From: Christian Ebner <c.ebner@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH v4 proxmox-backup 2/5] api: sync: honor sync jobs encrypted/verified only flags
Date: Fri, 4 Apr 2025 15:21:03 +0200 [thread overview]
Message-ID: <20250404132106.388829-3-c.ebner@proxmox.com> (raw)
In-Reply-To: <20250404132106.388829-1-c.ebner@proxmox.com>
Extend the sync job config api to adapt the 'encrypted-only' and
'verified-only' flags, allowing to include only encrypted and/or
verified backup snapshots, excluding others from the sync.
Set these flags to the sync jobs push or pull parameters on job
invocation.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
changes since version 3:
- rebased onto current master
src/api2/config/sync.rs | 18 ++++++++++++++++++
src/api2/pull.rs | 17 ++++++++++++++++-
src/api2/push.rs | 15 ++++++++++++++-
src/server/pull.rs | 10 ++++++++++
src/server/push.rs | 10 ++++++++++
src/server/sync.rs | 2 ++
6 files changed, 70 insertions(+), 2 deletions(-)
diff --git a/src/api2/config/sync.rs b/src/api2/config/sync.rs
index a8ea93465..6194d8653 100644
--- a/src/api2/config/sync.rs
+++ b/src/api2/config/sync.rs
@@ -335,6 +335,10 @@ pub enum DeletableProperty {
MaxDepth,
/// Delete the transfer_last property,
TransferLast,
+ /// Delete the encrypted_only property,
+ EncryptedOnly,
+ /// Delete the verified_only property,
+ VerifiedOnly,
/// Delete the sync_direction property,
SyncDirection,
}
@@ -448,6 +452,12 @@ pub fn update_sync_job(
DeletableProperty::TransferLast => {
data.transfer_last = None;
}
+ DeletableProperty::EncryptedOnly => {
+ data.encrypted_only = None;
+ }
+ DeletableProperty::VerifiedOnly => {
+ data.verified_only = None;
+ }
DeletableProperty::SyncDirection => {
data.sync_direction = None;
}
@@ -491,6 +501,12 @@ pub fn update_sync_job(
if let Some(resync_corrupt) = update.resync_corrupt {
data.resync_corrupt = Some(resync_corrupt);
}
+ if let Some(encrypted_only) = update.encrypted_only {
+ data.encrypted_only = Some(encrypted_only);
+ }
+ if let Some(verified_only) = update.verified_only {
+ data.verified_only = Some(verified_only);
+ }
if let Some(sync_direction) = update.sync_direction {
data.sync_direction = Some(sync_direction);
}
@@ -665,6 +681,8 @@ acl:1:/remote/remote1/remotestore1:write@pbs:RemoteSyncOperator
schedule: None,
limit: pbs_api_types::RateLimitConfig::default(), // no limit
transfer_last: None,
+ encrypted_only: None,
+ verified_only: None,
sync_direction: None, // use default
};
diff --git a/src/api2/pull.rs b/src/api2/pull.rs
index d8ed1a734..4b1fd5e60 100644
--- a/src/api2/pull.rs
+++ b/src/api2/pull.rs
@@ -10,7 +10,8 @@ use pbs_api_types::{
Authid, BackupNamespace, GroupFilter, RateLimitConfig, SyncJobConfig, DATASTORE_SCHEMA,
GROUP_FILTER_LIST_SCHEMA, NS_MAX_DEPTH_REDUCED_SCHEMA, PRIV_DATASTORE_BACKUP,
PRIV_DATASTORE_PRUNE, PRIV_REMOTE_READ, REMOTE_ID_SCHEMA, REMOVE_VANISHED_BACKUPS_SCHEMA,
- RESYNC_CORRUPT_SCHEMA, TRANSFER_LAST_SCHEMA,
+ RESYNC_CORRUPT_SCHEMA, SYNC_ENCRYPTED_ONLY_SCHEMA, SYNC_VERIFIED_ONLY_SCHEMA,
+ TRANSFER_LAST_SCHEMA,
};
use pbs_config::CachedUserInfo;
use proxmox_rest_server::WorkerTask;
@@ -87,6 +88,8 @@ impl TryFrom<&SyncJobConfig> for PullParameters {
sync_job.group_filter.clone(),
sync_job.limit.clone(),
sync_job.transfer_last,
+ sync_job.encrypted_only,
+ sync_job.verified_only,
sync_job.resync_corrupt,
)
}
@@ -133,6 +136,14 @@ impl TryFrom<&SyncJobConfig> for PullParameters {
schema: TRANSFER_LAST_SCHEMA,
optional: true,
},
+ "encrypted-only": {
+ schema: SYNC_ENCRYPTED_ONLY_SCHEMA,
+ optional: true,
+ },
+ "verified-only": {
+ schema: SYNC_VERIFIED_ONLY_SCHEMA,
+ optional: true,
+ },
"resync-corrupt": {
schema: RESYNC_CORRUPT_SCHEMA,
optional: true,
@@ -161,6 +172,8 @@ async fn pull(
group_filter: Option<Vec<GroupFilter>>,
limit: RateLimitConfig,
transfer_last: Option<usize>,
+ encrypted_only: Option<bool>,
+ verified_only: Option<bool>,
resync_corrupt: Option<bool>,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<String, Error> {
@@ -199,6 +212,8 @@ async fn pull(
group_filter,
limit,
transfer_last,
+ encrypted_only,
+ verified_only,
resync_corrupt,
)?;
diff --git a/src/api2/push.rs b/src/api2/push.rs
index bf846bb37..e5edc13e0 100644
--- a/src/api2/push.rs
+++ b/src/api2/push.rs
@@ -5,7 +5,8 @@ use pbs_api_types::{
Authid, BackupNamespace, GroupFilter, RateLimitConfig, DATASTORE_SCHEMA,
GROUP_FILTER_LIST_SCHEMA, NS_MAX_DEPTH_REDUCED_SCHEMA, PRIV_DATASTORE_BACKUP,
PRIV_DATASTORE_READ, PRIV_REMOTE_DATASTORE_BACKUP, PRIV_REMOTE_DATASTORE_PRUNE,
- REMOTE_ID_SCHEMA, REMOVE_VANISHED_BACKUPS_SCHEMA, TRANSFER_LAST_SCHEMA,
+ REMOTE_ID_SCHEMA, REMOVE_VANISHED_BACKUPS_SCHEMA, SYNC_ENCRYPTED_ONLY_SCHEMA,
+ SYNC_VERIFIED_ONLY_SCHEMA, TRANSFER_LAST_SCHEMA,
};
use proxmox_rest_server::WorkerTask;
use proxmox_router::{Permission, Router, RpcEnvironment};
@@ -91,6 +92,14 @@ fn check_push_privs(
schema: GROUP_FILTER_LIST_SCHEMA,
optional: true,
},
+ "encrypted-only": {
+ schema: SYNC_ENCRYPTED_ONLY_SCHEMA,
+ optional: true,
+ },
+ "verified-only": {
+ schema: SYNC_VERIFIED_ONLY_SCHEMA,
+ optional: true,
+ },
limit: {
type: RateLimitConfig,
flatten: true,
@@ -120,6 +129,8 @@ async fn push(
remove_vanished: Option<bool>,
max_depth: Option<usize>,
group_filter: Option<Vec<GroupFilter>>,
+ encrypted_only: Option<bool>,
+ verified_only: Option<bool>,
limit: RateLimitConfig,
transfer_last: Option<usize>,
rpcenv: &mut dyn RpcEnvironment,
@@ -149,6 +160,8 @@ async fn push(
remove_vanished,
max_depth,
group_filter,
+ encrypted_only,
+ verified_only,
limit,
transfer_last,
)
diff --git a/src/server/pull.rs b/src/server/pull.rs
index 2c0ad9e1e..616d45eb9 100644
--- a/src/server/pull.rs
+++ b/src/server/pull.rs
@@ -55,6 +55,10 @@ pub(crate) struct PullParameters {
group_filter: Vec<GroupFilter>,
/// How many snapshots should be transferred at most (taking the newest N snapshots)
transfer_last: Option<usize>,
+ /// Only sync encrypted backup snapshots
+ encrypted_only: bool,
+ /// Only sync verified backup snapshots
+ verified_only: bool,
/// Whether to re-sync corrupted snapshots
resync_corrupt: bool,
}
@@ -74,6 +78,8 @@ impl PullParameters {
group_filter: Option<Vec<GroupFilter>>,
limit: RateLimitConfig,
transfer_last: Option<usize>,
+ encrypted_only: Option<bool>,
+ verified_only: Option<bool>,
resync_corrupt: Option<bool>,
) -> Result<Self, Error> {
if let Some(max_depth) = max_depth {
@@ -82,6 +88,8 @@ impl PullParameters {
};
let remove_vanished = remove_vanished.unwrap_or(false);
let resync_corrupt = resync_corrupt.unwrap_or(false);
