]> git.proxmox.com Git - pve-storage.git/blob - PVE/API2/Storage/Config.pm
projects / pve-storage.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
cifs plugin cleanups
[pve-storage.git] / PVE / API2 / Storage / Config.pm
1 package PVE::API2::Storage::Config;
2
3 use strict;
4 use warnings;
5
6 use PVE::SafeSyslog;
7 use PVE::Tools qw(extract_param);
8 use PVE::Cluster qw(cfs_read_file cfs_write_file);
9 use PVE::Storage;
10 use PVE::Storage::Plugin;
11 use HTTP::Status qw(:constants);
12 use Storable qw(dclone);
13 use PVE::JSONSchema qw(get_standard_option);
14 use PVE::RPCEnvironment;
15
16 use PVE::RESTHandler;
17
18 use base qw(PVE::RESTHandler);
19
20 my @ctypes = qw(images vztmpl iso backup);
21
22 my $storage_type_enum = PVE::Storage::Plugin->lookup_types();
23
24 my $api_storage_config = sub {
25 my ($cfg, $storeid) = @_;
26
27 my $scfg = dclone(PVE::Storage::storage_config($cfg, $storeid));
28 $scfg->{storage} = $storeid;
29 $scfg->{digest} = $cfg->{digest};
30 $scfg->{content} = PVE::Storage::Plugin->encode_value($scfg->{type}, 'content', $scfg->{content});
31
32 if ($scfg->{nodes}) {
33 $scfg->{nodes} = PVE::Storage::Plugin->encode_value($scfg->{type}, 'nodes', $scfg->{nodes});
34 }
35
36 return $scfg;
37 };
38
39 my $cifs_cred_file_name = sub {
40 my ($storeid) = @_;
41
42 return "/etc/pve/priv/${storeid}.cred";
43 };
44
45 my $set_cifs_credentials = sub {
46 my ($password, $storeid) = @_;
47
48 my $cred_file = $cifs_cred_file_name->($storeid);
49
50 PVE::Tools::file_set_contents($cred_file, "password=$password\n");
51
52 return $cred_file;
53 };
54
55 __PACKAGE__->register_method ({
56 name => 'index',
57 path => '',
58 method => 'GET',
59 description => "Storage index.",
60 permissions => {
61 description => "Only list entries where you have 'Datastore.Audit' or 'Datastore.AllocateSpace' permissions on '/storage/<storage>'",
62 user => 'all',
63 },
64 parameters => {
65 additionalProperties => 0,
66 properties => {
67 type => {
68 description => "Only list storage of specific type",
69 type => 'string',
70 enum => $storage_type_enum,
71 optional => 1,
72 },
73 },
74 },
75 returns => {
76 type => 'array',
77 items => {
78 type => "object",
79 properties => { storage => { type => 'string'} },
80 },
81 links => [ { rel => 'child', href => "{storage}" } ],
82 },
83 code => sub {
84 my ($param) = @_;
85
86 my $rpcenv = PVE::RPCEnvironment::get();
87 my $authuser = $rpcenv->get_user();
88
89 my $cfg = PVE::Storage::config();
90
91 my @sids = PVE::Storage::storage_ids($cfg);
92
93 my $res = [];
94 foreach my $storeid (@sids) {
95 my $privs = [ 'Datastore.Audit', 'Datastore.AllocateSpace' ];
96 next if !$rpcenv->check_any($authuser, "/storage/$storeid", $privs, 1);
97
98 my $scfg = &$api_storage_config($cfg, $storeid);
99 next if $param->{type} && $param->{type} ne $scfg->{type};
100 push @$res, $scfg;
101 }
102
103 return $res;
104 }});
105
106 __PACKAGE__->register_method ({
107 name => 'read',
108 path => '{storage}',
109 method => 'GET',
110 description => "Read storage configuration.",
111 permissions => {
112 check => ['perm', '/storage/{storage}', ['Datastore.Allocate']],
113 },
114 parameters => {
115 additionalProperties => 0,
116 properties => {
117 storage => get_standard_option('pve-storage-id'),
118 },
119 },
120 returns => {},
121 code => sub {
122 my ($param) = @_;
123
124 my $cfg = PVE::Storage::config();
125
126 return &$api_storage_config($cfg, $param->{storage});
127 }});
128
129 __PACKAGE__->register_method ({
130 name => 'create',
131 protected => 1,
132 path => '',
133 method => 'POST',
134 description => "Create a new storage.",
135 permissions => {
136 check => ['perm', '/storage', ['Datastore.Allocate']],
137 },
138 parameters => PVE::Storage::Plugin->createSchema(),
139 returns => { type => 'null' },
140 code => sub {
141 my ($param) = @_;
142
143 my $type = extract_param($param, 'type');
144 my $storeid = extract_param($param, 'storage');
145
146 # revent an empty nodelist.
147 # fix me in section config create never need an empty entity.
