proxmox-mirrors/proxmox-backup
1
0
Fork 1
mirror of https://git.proxmox.com/git/proxmox-backup synced 2025-07-05 21:10:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

api: sync: honor sync jobs encrypted/verified only flags

Browse Source 
Extend the sync job config api to adapt the 'encrypted-only' and
'verified-only' flags, allowing to include only encrypted and/or
verified backup snapshots, excluding others from the sync.

Set these flags to the sync jobs push or pull parameters on job
invocation.

Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
Link: https://lore.proxmox.com/pbs-devel/20250404132106.388829-3-c.ebner@proxmox.com
This commit is contained in:
Christian Ebner 2025-04-04 15:21:03 +02:00 committed by Thomas Lamprecht
parent 713fa6ee55
commit ab5b64fadf
6 changed files with 70 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/api2/config/sync.rs
View File

@ -335,6 +335,10 @@ pub enum DeletableProperty {
MaxDepth,
/// Delete the transfer_last property,
TransferLast,
/// Delete the encrypted_only property,
EncryptedOnly,
/// Delete the verified_only property,
VerifiedOnly,
/// Delete the sync_direction property,
SyncDirection,
}
@ -448,6 +452,12 @@ pub fn update_sync_job(
DeletableProperty::TransferLast => {
data.transfer_last = None;
}
DeletableProperty::EncryptedOnly => {
data.encrypted_only = None;
}
DeletableProperty::VerifiedOnly => {
data.verified_only = None;
}
DeletableProperty::SyncDirection => {
data.sync_direction = None;
}
@ -491,6 +501,12 @@ pub fn update_sync_job(
if let Some(resync_corrupt) = update.resync_corrupt {
data.resync_corrupt = Some(resync_corrupt);
}
if let Some(encrypted_only) = update.encrypted_only {
data.encrypted_only = Some(encrypted_only);
}
if let Some(verified_only) = update.verified_only {
data.verified_only = Some(verified_only);
}
if let Some(sync_direction) = update.sync_direction {
data.sync_direction = Some(sync_direction);
}
@ -665,6 +681,8 @@ acl:1:/remote/remote1/remotestore1:write@pbs:RemoteSyncOperator
schedule: None,
limit: pbs_api_types::RateLimitConfig::default(), // no limit
transfer_last: None,
encrypted_only: None,
verified_only: None,
sync_direction: None, // use default
};

17
src/api2/pull.rs
View File

@ -10,7 +10,8 @@ use pbs_api_types::{
Authid, BackupNamespace, GroupFilter, RateLimitConfig, SyncJobConfig, DATASTORE_SCHEMA,
GROUP_FILTER_LIST_SCHEMA, NS_MAX_DEPTH_REDUCED_SCHEMA, PRIV_DATASTORE_BACKUP,
PRIV_DATASTORE_PRUNE, PRIV_REMOTE_READ, REMOTE_ID_SCHEMA, REMOVE_VANISHED_BACKUPS_SCHEMA,
RESYNC_CORRUPT_SCHEMA, TRANSFER_LAST_SCHEMA,
RESYNC_CORRUPT_SCHEMA, SYNC_ENCRYPTED_ONLY_SCHEMA, SYNC_VERIFIED_ONLY_SCHEMA,
TRANSFER_LAST_SCHEMA,
};
use pbs_config::CachedUserInfo;
use proxmox_rest_server::WorkerTask;
@ -87,6 +88,8 @@ impl TryFrom<&SyncJobConfig> for PullParameters {
sync_job.group_filter.clone(),
sync_job.limit.clone(),
sync_job.transfer_last,
sync_job.encrypted_only,
sync_job.verified_only,
sync_job.resync_corrupt,
)
}
@ -133,6 +136,14 @@ impl TryFrom<&SyncJobConfig> for PullParameters {
schema: TRANSFER_LAST_SCHEMA,
optional: true,
},
"encrypted-only": {
schema: SYNC_ENCRYPTED_ONLY_SCHEMA,
optional: true,
},
"verified-only": {
schema: SYNC_VERIFIED_ONLY_SCHEMA,
optional: true,
},
"resync-corrupt": {
schema: RESYNC_CORRUPT_SCHEMA,
optional: true,
@ -161,6 +172,8 @@ async fn pull(
group_filter: Option<Vec<GroupFilter>>,
limit: RateLimitConfig,
transfer_last: Option<usize>,
encrypted_only: Option<bool>,
verified_only: Option<bool>,
resync_corrupt: Option<bool>,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<String, Error> {
@ -199,6 +212,8 @@ async fn pull(
group_filter,
limit,
transfer_last,
encrypted_only,
verified_only,
resync_corrupt,
)?;

15
src/api2/push.rs
View File

@ -5,7 +5,8 @@ use pbs_api_types::{
Authid, BackupNamespace, GroupFilter, RateLimitConfig, DATASTORE_SCHEMA,
GROUP_FILTER_LIST_SCHEMA, NS_MAX_DEPTH_REDUCED_SCHEMA, PRIV_DATASTORE_BACKUP,
PRIV_DATASTORE_READ, PRIV_REMOTE_DATASTORE_BACKUP, PRIV_REMOTE_DATASTORE_PRUNE,
REMOTE_ID_SCHEMA, REMOVE_VANISHED_BACKUPS_SCHEMA, TRANSFER_LAST_SCHEMA,
REMOTE_ID_SCHEMA, REMOVE_VANISHED_BACKUPS_SCHEMA, SYNC_ENCRYPTED_ONLY_SCHEMA,
SYNC_VERIFIED_ONLY_SCHEMA, TRANSFER_LAST_SCHEMA,
};
use proxmox_rest_server::WorkerTask;
use proxmox_router::{Permission, Router, RpcEnvironment};
@ -91,6 +92,14 @@ fn check_push_privs(
schema: GROUP_FILTER_LIST_SCHEMA,
optional: true,
},
"encrypted-only": {
schema: SYNC_ENCRYPTED_ONLY_SCHEMA,
optional: true,
},
"verified-only": {
schema: SYNC_VERIFIED_ONLY_SCHEMA,
optional: true,
},
limit: {
type: RateLimitConfig,
flatten: true,
@ -120,6 +129,8 @@ async fn push(
remove_vanished: Option<bool>,
max_depth: Option<usize>,
group_filter: Option<Vec<GroupFilter>>,
encrypted_only: Option<bool>,
verified_only: Option<bool>,
limit: RateLimitConfig,
transfer_last: Option<usize>,
rpcenv: &mut dyn RpcEnvironment,
@ -149,6 +160,8 @@ async fn push(
remove_vanished,
max_depth,
group_filter,
encrypted_only,
verified_only,
limit,
transfer_last,
)

10
src/server/pull.rs
View File

@ -55,6 +55,10 @@ pub(crate) struct PullParameters {
group_filter: Vec<GroupFilter>,
/// How many snapshots should be transferred at most (taking the newest N snapshots)
transfer_last: Option<usize>,
/// Only sync encrypted backup snapshots
encrypted_only: bool,
/// Only sync verified backup snapshots
verified_only: bool,
/// Whether to re-sync corrupted snapshots
resync_corrupt: bool,
}
@ -74,6 +78,8 @@ impl PullParameters {
group_filter: Option<Vec<GroupFilter>>,
limit: RateLimitConfig,
transfer_last: Option<usize>,
encrypted_only: Option<bool>,
verified_only: Option<bool>,
resync_corrupt: Option<bool>,
) -> Result<Self, Error> {
if let Some(max_depth) = max_depth {
@ -82,6 +88,8 @@ impl PullParameters {
};
let remove_vanished = remove_vanished.unwrap_or(false);
let resync_corrupt = resync_corrupt.unwrap_or(false);
let encrypted_only = encrypted_only.unwrap_or(false);
let verified_only = verified_only.unwrap_or(false);
let source: Arc<dyn SyncSource> = if let Some(remote) = remote {
let (remote_config, _digest) = pbs_config::remote::config()?;
@ -120,6 +128,8 @@ impl PullParameters {
max_depth,
group_filter,
transfer_last,
encrypted_only,
verified_only,
resync_corrupt,
})
}

10
src/server/push.rs
View File

@ -73,6 +73,10 @@ pub(crate) struct PushParameters {
max_depth: Option<usize>,
/// Filters for reducing the push scope
group_filter: Vec<GroupFilter>,
/// Synchronize only encrypted backup snapshots
encrypted_only: bool,
/// Synchronize only verified backup snapshots
verified_only: bool,
/// How many snapshots should be transferred at most (taking the newest N snapshots)
transfer_last: Option<usize>,
}
@ -90,6 +94,8 @@ impl PushParameters {
remove_vanished: Option<bool>,
max_depth: Option<usize>,
group_filter: Option<Vec<GroupFilter>>,
encrypted_only: Option<bool>,
verified_only: Option<bool>,
limit: RateLimitConfig,
transfer_last: Option<usize>,
) -> Result<Self, Error> {
@ -98,6 +104,8 @@ impl PushParameters {
remote_ns.check_max_depth(max_depth)?;
};
let remove_vanished = remove_vanished.unwrap_or(false);
let encrypted_only = encrypted_only.unwrap_or(false);
let verified_only = verified_only.unwrap_or(false);
let store = DataStore::lookup_datastore(store, Some(Operation::Read))?;
if !store.namespace_exists(&ns) {
@ -149,6 +157,8 @@ impl PushParameters {
remove_vanished,
max_depth,
group_filter,
encrypted_only,
verified_only,
transfer_last,
})
}

2
src/server/sync.rs
View File

@ -671,6 +671,8 @@ pub fn do_sync_job(
sync_job.remove_vanished,
sync_job.max_depth,
sync_job.group_filter.clone(),
sync_job.encrypted_only,
sync_job.verified_only,
sync_job.limit.clone(),
sync_job.transfer_last,
)