[pve-devel] partially-applied-series: [PATCH many v2 00/20] notifications: move template strings to template files; PBS preparations
Am 19/04/2024 um 16:17 schrieb Lukas Wagner: > proxmox: > > Lukas Wagner (12): > notify: switch to file-based templating system > notify: make api methods take config struct ownership > notify: convert Option> -> Vec in config structs > notify: don't make tests require pve-context > notify: make the `mail-forwarder` feature depend on proxmox-sys > notify: cargo.toml: add spaces before curly braces > notify: give each notification a unique ID > notify: api: add get_targets > notify: derive `api` for Deleteable*Property > notify: derive Deserialize/Serialize for Notification struct > notify: pbs context: include nodename in default sendmail author > notify: renderer: add relative-percentage helper from PBS > > proxmox-notify/Cargo.toml | 7 +- > proxmox-notify/examples/render.rs | 63 -- > proxmox-notify/src/api/gotify.rs| 48 ++--- > proxmox-notify/src/api/matcher.rs | 59 +++-- > proxmox-notify/src/api/mod.rs | 113 -- > proxmox-notify/src/api/sendmail.rs | 60 +++--- > proxmox-notify/src/api/smtp.rs | 122 +-- > proxmox-notify/src/context/mod.rs | 10 +- > proxmox-notify/src/context/pbs.rs | 18 +- > proxmox-notify/src/context/pve.rs | 15 ++ > proxmox-notify/src/context/test.rs | 9 + > proxmox-notify/src/endpoints/common/mail.rs | 20 +- > proxmox-notify/src/endpoints/gotify.rs | 12 +- > proxmox-notify/src/endpoints/sendmail.rs| 34 +-- > proxmox-notify/src/endpoints/smtp.rs| 38 ++-- > proxmox-notify/src/lib.rs | 59 ++--- > proxmox-notify/src/matcher.rs | 71 +++--- > proxmox-notify/src/renderer/html.rs | 14 -- > proxmox-notify/src/renderer/mod.rs | 226 > proxmox-notify/src/renderer/plaintext.rs| 39 > 20 files changed, 506 insertions(+), 531 deletions(-) > delete mode 100644 proxmox-notify/examples/render.rs > > applied above, i.e., the proxmox/proxmox-notify ones. As talked off-list, for the PVE side I'd like to wait out the next one or two weeks until the dust of the release settles. Until then, the libpve-rs should stay on the proxmox-notify 0.3 release, while a hot-fix would be slightly more work, it's still doable – so I see no real practical issue in having this divergence between PVE and PBS (where this is all completely new anyway). ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH proxmox-firewall] firewall: properly handle REJECT rules
Am 23/04/2024 um 18:02 schrieb Stefan Hanreich: > Currently we generated DROP statements for all rules involving REJECT. > We only need to generate DROP when in the postrouting chain of tables > with type bridge, since REJECT is disallowed there. Otherwise we jump > into the do-reject chain which properly handles rejects for different > protocol types. > > Signed-off-by: Stefan Hanreich > --- > Seems like the proper handling for this got lost somewhere during my > big refactoring :/ > > .../resources/proxmox-firewall.nft| 7 +- > proxmox-firewall/src/firewall.rs | 9 +- > proxmox-firewall/src/rule.rs | 22 ++- > proxmox-firewall/tests/input/100.fw | 2 + > proxmox-firewall/tests/input/host.fw | 2 + > .../integration_tests__firewall.snap | 158 +- > proxmox-nftables/src/statement.rs | 6 +- > 7 files changed, 197 insertions(+), 9 deletions(-) > > applied, with the Reported-by from Sterz amended in, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH installer] assistant: prepare iso: s/direct/included to match current naming
Am 23/04/2024 um 11:00 schrieb Alexander Zeidler: > Signed-off-by: Alexander Zeidler > --- > proxmox-auto-install-assistant/src/main.rs | 6 +++--- > 1 file changed, 3 insertions(+), 3 deletions(-) > > applied, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH installer] assistant: error out on set network config for dhcp
Am 23/04/2024 um 17:18 schrieb Stoiko Ivanov: > potentially will not happen too often in practice if the sample files > always contain the right source. Still having settings in an answer > file that get ignored does not seem right. > > tested with `validate-answer` on a file without `source` in the > network section (which initially caused confusion for me) > > Signed-off-by: Stoiko Ivanov > --- > proxmox-auto-installer/src/answer.rs | 13 + > 1 file changed, 13 insertions(+) > > applied, thanks! I'm wonder if we should allow filtering by management NIC for the DHCP case too though (in the long term). ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH proxmox-firewall] firewall: properly handle REJECT rules
On 4/23/24 18:02, Stefan Hanreich wrote: > Currently we generated DROP statements for all rules involving REJECT. > We only need to generate DROP when in the postrouting chain of tables > with type bridge, since REJECT is disallowed there. Otherwise we jump > into the do-reject chain which properly handles rejects for different > protocol types. > > Signed-off-by: Stefan Hanreich Forgot trailer: Reported-By: Stefan Sterz ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH proxmox-firewall] firewall: properly handle REJECT rules
Currently we generated DROP statements for all rules involving REJECT.
We only need to generate DROP when in the postrouting chain of tables
with type bridge, since REJECT is disallowed there. Otherwise we jump
into the do-reject chain which properly handles rejects for different
protocol types.
Signed-off-by: Stefan Hanreich
---
Seems like the proper handling for this got lost somewhere during my
big refactoring :/
.../resources/proxmox-firewall.nft| 7 +-
proxmox-firewall/src/firewall.rs | 9 +-
proxmox-firewall/src/rule.rs | 22 ++-
proxmox-firewall/tests/input/100.fw | 2 +
proxmox-firewall/tests/input/host.fw | 2 +
.../integration_tests__firewall.snap | 158 +-
proxmox-nftables/src/statement.rs | 6 +-
7 files changed, 197 insertions(+), 9 deletions(-)
diff --git a/proxmox-firewall/resources/proxmox-firewall.nft
b/proxmox-firewall/resources/proxmox-firewall.nft
index 67dd8c8..f36bf3b 100644
--- a/proxmox-firewall/resources/proxmox-firewall.nft
+++ b/proxmox-firewall/resources/proxmox-firewall.nft
@@ -285,7 +285,12 @@ table bridge proxmox-firewall-guests {
}
chain do-reject {
-drop
+meta pkttype broadcast drop
+ip saddr 224.0.0.0/4 drop
+
+meta l4proto tcp reject with tcp reset
+meta l4proto icmp reject with icmp type port-unreachable
+reject with icmp type host-prohibited
}
chain after-vm-in {
diff --git a/proxmox-firewall/src/firewall.rs b/proxmox-firewall/src/firewall.rs
index b137f58..509e295 100644
--- a/proxmox-firewall/src/firewall.rs
+++ b/proxmox-firewall/src/firewall.rs
@@ -28,7 +28,7 @@ use proxmox_ve_config::guest::types::Vmid;
use crate::config::FirewallConfig;
use crate::object::{NftObjectEnv, ToNftObjects};
-use crate::rule::{NftRule, NftRuleEnv};
+use crate::rule::{generate_verdict, NftRule, NftRuleEnv};
static CLUSTER_TABLE_NAME: = "proxmox-firewall";
static HOST_TABLE_NAME: = "proxmox-firewall";
@@ -715,7 +715,10 @@ impl Firewall {
None,
)?;
-commands.push(Add::rule(AddRule::from_statement(chain,
default_policy)));
+commands.push(Add::rule(AddRule::from_statement(
+chain,
+generate_verdict(default_policy, ),
+)));
Ok(())
}
@@ -827,7 +830,7 @@ impl Firewall {
commands.push(Add::rule(AddRule::from_statement(
chain,
-config.default_policy(direction),
+generate_verdict(config.default_policy(direction), ),
)));
Ok(())
diff --git a/proxmox-firewall/src/rule.rs b/proxmox-firewall/src/rule.rs
index c8099d0..02f964e 100644
--- a/proxmox-firewall/src/rule.rs
+++ b/proxmox-firewall/src/rule.rs
@@ -4,7 +4,7 @@ use anyhow::{format_err, Error};
use proxmox_nftables::{
expression::{Ct, IpFamily, Meta, Payload, Prefix},
statement::{Log, LogLevel, Match, Operator},
-types::{AddRule, ChainPart, SetName},
+types::{AddRule, ChainPart, SetName, TableFamily, TablePart},
Expression, Statement,
};
use proxmox_ve_config::{
@@ -16,7 +16,7 @@ use proxmox_ve_config::{
alias::AliasName,
ipset::{Ipfilter, IpsetName},
log::LogRateLimit,
-rule::{Direction, Kind, RuleGroup},
+rule::{Direction, Kind, RuleGroup, Verdict as ConfigVerdict},
rule_match::{
Icmp, Icmpv6, IpAddrMatch, IpMatch, Ports, Protocol,
RuleMatch, Sctp, Tcp, Udp,
},
@@ -146,6 +146,14 @@ impl NftRuleEnv<'_> {
fn contains_family(, family: Family) -> bool {
self.chain.table().family().families().contains()
}
+
+fn table() -> {
+self.chain.table()
+}
+
+fn direction() -> Direction {
+self.direction
+}
}
pub(crate) trait ToNftRules {
@@ -204,6 +212,14 @@ impl ToNftRules for RuleGroup {
}
}
+pub(crate) fn generate_verdict(verdict: ConfigVerdict, env: ) ->
Statement {
+match (env.table().family(), env.direction(), verdict) {
+(TableFamily::Bridge, Direction::In, ConfigVerdict::Reject) =>
Statement::make_drop(),
+(_, _, ConfigVerdict::Reject) => Statement::jump("do-reject"),
+_ => Statement::from(verdict),
+}
+}
+
impl ToNftRules for RuleMatch {
fn to_nft_rules(, rules: Vec, env: ) ->
Result<(), Error> {
if env.direction != self.direction() {
@@ -230,7 +246,7 @@ impl ToNftRules for RuleMatch {
}
}
-rules.push(NftRule::new(Statement::from(self.verdict(;
+rules.push(NftRule::new(generate_verdict(self.verdict(), env)));
if let Some(name) = () {
handle_iface(rules, env, name)?;
diff --git a/proxmox-firewall/tests/input/100.fw
b/proxmox-firewall/tests/input/100.fw
index 6cf9fff..1aa9b00 100644
--- a/proxmox-firewall/tests/input/100.fw
+++ b/proxmox-firewall/tests/input/100.fw
@@ -19,4 +19,6 @@
[pve-devel] applied: [PATCH installer] auto-installer: move ssh keys setup to low-level installer
Am 23/04/2024 um 16:44 schrieb Christoph Heiss:
> .. thereby, also fixing a accidental shell injection.