+ let encrypted_only = encrypted_only.unwrap_or(false);
+ let verified_only = verified_only.unwrap_or(false);
let source: Arc<dyn SyncSource> = if let Some(remote) = remote {
let (remote_config, _digest) = pbs_config::remote::config()?;
@@ -120,6 +128,8 @@ impl PullParameters {
max_depth,
group_filter,
transfer_last,
+ encrypted_only,
+ verified_only,
resync_corrupt,
})
}
diff --git a/src/server/push.rs b/src/server/push.rs
index 0db3dff30..1fb447b58 100644
--- a/src/server/push.rs
+++ b/src/server/push.rs
@@ -73,6 +73,10 @@ pub(crate) struct PushParameters {
max_depth: Option<usize>,
/// Filters for reducing the push scope
group_filter: Vec<GroupFilter>,
+ /// Synchronize only encrypted backup snapshots
+ encrypted_only: bool,
+ /// Synchronize only verified backup snapshots
+ verified_only: bool,
/// How many snapshots should be transferred at most (taking the newest N snapshots)
transfer_last: Option<usize>,
}
@@ -90,6 +94,8 @@ impl PushParameters {
remove_vanished: Option<bool>,
max_depth: Option<usize>,
group_filter: Option<Vec<GroupFilter>>,
+ encrypted_only: Option<bool>,
+ verified_only: Option<bool>,
limit: RateLimitConfig,
transfer_last: Option<usize>,
) -> Result<Self, Error> {
@@ -98,6 +104,8 @@ impl PushParameters {
remote_ns.check_max_depth(max_depth)?;
};
let remove_vanished = remove_vanished.unwrap_or(false);
+ let encrypted_only = encrypted_only.unwrap_or(false);
+ let verified_only = verified_only.unwrap_or(false);
let store = DataStore::lookup_datastore(store, Some(Operation::Read))?;
if !store.namespace_exists(&ns) {
@@ -149,6 +157,8 @@ impl PushParameters {
remove_vanished,
max_depth,
group_filter,
+ encrypted_only,
+ verified_only,
transfer_last,
})
}
diff --git a/src/server/sync.rs b/src/server/sync.rs
index 10804b147..d424a6b46 100644
--- a/src/server/sync.rs
+++ b/src/server/sync.rs
@@ -671,6 +671,8 @@ pub fn do_sync_job(
sync_job.remove_vanished,
sync_job.max_depth,
sync_job.group_filter.clone(),
+ sync_job.encrypted_only,
+ sync_job.verified_only,
sync_job.limit.clone(),
sync_job.transfer_last,
)
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
next prev parent reply other threads:[~2025-04-04 13:22 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-04 13:21 [pbs-devel] [PATCH v4 proxmox proxmox-backup 0/5] fix #6072: sync encrypted/verified snapshots only Christian Ebner
2025-04-04 13:21 ` [pbs-devel] [PATCH v4 proxmox 1/5] pbs-api-types: sync: add sync encrypted/verified snapshots only flags Christian Ebner
2025-04-04 13:21 ` Christian Ebner [this message]
2025-04-04 13:21 ` [pbs-devel] [PATCH v4 proxmox-backup 3/5] fix #6072: server: sync encrypted or verified snapshots only Christian Ebner
2025-04-04 13:21 ` [pbs-devel] [PATCH v4 proxmox-backup 4/5] bin: manager: expose encrypted/verified only flags for cli Christian Ebner
2025-04-04 13:21 ` [pbs-devel] [PATCH v4 proxmox-backup 5/5] www: expose encrypted/verified only flags in the sync job edit Christian Ebner
2025-04-05 17:12 ` [pbs-devel] applied-series: [PATCH v4 proxmox proxmox-backup 0/5] fix #6072: sync encrypted/verified snapshots only Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250404132106.388829-3-c.ebner@proxmox.com \
--to=c.ebner@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal