diff --git a/api-viewer/apidata.js b/api-viewer/apidata.js index 6335023..35e7b6b 100644 --- a/api-viewer/apidata.js +++ b/api-viewer/apidata.js @@ -9688,7 +9688,7 @@ const apiSchema = [ }, "remove-vanished" : { "default" : "none", - "description" : "A semicolon-seperated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).", + "description" : "A semicolon-separated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).", "optional" : 1, "pattern" : "(?:(?:(?:acl|properties|entry);)*(?:acl|properties|entry))|none", "type" : "string", @@ -9785,7 +9785,7 @@ const apiSchema = [ }, "remove-vanished" : { "default" : "none", - "description" : "A semicolon-seperated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).", + "description" : "A semicolon-separated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).", "optional" : 1, "pattern" : "(?:(?:(?:acl|properties|entry);)*(?:acl|properties|entry))|none", "type" : "string", @@ -9894,7 +9894,7 @@ const apiSchema = [ }, "remove-vanished" : { "default" : "none", - "description" : "A semicolon-seperated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).", + "description" : "A semicolon-separated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).", "optional" : "1", "pattern" : "(?:(?:(?:acl|properties|entry);)*(?:acl|properties|entry))|none", "type" : "string", @@ -10031,6 +10031,304 @@ const apiSchema = [ }, { "children" : [ + { + "children" : [ + { + "info" : { + "DELETE" : { + "allowtoken" : 1, + "description" : "Remove directory mapping.", + "method" : "DELETE", + "name" : "delete", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "id" : { + "format" : "pve-configid", + "type" : "string", + "typetext" : "" + } + } + }, + "permissions" : { + "check" : [ + "perm", + "/mapping/dir", + [ + "Mapping.Modify" + ] + ] + }, + "protected" : 1, + "returns" : { + "type" : "null" + } + }, + "GET" : { + "allowtoken" : 1, + "description" : "Get directory mapping.", + "method" : "GET", + "name" : "get", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "id" : { + "format" : "pve-configid", + "type" : "string", + "typetext" : "" + } + } + }, + "permissions" : { + "check" : [ + "or", + [ + "perm", + "/mapping/dir/{id}", + [ + "Mapping.Use" + ] + ], + [ + "perm", + "/mapping/dir/{id}", + [ + "Mapping.Modify" + ] + ], + [ + "perm", + "/mapping/dir/{id}", + [ + "Mapping.Audit" + ] + ] + ] + }, + "protected" : 1, + "returns" : { + "type" : "object" + } + }, + "PUT" : { + "allowtoken" : 1, + "description" : "Update a directory mapping.", + "method" : "PUT", + "name" : "update", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "delete" : { + "description" : "A list of settings you want to delete.", + "format" : "pve-configid-list", + "maxLength" : 4096, + "optional" : 1, + "type" : "string", + "typetext" : "" + }, + "description" : { + "description" : "Description of the directory mapping", + "maxLength" : 4096, + "optional" : 1, + "type" : "string", + "typetext" : "" + }, + "digest" : { + "description" : "Prevent changes if current configuration file has a different digest. This can be used to prevent concurrent modifications.", + "maxLength" : 64, + "optional" : 1, + "type" : "string", + "typetext" : "" + }, + "id" : { + "description" : "The ID of the directory mapping", + "format" : "pve-configid", + "type" : "string", + "typetext" : "" + }, + "map" : { + "description" : "A list of maps for the cluster nodes.", + "items" : { + "format" : { + "node" : { + "description" : "The cluster node name.", + "format" : "pve-node", + "type" : "string" + }, + "path" : { + "description" : "Absolute directory path that should be shared with the guest.", + "format" : "pve-storage-path-in-property-string", + "type" : "string" + } + }, + "type" : "string" + }, + "optional" : 1, + "type" : "array", + "typetext" : "" + } + }, + "type" : "object" + }, + "permissions" : { + "check" : [ + "perm", + "/mapping/dir/{id}", + [ + "Mapping.Modify" + ] + ] + }, + "protected" : 1, + "returns" : { + "type" : "null" + } + } + }, + "leaf" : 1, + "path" : "/cluster/mapping/dir/{id}", + "text" : "{id}" + } + ], + "info" : { + "GET" : { + "allowtoken" : 1, + "description" : "List directory mapping", + "method" : "GET", + "name" : "index", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "check-node" : { + "description" : "If given, checks the configurations on the given node for correctness, and adds relevant diagnostics for the directory to the response.", + "format" : "pve-node", + "optional" : 1, + "type" : "string", + "typetext" : "" + } + } + }, + "permissions" : { + "description" : "Only lists entries where you have 'Mapping.Modify', 'Mapping.Use' or 'Mapping.Audit' permissions on '/mapping/dir/'.", + "user" : "all" + }, + "returns" : { + "items" : { + "properties" : { + "checks" : { + "description" : "A list of checks, only present if 'check-node' is set.", + "items" : { + "properties" : { + "message" : { + "description" : "The message of the error", + "type" : "string" + }, + "severity" : { + "description" : "The severity of the error", + "enum" : [ + "warning", + "error" + ], + "type" : "string" + } + }, + "type" : "object" + }, + "optional" : 1, + "type" : "array" + }, + "description" : { + "description" : "A description of the logical mapping.", + "type" : "string" + }, + "id" : { + "description" : "The logical ID of the mapping.", + "type" : "string" + }, + "map" : { + "description" : "The entries of the mapping.", + "items" : { + "description" : "A mapping for a node.", + "type" : "string" + }, + "type" : "array" + } + }, + "type" : "object" + }, + "links" : [ + { + "href" : "{id}", + "rel" : "child" + } + ], + "type" : "array" + } + }, + "POST" : { + "allowtoken" : 1, + "description" : "Create a new directory mapping.", + "method" : "POST", + "name" : "create", + "parameters" : { + "additionalProperties" : 0, + "properties" : { + "description" : { + "description" : "Description of the directory mapping", + "maxLength" : 4096, + "optional" : 1, + "type" : "string", + "typetext" : "" + }, + "id" : { + "description" : "The ID of the directory mapping", + "format" : "pve-configid", + "type" : "string", + "typetext" : "" + }, + "map" : { + "description" : "A list of maps for the cluster nodes.", + "items" : { + "format" : { + "node" : { + "description" : "The cluster node name.", + "format" : "pve-node", + "type" : "string" + }, + "path" : { + "description" : "Absolute directory path that should be shared with the guest.", + "format" : "pve-storage-path-in-property-string", + "type" : "string" + } + }, + "type" : "string" + }, + "optional" : 0, + "type" : "array", + "typetext" : "" + } + }, + "type" : "object" + }, + "permissions" : { + "check" : [ + "perm", + "/mapping/dir", + [ + "Mapping.Modify" + ] + ] + }, + "protected" : 1, + "returns" : { + "type" : "null" + } + } + }, + "leaf" : 0, + "path" : "/cluster/mapping/dir", + "text" : "dir" + }, { "children" : [ { @@ -14052,6 +14350,13 @@ const apiSchema = [ "type" : "string", "typetext" : "[clone=] [,default=] [,migration=] [,move=] [,restore=]" }, + "consent-text" : { + "description" : "Consent text that is displayed before logging in.", + "maxLength" : 65536, + "optional" : 1, + "type" : "string", + "typetext" : "" + }, "console" : { "description" : "Select the default Console viewer. You can either use the builtin java applet (VNC; deprecated and maps to html5), an external virt-viewer comtatible application (SPICE), an HTML5 based vnc viewer (noVNC), or an HTML5 based console client (xtermjs). If the selected viewer is not available (e.g. SPICE not activated for the VM), the fallback is noVNC.", "enum" : [ @@ -18373,7 +18678,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -18543,7 +18847,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -18857,6 +19160,16 @@ const apiSchema = [ "machine" : { "description" : "Specify the QEMU machine.", "format" : { + "enable-s3" : { + "description" : "Enables S3 power state. Defaults to false beginning with machine types 9.2+pve1, true before.", + "optional" : 1, + "type" : "boolean" + }, + "enable-s4" : { + "description" : "Enables S4 power state. Defaults to false beginning with machine types 9.2+pve1, true before.", + "optional" : 1, + "type" : "boolean" + }, "type" : { "default_key" : 1, "description" : "Specifies the QEMU machine type.", @@ -19151,30 +19464,7 @@ const apiSchema = [ }, "rng0" : { "description" : "Configure a VirtIO-based Random Number Generator.", - "format" : { - "max_bytes" : { - "default" : 1024, - "description" : "Maximum bytes of entropy allowed to get injected into the guest every 'period' milliseconds. Prefer a lower value when using '/dev/random' as source. Use `0` to disable limiting (potentially dangerous!).", - "optional" : 1, - "type" : "integer" - }, - "period" : { - "default" : 1000, - "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.", - "optional" : 1, - "type" : "integer" - }, - "source" : { - "default_key" : 1, - "description" : "The file on the host to gather entropy from. In most cases '/dev/urandom' should be preferred over '/dev/random' to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. '/dev/hwrng' can be used to pass through a hardware RNG from the host.", - "enum" : [ - "/dev/urandom", - "/dev/random", - "/dev/hwrng" - ], - "type" : "string" - } - }, + "format" : "pve-qm-rng", "optional" : 1, "type" : "string" }, @@ -19283,7 +19573,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -19600,7 +19889,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -20210,7 +20498,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -20420,6 +20707,56 @@ const apiSchema = [ "optional" : 1, "type" : "string" }, + "virtiofs[n]" : { + "description" : "Configuration for sharing a directory between host and guest using Virtio-fs.", + "format" : { + "cache" : { + "default" : "auto", + "description" : "The caching policy the file system should use (auto, always, metadata, never).", + "enum" : [ + "auto", + "always", + "metadata", + "never" + ], + "optional" : 1, + "type" : "string" + }, + "direct-io" : { + "default" : 0, + "description" : "Honor the O_DIRECT flag passed down by guest applications.", + "optional" : 1, + "type" : "boolean" + }, + "dirid" : { + "default_key" : 1, + "description" : "Mapping identifier of the directory mapping to be shared with the guest. Also used as a mount tag inside the VM.", + "format" : "pve-configid", + "format_description" : "mapping-id", + "type" : "string" + }, + "expose-acl" : { + "default" : 0, + "description" : "Enable support for POSIX ACLs (enabled ACL implies xattr) for this mount.", + "optional" : 1, + "type" : "boolean" + }, + "expose-xattr" : { + "default" : 0, + "description" : "Enable support for extended attributes for this mount.", + "optional" : 1, + "type" : "boolean" + }, + "writeback" : { + "default" : 0, + "description" : "Enable writeback cache. If enabled, writes may be cached in the guest until the file is closed or an fsync is performed.", + "optional" : 1, + "type" : "boolean" + } + }, + "optional" : 1, + "type" : "string" + }, "vmgenid" : { "default" : "1 (autogenerated)", "description" : "Set VM Generation ID. Use '1' to autogenerate on create or update, pass '0' to disable explicitly.", @@ -20510,7 +20847,7 @@ const apiSchema = [ "format" : "pve-qemu-sev-fmt", "optional" : 1, "type" : "string", - "typetext" : "[type=] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]" + "typetext" : "[type=] [,allow-smt=<1|0>] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]" }, "arch" : { "description" : "Virtual processor architecture. Defaults to the host.", @@ -20724,7 +21061,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -20913,7 +21249,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -21248,6 +21583,16 @@ const apiSchema = [ "machine" : { "description" : "Specify the QEMU machine.", "format" : { + "enable-s3" : { + "description" : "Enables S3 power state. Defaults to false beginning with machine types 9.2+pve1, true before.", + "optional" : 1, + "type" : "boolean" + }, + "enable-s4" : { + "description" : "Enables S4 power state. Defaults to false beginning with machine types 9.2+pve1, true before.", + "optional" : 1, + "type" : "boolean" + }, "type" : { "default_key" : 1, "description" : "Specifies the QEMU machine type.", @@ -21269,7 +21614,7 @@ const apiSchema = [ }, "optional" : 1, "type" : "string", - "typetext" : "[[type=]] [,viommu=]" + "typetext" : "[[type=]] [,enable-s3=<1|0>] [,enable-s4=<1|0>] [,viommu=]" }, "memory" : { "description" : "Memory properties.", @@ -21567,30 +21912,7 @@ const apiSchema = [ }, "rng0" : { "description" : "Configure a VirtIO-based Random Number Generator.", - "format" : { - "max_bytes" : { - "default" : 1024, - "description" : "Maximum bytes of entropy allowed to get injected into the guest every 'period' milliseconds. Prefer a lower value when using '/dev/random' as source. Use `0` to disable limiting (potentially dangerous!).", - "optional" : 1, - "type" : "integer" - }, - "period" : { - "default" : 1000, - "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.", - "optional" : 1, - "type" : "integer" - }, - "source" : { - "default_key" : 1, - "description" : "The file on the host to gather entropy from. In most cases '/dev/urandom' should be preferred over '/dev/random' to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. '/dev/hwrng' can be used to pass through a hardware RNG from the host.", - "enum" : [ - "/dev/urandom", - "/dev/random", - "/dev/hwrng" - ], - "type" : "string" - } - }, + "format" : "pve-qm-rng", "optional" : 1, "type" : "string", "typetext" : "[source=] [,max_bytes=] [,period=]" @@ -21700,7 +22022,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -22025,7 +22346,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -22672,7 +22992,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -22890,6 +23209,57 @@ const apiSchema = [ "type" : "string", "typetext" : "[file=] [,aio=] [,backup=<1|0>] [,bps=] [,bps_max_length=] [,bps_rd=] [,bps_rd_max_length=] [,bps_wr=] [,bps_wr_max_length=] [,cache=] [,cyls=] [,detect_zeroes=<1|0>] [,discard=] [,format=] [,heads=] [,import-from=] [,iops=] [,iops_max=] [,iops_max_length=] [,iops_rd=] [,iops_rd_max=] [,iops_rd_max_length=] [,iops_wr=] [,iops_wr_max=] [,iops_wr_max_length=] [,iothread=<1|0>] [,mbps=] [,mbps_max=] [,mbps_rd=] [,mbps_rd_max=] [,mbps_wr=] [,mbps_wr_max=] [,media=] [,replicate=<1|0>] [,rerror=] [,ro=<1|0>] [,secs=] [,serial=] [,shared=<1|0>] [,size=] [,snapshot=<1|0>] [,trans=] [,werror=]" }, + "virtiofs[n]" : { + "description" : "Configuration for sharing a directory between host and guest using Virtio-fs.", + "format" : { + "cache" : { + "default" : "auto", + "description" : "The caching policy the file system should use (auto, always, metadata, never).", + "enum" : [ + "auto", + "always", + "metadata", + "never" + ], + "optional" : 1, + "type" : "string" + }, + "direct-io" : { + "default" : 0, + "description" : "Honor the O_DIRECT flag passed down by guest applications.", + "optional" : 1, + "type" : "boolean" + }, + "dirid" : { + "default_key" : 1, + "description" : "Mapping identifier of the directory mapping to be shared with the guest. Also used as a mount tag inside the VM.", + "format" : "pve-configid", + "format_description" : "mapping-id", + "type" : "string" + }, + "expose-acl" : { + "default" : 0, + "description" : "Enable support for POSIX ACLs (enabled ACL implies xattr) for this mount.", + "optional" : 1, + "type" : "boolean" + }, + "expose-xattr" : { + "default" : 0, + "description" : "Enable support for extended attributes for this mount.", + "optional" : 1, + "type" : "boolean" + }, + "writeback" : { + "default" : 0, + "description" : "Enable writeback cache. If enabled, writes may be cached in the guest until the file is closed or an fsync is performed.", + "optional" : 1, + "type" : "boolean" + } + }, + "optional" : 1, + "type" : "string", + "typetext" : "[dirid=] [,cache=] [,direct-io=<1|0>] [,expose-acl=<1|0>] [,expose-xattr=<1|0>] [,writeback=<1|0>]" + }, "vmgenid" : { "default" : "1 (autogenerated)", "description" : "Set VM Generation ID. Use '1' to autogenerate on create or update, pass '0' to disable explicitly.", @@ -23013,7 +23383,7 @@ const apiSchema = [ "format" : "pve-qemu-sev-fmt", "optional" : 1, "type" : "string", - "typetext" : "[type=] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]" + "typetext" : "[type=] [,allow-smt=<1|0>] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]" }, "arch" : { "description" : "Virtual processor architecture. Defaults to the host.", @@ -23219,7 +23589,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -23408,7 +23777,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -23735,6 +24103,16 @@ const apiSchema = [ "machine" : { "description" : "Specify the QEMU machine.", "format" : { + "enable-s3" : { + "description" : "Enables S3 power state. Defaults to false beginning with machine types 9.2+pve1, true before.", + "optional" : 1, + "type" : "boolean" + }, + "enable-s4" : { + "description" : "Enables S4 power state. Defaults to false beginning with machine types 9.2+pve1, true before.", + "optional" : 1, + "type" : "boolean" + }, "type" : { "default_key" : 1, "description" : "Specifies the QEMU machine type.", @@ -23756,7 +24134,7 @@ const apiSchema = [ }, "optional" : 1, "type" : "string", - "typetext" : "[[type=]] [,viommu=]" + "typetext" : "[[type=]] [,enable-s3=<1|0>] [,enable-s4=<1|0>] [,viommu=]" }, "memory" : { "description" : "Memory properties.", @@ -24054,30 +24432,7 @@ const apiSchema = [ }, "rng0" : { "description" : "Configure a VirtIO-based Random Number Generator.", - "format" : { - "max_bytes" : { - "default" : 1024, - "description" : "Maximum bytes of entropy allowed to get injected into the guest every 'period' milliseconds. Prefer a lower value when using '/dev/random' as source. Use `0` to disable limiting (potentially dangerous!).", - "optional" : 1, - "type" : "integer" - }, - "period" : { - "default" : 1000, - "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.", - "optional" : 1, - "type" : "integer" - }, - "source" : { - "default_key" : 1, - "description" : "The file on the host to gather entropy from. In most cases '/dev/urandom' should be preferred over '/dev/random' to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. '/dev/hwrng' can be used to pass through a hardware RNG from the host.", - "enum" : [ - "/dev/urandom", - "/dev/random", - "/dev/hwrng" - ], - "type" : "string" - } - }, + "format" : "pve-qm-rng", "optional" : 1, "type" : "string", "typetext" : "[source=] [,max_bytes=] [,period=]" @@ -24187,7 +24542,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -24512,7 +24866,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -25159,7 +25512,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -25377,6 +25729,57 @@ const apiSchema = [ "type" : "string", "typetext" : "[file=] [,aio=] [,backup=<1|0>] [,bps=] [,bps_max_length=] [,bps_rd=] [,bps_rd_max_length=] [,bps_wr=] [,bps_wr_max_length=] [,cache=] [,cyls=] [,detect_zeroes=<1|0>] [,discard=] [,format=] [,heads=] [,import-from=] [,iops=] [,iops_max=] [,iops_max_length=] [,iops_rd=] [,iops_rd_max=] [,iops_rd_max_length=] [,iops_wr=] [,iops_wr_max=] [,iops_wr_max_length=] [,iothread=<1|0>] [,mbps=] [,mbps_max=] [,mbps_rd=] [,mbps_rd_max=] [,mbps_wr=] [,mbps_wr_max=] [,media=] [,replicate=<1|0>] [,rerror=] [,ro=<1|0>] [,secs=] [,serial=] [,shared=<1|0>] [,size=] [,snapshot=<1|0>] [,trans=] [,werror=]" }, + "virtiofs[n]" : { + "description" : "Configuration for sharing a directory between host and guest using Virtio-fs.", + "format" : { + "cache" : { + "default" : "auto", + "description" : "The caching policy the file system should use (auto, always, metadata, never).", + "enum" : [ + "auto", + "always", + "metadata", + "never" + ], + "optional" : 1, + "type" : "string" + }, + "direct-io" : { + "default" : 0, + "description" : "Honor the O_DIRECT flag passed down by guest applications.", + "optional" : 1, + "type" : "boolean" + }, + "dirid" : { + "default_key" : 1, + "description" : "Mapping identifier of the directory mapping to be shared with the guest. Also used as a mount tag inside the VM.", + "format" : "pve-configid", + "format_description" : "mapping-id", + "type" : "string" + }, + "expose-acl" : { + "default" : 0, + "description" : "Enable support for POSIX ACLs (enabled ACL implies xattr) for this mount.", + "optional" : 1, + "type" : "boolean" + }, + "expose-xattr" : { + "default" : 0, + "description" : "Enable support for extended attributes for this mount.", + "optional" : 1, + "type" : "boolean" + }, + "writeback" : { + "default" : 0, + "description" : "Enable writeback cache. If enabled, writes may be cached in the guest until the file is closed or an fsync is performed.", + "optional" : 1, + "type" : "boolean" + } + }, + "optional" : 1, + "type" : "string", + "typetext" : "[dirid=] [,cache=] [,direct-io=<1|0>] [,expose-acl=<1|0>] [,expose-xattr=<1|0>] [,writeback=<1|0>]" + }, "vmgenid" : { "default" : "1 (autogenerated)", "description" : "Set VM Generation ID. Use '1' to autogenerate on create or update, pass '0' to disable explicitly.", @@ -26160,6 +26563,11 @@ const apiSchema = [ "optional" : 1, "type" : "string" }, + "serial" : { + "description" : "Guest has serial device configured.", + "optional" : 1, + "type" : "boolean" + }, "spice" : { "description" : "QEMU VGA configuration supports spice.", "optional" : 1, @@ -26225,6 +26633,16 @@ const apiSchema = [ "machine" : { "description" : "Specify the QEMU machine.", "format" : { + "enable-s3" : { + "description" : "Enables S3 power state. Defaults to false beginning with machine types 9.2+pve1, true before.", + "optional" : 1, + "type" : "boolean" + }, + "enable-s4" : { + "description" : "Enables S4 power state. Defaults to false beginning with machine types 9.2+pve1, true before.", + "optional" : 1, + "type" : "boolean" + }, "type" : { "default_key" : 1, "description" : "Specifies the QEMU machine type.", @@ -26246,7 +26664,7 @@ const apiSchema = [ }, "optional" : 1, "type" : "string", - "typetext" : "[[type=]] [,viommu=]" + "typetext" : "[[type=]] [,enable-s3=<1|0>] [,enable-s4=<1|0>] [,viommu=]" }, "migratedfrom" : { "description" : "The cluster node name.", @@ -29200,6 +29618,11 @@ const apiSchema = [ "optional" : 1, "type" : "string" }, + "serial" : { + "description" : "Guest has serial device configured.", + "optional" : 1, + "type" : "boolean" + }, "status" : { "description" : "QEMU process status.", "enum" : [ @@ -29307,7 +29730,7 @@ const apiSchema = [ "format" : "pve-qemu-sev-fmt", "optional" : 1, "type" : "string", - "typetext" : "[type=] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]" + "typetext" : "[type=] [,allow-smt=<1|0>] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]" }, "arch" : { "description" : "Virtual processor architecture. Defaults to the host.", @@ -29514,7 +29937,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -29703,7 +30125,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -30044,6 +30465,16 @@ const apiSchema = [ "machine" : { "description" : "Specify the QEMU machine.", "format" : { + "enable-s3" : { + "description" : "Enables S3 power state. Defaults to false beginning with machine types 9.2+pve1, true before.", + "optional" : 1, + "type" : "boolean" + }, + "enable-s4" : { + "description" : "Enables S4 power state. Defaults to false beginning with machine types 9.2+pve1, true before.", + "optional" : 1, + "type" : "boolean" + }, "type" : { "default_key" : 1, "description" : "Specifies the QEMU machine type.", @@ -30065,7 +30496,7 @@ const apiSchema = [ }, "optional" : 1, "type" : "string", - "typetext" : "[[type=]] [,viommu=]" + "typetext" : "[[type=]] [,enable-s3=<1|0>] [,enable-s4=<1|0>] [,viommu=]" }, "memory" : { "description" : "Memory properties.", @@ -30363,30 +30794,7 @@ const apiSchema = [ }, "rng0" : { "description" : "Configure a VirtIO-based Random Number Generator.", - "format" : { - "max_bytes" : { - "default" : 1024, - "description" : "Maximum bytes of entropy allowed to get injected into the guest every 'period' milliseconds. Prefer a lower value when using '/dev/random' as source. Use `0` to disable limiting (potentially dangerous!).", - "optional" : 1, - "type" : "integer" - }, - "period" : { - "default" : 1000, - "description" : "Every 'period' milliseconds the entropy-injection quota is reset, allowing the guest to retrieve another 'max_bytes' of entropy.", - "optional" : 1, - "type" : "integer" - }, - "source" : { - "default_key" : 1, - "description" : "The file on the host to gather entropy from. In most cases '/dev/urandom' should be preferred over '/dev/random' to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. '/dev/hwrng' can be used to pass through a hardware RNG from the host.", - "enum" : [ - "/dev/urandom", - "/dev/random", - "/dev/hwrng" - ], - "type" : "string" - } - }, + "format" : "pve-qm-rng", "optional" : 1, "type" : "string", "typetext" : "[source=] [,max_bytes=] [,period=]" @@ -30496,7 +30904,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -30821,7 +31228,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -31484,7 +31890,6 @@ const apiSchema = [ "description" : "The drive's backing file's data format.", "enum" : [ "raw", - "cow", "qcow", "qed", "qcow2", @@ -31702,6 +32107,57 @@ const apiSchema = [ "type" : "string", "typetext" : "[file=] [,aio=] [,backup=<1|0>] [,bps=] [,bps_max_length=] [,bps_rd=] [,bps_rd_max_length=] [,bps_wr=] [,bps_wr_max_length=] [,cache=] [,cyls=] [,detect_zeroes=<1|0>] [,discard=] [,format=] [,heads=] [,import-from=] [,iops=] [,iops_max=] [,iops_max_length=] [,iops_rd=] [,iops_rd_max=] [,iops_rd_max_length=] [,iops_wr=] [,iops_wr_max=] [,iops_wr_max_length=] [,iothread=<1|0>] [,mbps=] [,mbps_max=] [,mbps_rd=] [,mbps_rd_max=] [,mbps_wr=] [,mbps_wr_max=] [,media=] [,replicate=<1|0>] [,rerror=] [,ro=<1|0>] [,secs=] [,serial=] [,shared=<1|0>] [,size=] [,snapshot=<1|0>] [,trans=] [,werror=]" }, + "virtiofs[n]" : { + "description" : "Configuration for sharing a directory between host and guest using Virtio-fs.", + "format" : { + "cache" : { + "default" : "auto", + "description" : "The caching policy the file system should use (auto, always, metadata, never).", + "enum" : [ + "auto", + "always", + "metadata", + "never" + ], + "optional" : 1, + "type" : "string" + }, + "direct-io" : { + "default" : 0, + "description" : "Honor the O_DIRECT flag passed down by guest applications.", + "optional" : 1, + "type" : "boolean" + }, + "dirid" : { + "default_key" : 1, + "description" : "Mapping identifier of the directory mapping to be shared with the guest. Also used as a mount tag inside the VM.", + "format" : "pve-configid", + "format_description" : "mapping-id", + "type" : "string" + }, + "expose-acl" : { + "default" : 0, + "description" : "Enable support for POSIX ACLs (enabled ACL implies xattr) for this mount.", + "optional" : 1, + "type" : "boolean" + }, + "expose-xattr" : { + "default" : 0, + "description" : "Enable support for extended attributes for this mount.", + "optional" : 1, + "type" : "boolean" + }, + "writeback" : { + "default" : 0, + "description" : "Enable writeback cache. If enabled, writes may be cached in the guest until the file is closed or an fsync is performed.", + "optional" : 1, + "type" : "boolean" + } + }, + "optional" : 1, + "type" : "string", + "typetext" : "[dirid=] [,cache=] [,direct-io=<1|0>] [,expose-acl=<1|0>] [,expose-xattr=<1|0>] [,writeback=<1|0>]" + }, "vmgenid" : { "default" : "1 (autogenerated)", "description" : "Set VM Generation ID. Use '1' to autogenerate on create or update, pass '0' to disable explicitly.", @@ -38227,6 +38683,11 @@ const apiSchema = [ "returns" : { "items" : { "properties" : { + "hardware-address" : { + "description" : "The MAC address of the interface", + "optional" : 0, + "type" : "string" + }, "hwaddr" : { "description" : "The MAC address of the interface", "optional" : 0, @@ -38242,6 +38703,31 @@ const apiSchema = [ "optional" : 1, "type" : "string" }, + "ip-addresses" : { + "description" : "The addresses of the interface", + "items" : { + "properties" : { + "ip-address" : { + "description" : "IP-Address", + "optional" : 1, + "type" : "string" + }, + "ip-address-type" : { + "description" : "IP-Family", + "optional" : 1, + "type" : "string" + }, + "prefix" : { + "description" : "IP-Prefix", + "optional" : 1, + "type" : "integer" + } + }, + "type" : "object" + }, + "optional" : 0, + "type" : "array" + }, "name" : { "description" : "The name of the interface", "optional" : 0, @@ -40594,8 +41080,8 @@ const apiSchema = [ "default" : "cephfs", "description" : "The ceph filesystem name.", "optional" : 1, - "type" : "string", - "typetext" : "" + "pattern" : "(?^:^[^:/\\s]+$)", + "type" : "string" }, "node" : { "description" : "The cluster node name.", @@ -40799,6 +41285,7 @@ const apiSchema = [ }, "name" : { "description" : "The name of the pool. It must be unique.", + "pattern" : "(?^:^[^:/\\s]+$)", "title" : "Name", "type" : "string" }, @@ -41041,9 +41528,9 @@ const apiSchema = [ }, "name" : { "description" : "The name of the pool. It must be unique.", + "pattern" : "(?^:^[^:/\\s]+$)", "title" : "Name", - "type" : "string", - "typetext" : "" + "type" : "string" }, "node" : { "description" : "The cluster node name.", @@ -41334,9 +41821,9 @@ const apiSchema = [ }, "name" : { "description" : "The name of the pool. It must be unique.", + "pattern" : "(?^:^[^:/\\s]+$)", "title" : "Name", - "type" : "string", - "typetext" : "" + "type" : "string" }, "node" : { "description" : "The cluster node name.", @@ -45665,6 +46152,11 @@ const apiSchema = [ "items" : { "additionalProperties" : 1, "properties" : { + "changes" : { + "description" : "Notable changes of a version, currently only set for +pveX versions.", + "optional" : 1, + "type" : "string" + }, "id" : { "description" : "Full name of machine type and version.", "type" : "string" @@ -46312,10 +46804,12 @@ const apiSchema = [ "typetext" : "" }, "format" : { + "description" : "Format of the image.", "enum" : [ "raw", "qcow2", - "subvol" + "subvol", + "vmdk" ], "optional" : 1, "requires" : "size", @@ -50833,6 +51327,7 @@ const apiSchema = [ "acmedomain3", "acmedomain4", "acmedomain5", + "ballooning-target", "description", "startall-onboot-delay", "wakeonlan" @@ -50905,6 +51400,14 @@ const apiSchema = [ "optional" : 1, "type" : "string" }, + "ballooning-target" : { + "default" : 80, + "description" : "RAM usage target for ballooning (in percent of total memory)", + "maximum" : 100, + "minimum" : 0, + "optional" : 1, + "type" : "integer" + }, "description" : { "description" : "Description for the Node. Shown in the web-interface node notes panel. This is saved as comment inside the configuration file.", "maxLength" : 65536, @@ -51020,6 +51523,15 @@ const apiSchema = [ "type" : "string", "typetext" : "[domain=] [,alias=] [,plugin=]" }, + "ballooning-target" : { + "default" : 80, + "description" : "RAM usage target for ballooning (in percent of total memory)", + "maximum" : 100, + "minimum" : 0, + "optional" : 1, + "type" : "integer", + "typetext" : " (0 - 100)" + }, "delete" : { "description" : "A list of settings you want to delete.", "format" : "pve-configid-list", @@ -52002,9 +52514,9 @@ const apiSchema = [ "default" : "login", "description" : "Run specific command or default to login (requires 'root@pam')", "enum" : [ - "login", + "upgrade", "ceph_install", - "upgrade" + "login" ], "optional" : 1, "type" : "string" @@ -52097,9 +52609,9 @@ const apiSchema = [ "default" : "login", "description" : "Run specific command or default to login (requires 'root@pam')", "enum" : [ - "login", + "upgrade", "ceph_install", - "upgrade" + "login" ], "optional" : 1, "type" : "string" @@ -52222,9 +52734,9 @@ const apiSchema = [ "default" : "login", "description" : "Run specific command or default to login (requires 'root@pam')", "enum" : [ - "login", + "upgrade", "ceph_install", - "upgrade" + "login" ], "optional" : 1, "type" : "string" @@ -53322,10 +53834,14 @@ const apiSchema = [ }, "format" : { "description" : "Default image format.", - "format" : "pve-storage-format", + "enum" : [ + "raw", + "qcow2", + "subvol", + "vmdk" + ], "optional" : 1, - "type" : "string", - "typetext" : "" + "type" : "string" }, "fs-name" : { "description" : "The Ceph filesystem name.", @@ -53851,10 +54367,14 @@ const apiSchema = [ }, "format" : { "description" : "Default image format.", - "format" : "pve-storage-format", + "enum" : [ + "raw", + "qcow2", + "subvol", + "vmdk" + ], "optional" : 1, - "type" : "string", - "typetext" : "" + "type" : "string" }, "fs-name" : { "description" : "The Ceph filesystem name.", @@ -55946,7 +56466,7 @@ const apiSchema = [ }, "remove-vanished" : { "default" : "none", - "description" : "A semicolon-seperated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).", + "description" : "A semicolon-separated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default).", "optional" : "1", "pattern" : "(?:(?:(?:acl|properties|entry);)*(?:acl|properties|entry))|none", "type" : "string", @@ -56213,6 +56733,27 @@ const apiSchema = [ "type" : "string", "typetext" : "" }, + "groups-autocreate" : { + "default" : 0, + "description" : "Automatically create groups if they do not exist.