From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 15A8C1FF133 for ; Mon, 11 May 2026 17:20:13 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id E90D61E4AF; Mon, 11 May 2026 17:20:12 +0200 (CEST) From: Christian Ebner To: pbs-devel@lists.proxmox.com Subject: [PATCH proxmox-backup 2/3] api: config: allow editing the use-node-config flag for s3 endpoints Date: Mon, 11 May 2026 17:19:23 +0200 Message-ID: <20260511151924.901315-3-c.ebner@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20260511151924.901315-1-c.ebner@proxmox.com> References: <20260511151924.901315-1-c.ebner@proxmox.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1778512663123 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.070 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [datastore.rs,s3.rs,proxmox.com] Message-ID-Hash: FGFVMU2BGEVCAJM5RPWM7HHDW2OP4IV6 X-Message-ID-Hash: FGFVMU2BGEVCAJM5RPWM7HHDW2OP4IV6 X-MailFrom: c.ebner@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox Backup Server development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Since commit fbf8d1b25 ("fix #6716: pass node http proxy config to s3 backend") the node config is used unconditionally also for S3 API connections. This is however not always wanted, therefore add an s3 endpoint config flag to explicitley opt-in to this behaviour. Fixes: https://forum.proxmox.com/threads/183436/ Signed-off-by: Christian Ebner --- pbs-datastore/src/datastore.rs | 14 ++++++++++++-- src/api2/admin/s3.rs | 8 +++++++- src/api2/config/s3.rs | 16 +++++++++++++++- 3 files changed, 34 insertions(+), 4 deletions(-) diff --git a/pbs-datastore/src/datastore.rs b/pbs-datastore/src/datastore.rs index 34efcd398..38d0d421c 100644 --- a/pbs-datastore/src/datastore.rs +++ b/pbs-datastore/src/datastore.rs @@ -494,6 +494,11 @@ impl DataStore { user: pbs_config::backup_user()?, base_path: S3_CLIENT_REQUEST_COUNTER_BASE_PATH.into(), }; + let http_proxy = if config.config.use_node_proxy.unwrap_or(false) { + pbs_config::node::node_http_proxy_config()? + } else { + None + }; let mut options = S3ClientOptions::from_config( config.config, @@ -501,7 +506,7 @@ impl DataStore { Some(bucket), self.name().to_owned(), Some(rate_limiter_options), - pbs_config::node::node_http_proxy_config()?, + http_proxy, Some(request_counter_config), ); if let Some(notify) = self.inner.thresholds_exceeded_callback { @@ -3349,6 +3354,11 @@ impl DataStore { user: pbs_config::backup_user()?, base_path: S3_CLIENT_REQUEST_COUNTER_BASE_PATH.into(), }; + let http_proxy = if client_config.config.use_node_proxy.unwrap_or(false) { + pbs_config::node::node_http_proxy_config()? + } else { + None + }; let options = S3ClientOptions::from_config( client_config.config, @@ -3356,7 +3366,7 @@ impl DataStore { Some(bucket), datastore_config.name.to_owned(), Some(rate_limiter_options), - pbs_config::node::node_http_proxy_config()?, + http_proxy, Some(request_counter_config), ); let s3_client = S3Client::new(options) diff --git a/src/api2/admin/s3.rs b/src/api2/admin/s3.rs index 0cc163eb6..d6cc9fb30 100644 --- a/src/api2/admin/s3.rs +++ b/src/api2/admin/s3.rs @@ -63,6 +63,12 @@ pub async fn check( base_path: S3_CLIENT_REQUEST_COUNTER_BASE_PATH.into(), }; + let http_proxy = if config.config.use_node_proxy.unwrap_or(false) { + pbs_config::node::node_http_proxy_config()? + } else { + None + }; + let store_prefix = store_prefix.unwrap_or_default(); let options = S3ClientOptions::from_config( config.config, @@ -70,7 +76,7 @@ pub async fn check( Some(bucket), store_prefix, None, - pbs_config::node::node_http_proxy_config()?, + http_proxy, Some(request_counter_config), ); diff --git a/src/api2/config/s3.rs b/src/api2/config/s3.rs index 6f5a4cea1..1355b2dff 100644 --- a/src/api2/config/s3.rs +++ b/src/api2/config/s3.rs @@ -149,6 +149,8 @@ pub enum DeletableProperty { BurstOut, /// Delete the provider quirks property. ProviderQuirks, + /// Delete the use-node-proxy property. + UseNodeProxy, } #[api( @@ -233,6 +235,9 @@ pub fn update_s3_client_config( DeletableProperty::ProviderQuirks => { data.config.provider_quirks = None; } + DeletableProperty::UseNodeProxy => { + data.config.use_node_proxy = None; + } } } } @@ -270,6 +275,9 @@ pub fn update_s3_client_config( if let Some(provider_quirks) = update.provider_quirks { data.config.provider_quirks = Some(provider_quirks); } + if let Some(use_node_proxy) = update.use_node_proxy { + data.config.use_node_proxy = Some(use_node_proxy); + } if let Some(secret_key) = secret_key { data.secret_key = secret_key; @@ -349,13 +357,19 @@ pub async fn list_buckets( user: pbs_config::backup_user()?, base_path: S3_CLIENT_REQUEST_COUNTER_BASE_PATH.into(), }; + let http_proxy = if config.config.use_node_proxy.unwrap_or(false) { + pbs_config::node::node_http_proxy_config()? + } else { + None + }; + let options = S3ClientOptions::from_config( config.config, config.secret_key, None, empty_prefix, None, - pbs_config::node::node_http_proxy_config()?, + http_proxy, Some(request_counter_config), ); let client = S3Client::new(options).context("client creation failed")?; -- 2.47.3