>
> Since run_cmd{,s}() is nowhere else used anymore, they can be removed
> too.
>
> Also mostly reverts commit
>
> 5878dc4ae "auto-installer: handle auto-reboot info messages directly"
>
would have preferred a bit more reasoning and possibly having this split
in two patches, but fine enough I guess.
> in the process too.
>
> Reported-by: Friedrich Weber
> Signed-off-by: Christoph Heiss
> ---
> Proxmox/Install.pm| 7 ++
> Proxmox/Install/Config.pm | 4 ++
> .../src/bin/proxmox-auto-installer.rs | 34 +
> proxmox-auto-installer/src/utils.rs | 70 ++-
> .../resources/parse_answer/disk_match.json| 2 +-
> .../parse_answer/disk_match_all.json | 2 +-
> .../parse_answer/disk_match_any.json | 2 +-
> .../tests/resources/parse_answer/minimal.json | 2 +-
> .../resources/parse_answer/nic_matching.json | 2 +-
> .../resources/parse_answer/specific_nic.json | 2 +-
> .../tests/resources/parse_answer/zfs.json | 2 +-
> proxmox-installer-common/src/setup.rs | 2 +
> proxmox-tui-installer/src/setup.rs| 1 +
> 13 files changed, 27 insertions(+), 105 deletions(-)
>
>
applied, thanks!
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied-series: [PATCH manager v2] fix #5251: login: set autocomplete on password and user
Am 19/02/2024 um 11:37 schrieb Maximiliano Sandoval: > By default they have 'autocomplete=off'. From [1]: > > > In most modern browsers, setting autocomplete to "off" will not > > prevent a password manager from asking the user if they would like to > > save username and password information, or from automatically filling > > in those values in a site's login form. See the autocomplete > > attribute and login fields [2]. > > [1] https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes/autocomplete > [2] > https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion#the_autocomplete_attribute_and_login_fields > > Signed-off-by: Maximiliano Sandoval > --- > Differences from v1: > - Learn how to send emails > - Fix 'fix #5251' prefix in commit titles > > www/manager6/window/LoginWindow.js | 2 ++ > 1 file changed, 2 insertions(+) > > applied series, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH installer] assistant: error out on set network config for dhcp
potentially will not happen too often in practice if the sample files
always contain the right source. Still having settings in an answer
file that get ignored does not seem right.
tested with `validate-answer` on a file without `source` in the
network section (which initially caused confusion for me)
Signed-off-by: Stoiko Ivanov
---
proxmox-auto-installer/src/answer.rs | 13 +
1 file changed, 13 insertions(+)
diff --git a/proxmox-auto-installer/src/answer.rs
b/proxmox-auto-installer/src/answer.rs
index de8a360..df20db3 100644
--- a/proxmox-auto-installer/src/answer.rs
+++ b/proxmox-auto-installer/src/answer.rs
@@ -87,6 +87,19 @@ impl TryFrom for Network {
}),
})
} else {
+if network.cidr.is_some() {
+return Err("Field 'cidr' not supported for 'from-dhcp'
config.");
+}
+if network.dns.is_some() {
+return Err("Field 'dns' not supported for 'from-dhcp'
config.");
+}
+if network.gateway.is_some() {
+return Err("Field 'gateway' not supported for 'from-dhcp'
config.");
+}
+if network.filter.is_some() {
+return Err("Field 'filter' not supported for 'from-dhcp'
config.");
+}
+
Ok(Network {
network_settings: NetworkSettings::FromDhcp,
})
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH manager 1/3] ui: user edit: protect user's TFA settings again
Am 09/02/2024 um 14:08 schrieb Fiona Ebner:
> Same rationale as in 5b25580d ("Protect the user's tfa key setting."):
> it should not be possible to change the value when it's not an actual
> secret but a reference to what TFA method is used or, in case of 'x',
> whether TFA is used.
>
> Signed-off-by: Fiona Ebner
> ---
> www/manager6/dc/UserEdit.js | 5 -
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
>
applied this one for now, thanks!
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH manager] vzdump: also warn when hook script fails for backup-abort or log-end phase
Am 22/01/2024 um 10:55 schrieb Fiona Ebner: > to make it more visible, also in task logs. > > Signed-off-by: Fiona Ebner > --- > PVE/VZDump.pm | 2 ++ > 1 file changed, 2 insertions(+) > > applied, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH qemu-server] qmeventd: also treat 'prelaunch' and 'suspended' states as active
Am 10/10/2023 um 10:57 schrieb Fiona Ebner: > Otherwise, a VM in those states would be terminated after a backup > in handle_qmp_return() with QMP 'quit', which is pretty bad in case > of the 'suspended' state. > > Does not change the fact that a VM started in prelaunch mode for > backup is terminated later (that is handled by the Perl code). > > Signed-off-by: Fiona Ebner > --- > qmeventd/qmeventd.c | 8 ++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > > applied, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH installer] auto-installer: move ssh keys setup to low-level installer
.. thereby, also fixing a accidental shell injection.
Since run_cmd{,s}() is nowhere else used anymore, they can be removed
too.
Also mostly reverts commit
5878dc4ae "auto-installer: handle auto-reboot info messages directly"
in the process too.
Reported-by: Friedrich Weber
Signed-off-by: Christoph Heiss
---
Proxmox/Install.pm| 7 ++
Proxmox/Install/Config.pm | 4 ++
.../src/bin/proxmox-auto-installer.rs | 34 +
proxmox-auto-installer/src/utils.rs | 70 ++-
.../resources/parse_answer/disk_match.json| 2 +-
.../parse_answer/disk_match_all.json | 2 +-
.../parse_answer/disk_match_any.json | 2 +-
.../tests/resources/parse_answer/minimal.json | 2 +-
.../resources/parse_answer/nic_matching.json | 2 +-
.../resources/parse_answer/specific_nic.json | 2 +-
.../tests/resources/parse_answer/zfs.json | 2 +-
proxmox-installer-common/src/setup.rs | 2 +
proxmox-tui-installer/src/setup.rs| 1 +
13 files changed, 27 insertions(+), 105 deletions(-)
diff --git a/Proxmox/Install.pm b/Proxmox/Install.pm
index e2f8ad9..dcbedb2 100644
--- a/Proxmox/Install.pm
+++ b/Proxmox/Install.pm
@@ -1271,6 +1271,13 @@ _EOD
my $octets = encode("utf-8", Proxmox::Install::Config::get_password());
run_command("chroot $targetdir /usr/sbin/chpasswd", undef,
"root:$octets\n");
+ # set root ssh keys
+ my $ssh_keys = Proxmox::Install::Config::get_root_ssh_keys();
+ if (scalar(@$ssh_keys) > 0) {
+ mkdir "$targetdir/root/.ssh";
+ file_write_all("$targetdir/root/.ssh/authorized_keys", join("\n",
@$ssh_keys));
+ }
+
my $mailto = Proxmox::Install::Config::get_mailto();
if ($iso_env->{product} eq 'pmg') {
# save admin email
diff --git a/Proxmox/Install/Config.pm b/Proxmox/Install/Config.pm
index 5ef3438..ecd8a74 100644
--- a/Proxmox/Install/Config.pm
+++ b/Proxmox/Install/Config.pm
@@ -92,6 +92,7 @@ my sub init_cfg {
# root credentials & details
password => undef,
mailto => 'mail@example.invalid',
+ root_ssh_keys => [],
# network related
mngmt_nic => undef,
@@ -201,6 +202,9 @@ sub get_password { return get('password'); }
sub set_mailto { set_key('mailto', $_[0]); }
sub get_mailto { return get('mailto'); }
+sub set_root_ssh_keys { set_key('root_ssh_keys', $_[0]); }
+sub get_root_ssh_keys { return get('root_ssh_keys'); }
+
sub set_mngmt_nic { set_key('mngmt_nic', $_[0]); }
sub get_mngmt_nic { return get('mngmt_nic'); }
diff --git a/proxmox-auto-installer/src/bin/proxmox-auto-installer.rs
b/proxmox-auto-installer/src/bin/proxmox-auto-installer.rs
index 97b5746..2e7d20d 100644
--- a/proxmox-auto-installer/src/bin/proxmox-auto-installer.rs
+++ b/proxmox-auto-installer/src/bin/proxmox-auto-installer.rs
@@ -5,8 +5,6 @@ use std::{
io::{BufRead, BufReader, Write},
path::PathBuf,
process::ExitCode,
-thread,
-time::Duration,
};
use proxmox_installer_common::setup::{
@@ -17,7 +15,7 @@ use proxmox_auto_installer::{
answer::Answer,
log::AutoInstLogger,
udevinfo::UdevInfo,
-utils::{parse_answer, run_cmds, LowLevelMessage},
+utils::{parse_answer, LowLevelMessage},
};
static LOGGER: AutoInstLogger = AutoInstLogger;
@@ -93,15 +91,8 @@ fn main() -> ExitCode {
}
}
-run_postinstallation();
-
// TODO: (optionally) do a HTTP post with basic system info, like host SSH
public key(s) here
-for secs in (0..=5).rev() {
-info!("Installation finished - auto-rebooting in {secs} seconds ..");
-thread::sleep(Duration::from_secs(1));
-}
-
ExitCode::SUCCESS
}
@@ -178,8 +169,7 @@ fn run_installation(
if state == "err" {
bail!("{message}");
}
-// Do not print anything if the installation was
successful,
-// as we handle that here ourselves
+info!("Finished: '{state}' {message}");
}
};
}
@@ -187,23 +177,3 @@ fn run_installation(
};
inner().map_err(|err| format_err!("low level installer returned early:
{err}"))
}
-
-fn run_postinstallation(answer: ) {
-if !answer.global.root_ssh_keys.is_empty() {
-// FIXME: move handling this into the low-level installer and just
pass in installation
-// config, as doing parts of the installation/configuration here and
parts in the
-// low-level installer is not nice (seemingly spooky actions at a
distance).
-info!("Adding root ssh-keys to the installed system ..");
-run_cmds(
-"ssh-key-setup",
-true,
-&[
-"mkdir -p /target/root/.ssh",
-!(
-"printf '{}' >>/target/root/.ssh/authorized_keys",
-
[pve-devel] applied: [RFC PATCH pve-manager 1/2] ui: mobile: fix totp login
Am 14/12/2023 um 10:55 schrieb Dominik Csapak:
> logging in with totp on mobile was broken with these two commits:
>
> pve-manager:
> 509d7a20 ("mobile ui: implement dummy message box and scrip loader")
> and
> pve-access-control:
> cb64967 ("api: drop old verify_tfa api call")
>
> the pve-manager one overwrote the Ext.MessageBox and Ext.Msg classes and
> thus removed the Ext.MessageBox.OKCANCEL constant that represented the
> buttons of popup messages (without those no buttons on message boxes
> where shown).
>
> This override did not work as intended, as we still showed the message
> box by accident, because at that point the Ext.MessageBox was already
> initialized (so it was overwritten), but Ext.Msg was not (this happens
> later).
>
> and the pve-access-control removed the old tfa verify api (which is now
> done via the /access/ticket api)
>
> so to fix that, we have to adapt to the api changes and restore the
> stock Ext.MessageBox and Ext.Msg classes by removing the overrides
> (i couldn't find where we would need those)
>
> we still cannot handle u2f or recovery methods though
>
> Signed-off-by: Dominik Csapak
> ---
> www/mobile/Login.js | 8 ++--
> www/mobile/Toolkit.js | 5 -
> 2 files changed, 6 insertions(+), 7 deletions(-)
>
>
applied both patches, thanks!
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH proxmox-firewall] firewall: properly cleanup tables when firewall is inactive
Am 23/04/2024 um 11:21 schrieb Stefan Hanreich: > When executing multiple nft commands they are transactional, either > all get applied or none. When only the host or guest firewall is > active, only one table exists and this causes the delete commands to > fail. To fix this we need to send the delete commands separately. > > It might make sense to support running multiple separate batches in > the NftClient in the future in order to avoid having to call nft > twice. > > Signed-off-by: Stefan Hanreich > --- > proxmox-firewall/src/bin/proxmox-firewall.rs | 9 + > proxmox-firewall/src/firewall.rs | 10 +- > 2 files changed, 10 insertions(+), 9 deletions(-) > > applied, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH common] interfaces: support stanzas without types/methods
Am 23/04/2024 um 15:03 schrieb Wolfgang Bumiller:
> This is allowed in ifupdown2 and previously interfaces named
> 'vmbr\d+' were recognized as bridges even if they used this mode.
> With commit e68ebda4f109 this is no longer the case.
>
> Fixes: e68ebda4f109 ("fix #545: interfaces: allow arbitrary bridge names in
> network config")
> Signed-off-by: Wolfgang Bumiller
> ---
> The `__interface_to_string portion` is much better viewied with `-w`
>
> src/PVE/INotify.pm| 97 +--
> .../t.ifupdown2-typeless.pl | 47 +
> 2 files changed, 117 insertions(+), 27 deletions(-)
> create mode 100644 test/etc_network_interfaces/t.ifupdown2-typeless.pl
>
>
applied, thanks!
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH installer] auto-installer: support UTC as timezone
Am 23/04/2024 um 13:29 schrieb Christoph Heiss: > Reported-by: Fiona Ebner > Signed-off-by: Christoph Heiss > --- > proxmox-auto-installer/src/utils.rs | 3 +++ > 1 file changed, 3 insertions(+) > > applied, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH installer] tui: update screen during installation only when necessary
This can significantly reduces CPU load and even speed up the
installation a lot on single-core machines. While the latter may not be
a realistic target for obvious reasons, lowering overall CPU usage is
always a good thing.
Also helps with flickering during the installation process quite a bit
too.
E.g. a test installation on a single-core VM goes down from 47:35 min
w/o the patch to 2:26 min w/ the patch, a ~94%(!) decrease in time.
Signed-off-by: Christoph Heiss
---
proxmox-tui-installer/src/main.rs | 3 --
.../src/views/install_progress.rs | 32 +++
2 files changed, 18 insertions(+), 17 deletions(-)
diff --git a/proxmox-tui-installer/src/main.rs
b/proxmox-tui-installer/src/main.rs
index 2462a58..4fb7afd 100644
--- a/proxmox-tui-installer/src/main.rs
+++ b/proxmox-tui-installer/src/main.rs
@@ -664,9 +664,6 @@ fn summary_dialog(siv: Cursive) -> InstallerView {
}
fn install_progress_dialog(siv: Cursive) -> InstallerView {
-// Ensure the screen is updated independently of keyboard events and such
-siv.set_autorefresh(true);
-
let state = siv.user_data::().cloned().unwrap();
InstallerView::with_raw(, InstallProgressView::new(siv))
}
diff --git a/proxmox-tui-installer/src/views/install_progress.rs
b/proxmox-tui-installer/src/views/install_progress.rs
index 71af484..6453426 100644
--- a/proxmox-tui-installer/src/views/install_progress.rs
+++ b/proxmox-tui-installer/src/views/install_progress.rs
@@ -1,7 +1,7 @@
use cursive::{
utils::Counter,
view::{Nameable, Resizable, ViewWrapper},
-views::{Dialog, DummyView, LinearLayout, PaddedView, ProgressBar,
TextContent, TextView},
+views::{Dialog, DummyView, LinearLayout, PaddedView, ProgressBar,
TextView},
CbSink, Cursive,
};
use serde::Deserialize;
@@ -21,15 +21,15 @@ pub struct InstallProgressView {
}
impl InstallProgressView {
+const PROGRESS_TEXT_VIEW_ID: = "progress-text";
+
pub fn new(siv: Cursive) -> Self {
let cb_sink = siv.cb_sink().clone();
let state = siv.user_data::().unwrap();
-let progress_text = TextContent::new("starting the installation ..");
let progress_task = {
-let progress_text = progress_text.clone();
let state = state.clone();
-move |counter: Counter| Self::progress_task(counter, cb_sink,
state, progress_text)
+move |counter: Counter| Self::progress_task(counter, cb_sink,
state)
};
let progress_bar =
ProgressBar::new().with_task(progress_task).full_width();
@@ -41,7 +41,11 @@ impl InstallProgressView {
LinearLayout::vertical()
.child(PaddedView::lrtb(1, 1, 0, 0, progress_bar))
.child(DummyView)
-.child(TextView::new_with_content(progress_text).center())
+.child(
+TextView::new("starting the installation ..")
+.center()
+.with_name(Self::PROGRESS_TEXT_VIEW_ID),
+)
.child(PaddedView::lrtb(
1,
1,
@@ -54,12 +58,7 @@ impl InstallProgressView {
Self { view }
}
-fn progress_task(
-counter: Counter,
-cb_sink: CbSink,
-state: InstallerState,
-progress_text: TextContent,
-) {
+fn progress_task(counter: Counter, cb_sink: CbSink, state: InstallerState)
{
let mut child = match spawn_low_level_installer(state.in_test_mode) {
Ok(child) => child,
Err(err) => {
@@ -129,13 +128,18 @@ impl InstallProgressView {
}),
UiMessage::Progress { ratio, text } => {
counter.set((ratio * 100.).floor() as usize);
-progress_text.set_content(text);
-Ok(())
+cb_sink.send(Box::new(move |siv| {
+siv.call_on_name(Self::PROGRESS_TEXT_VIEW_ID, |v:
TextView| {
+v.set_content(text);
+});
+}))
}
UiMessage::Finished { state, message } => {
counter.set(100);
-progress_text.set_content(message.to_owned());
cb_sink.send(Box::new(move |siv| {
+siv.call_on_name(Self::PROGRESS_TEXT_VIEW_ID, |v:
TextView| {
+v.set_content();
+});
Self::prepare_for_reboot(siv, state == "ok",
);
}))
}
--
2.44.0
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied-series: [PATCH installer 1/2] move secure boot state to RunEnv
Am 23/04/2024 um 14:27 schrieb Fabian Grünbichler: > as preparation for using it in more than one place. > > Signed-off-by: Fabian Grünbichler > --- > Proxmox/Install.pm| 18 +- > Proxmox/Install/RunEnv.pm | 12 +++- > 2 files changed, 16 insertions(+), 14 deletions(-) > > applied both patches, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH manager 1/2] ui: backup jobs: fix fleecing parameters for 'run now' button
Am 23/04/2024 um 14:14 schrieb Dominik Csapak: > we have to 'printPropertyString' the fleecing parameters, otherwise > we'll get api parameter errors for that > > Signed-off-by: Dominik Csapak > --- > www/manager6/dc/Backup.js | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > applied both patches, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH common] interfaces: support stanzas without types/methods
This is allowed in ifupdown2 and previously interfaces named
'vmbr\d+' were recognized as bridges even if they used this mode.
With commit e68ebda4f109 this is no longer the case.
Fixes: e68ebda4f109 ("fix #545: interfaces: allow arbitrary bridge names in
network config")
Signed-off-by: Wolfgang Bumiller
---
The `__interface_to_string portion` is much better viewied with `-w`
src/PVE/INotify.pm| 97 +--
.../t.ifupdown2-typeless.pl | 47 +
2 files changed, 117 insertions(+), 27 deletions(-)
create mode 100644 test/etc_network_interfaces/t.ifupdown2-typeless.pl
diff --git a/src/PVE/INotify.pm b/src/PVE/INotify.pm
index 4568593..8a4a810 100644
--- a/src/PVE/INotify.pm
+++ b/src/PVE/INotify.pm
@@ -912,23 +912,29 @@ sub __read_etc_network_interfaces {
# FIXME: handle those differently? auto makes it required on-boot,
vs. best-effort
$ifaces->{$_}->{autostart} = 1 for split (/\s+/, $2);
- } elsif ($line =~ m/^\s*iface\s+(\S+)\s+(inet6?)\s+(\S+)\s*$/) {
+ } elsif ($line =~ m/^\s*iface\s+(\S+)(?:\s+(inet6?)\s+(\S+))?\s*$/) {
my $i = $1;
my $family = $2;
my $f = { method => $3 }; # by family, merged to $d with a $suffix
- (my $suffix = $family) =~ s/^inet//;
+ my $suffix = $family;
+ $suffix =~ s/^inet// if defined $suffix;
my $d = $ifaces->{$i} ||= {};
$d->{priority} = $priority++ if !$d->{priority};
+
+ # $family may be undef, an undef family means we have a stanza
+ # without an `inet` or `inet6` section
push @{$d->{families}}, $family;
+
while (defined ($line = <$fh>)) {
$line =~ s/\s+$//; # drop trailing whitespaces
if ($line =~ m/^\s*#(.*?)\s*$/) {
- $f->{comments} = '' if !$f->{comments};
+ my $pushto = defined($suffix) ? $f : $d;
+ $pushto->{comments} = '' if !$pushto->{comments};
my $comment = decode('UTF-8', $1);
- $f->{comments} .= "$comment\n";
+ $pushto->{comments} .= "$comment\n";
} elsif ($line =~
m/^\s*(?:(?:iface|mapping|auto|source|source-directory)\s|allow-)/) {
last;
} elsif ($line =~ m/^\s*((\S+)\s+(.+))$/) {
@@ -967,7 +973,17 @@ sub __read_etc_network_interfaces {
};
if ($id eq 'address' || $id eq 'netmask' || $id eq
'broadcast' || $id eq 'gateway') {
- $f->{$id} = $value;
+ if (defined($suffix)) {
+ $d->{$id.$suffix} = $value;
+ } elsif ($id ne 'netmask') {
+ if ($value =~ /:/) {
+ $d->{$id.'6'} = $value;
+ } else {
+ $d->{$id} = $value;
+ }
+ } else {
+ $d->{$id} = $value;
+ }
} elsif ($simple_options->{$id}) {
$d->{$id} = $value;
} elsif ($id eq 'slaves' || $id eq 'bridge_ports') {
@@ -1002,13 +1018,16 @@ sub __read_etc_network_interfaces {
} elsif ($id eq 'vxlan-remoteip') {
push @{$d->{$id}}, $value;
} else {
- push @{$f->{options}}, $option;
+ my $pushto = defined($suffix) ? $f : $d;
+ push @{$pushto->{options}}, $option;
}
} else {
last;
}
}
- $d->{"$_$suffix"} = $f->{$_} for keys $f->%*;
+ if (defined($suffix)) {
+ $d->{"$_$suffix"} = $f->{$_} for keys $f->%*;
+ }
last SECTION if !defined($line);
redo SECTION;
} elsif ($line =~ /\w/) {
@@ -1227,24 +1246,37 @@ sub _get_cidr {
sub __interface_to_string {
my ($iface, $d, $family, $first_block, $ifupdown2) = @_;
-(my $suffix = $family) =~ s/^inet//;
+my $suffix = $family;
+$suffix =~ s/^inet// if defined($suffix);
-return '' if !($d && $d->{"method$suffix"});
+return '' if $family && !($d && $d->{"method$suffix"});
-my $raw = "iface $iface $family " . $d->{"method$suffix"} . "\n";
+my $raw = "iface $iface";
+$raw .= " $family " . $d->{"method$suffix"} if defined $family;
+$raw .= "\n";
-if (my $addr = $d->{"address$suffix"}) {
- if ($addr !~ /\/\d+$/ && $d->{"netmask$suffix"}) {
- if ($d->{"netmask$suffix"} =~ m/^\d+$/) {
- $addr .= "/" . $d->{"netmask$suffix"};
- } elsif (my $mask =
PVE::JSONSchema::get_netmask_bits($d->{"netmask$suffix"})) {
- $addr .= "/" . $mask;
+my $add_addr = sub {
+ my
[pve-devel] [PATCH installer 2/2] skip proxmox-secure-boot-support if secureboot is not enabled
while it doesn't hurt to be installed, it also doesn't help in any fashion on
such systems.
Signed-off-by: Fabian Grünbichler
---
Notes:
only makes sense if proxmox-secure-boot-support is on the ISO
Proxmox/Install.pm | 1 +
1 file changed, 1 insertion(+)
diff --git a/Proxmox/Install.pm b/Proxmox/Install.pm
index 82619ae..e2f8ad9 100644
--- a/Proxmox/Install.pm
+++ b/Proxmox/Install.pm
@@ -1098,6 +1098,7 @@ _EOD
# upon upgrade - and conflict with each other - install the fitting
one only
next if ($deb =~ /grub-pc_/ && $run_env->{boot_type} ne 'bios');
next if ($deb =~ /grub-efi-amd64_/ && $run_env->{boot_type} ne
'efi');
+ next if ($deb =~ /^proxmox-secure-boot-support_/ &&
!$run_env->{secure_boot});
update_progress($count/$pkg_count, 0.5, 0.75, "extracting $deb");
print STDERR "extracting: $deb\n";
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH installer 1/2] move secure boot state to RunEnv
as preparation for using it in more than one place.
Signed-off-by: Fabian Grünbichler
---
Proxmox/Install.pm| 18 +-
Proxmox/Install/RunEnv.pm | 12 +++-
2 files changed, 16 insertions(+), 14 deletions(-)
diff --git a/Proxmox/Install.pm b/Proxmox/Install.pm
index 19f7dc1..82619ae 100644
--- a/Proxmox/Install.pm
+++ b/Proxmox/Install.pm
@@ -15,7 +15,7 @@ use Proxmox::Install::StorageConfig;
use Proxmox::Sys::Block qw(get_cached_disks wipe_disk partition_bootable_disk);
use Proxmox::Sys::Command qw(run_command syscmd);
-use Proxmox::Sys::File qw(file_read_all file_read_firstline file_write_all);
+use Proxmox::Sys::File qw(file_read_firstline file_write_all);
use Proxmox::UI;
# TODO: move somewhere better?
@@ -576,20 +576,12 @@ my sub chroot_chmod {
}
sub prepare_proxmox_boot_esp {
-my ($espdev, $targetdir) = @_;
+my ($espdev, $targetdir, $secureboot) = @_;
my $mode = '';
-# detect secure boot being enabled and switch to grub-on-ESP if it is
-if (-d "/sys/firmware/efi") {
- my $content = eval {
file_read_all("/sys/firmware/efi/efivars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c")
};
- if ($@) {
- warn "Failed to read secure boot state: $@\n";
- } else {
- my @secureboot = unpack("C", $content);
- $mode = 'grub' if $secureboot[4] == 1;
- }
-}
+# if secure boot is enabled switch to grub-on-ESP
+$mode = 'grub' if $secureboot;
syscmd("chroot $targetdir proxmox-boot-tool init $espdev $mode") == 0 ||
die "unable to init ESP and install proxmox-boot loader on '$espdev'\n";
@@ -1237,7 +1229,7 @@ _EOD
foreach my $di (@$bootdevinfo) {
my $dev = $di->{devname};
if ($use_zfs) {
- prepare_proxmox_boot_esp($di->{esp}, $targetdir);
+ prepare_proxmox_boot_esp($di->{esp}, $targetdir,
$run_env->{secure_boot});
} else {
if (!$native_4k_disk_bootable) {
eval {
diff --git a/Proxmox/Install/RunEnv.pm b/Proxmox/Install/RunEnv.pm
index 39505d0..7eaf96a 100644
--- a/Proxmox/Install/RunEnv.pm
+++ b/Proxmox/Install/RunEnv.pm
@@ -8,7 +8,7 @@ use JSON qw(from_json to_json);
use Proxmox::Log;
use Proxmox::Sys::Command qw(run_command CMD_FINISHED);
-use Proxmox::Sys::File qw(file_read_firstline);
+use Proxmox::Sys::File qw(file_read_all file_read_firstline);
use Proxmox::Sys::Block;
use Proxmox::Sys::Net;
@@ -285,6 +285,16 @@ sub query_installation_environment : prototype() {
$output->{hvm_supported} = query_cpu_hvm_support();
$output->{boot_type} = -d '/sys/firmware/efi' ? 'efi' : 'bios';
+if ($output->{boot_type} eq 'efi') {
+ my $content = eval {
file_read_all("/sys/firmware/efi/efivars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c")
};
+ if ($@) {
+ log_warn("Failed to read secure boot state: $@\n");
+ } else {
+ my @secureboot = unpack("C", $content);
+ $output->{secure_boot} = $secureboot[4] == 1;
+ }
+}
+
my $err;
my $country;
if ($routes->{gateway4}) {
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager 2/2] ui: backup job editor: fix disable behavior for fleecing storage
commit
569b0388 (ui: fix reset behavior of backup job editor)
disabled the fleecint storage field by default (as that is the default
state) to fix the reset behavior. This broke editing the job when
fleecing was enabled and the user did not navigate to the advanced tab
yet.
It seems that the 'bind' here only gets triggered once the panel is
rendered, but we actually need it before that.
To work around the issue for now, manually enable/disable the field when
toggling the fleecing checkbox. (Though this warrants a bit of deeper
investigation into this bind behavior)
Signed-off-by: Dominik Csapak
---
www/manager6/panel/BackupAdvancedOptions.js | 16
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/www/manager6/panel/BackupAdvancedOptions.js
b/www/manager6/panel/BackupAdvancedOptions.js
index f1810637..650946fe 100644
--- a/www/manager6/panel/BackupAdvancedOptions.js
+++ b/www/manager6/panel/BackupAdvancedOptions.js
@@ -18,6 +18,17 @@ Ext.define('PVE.panel.BackupAdvancedOptions', {
controller: {
xclass: 'Ext.app.ViewController',
+
+ toggleFleecing: function(cb, value) {
+ let me = this;
+ me.lookup('fleecingStorage').setDisabled(!value);
+ },
+
+ control: {
+ 'proxmoxcheckbox[reference=fleecingEnabled]': {
+ change: 'toggleFleecing',
+ },
+ }
},
onGetValues: function(formValues) {
@@ -181,14 +192,11 @@ Ext.define('PVE.panel.BackupAdvancedOptions', {
xtype: 'pveStorageSelector',
name: 'fleecing-storage',
fieldLabel: gettext('Fleecing Storage'),
- reference: 'storageSelector',
+ reference: 'fleecingStorage',
clusterView: true,
storageContent: 'images',
allowBlank: false,
disabled: true,
- bind: {
- disabled: '{!fleecingEnabled.checked}',
- },
},
endFlex: 2,
endColumn: {
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager 1/2] ui: backup jobs: fix fleecing parameters for 'run now' button
we have to 'printPropertyString' the fleecing parameters, otherwise
we'll get api parameter errors for that
Signed-off-by: Dominik Csapak
---
www/manager6/dc/Backup.js | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/www/manager6/dc/Backup.js b/www/manager6/dc/Backup.js
index 336b23f5..4ba80b31 100644
--- a/www/manager6/dc/Backup.js
+++ b/www/manager6/dc/Backup.js
@@ -617,7 +617,7 @@ Ext.define('PVE.dc.BackupView', {
delete job['repeat-missed'];
job.all = job.all === true ? 1 : 0;
- ['performance', 'prune-backups'].forEach(key => {
+ ['performance', 'prune-backups', 'fleecing'].forEach(key => {
if (job[key]) {
job[key] = PVE.Parser.printPropertyString(job[key]);
}
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH installer] auto-installer: support UTC as timezone
Reported-by: Fiona Ebner
Signed-off-by: Christoph Heiss
---
proxmox-auto-installer/src/utils.rs | 3 +++
1 file changed, 3 insertions(+)
diff --git a/proxmox-auto-installer/src/utils.rs
b/proxmox-auto-installer/src/utils.rs
index 02c27d8..1912e51 100644
--- a/proxmox-auto-installer/src/utils.rs
+++ b/proxmox-auto-installer/src/utils.rs
@@ -280,13 +280,16 @@ pub fn verify_locale_settings(answer: , locales:
) -> Result<(
if !locales.kmap.keys().any(|i| i == ) {
bail!("keyboard layout '{}' is not valid", );
}
+
if !locales
.cczones
.iter()
.any(|(_, zones)| zones.contains())
+&& answer.global.timezone != "UTC"
{
bail!("timezone '{}' is not valid", );
}
+
Ok(())
}
--
2.44.0
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH proxmox-firewall] firewall: properly cleanup tables when firewall is inactive
When executing multiple nft commands they are transactional, either
all get applied or none. When only the host or guest firewall is
active, only one table exists and this causes the delete commands to
fail. To fix this we need to send the delete commands separately.
It might make sense to support running multiple separate batches in
the NftClient in the future in order to avoid having to call nft
twice.
Signed-off-by: Stefan Hanreich
---
proxmox-firewall/src/bin/proxmox-firewall.rs | 9 +
proxmox-firewall/src/firewall.rs | 10 +-
2 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/proxmox-firewall/src/bin/proxmox-firewall.rs
b/proxmox-firewall/src/bin/proxmox-firewall.rs
index 2f4875f..4e07993 100644
--- a/proxmox-firewall/src/bin/proxmox-firewall.rs
+++ b/proxmox-firewall/src/bin/proxmox-firewall.rs
@@ -12,11 +12,12 @@ const RULE_BASE: =
include_str!("../../resources/proxmox-firewall.nft");
fn remove_firewall() -> Result<(), std::io::Error> {
log::info!("removing existing firewall rules");
-let commands = Firewall::remove_commands();
-// can ignore other errors, since it fails when tables do not exist
-if let Err(NftError::Io(err)) = NftClient::run_json_commands() {
-return Err(err);
+for command in Firewall::remove_commands() {
+// can ignore other errors, since it fails when tables do not exist
+if let Err(NftError::Io(err)) = NftClient::run_json_commands()
{
+return Err(err);
+}
}
Ok(())
diff --git a/proxmox-firewall/src/firewall.rs b/proxmox-firewall/src/firewall.rs
index 2195a07..b137f58 100644
--- a/proxmox-firewall/src/firewall.rs
+++ b/proxmox-firewall/src/firewall.rs
@@ -157,11 +157,11 @@ impl Firewall {
}
}
-pub fn remove_commands() -> Commands {
-Commands::new(vec![
-Delete::table(Self::cluster_table()),
-Delete::table(Self::guest_table()),
-])
+pub fn remove_commands() -> Vec {
+vec![
+Commands::new(vec![Delete::table(Self::cluster_table())]),
+Commands::new(vec![Delete::table(Self::guest_table())]),
+]
}
fn create_management_ipset(, commands: Commands) -> Result<(),
Error> {
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH installer] assistant: prepare iso: s/direct/included to match current naming
Signed-off-by: Alexander Zeidler
---
proxmox-auto-install-assistant/src/main.rs | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/proxmox-auto-install-assistant/src/main.rs
b/proxmox-auto-install-assistant/src/main.rs
index 17f8e96..c14316c 100644
--- a/proxmox-auto-install-assistant/src/main.rs
+++ b/proxmox-auto-install-assistant/src/main.rs
@@ -282,13 +282,13 @@ fn prepare_iso(args: ) -> Result<()> {
if args.install_mode == AutoInstModes::Included {
if args.answer_file.is_none() {
-bail!("Missing path to answer file needed for 'direct' install
mode.");
+bail!("Missing path to answer file needed for 'included' install
mode.");
}
if args.cert_fingerprint.is_some() {
-bail!("No certificate fingerprint needed for direct install mode.
Drop the parameter!");
+bail!("No certificate fingerprint needed for 'included' install
mode. Drop the parameter!");
}
if args.url.is_some() {
-bail!("No URL needed for direct install mode. Drop the
parameter!");
+bail!("No URL needed for 'included' install mode. Drop the
parameter!");
}
} else if args.install_mode == AutoInstModes::Partition {
if args.cert_fingerprint.is_some() {
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager 2/4] ui: guest import: fix typo on 'attached'
Signed-off-by: Maximiliano Sandoval
---
www/manager6/window/GuestImport.js | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/www/manager6/window/GuestImport.js
b/www/manager6/window/GuestImport.js
index 69e7c9bb..636fd721 100644
--- a/www/manager6/window/GuestImport.js
+++ b/www/manager6/window/GuestImport.js
@@ -922,8 +922,7 @@ Ext.define('PVE.window.GuestImport', {
let renderWarning = w => {
const warningsCatalogue = {
'cdrom-image-ignored': gettext("CD-ROM images cannot get
imported, if required you can reconfigure the '{0}' drive in the 'Advanced'
tab."),
- 'nvme-unsupported': gettext("NVMe disks are currently not
supported, '{0}' will get attaced as SCSI"),
- 'ovmf-with-lsi-unsupported': gettext("OVMF is built without LSI
drivers, scsi hardware was set to '{1}'"),
+ 'nvme-unsupported': gettext("NVMe disks are currently not
supported, '{0}' will get attached as SCSI"),
'ovmf-with-lsi-unsupported': gettext("OVMF is built without LSI
drivers, SCSI hardware was set to '{1}'"),
'serial-port-socket-only': gettext("Serial socket '{0}' will be
mapped to a socket"),
'guest-is-running': gettext('Virtual guest seems to be running
on source host. Import might fail or have inconsistent state!'),
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager 4/4] ui: backup job: simplify translatable string
Signed-off-by: Maximiliano Sandoval
---
www/manager6/panel/BackupAdvancedOptions.js | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/www/manager6/panel/BackupAdvancedOptions.js
b/www/manager6/panel/BackupAdvancedOptions.js
index b9e5304e..4b31f403 100644
--- a/www/manager6/panel/BackupAdvancedOptions.js
+++ b/www/manager6/panel/BackupAdvancedOptions.js
@@ -231,7 +231,7 @@ Ext.define('PVE.panel.BackupAdvancedOptions', {
xtype: 'component',
padding: '5 1',
html: `${gettext('Note')}: ${
- gettext("The node-specific 'vzdump.conf' or, if this is not
set, the default from the config schema is used to determine fallback
values.")}`,
+ gettext("The node-specific 'vzdump.conf'. If not set, the
defaults from the config schema are used to determine fallback values.")}`,
},
],
});
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager 1/4] ui: homogenize uses of Zstd and SCSI
See [1, 2] for their spelling.
[1] https://en.wikipedia.org/wiki/Zstd
[2] https://en.wikipedia.org/wiki/SCSI
Signed-off-by: Maximiliano Sandoval
---
www/manager6/form/BackupCompressionSelector.js | 2 +-
www/manager6/panel/BackupAdvancedOptions.js| 2 +-
www/manager6/window/DownloadUrlToStorage.js| 2 +-
www/manager6/window/GuestImport.js | 1 +
4 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/www/manager6/form/BackupCompressionSelector.js
b/www/manager6/form/BackupCompressionSelector.js
index 014b8f7e..2efc2919 100644
--- a/www/manager6/form/BackupCompressionSelector.js
+++ b/www/manager6/form/BackupCompressionSelector.js
@@ -5,6 +5,6 @@ Ext.define('PVE.form.BackupCompressionSelector', {
['0', Proxmox.Utils.noneText],
['lzo', 'LZO (' + gettext('fast') + ')'],
['gzip', 'GZIP (' + gettext('good') + ')'],
-['zstd', 'ZSTD (' + gettext('fast and good') + ')'],
+['zstd', 'Zstd (' + gettext('fast and good') + ')'],
],
});
diff --git a/www/manager6/panel/BackupAdvancedOptions.js
b/www/manager6/panel/BackupAdvancedOptions.js
index c79c31cb..a9c8a05a 100644
--- a/www/manager6/panel/BackupAdvancedOptions.js
+++ b/www/manager6/panel/BackupAdvancedOptions.js
@@ -136,7 +136,7 @@ Ext.define('PVE.panel.BackupAdvancedOptions', {
endFlex: 2,
endColumn: {
xtype: 'displayfield',
- value: `${gettext('Threads used for zstd compression
(non-PBS).')} ${Ext.String.format(gettext("Schema default: {0}"), 1)}`,
+ value: `${gettext('Threads used for Zstd compression
(non-PBS).')} ${Ext.String.format(gettext("Schema default: {0}"), 1)}`,
},
},
{
diff --git a/www/manager6/window/DownloadUrlToStorage.js
b/www/manager6/window/DownloadUrlToStorage.js
index 5523a152..f165e3a9 100644
--- a/www/manager6/window/DownloadUrlToStorage.js
+++ b/www/manager6/window/DownloadUrlToStorage.js
@@ -227,7 +227,7 @@ Ext.define('PVE.window.DownloadUrlToStorage', {
['__default__', Proxmox.Utils.NoneText],
['lzo', 'LZO'],
['gz', 'GZIP'],
- ['zst', 'ZSTD'],
+ ['zst', 'Zstd'],
],
cbind: {
hidden: get => get('content') !== 'iso',
diff --git a/www/manager6/window/GuestImport.js
b/www/manager6/window/GuestImport.js
index 944d275b..69e7c9bb 100644
--- a/www/manager6/window/GuestImport.js
+++ b/www/manager6/window/GuestImport.js
@@ -924,6 +924,7 @@ Ext.define('PVE.window.GuestImport', {
'cdrom-image-ignored': gettext("CD-ROM images cannot get
imported, if required you can reconfigure the '{0}' drive in the 'Advanced'
tab."),
'nvme-unsupported': gettext("NVMe disks are currently not
supported, '{0}' will get attaced as SCSI"),
'ovmf-with-lsi-unsupported': gettext("OVMF is built without LSI
drivers, scsi hardware was set to '{1}'"),
+ 'ovmf-with-lsi-unsupported': gettext("OVMF is built without LSI
drivers, SCSI hardware was set to '{1}'"),
'serial-port-socket-only': gettext("Serial socket '{0}' will be
mapped to a socket"),
'guest-is-running': gettext('Virtual guest seems to be running
on source host. Import might fail or have inconsistent state!'),
'efi-state-lost': Ext.String.format(
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager 3/4] ui: backup job: inline translatable string
This provides translators context of what kind of noun goes before
'Threads'. The word Zstd is already in other translations.
Signed-off-by: Maximiliano Sandoval
---
www/manager6/panel/BackupAdvancedOptions.js | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/www/manager6/panel/BackupAdvancedOptions.js
b/www/manager6/panel/BackupAdvancedOptions.js
index a9c8a05a..b9e5304e 100644
--- a/www/manager6/panel/BackupAdvancedOptions.js
+++ b/www/manager6/panel/BackupAdvancedOptions.js
@@ -121,7 +121,7 @@ Ext.define('PVE.panel.BackupAdvancedOptions', {
xtype: 'proxmoxintegerfield',
name: 'zstd',
reference: 'zstdThreadCount',
- fieldLabel: Ext.String.format(gettext('{0} Threads'), 'Zstd'),
+ fieldLabel: gettext('Zstd Threads'),
fieldStyle: 'text-align: right',
emptyText: gettext('Fallback'),
minValue: 0,
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH proxmox-i18n] es: update translation
Am 23/04/2024 um 10:13 schrieb Maximiliano Sandoval: > Signed-off-by: Maximiliano Sandoval > --- > es.po | 211 +++--- > 1 file changed, 98 insertions(+), 113 deletions(-) > > applied, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH proxmox-i18n] es: update translation
Signed-off-by: Maximiliano Sandoval
---
es.po | 211 +++---
1 file changed, 98 insertions(+), 113 deletions(-)
diff --git a/es.po b/es.po
index 476bdba..fc93eb2 100644
--- a/es.po
+++ b/es.po
@@ -8,7 +8,7 @@ msgstr ""
"Project-Id-Version: proxmox translations\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: Mon Apr 22 19:58:29 2024\n"
-"PO-Revision-Date: 2024-02-27 15:38+0100\n"
+"PO-Revision-Date: 2024-04-23 10:07+0200\n"
"Last-Translator: Maximiliano Sandoval \n"
"Language-Team: Spanish\n"
"Language: es\n"
@@ -16,7 +16,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
-"X-Generator: Gtranslator 45.3\n"
+"X-Generator: Gtranslator 46.1\n"
"X-Poedit-SourceCharset: UTF-8\n"
#: pve-manager/www/manager6/qemu/Options.js:95
@@ -173,11 +173,11 @@ msgstr "Control de acceso"
#: pve-manager/www/manager6/lxc/DeviceEdit.js:88
msgid "Access Mode in CT"
-msgstr ""
+msgstr "Modo de acceso en CT"
#: pve-manager/www/manager6/lxc/DeviceEdit.js:95
msgid "Access mode has to be an octal number"
-msgstr ""
+msgstr "Modo de acceso debe ser un número octal"
#: proxmox-widget-toolkit/src/window/ACMEAccount.js:154
#: pmg-gui/js/LDAPConfig.js:248 pmg-gui/js/LDAPUserEditor.js:43
@@ -720,9 +720,8 @@ msgid "Are you sure you want to remove tape '{0}' ?"
msgstr "¿Estás seguro de que desea remover la cinta {0}?"
#: proxmox-widget-toolkit/src/panel/Certificates.js:248
-#, fuzzy
msgid "Are you sure you want to remove the certificate"
-msgstr "¿Estás seguro de que desea eliminar el certificado usado por {0}?"
+msgstr "¿Estás seguro de que desea eliminar el certificado?"
#: proxmox-widget-toolkit/src/panel/Certificates.js:244
msgid "Are you sure you want to remove the certificate used for {0}"
@@ -1021,6 +1020,8 @@ msgstr "Snapshots de respaldos en '{0}'"
msgid ""
"Backup write cache that can reduce IO pressure inside guests (VMs only)."
msgstr ""
+"Respaldar caché de escritura que puede reducir la presión de IO dentro de "
+"los guests (solo VMs)."
#: pmg-gui/js/NavigationTree.js:90
msgid "Backup/Restore"
@@ -1270,6 +1271,8 @@ msgid ""
"CD-ROM images cannot get imported, if required you can reconfigure the '{0}' "
"drive in the 'Advanced' tab."
msgstr ""
+"Las imágenes de CD-ROM no pueden importarse, si es necesario, puede "
+"reconfigurar la unidad '{0}' en la pestaña 'Avanzado'."
#: pve-manager/www/manager6/qemu/HardwareView.js:227
#: pve-manager/www/manager6/qemu/HardwareView.js:676
@@ -1277,9 +1280,8 @@ msgid "CD/DVD Drive"
msgstr "Dispositivo CD/DVD"
#: pve-manager/www/manager6/window/GuestImport.js:715
-#, fuzzy
msgid "CD/DVD Drives"
-msgstr "Dispositivo CD/DVD"
+msgstr "Dispositivos de CD/DVD"
#: proxmox-widget-toolkit/src/form/NetworkSelector.js:90
#: proxmox-widget-toolkit/src/node/NetworkView.js:352
@@ -1301,9 +1303,8 @@ msgid "CPU Affinity"
msgstr "Afinidad de la CPU"
#: pve-manager/www/manager6/window/GuestImport.js:508
-#, fuzzy
msgid "CPU Type"
-msgstr "Tipo de SO"
+msgstr "Tipo de CPU"
#: pve-manager/www/manager6/lxc/ResourceEdit.js:79
#: pve-manager/www/manager6/qemu/ProcessorEdit.js:191
@@ -1661,9 +1662,8 @@ msgid "Client Message Rate Limit"
msgstr "Límite de la tasa de mensaje del cliente"
#: pve-manager/www/manager6/qemu/DisplayEdit.js:84
-#, fuzzy
msgid "Clipboard"
-msgstr "Copiar al portapapeles"
+msgstr "Portapapeles"
#: pve-manager/www/manager6/Utils.js:2012
#: pve-manager/www/manager6/Utils.js:2041
@@ -1976,9 +1976,8 @@ msgid "Confirm"
msgstr "Confirmar"
#: proxmox-widget-toolkit/src/window/PasswordEdit.js:47
-#, fuzzy
msgid "Confirm New Password"
-msgstr "Confirme la contraseña"
+msgstr "Confirme nueva contraseña"
#: proxmox-backup/www/tape/window/EncryptionEdit.js:45
msgid "Confirm Password"
@@ -2150,9 +2149,8 @@ msgstr "Copiar datos"
#: proxmox-backup/www/datastore/Content.js:1301
#: proxmox-backup/www/datastore/Content.js:1355
-#, fuzzy
msgid "Copy name to clipboard"
-msgstr "Copiar al portapapeles"
+msgstr "Copiar nombre al portapapeles"
#: pmg-gui/js/Utils.js:660
msgid "Copy original mail to Attachment Quarantine"
@@ -2574,9 +2572,8 @@ msgid "Default (Errors)"
msgstr "Por defecto (errores)"
#: pve-manager/www/manager6/window/GuestImport.js:554
-#, fuzzy
msgid "Default Bridge"
-msgstr "Predeterminado al origen"
+msgstr "Puente predeterminado"
#: proxmox-backup/www/tape/window/TapeRestore.js:39
msgid "Default Datastore"
@@ -2595,9 +2592,8 @@ msgid "Default Relay"
msgstr "Relé por defecto"
#: pve-manager/www/manager6/window/GuestImport.js:486
-#, fuzzy
msgid "Default Storage"
-msgstr "Almacén de datos por defecto"
+msgstr "Almacenamiento por defecto"
#: proxmox-widget-toolkit/src/window/AuthEditLDAP.js:344
#: pve-manager/www/manager6/dc/AuthEditLDAP.js:255
@@ -2843,14 +2839,12 @@ msgid "Device Ineligible"
msgstr "Dispositivo no apto"
#:
[pve-devel] applied: [PATCH manager] ui: fix reset behavior of backup job editor
Am 23/04/2024 um 09:30 schrieb Dominik Csapak: > when we `bind` we also have to set the initial value correctly, > otherwise the form dirty tracking is off (the initial bind set does not > reset the `originalValue`) > > also the bandwidth selector auto transformed the value `null` to `0` > when there was no initial transformation. Since this is not a valid > value anyway, skip that. > > Signed-off-by: Dominik Csapak > --- > www/manager6/dc/Backup.js | 1 + > www/manager6/form/BandwidthSelector.js | 2 +- > www/manager6/panel/BackupAdvancedOptions.js | 1 + > 3 files changed, 3 insertions(+), 1 deletion(-) > > applied, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH manager] ui: fix reset behavior of backup job editor
when we `bind` we also have to set the initial value correctly,
otherwise the form dirty tracking is off (the initial bind set does not
reset the `originalValue`)
also the bandwidth selector auto transformed the value `null` to `0`
when there was no initial transformation. Since this is not a valid
value anyway, skip that.