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, + "groups-claim" : { + "description" : "OpenID claim used to retrieve groups with.", + "maxLength" : 256, + "optional" : 1, + "pattern" : "(?^:A-Za-z0-9\\.\\-_)", + "type" : "string" + }, + "groups-overwrite" : { + "default" : 0, + "description" : "All groups will be overwritten for the user on login.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, "issuer-url" : { "description" : "OpenID Issuer Url", "maxLength" : 256, @@ -56251,6 +56792,13 @@ const apiSchema = [ "pattern" : "(?:none|login|consent|select_account|\\S+)", "type" : "string" }, + "query-userinfo" : { + "default" : 1, + "description" : "Enables querying the userinfo endpoint for claims values.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, "realm" : { "description" : "Authentication domain ID", "format" : "pve-realm", @@ -56551,6 +57099,27 @@ const apiSchema = [ "type" : "string", "typetext" : "" }, + "groups-autocreate" : { + "default" : 0, + "description" : "Automatically create groups if they do not exist.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, + "groups-claim" : { + "description" : "OpenID claim used to retrieve groups with.", + "maxLength" : 256, + "optional" : 1, + "pattern" : "(?^:A-Za-z0-9\\.\\-_)", + "type" : "string" + }, + "groups-overwrite" : { + "default" : 0, + "description" : "All groups will be overwritten for the user on login.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, "issuer-url" : { "description" : "OpenID Issuer Url", "maxLength" : 256, @@ -56589,6 +57158,13 @@ const apiSchema = [ "pattern" : "(?:none|login|consent|select_account|\\S+)", "type" : "string" }, + "query-userinfo" : { + "default" : 1, + "description" : "Enables querying the userinfo endpoint for claims values.", + "optional" : 1, + "type" : "boolean", + "typetext" : "" + }, "realm" : { "description" : "Authentication domain ID", "format" : "pve-realm", @@ -57391,7 +57967,7 @@ const apiSchema = [ "typetext" : "" }, "realm" : { - "description" : "You can optionally pass the realm using this parameter. Normally the realm is simply added to the username @.", + "description" : "You can optionally pass the realm using this parameter. Normally the realm is simply added to the username @.", "format" : "pve-realm", "maxLength" : 32, "optional" : 1, @@ -57498,7 +58074,7 @@ const apiSchema = [ ] ] ], - "description" : "Each user is allowed to change his own password. A user can change the password of another user if he has 'Realm.AllocateUser' (on the realm of user ) and 'User.Modify' permission on /access/groups/ on a group where user is member of." + "description" : "Each user is allowed to change their own password. A user can change the password of another user if they have 'Realm.AllocateUser' (on the realm of user ) and 'User.Modify' permission on /access/groups/ on a group where user is member of. For the PAM realm, a password change does not take effect cluster-wide, but only applies to the local node." }, "protected" : 1, "returns" : { diff --git a/datacenter.cfg.5-opts.adoc b/datacenter.cfg.5-opts.adoc index 473f906..7a42b12 100644 --- a/datacenter.cfg.5-opts.adoc +++ b/datacenter.cfg.5-opts.adoc @@ -22,6 +22,10 @@ bandwidth limit in KiB/s for moving disks bandwidth limit in KiB/s for restoring guests from backups +`consent-text`: `` :: + +Consent text that is displayed before logging in. + `console`: `` :: Select the default Console viewer. You can either use the builtin java applet (VNC; deprecated and maps to html5), an external virt-viewer comtatible application (SPICE), an HTML5 based vnc viewer (noVNC), or an HTML5 based console client (xtermjs). If the selected viewer is not available (e.g. SPICE not activated for the VM), the fallback is noVNC. diff --git a/pveceph.1-synopsis.adoc b/pveceph.1-synopsis.adoc index c98238f..a6cd9ce 100644 --- a/pveceph.1-synopsis.adoc +++ b/pveceph.1-synopsis.adoc @@ -40,7 +40,7 @@ Create a Ceph filesystem Configure the created CephFS as storage for this cluster. -`--name` `` ('default =' `cephfs`):: +`--name` `(?^:^[^:/\s]+$)` ('default =' `cephfs`):: The ceph filesystem name. @@ -255,7 +255,7 @@ Print verbose information, same as json-pretty output format. Create Ceph pool -``: `` :: +``: `(?^:^[^:/\s]+$)` :: The name of the pool. It must be unique. @@ -344,7 +344,7 @@ endpoints). Change POOL settings -``: `` :: +``: `(?^:^[^:/\s]+$)` :: The name of the pool. It must be unique. diff --git a/pvenode.1-synopsis.adoc b/pvenode.1-synopsis.adoc index 77dbb27..d444f93 100644 --- a/pvenode.1-synopsis.adoc +++ b/pvenode.1-synopsis.adoc @@ -197,7 +197,7 @@ Restart pveproxy. Get node configuration options. -`--property` `` ('default =' `all`):: +`--property` `` ('default =' `all`):: Return only a specific property from the node configuration. @@ -213,6 +213,10 @@ Node specific ACME settings. ACME domain and validation plugin +`--ballooning-target` ` (0 - 100)` ('default =' `80`):: + +RAM usage target for ballooning (in percent of total memory) + `--delete` `` :: A list of settings you want to delete. diff --git a/pvesm.1-synopsis.adoc b/pvesm.1-synopsis.adoc index 4f921e1..cf731c1 100644 --- a/pvesm.1-synopsis.adoc +++ b/pvesm.1-synopsis.adoc @@ -82,7 +82,7 @@ NFS export path. Certificate SHA 256 fingerprint. -`--format` `` :: +`--format` `` :: Default image format. @@ -276,9 +276,9 @@ The name of the file to create. Size in kilobyte (1024 bytes). Optional suffixes 'M' (megabyte, 1024K) and 'G' (gigabyte, 1024M) -`--format` `` :: +`--format` `` :: -no description available +Format of the image. + NOTE: Requires option(s): `size` @@ -650,7 +650,7 @@ Encryption key. Use 'autogen' to generate one automatically without passphrase. Certificate SHA 256 fingerprint. -`--format` `` :: +`--format` `` :: Default image format. diff --git a/pveum.1-synopsis.adoc b/pveum.1-synopsis.adoc index 905b27f..fb47270 100644 --- a/pveum.1-synopsis.adoc +++ b/pveum.1-synopsis.adoc @@ -286,6 +286,18 @@ LDAP filter for group sync. LDAP attribute representing a groups name. If not set or found, the first value of the DN will be used as name. +`--groups-autocreate` `` ('default =' `0`):: + +Automatically create groups if they do not exist. + +`--groups-claim` `(?