[pve-devel] [PATCH docs] fix #5525: storage: pbs: improve master-pubkey docs

[pve-devel] [PATCH docs] fix #5525: storage: pbs: improve master-pubkey docs

[Fabian Grünbichler]

add the information that the parameter is special like other secret ones, and
add the resulting config to the example to make it even more obvious.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
 pve-storage-pbs.adoc | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/pve-storage-pbs.adoc b/pve-storage-pbs.adoc
index 84d598f..3140135 100644
--- a/pve-storage-pbs.adoc
+++ b/pve-storage-pbs.adoc
@@ -64,8 +64,11 @@ Optional.
 master-pubkey::
 
 A public RSA key used to encrypt the backup encryption key as part of the
-backup task. The encrypted copy will be appended to the backup and stored on
-the Proxmox Backup Server instance for recovery purposes.
+backup task. Will be saved in a file under
+`/etc/pve/priv/storage/<STORAGE-ID>.master.pem` with access restricted to the
+root user.
+The encrypted copy of the backup encryption key will be appended to each backup
+and stored on the Proxmox Backup Server instance for recovery purposes.
 Optional, requires `encryption-key`.
 
 .Configuration Example (`/etc/pve/storage.cfg`)
@@ -77,6 +80,8 @@ pbs: backup
         fingerprint 09:54:ef:..snip..:88:af:47:fe:4c:3b:cf:8b:26:88:0b:4e:3c:b2
         prune-backups keep-all=1
         username archiver@pbs
+        encryption-key a9:ee:c8:02:13:..snip..:2d:53:2c:98
+        master-pubkey = 1
 ----
 
 Storage Features
-- 
2.39.2



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

[pve-devel] applied: [PATCH docs] fix #5525: storage: pbs: improve master-pubkey docs

[Fiona Ebner]

Am 11.06.24 um 14:17 schrieb Fabian Grünbichler:
> add the information that the parameter is special like other secret ones, and
> add the resulting config to the example to make it even more obvious.
> 
> Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
> ---
>  pve-storage-pbs.adoc | 9 +++++++--
>  1 file changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/pve-storage-pbs.adoc b/pve-storage-pbs.adoc
> index 84d598f..3140135 100644
> --- a/pve-storage-pbs.adoc
> +++ b/pve-storage-pbs.adoc
> @@ -64,8 +64,11 @@ Optional.
>  master-pubkey::
>  
>  A public RSA key used to encrypt the backup encryption key as part of the
> -backup task. The encrypted copy will be appended to the backup and stored on
> -the Proxmox Backup Server instance for recovery purposes.
> +backup task. Will be saved in a file under
> +`/etc/pve/priv/storage/<STORAGE-ID>.master.pem` with access restricted to the
> +root user.
> +The encrypted copy of the backup encryption key will be appended to each backup
> +and stored on the Proxmox Backup Server instance for recovery purposes.
>  Optional, requires `encryption-key`.
>  
>  .Configuration Example (`/etc/pve/storage.cfg`)
> @@ -77,6 +80,8 @@ pbs: backup
>          fingerprint 09:54:ef:..snip..:88:af:47:fe:4c:3b:cf:8b:26:88:0b:4e:3c:b2
>          prune-backups keep-all=1
>          username archiver@pbs
> +        encryption-key a9:ee:c8:02:13:..snip..:2d:53:2c:98
> +        master-pubkey = 1

applied, thanks! While removing the equals sign that slipped in here ;)

>  ----
>  
>  Storage Features


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel