mixed bag of improvements:
- return hash based on domain
- check for duplicate domains, allow overlap between main and additional
keys otherwise
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
With this configuration it is possible to use many different plugins
with different providers and users.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
Allow additional domains with different sub-plugins,
However, only one domain per additional entry is permitted.
Signed-off-by: Wolfgang Link <w.link@proxmox.com>
exact same thing commit 67cb91e4d7
already did for the old location of this, but indentation error was
introduced again when moving it (fix y'all editors..)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
opens a window with the parameters for the sync and two buttons:
'preview' and 'sync'
both open the taskviewer, but the 'preview' one sets the 'dry-run'
parameter so that it does not get written out to the user.cfg
loads the realm config and prefills the selection with values from
the config, and shows a hint about where to set the defaults
if none are set
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
All local disks can/will be migrated if not for a reason we don't
know about yet at this stage. The disks we get from the API call as
'local_disks' are either referenced by the config or by snapshots in
the config (which was not checked for and the reason one could run
into the 'else if' branch).
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
if our self-signed certificate expires in more than 825 days, but was
created after July 2019 it won't be accepted by modern Apple devices. we
fixed the issuance to generate shorter-lived certificates in November
2019, this cleans up the existing ones to fix this and similar future
issues.
two years / 730 days as cut-off was chosen since it's our new maximum
self-signed certificate lifetime, and should thus catch all old-style
certificates.
another positive side-effect is that we can now phase out support for
older certificates faster, e.g. if we want to move to bigger keys,
different signature algorithms, or anything else in that direction.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
this modifies AuthEditBase so that if there is a sync inputpanel specified,
we display it in a second tab (we need to modify the bodyPadding here,
else the whole window has too much padding)
we use the same panel for both ldap/ad, since the most options behave
the same (except for user_attribute, but the default for AD is
sAMAccount which i think is good enough for now, users can still
override it in the cli)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
that breaks the schema as the POST endpoint obviously doesn't knows
about a delete property.
fixes commit 58e1ccc4f5
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
if 'delete' is an Array, we want to push into it, not append a string
this could be an issue when we use an edit window with multiple inputpanels
and deleteEmpty set on some fields
we then could have an aray like this:
values: {
delete: [
'foo',
'bar',
'baz, qux',
],
},
which the edit window does not handle correctly anymore
(it only does string splitting if 'delete' itself is a string)
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
similar to storage/Base.js so that we have the different
RealmTypes in different inputpanels
this will come in handy when we define sync options
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
We normally do not stack windows and it breaks/allows some funky
stuff.. As this isn't really required and can be done just fine over
the the DC -> Token panel, especially as we prefill the username to
the logged in one for new tokens now..
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
The public_addr option for creating a new MON is only valid for manual
startup (since Ceph Jewel) and is just ignored by ceph-mon during setup.
As the MON is started after the creation through systemd without an IP
specified. It is trying to auto-select an IP.
Before this patch the public_addr was only explicitly written to the
ceph.conf if no public_network was set. The mon_address is only needed
in the config on the first start of the MON.
The ceph-mon itself tries to select an IP on the following conditions.
- no public_network or public_addr is in the ceph.conf
* startup fails
- public_network is in the ceph.conf
* with a single network, take the first available IP
* on multiple networks, walk through the list orderly and start on
the first network where an IP is found
Signed-off-by: Alwin Antreich <a.antreich@proxmox.com>
since the log output verified in tests changed and the build fails with
the old version now.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
pve-guest-common got a new log line [0] for rate and transport type of a
replication. This line must be added to the replication tests.
[0] e90f586aab5caad4d4c5e18711316e8dc5225c07
Signed-off-by: Dominic Jäger <d.jaeger@proxmox.com>
We normally only use that information for the nodes power management
buttons, only the Summary panel profits from more frequent updates
(due to the uptime, and resource usage graphs).
So use 5s interval in general and switch to 1s for the summary panel
only.
This also fixes a bug where the node-config panel owned store got
stopped by mistake if the summary panel, which shared the use of that
store, was "destroyed" (left).
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This uses the newly introduced PVE::LXC::CGroup's
cpuset_controller_path() method to find the controller path,
so we need to depend on the newer pve-container package.
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