^:A-Za-z0-9\.\-_)` :: + +OpenID claim used to retrieve groups with. + +`--groups-overwrite` `` ('default =' `0`):: + +All groups will be overwritten for the user on login. + `--issuer-url` `` :: OpenID Issuer Url @@ -306,6 +318,10 @@ Server port. Specifies whether the Authorization Server prompts the End-User for reauthentication and consent. +`--query-userinfo` `` ('default =' `1`):: + +Enables querying the userinfo endpoint for claims values. + `--scopes` `` ('default =' `email profile`):: Specifies the scopes (user details) that should be authorized and returned, for example 'email' or 'profile'. @@ -462,6 +478,18 @@ LDAP filter for group sync. LDAP attribute representing a groups name. If not set or found, the first value of the DN will be used as name. +`--groups-autocreate` `` ('default =' `0`):: + +Automatically create groups if they do not exist. + +`--groups-claim` `(?^:A-Za-z0-9\.\-_)` :: + +OpenID claim used to retrieve groups with. + +`--groups-overwrite` `` ('default =' `0`):: + +All groups will be overwritten for the user on login. + `--issuer-url` `` :: OpenID Issuer Url @@ -482,6 +510,10 @@ Server port. Specifies whether the Authorization Server prompts the End-User for reauthentication and consent. +`--query-userinfo` `` ('default =' `1`):: + +Enables querying the userinfo endpoint for claims values. + `--scopes` `` ('default =' `email profile`):: Specifies the scopes (user details) that should be authorized and returned, for example 'email' or 'profile'. @@ -554,7 +586,7 @@ DEPRECATED: use 'remove-vanished' instead. Remove ACLs for users or groups which `--remove-vanished` `([acl];[properties];[entry])|none` ('default =' `none`):: -A semicolon-seperated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default). +A semicolon-separated list of things to remove when they or the user vanishes during a sync. The following values are possible: 'entry' removes the user/group when not returned from the sync. 'properties' removes the set properties on existing user/group that do not appear in the source (even custom ones). 'acl' removes acls when the user/group is not returned from the sync. Instead of a list it also can be 'none' (the default). `--scope` `` :: @@ -644,7 +676,7 @@ NOTE: Requires option(s): `path` `--realm` `` :: -You can optionally pass the realm using this parameter. Normally the realm is simply added to the username @. +You can optionally pass the realm using this parameter. Normally the realm is simply added to the username @. `--tfa-challenge` `` :: diff --git a/qm.1-synopsis.adoc b/qm.1-synopsis.adoc index bacdadf..c7267ac 100644 --- a/qm.1-synopsis.adoc +++ b/qm.1-synopsis.adoc @@ -135,7 +135,7 @@ List of host cores used to execute guest processes, for example: 0,5,8-11 Enable/disable communication with the QEMU Guest Agent and its properties. -`--amd-sev` `[type=] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]` :: +`--amd-sev` `[type=] [,allow-smt=<1|0>] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]` :: Secure Encrypted Virtualization (SEV) features by AMD CPUs @@ -303,7 +303,7 @@ Set the real time clock (RTC) to local time. This is enabled by default if the ` Lock/unlock the VM. -`--machine` `[[type=]] [,viommu=]` :: +`--machine` `[[type=]] [,enable-s3=<1|0>] [,enable-s4=<1|0>] [,viommu=]` :: Specify the QEMU machine. @@ -473,6 +473,10 @@ Configure the VGA hardware. Use volume as VIRTIO hard disk (n is 0 to 15). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume. +`--virtiofs[n]` `[dirid=] [,cache=] [,direct-io=<1|0>] [,expose-acl=<1|0>] [,expose-xattr=<1|0>] [,writeback=<1|0>]` :: + +Configuration for sharing a directory between host and guest using Virtio-fs. + `--vmgenid` `` ('default =' `1 (autogenerated)`):: Set VM Generation ID. Use '1' to autogenerate on create or update, pass '0' to disable explicitly. @@ -746,7 +750,7 @@ List of host cores used to execute guest processes, for example: 0,5,8-11 Enable/disable communication with the QEMU Guest Agent and its properties. -`--amd-sev` `[type=] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]` :: +`--amd-sev` `[type=] [,allow-smt=<1|0>] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]` :: Secure Encrypted Virtualization (SEV) features by AMD CPUs @@ -908,7 +912,7 @@ Set the real time clock (RTC) to local time. This is enabled by default if the ` Lock/unlock the VM. -`--machine` `[[type=]] [,viommu=]` :: +`--machine` `[[type=]] [,enable-s3=<1|0>] [,enable-s4=<1|0>] [,viommu=]` :: Specify the QEMU machine. @@ -1064,6 +1068,10 @@ Configure the VGA hardware. Use volume as VIRTIO hard disk (n is 0 to 15). +`--virtiofs[n]` `[dirid=] [,cache=] [,direct-io=<1|0>] [,expose-acl=<1|0>] [,expose-xattr=<1|0>] [,writeback=<1|0>]` :: + +Configuration for sharing a directory between host and guest using Virtio-fs. + `--vmgenid` `` ('default =' `1 (autogenerated)`):: Set VM Generation ID. Use '1' to autogenerate on create or update, pass '0' to disable explicitly. @@ -1336,7 +1344,7 @@ List of host cores used to execute guest processes, for example: 0,5,8-11 Enable/disable communication with the QEMU Guest Agent and its properties. -`--amd-sev` `[type=] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]` :: +`--amd-sev` `[type=] [,allow-smt=<1|0>] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]` :: Secure Encrypted Virtualization (SEV) features by AMD CPUs @@ -1496,7 +1504,7 @@ Set the real time clock (RTC) to local time. This is enabled by default if the ` Lock/unlock the VM. -`--machine` `[[type=]] [,viommu=]` :: +`--machine` `[[type=]] [,enable-s3=<1|0>] [,enable-s4=<1|0>] [,viommu=]` :: Specify the QEMU machine. @@ -1656,6 +1664,10 @@ Configure the VGA hardware. Use volume as VIRTIO hard disk (n is 0 to 15). Use the special syntax STORAGE_ID:SIZE_IN_GiB to allocate a new volume. Use STORAGE_ID:0 and the 'import-from' parameter to import from an existing volume. +`--virtiofs[n]` `[dirid=] [,cache=] [,direct-io=<1|0>] [,expose-acl=<1|0>] [,expose-xattr=<1|0>] [,writeback=<1|0>]` :: + +Configuration for sharing a directory between host and guest using Virtio-fs. + `--vmgenid` `` ('default =' `1 (autogenerated)`):: Set VM Generation ID. Use '1' to autogenerate on create or update, pass '0' to disable explicitly. @@ -1742,7 +1754,7 @@ The (unique) ID of the VM. Override QEMU's -cpu argument with the given string. -`--machine` `[[type=]] [,viommu=]` :: +`--machine` `[[type=]] [,enable-s3=<1|0>] [,enable-s4=<1|0>] [,viommu=]` :: Specify the QEMU machine. diff --git a/qm.conf.5-opts.adoc b/qm.conf.5-opts.adoc index d6bdf13..3717fef 100644 --- a/qm.conf.5-opts.adoc +++ b/qm.conf.5-opts.adoc @@ -26,25 +26,29 @@ Run fstrim after moving a disk or migrating the VM. Select the agent type -`amd-sev`: `[type=] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]` :: +`amd-sev`: `[type=] [,allow-smt=<1|0>] [,kernel-hashes=<1|0>] [,no-debug=<1|0>] [,no-key-sharing=<1|0>]` :: Secure Encrypted Virtualization (SEV) features by AMD CPUs +`allow-smt`=`` ('default =' `1`);; + +Sets policy bit to allow Simultaneous Multi Threading (SMT) (Ignored unless for SEV-SNP) + `kernel-hashes`=`` ('default =' `0`);; Add kernel hashes to guest firmware for measured linux kernel launch `no-debug`=`` ('default =' `0`);; -Sets policy bit 0 to 1 to disallow debugging of guest +Sets policy bit to disallow debugging of guest `no-key-sharing`=`` ('default =' `0`);; -Sets policy bit 1 to 1 to disallow key sharing with other guests +Sets policy bit to disallow key sharing with other guests (Ignored for SEV-SNP) `type`=`` ;; -Enable standard SEV with type='std' or enable experimental SEV-ES with the 'es' option. +Enable standard SEV with type='std' or enable experimental SEV-ES with the 'es' option or enable experimental SEV-SNP with the 'snp' option. `arch`: `` :: @@ -207,7 +211,7 @@ Size and type of the OVMF EFI vars. '4m' is newer and recommended, and required The drive's backing volume. -`format`=`` ;; +`format`=`` ;; The drive's backing file's data format. @@ -357,7 +361,7 @@ Controls whether to pass discard/trim requests to the underlying storage. The drive's backing volume. -`format`=`` ;; +`format`=`` ;; The drive's backing file's data format. @@ -545,10 +549,18 @@ Set the real time clock (RTC) to local time. This is enabled by default if the ` Lock/unlock the VM. -`machine`: `[[type=]] [,viommu=]` :: +`machine`: `[[type=]] [,enable-s3=<1|0>] [,enable-s4=<1|0>] [,viommu=]` :: Specify the QEMU machine. +`enable-s3`=`` ;; + +Enables S3 power state. Defaults to false beginning with machine types 9.2+pve1, true before. + +`enable-s4`=`` ;; + +Enables S4 power state. Defaults to false beginning with machine types 9.2+pve1, true before. + `type`=`` ;; Specifies the QEMU machine type. @@ -707,7 +719,7 @@ Configure a VirtIO-based Random Number Generator. `max_bytes`=`` ('default =' `1024`);; -Maximum bytes of entropy allowed to get injected into the guest every 'period' milliseconds. Prefer a lower value when using '/dev/random' as source. Use `0` to disable limiting (potentially dangerous!). +Maximum bytes of entropy allowed to get injected into the guest every 'period' milliseconds. Use `0` to disable limiting (potentially dangerous!). `period`=`` ('default =' `1000`);; @@ -715,7 +727,7 @@ Every 'period' milliseconds the entropy-injection quota is reset, allowing the g `source`=`` ;; -The file on the host to gather entropy from. In most cases '/dev/urandom' should be preferred over '/dev/random' to avoid entropy-starvation issues on the host. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. '/dev/hwrng' can be used to pass through a hardware RNG from the host. +The file on the host to gather entropy from. Using urandom does *not* decrease security in any meaningful way, as it's still seeded from real entropy, and the bytes provided will most likely be mixed with real entropy on the guest as well. '/dev/hwrng' can be used to pass through a hardware RNG from the host. `sata[n]`: `[file=] [,aio=] [,backup=<1|0>] [,bps=] [,bps_max_length=] [,bps_rd=] [,bps_rd_max_length=] [,bps_wr=] [,bps_wr_max_length=] [,cache=] [,cyls=] [,detect_zeroes=<1|0>] [,discard=] [,format=] [,heads=] [,iops=] [,iops_max=] [,iops_max_length=] [,iops_rd=] [,iops_rd_max=] [,iops_rd_max_length=] [,iops_wr=] [,iops_wr_max=] [,iops_wr_max_length=] [,mbps=] [,mbps_max=] [,mbps_rd=] [,mbps_rd_max=] [,mbps_wr=] [,mbps_wr_max=] [,media=] [,replicate=<1|0>] [,rerror=] [,secs=] [,serial=] [,shared=<1|0>] [,size=] [,snapshot=<1|0>] [,ssd=<1|0>] [,trans=] [,werror=] [,wwn=]` :: @@ -773,7 +785,7 @@ Controls whether to pass discard/trim requests to the underlying storage. The drive's backing volume. -`format`=`` ;; +`format`=`` ;; The drive's backing file's data format. @@ -947,7 +959,7 @@ Controls whether to pass discard/trim requests to the underlying storage. The drive's backing volume. -`format`=`` ;; +`format`=`` ;; The drive's backing file's data format. @@ -1328,7 +1340,7 @@ Controls whether to pass discard/trim requests to the underlying storage. The drive's backing volume. -`format`=`` ;; +`format`=`` ;; The drive's backing file's data format. @@ -1446,6 +1458,34 @@ Force disk geometry bios translation mode. Write error action. +`virtiofs[n]`: `[dirid=] [,cache=] [,direct-io=<1|0>] [,expose-acl=<1|0>] [,expose-xattr=<1|0>] [,writeback=<1|0>]` :: + +Configuration for sharing a directory between host and guest using Virtio-fs. + +`cache`=`` ('default =' `auto`);; + +The caching policy the file system should use (auto, always, metadata, never). + +`direct-io`=`` ('default =' `0`);; + +Honor the O_DIRECT flag passed down by guest applications. + +`dirid`=`` ;; + +Mapping identifier of the directory mapping to be shared with the guest. Also used as a mount tag inside the VM. + +`expose-acl`=`` ('default =' `0`);; + +Enable support for POSIX ACLs (enabled ACL implies xattr) for this mount. + +`expose-xattr`=`` ('default =' `0`);; + +Enable support for extended attributes for this mount. + +`writeback`=`` ('default =' `0`);; + +Enable writeback cache. If enabled, writes may be cached in the guest until the file is closed or an fsync is performed. + `vmgenid`: `` ('default =' `1 (autogenerated)`):: The VM generation ID (vmgenid) device exposes a 128-bit integer value identifier to the guest OS. This allows to notify the guest operating system when the virtual machine is executed with a different configuration (e.g. snapshot execution or creation from a template). The guest operating system notices the change, and is then able to react as appropriate by marking its copies of distributed databases as dirty, re-initializing its random number generator, etc.