148 delete $param->{nodes} if !$param->{nodes};
149
150 my $password = extract_param($param, 'password')
151 if $type eq 'cifs' && $param->{username};
152
153 if ($param->{portal}) {
154 $param->{portal} = PVE::Storage::resolv_portal($param->{portal});
155 }
156
157 my $plugin = PVE::Storage::Plugin->lookup($type);
158 my $opts = $plugin->check_config($storeid, $param, 1, 1);
159
160 PVE::Storage::lock_storage_config(
161 sub {
162
163 my $cfg = PVE::Storage::config();
164
165 if (my $scfg = PVE::Storage::storage_config($cfg, $storeid, 1)) {
166 die "storage ID '$storeid' already defined\n";
167 }
168
169 $cfg->{ids}->{$storeid} = $opts;
170
171 if ($type eq 'lvm' && $opts->{base}) {
172
173 my ($baseid, $volname) = PVE::Storage::parse_volume_id($opts->{base});
174
175 my $basecfg = PVE::Storage::storage_config ($cfg, $baseid, 1);
176 die "base storage ID '$baseid' does not exist\n" if !$basecfg;
177
178 # we only support iscsi for now
179 if (!($basecfg->{type} eq 'iscsi')) {
180 die "unsupported base type '$basecfg->{type}'";
181 }
182
183 my $path = PVE::Storage::path($cfg, $opts->{base});
184
185 PVE::Storage::activate_storage($cfg, $baseid);
186
187 PVE::Storage::LVMPlugin::lvm_create_volume_group($path, $opts->{vgname}, $opts->{shared});
188 } elsif ($type eq 'rbd' && !defined($opts->{monhost})) {
189 my $ceph_admin_keyring = '/etc/pve/priv/ceph.client.admin.keyring';
190 my $ceph_storage_keyring = "/etc/pve/priv/ceph/${storeid}.keyring";
191
192 die "ceph authx keyring file for storage '$storeid' already exists!\n"
193 if -e $ceph_storage_keyring;
194
195 eval {
196 mkdir '/etc/pve/priv/ceph';
197 PVE::Tools::file_copy($ceph_admin_keyring, $ceph_storage_keyring);
198 };
199 if (my $err = $@) {
200 unlink $ceph_storage_keyring;
201 die "failed to copy ceph authx keyring for storage '$storeid': $err\n";
202 }
203 }
204 # create a password file in /etc/pve/priv,
205 # this file is used as a cert_file at mount time.
206 my $cred_file = &$set_cifs_credentials($password, $storeid)
207 if defined($password);
208
209 eval {
210 # try to activate if enabled on local node,
211 # we only do this to detect errors/problems sooner
212 if (PVE::Storage::storage_check_enabled($cfg, $storeid, undef, 1)) {
213 PVE::Storage::activate_storage($cfg, $storeid);
214 }
215 };
216 if(my $err = $@) {
217 unlink $cred_file if defined($cred_file);
218 die $err;
219 }
220
221 PVE::Storage::write_config($cfg);
222
223 }, "create storage failed");
224
225 return undef;
226 }});
227
228 __PACKAGE__->register_method ({
229 name => 'update',
230 protected => 1,
231 path => '{storage}',
232 method => 'PUT',
233 description => "Update storage configuration.",
234 permissions => {
235 check => ['perm', '/storage', ['Datastore.Allocate']],
236 },
237 parameters => PVE::Storage::Plugin->updateSchema(),
238 returns => { type => 'null' },
239 code => sub {
240 my ($param) = @_;
241
242 my $storeid = extract_param($param, 'storage');
243 my $digest = extract_param($param, 'digest');
244
245 PVE::Storage::lock_storage_config(
246 sub {
247
248 my $cfg = PVE::Storage::config();
249
250 PVE::SectionConfig::assert_if_modified($cfg, $digest);
251
252 my $scfg = PVE::Storage::storage_config($cfg, $storeid);
253
254 my $plugin = PVE::Storage::Plugin->lookup($scfg->{type});
255 my $opts = $plugin->check_config($storeid, $param, 0, 1);
256
257 foreach my $k (%$opts) {
258 $scfg->{$k} = $opts->{$k};
259 }
260
261 PVE::Storage::write_config($cfg);
262
263 }, "update storage failed");
264
265 return undef;
266 }});
267
268 __PACKAGE__->register_method ({
269 name => 'delete',
270 protected => 1,
271 path => '{storage}', # /storage/config/{storage}
272 method => 'DELETE',
273 description => "Delete storage configuration.",
274 permissions => {
275 check => ['perm', '/storage', ['Datastore.Allocate']],
276 },
277 parameters => {
278 additionalProperties => 0,
279 properties => {
280 storage => get_standard_option('pve-storage-id', {
281 completion => \&PVE::Storage::complete_storage,
282 }),
283 },
284 },
285 returns => { type => 'null' },
286 code => sub {
287 my ($param) = @_;
288
289 my $storeid = extract_param($param, 'storage');
290
291 PVE::Storage::lock_storage_config(
292 sub {
293
294 my $cfg = PVE::Storage::config();
295
296 my $scfg = PVE::Storage::storage_config($cfg, $storeid);
297
298 die "can't remove storage - storage is used as base of another storage\n"
299 if PVE::Storage::storage_is_used($cfg, $storeid);
300
301 if ($scfg->{type} eq 'cifs') {
302 my $cred_file = $cifs_cred_file_name->($storeid);
303 if (-f $cred_file) {
304 unlink($cred_file) or warn "removing cifs credientials '$cred_file' failed: $!\n";
305 }
306 } elsif ($scfg->{type} eq 'rbd' && !defined($scfg->{monhost})) {
307 my $ceph_storage_keyring = "/etc/pve/priv/ceph/${storeid}.keyring";
308 if (-f $ceph_storage_keyring) {
309 unlink($ceph_storage_keyring) or warn "removing keyring of storage failed: $!\n";
310 }
311 }
312
313 delete $cfg->{ids}->{$storeid};
314
315 PVE::Storage::write_config($cfg);
316
317 }, "delete storage failed");
318
319 PVE::AccessControl::remove_storage_access($storeid);
320
321 return undef;
322 }});
323
324 1;
Storage library