ "perm",
+ "/pool/{poolid}",
+ [
+ "Pool.Allocate"
+ ]
+ ],
+ "description" : "You also need the right to modify permissions on any object you add/delete."
+ },
+ "protected" : 1,
+ "returns" : {
+ "type" : "null"
+ }
}
},
"leaf" : 0,
{
"info" : {
"GET" : {
- "description" : "API version details. The result also includes the global datacenter confguration.",
+ "allowtoken" : 1,
+ "description" : "API version details, including some parts of the global datacenter config.",
"method" : "GET",
"name" : "version",
"parameters" : {
},
"returns" : {
"properties" : {
+ "console" : {
+ "description" : "The default console viewer to use.",
+ "enum" : [
+ "applet",
+ "vv",
+ "html5",
+ "xtermjs"
+ ],
+ "optional" : 1,
+ "type" : "string"
+ },
"release" : {
+ "description" : "The current Proxmox VE point release in `x.y` format.",
"type" : "string"
},
"repoid" : {
+ "description" : "The short git revision from which this version was build.",
+ "pattern" : "[0-9a-fA-F]{8,64}",
"type" : "string"
},
"version" : {
+ "description" : "The full pve-manager package version of this node.",
"type" : "string"
}
},