From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 951311FF17C for ; Wed, 23 Jul 2025 10:01:35 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 4F6AAA288; Wed, 23 Jul 2025 10:02:54 +0200 (CEST) From: Christian Ebner To: pbs-devel@lists.proxmox.com Date: Wed, 23 Jul 2025 10:02:31 +0200 Message-ID: <20250723080231.189207-3-c.ebner@proxmox.com> X-Mailer: git-send-email 2.47.2 In-Reply-To: <20250723080231.189207-1-c.ebner@proxmox.com> References: <20250723080231.189207-1-c.ebner@proxmox.com> MIME-Version: 1.0 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1753257758299 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.205 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [cloudflarestorage.com] URI_NOVOWEL 0.5 URI hostname has long non-vowel sequence Subject: [pbs-devel] [PATCH proxmox-backup 2/2] docs: s3: add object store provider specific configuration examples X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox Backup Server development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pbs-devel-bounces@lists.proxmox.com Sender: "pbs-devel" To reduce friction, provide several provider specific example configurations as reference. With vhost style vs. path style bucket addressing, templating and all the other provider specific configuration options, it can be rather confusing on how to actually configure an S3 endpoint to be used as PBS datastore backend. So having some concrete examples to lookup or point to can help. Signed-off-by: Christian Ebner --- docs/storage.rst | 70 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/docs/storage.rst b/docs/storage.rst index 2b2db05c6..7a4e703b1 100644 --- a/docs/storage.rst +++ b/docs/storage.rst @@ -314,6 +314,76 @@ same datastore name must be used. on the S3 object store manually and refresh the contents via an ``S3 refresh``, either via the CLI or UI. + +S3 Datastore Backend Configuration Examples +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +The following shows example configurations for some typical S3 object store providers as excerpts +(data relevant to S3 config only) from ``/etc/proxmox-backup/s3.cfg`` and +``/etc/proxmox-backup/datastore.cfg``: + +Self hosted S3 object store with Ceph Rados Gateway using plain IP address, custom port, self-signed +certificate and path-style bucket: + +.. code-block:: console + + # cat /etc/proxmox-backup/s3.cfg + + s3client: ceph-s3-rados-gw + access-key XXXXXXXXXXXXXXXXXXXX + endpoint 172.16.0.200 + fingerprint XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX + path-style true + port 7480 + secret-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + + + # cat /etc/proxmox-backup/datastore.cfg + + datastore: ceph-s3-rgw-store + backend bucket=pbs-ceph-bucket,client=ceph-s3-rados-gw,type=s3 + path /mnt/datastore/ceph-s3-rgw-store-local-cache + +AWS S3 with vhost style bucket addressing, using bucket name and region templating for the endpoint +url: + +.. code-block:: console + + # cat /etc/proxmox-backup/s3.cfg + + s3client: aws-s3 + access-key XXXXXXXXXXXXXXXXXXXX + endpoint {{bucket}}.s3.{{region}}.amazonaws.com + region eu-central-1 + secret-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + + # cat /etc/proxmox-backup/datastore.cfg + + datastore: aws-s3-store + backend bucket=pbs-s3-bucket,client=aws-s3,type=s3 + path /mnt/datastore/aws-s3-store-local-cache + +Cloudflare R2 with path style bucket addressing, note that region must be set to ``auto`` as +otherwise request authentication might fail: + +.. code-block:: console + + # cat /etc/proxmox-backup/s3.cfg + + s3client: cloudflare-r2 + access-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + endpoint XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.r2.cloudflarestorage.com + path-style true + region auto + secret-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + + # cat /etc/proxmox-backup/datastore.cfg + + datastore: r2-s3-store + backend bucket=pbs-r2-bucket,client=cloudflare-r2,type=s3 + path /mnt/datastore/r2-s3-store-local-cache + + Managing Datastores ^^^^^^^^^^^^^^^^^^^ -- 2.47.2 _______________________________________________ pbs-devel mailing list pbs-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel