diff --git a/pbs-config/Cargo.toml b/pbs-config/Cargo.toml index 7f6e303e..8d8db197 100644 --- a/pbs-config/Cargo.toml +++ b/pbs-config/Cargo.toml @@ -27,5 +27,3 @@ proxmox-time.workspace = true pbs-api-types.workspace = true pbs-buildcfg.workspace = true -pbs-key-config.workspace = true -pbs-tools.workspace = true diff --git a/pbs-config/src/lib.rs b/pbs-config/src/lib.rs index b81179e0..009c4d3c 100644 --- a/pbs-config/src/lib.rs +++ b/pbs-config/src/lib.rs @@ -10,7 +10,6 @@ pub mod network; pub mod prune; pub mod remote; pub mod sync; -pub mod tape_encryption_keys; pub mod tape_job; pub mod token_shadow; pub mod traffic_control; diff --git a/src/api2/config/tape_encryption_keys.rs b/src/api2/config/tape_encryption_keys.rs index 4a604c1c..788ed0e7 100644 --- a/src/api2/config/tape_encryption_keys.rs +++ b/src/api2/config/tape_encryption_keys.rs @@ -13,10 +13,11 @@ use pbs_api_types::{ use pbs_config::CachedUserInfo; use pbs_config::open_backup_lockfile; -use pbs_config::tape_encryption_keys::{ +use pbs_key_config::KeyConfig; + +use crate::tape::encryption_keys::{ insert_key, load_key_configs, load_keys, save_key_configs, save_keys, TAPE_KEYS_LOCKFILE, }; -use pbs_key_config::KeyConfig; #[api( input: { diff --git a/src/api2/tape/drive.rs b/src/api2/tape/drive.rs index f8f29d88..16ea5f98 100644 --- a/src/api2/tape/drive.rs +++ b/src/api2/tape/drive.rs @@ -22,7 +22,6 @@ use pbs_api_types::{ use pbs_api_types::{PRIV_TAPE_AUDIT, PRIV_TAPE_READ, PRIV_TAPE_WRITE}; -use pbs_config::tape_encryption_keys::insert_key; use pbs_config::CachedUserInfo; use pbs_tape::{ linux_list_drives::{lookup_device_identification, lto_tape_device_list, open_lto_tape_device}, @@ -40,6 +39,7 @@ use crate::{ open_lto_tape_drive, required_media_changer, set_tape_device_state, LtoTapeHandle, TapeDriver, }, + encryption_keys::insert_key, file_formats::{MediaLabel, MediaSetLabel}, lock_media_pool, lock_media_set, lock_unassigned_media_pool, Inventory, MediaCatalog, MediaId, TAPE_STATUS_DIR, diff --git a/src/bin/proxmox_tape/encryption_key.rs b/src/bin/proxmox_tape/encryption_key.rs index 4cd88e64..bed37171 100644 --- a/src/bin/proxmox_tape/encryption_key.rs +++ b/src/bin/proxmox_tape/encryption_key.rs @@ -10,11 +10,11 @@ use pbs_api_types::{ TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA, }; -use pbs_config::tape_encryption_keys::{complete_key_fingerprint, load_key_configs}; use pbs_datastore::paperkey::{generate_paper_key, PaperkeyFormat}; use pbs_key_config::KeyConfig; use proxmox_backup::api2; +use proxmox_backup::tape::encryption_keys::{complete_key_fingerprint, load_key_configs}; pub fn encryption_key_commands() -> CommandLineInterface { let cmd_def = CliCommandMap::new() diff --git a/src/bin/proxmox_tape/pool.rs b/src/bin/proxmox_tape/pool.rs index b889137d..ea0c15df 100644 --- a/src/bin/proxmox_tape/pool.rs +++ b/src/bin/proxmox_tape/pool.rs @@ -6,9 +6,9 @@ use proxmox_schema::api; use pbs_api_types::MEDIA_POOL_NAME_SCHEMA; use pbs_config::media_pool::complete_pool_name; -use pbs_config::tape_encryption_keys::complete_key_fingerprint; use proxmox_backup::api2; +use proxmox_backup::tape::encryption_keys::complete_key_fingerprint; pub fn pool_commands() -> CommandLineInterface { let cmd_def = CliCommandMap::new() diff --git a/src/tape/drive/lto/mod.rs b/src/tape/drive/lto/mod.rs index e571f4e5..2c3a5a63 100644 --- a/src/tape/drive/lto/mod.rs +++ b/src/tape/drive/lto/mod.rs @@ -294,7 +294,7 @@ impl TapeDriver for LtoTapeHandle { ) -> Result<(), Error> { if nix::unistd::Uid::effective().is_root() { if let Some((ref key_fingerprint, ref uuid)) = key_fingerprint { - let (key_map, _digest) = pbs_config::tape_encryption_keys::load_keys()?; + let (key_map, _digest) = crate::tape::encryption_keys::load_keys()?; match key_map.get(key_fingerprint) { Some(item) => { // derive specialized key for each media-set diff --git a/pbs-config/src/tape_encryption_keys.rs b/src/tape/encryption_keys.rs similarity index 98% rename from pbs-config/src/tape_encryption_keys.rs rename to src/tape/encryption_keys.rs index 010581e4..f9fdccd4 100644 --- a/pbs-config/src/tape_encryption_keys.rs +++ b/src/tape/encryption_keys.rs @@ -15,11 +15,11 @@ use std::collections::HashMap; use anyhow::{bail, Error}; use serde::{Deserialize, Serialize}; -use pbs_api_types::Fingerprint; -use pbs_key_config::KeyConfig; use proxmox_sys::fs::file_read_optional_string; -use crate::{open_backup_lockfile, replace_backup_config, replace_secret_config}; +use pbs_api_types::Fingerprint; +use pbs_config::{open_backup_lockfile, replace_backup_config, replace_secret_config}; +use pbs_key_config::KeyConfig; mod hex_key { use hex::FromHex; diff --git a/src/tape/mod.rs b/src/tape/mod.rs index 0ea0fdc1..7a928884 100644 --- a/src/tape/mod.rs +++ b/src/tape/mod.rs @@ -18,8 +18,8 @@ mod inventory; pub use inventory::*; pub mod changer; - pub mod drive; +pub mod encryption_keys; mod media_pool; pub use media_pool::*; diff --git a/src/tape/pool_writer/mod.rs b/src/tape/pool_writer/mod.rs index ce6e3605..d1add203 100644 --- a/src/tape/pool_writer/mod.rs +++ b/src/tape/pool_writer/mod.rs @@ -15,13 +15,13 @@ use anyhow::{bail, Error}; use proxmox_sys::{task_log, task_warn}; use proxmox_uuid::Uuid; -use pbs_config::tape_encryption_keys::load_key_configs; use pbs_datastore::{DataStore, SnapshotReader}; use pbs_tape::{sg_tape::tape_alert_flags_critical, TapeWrite}; use proxmox_rest_server::WorkerTask; use crate::tape::{ drive::{media_changer, request_and_load_media, TapeDriver}, + encryption_keys::load_key_configs, file_formats::{ tape_write_catalog, tape_write_snapshot_archive, ChunkArchiveWriter, MediaSetLabel, },