Signed-off-by: Dominik Csapak
---
www/manager6/dc/Backup.js | 1 +
www/manager6/form/BandwidthSelector.js | 2 +-
www/manager6/panel/BackupAdvancedOptions.js | 1 +
3 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/www/manager6/dc/Backup.js b/www/manager6/dc/Backup.js
index cd4ece33..336b23f5 100644
--- a/www/manager6/dc/Backup.js
+++ b/www/manager6/dc/Backup.js
@@ -350,6 +350,7 @@ Ext.define('PVE.dc.BackupEdit', {
],
fieldLabel: gettext('Notification mode'),
name: 'notification-mode',
+ value: '__default__',
cbind: {
deleteEmpty: '{!isCreate}',
},
diff --git a/www/manager6/form/BandwidthSelector.js
b/www/manager6/form/BandwidthSelector.js
index 01ec8f9c..6f20af3a 100644
--- a/www/manager6/form/BandwidthSelector.js
+++ b/www/manager6/form/BandwidthSelector.js
@@ -62,7 +62,7 @@ Ext.define('PVE.form.SizeField', {
flex: 1,
enableKeyEvents: true,
setValue: function(v) {
- if (!this._transformed) {
+ if (!this._transformed && v !== null) {
let fieldContainer = this.up('fieldcontainer');
let vm = fieldContainer.getViewModel();
let unit = vm.get('unit');
diff --git a/www/manager6/panel/BackupAdvancedOptions.js
b/www/manager6/panel/BackupAdvancedOptions.js
index c79c31cb..f1810637 100644
--- a/www/manager6/panel/BackupAdvancedOptions.js
+++ b/www/manager6/panel/BackupAdvancedOptions.js
@@ -185,6 +185,7 @@ Ext.define('PVE.panel.BackupAdvancedOptions', {
clusterView: true,
storageContent: 'images',
allowBlank: false,
+ disabled: true,
bind: {
disabled: '{!fleecingEnabled.checked}',
},
--
2.39.2
___
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
Re: [pve-devel] [PATCH qemu-server v7 2/3] config: QEMU AMD SEV enable
Am 22/04/2024 um 14:16 schrieb Markus Frank:
> This patch is for enabling AMD SEV (Secure Encrypted
> Virtualization) support in QEMU
try to keep a somewhat unified line length over the whole commit message,
most editors support re-flowing (parts of the) text to e.g. the for
commit messages commonly used 70 or 72 text width.
>
> VM-Config-Examples:
> amd_sev: type=std,nodbg=1,noks=1
> amd_sev: es,nodbg=1,kernel-hashes=1
>
> Node-Config-Example (gets generated automatically):
> amd_sev: cbitpos=47,reduced-phys-bios=1
>
> kernel-hashes, reduced-phys-bios & cbitpos correspond to the varibles
typo: variables
> with the same name in qemu.
>
> kernel-hashes=1 adds kernel-hashes to enable measured linux kernel
> launch since it is per default off for backward compatibility.
>
> reduced-phys-bios and cbitpos are system specific and are read out by
> the amd-sev-support.service on boot and saved to the /run/amd-sev-params
> file. This file is parsed and than used by qemu-server to correctly
> start a AMD SEV VM.
>
> type=std stands for standard sev to differentiate it from sev-es (es)
> or sev-snp (snp) when support is upstream.
>
> QEMU's sev-guest policy gets calculated with the parameters nodbg & noks
> These parameters correspond to policy-bits 0 & 1.
> If type is 'es' than policy-bit 2 gets set to 1 to activate SEV-ES.
> Policy bit 3 (nosend) is always set to 1, because migration
> features for sev are not upstream yet and are attackable.
>
> SEV-ES is highly experimental since it could not be tested.
>
> see coherent doc patch
>
> Signed-off-by: Markus Frank
> ---
> v7:
> * adjustments for the changes made in the query-machine-params C program
>
> v6:
> * rebase on master
> * removed unused $sev_node_fmt object
>
> v5:
> * parse /run/amd-sev-params for hardware parameters
> * removed NodeConfig dependency
> * only disallow live-migration and snapshots with vmstate
> -> allow offline migration and snapshots without vmstate
>
> v4:
> * reduced lines of code
> * added text that SEV-ES is experimental
>
> PVE/API2/Qemu.pm | 10 ++
> PVE/QemuMigrate.pm | 4 +++
> PVE/QemuServer.pm | 83 ++
> 3 files changed, 97 insertions(+)
>
> diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
> index 2a349c8..2e8d654 100644
> --- a/PVE/API2/Qemu.pm
> +++ b/PVE/API2/Qemu.pm
> @@ -4512,6 +4512,10 @@ __PACKAGE__->register_method({
> push $local_resources->@*, "clipboard=vnc";
> }
> > + if ($res->{running} && $vmconf->{amd_sev}) {
a comment might be good here
> + push $local_resources->@*, "amd_sev";
> + }
> +
> # if vm is not running, return target nodes where local storage/mapped
> devices are available
> # for offline migration
> if (!$res->{running}) {
> @@ -5192,6 +5196,12 @@ __PACKAGE__->register_method({
> die "unable to use snapshot name 'pending' (reserved name)\n"
> if lc($snapname) eq 'pending';
>
> + my $conf = PVE::QemuConfig->load_config($vmid);
> + if ($param->{vmstate} && $conf->{amd_sev}) {
> + die "Snapshots that include memory are not supported while memory"
> + ." is encrypted by AMD SEV.\n"
> + }
> +
> my $realcmd = sub {
> PVE::Cluster::log_msg('info', $authuser, "snapshot VM $vmid:
> $snapname");
> PVE::QemuConfig->snapshot_create($vmid, $snapname,
> $param->{vmstate},
> diff --git a/PVE/QemuMigrate.pm b/PVE/QemuMigrate.pm
> index 8d9b35a..7db18b2 100644
> --- a/PVE/QemuMigrate.pm
> +++ b/PVE/QemuMigrate.pm
> @@ -260,6 +260,10 @@ sub prepare {
> die "VMs with 'clipboard' set to 'vnc' are not live migratable!\n";
> }
>
> +if ($running && $conf->{'amd_sev'}) {
> + die "VMs with AMD SEV are not live migratable!\n";
cannot live-migrate VM when AMD SEV is enabled.
> +}
> +
> my $vollist = PVE::QemuServer::get_vm_volumes($conf);
>
> my $storages = {};
> diff --git a/PVE/QemuServer.pm b/PVE/QemuServer.pm
> index 28e630d..b03f1b4 100644
> --- a/PVE/QemuServer.pm
> +++ b/PVE/QemuServer.pm
> @@ -177,6 +177,40 @@ my $agent_fmt = {
> },
> };
>
> +my $sev_fmt = {
> +type => {
> + description => "Enable standard SEV with type='std' or enable
> experimental SEV-ES"
> + ." with the 'es' option.",
> + type => 'string',
> + default_key => 1,
> + format_description => "qemu-sev-type",
> + enum => ['std', 'es'],
> + maxLength => 3,
> +},
> +nodbg => {
'no-debug' would be more telling
> + description => "Sets policy bit 0 to 1 to disallow debugging of guest",
> + type => 'boolean',
> + format_description => "qemu-sev-nodbg",
do we need a format description for a boolean
> + default => 0,
> + optional => 1,
> +},
> +noks => {
'no-key-sharing' would be also more telling
> + description => "Sets policy bit 1 to 1 to disallow key sharing with
> other guests",
> + type => 'boolean',
> +
[pve-devel] applied: [PATCH proxmox-i18n] update Italian translations
Am 23/04/2024 um 08:29 schrieb Christian Ebner: > Signed-off-by: Christian Ebner > --- > it.po | 118 +++--- > 1 file changed, 39 insertions(+), 79 deletions(-) > > applied, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] applied: [PATCH pve-docs v4 5/5] firewall: add documentation for proxmox-firewall
Am 19/04/2024 um 11:42 schrieb Stefan Hanreich: > Add a section that explains how to use the new nftables-based > proxmox-firewall. > > Signed-off-by: Stefan Hanreich > --- > pve-firewall.adoc | 181 ++ > 1 file changed, 181 insertions(+) > > applied this one too now, thanks! ___ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
[pve-devel] [PATCH proxmox-i18n] update Italian translations
Signed-off-by: Christian Ebner
---
it.po | 118 +++---
1 file changed, 39 insertions(+), 79 deletions(-)
diff --git a/it.po b/it.po
index af63294..26e6e69 100644
--- a/it.po
+++ b/it.po
@@ -714,9 +714,8 @@ msgid "Are you sure you want to remove tape '{0}' ?"
msgstr "Siete sicuri di voler rimuovere il nastro '{0}'"
#: proxmox-widget-toolkit/src/panel/Certificates.js:248
-#, fuzzy
msgid "Are you sure you want to remove the certificate"
-msgstr "Siete sicuri di voler rimuovere il certificato utilizzato per {0}"
+msgstr "Siete sicuri di voler rimuovere il certificato"
#: proxmox-widget-toolkit/src/panel/Certificates.js:244
msgid "Are you sure you want to remove the certificate used for {0}"
@@ -1271,9 +1270,8 @@ msgid "CD/DVD Drive"
msgstr "Lettore CD/DVD"
#: pve-manager/www/manager6/window/GuestImport.js:715
-#, fuzzy
msgid "CD/DVD Drives"
-msgstr "Lettore CD/DVD"
+msgstr "Lettori CD/DVD"
#: proxmox-widget-toolkit/src/form/NetworkSelector.js:90
#: proxmox-widget-toolkit/src/node/NetworkView.js:352
@@ -1295,9 +1293,8 @@ msgid "CPU Affinity"
msgstr "Affinità CPU"
#: pve-manager/www/manager6/window/GuestImport.js:508
-#, fuzzy
msgid "CPU Type"
-msgstr "Tipo OS"
+msgstr "Tipo CPU"
#: pve-manager/www/manager6/lxc/ResourceEdit.js:79
#: pve-manager/www/manager6/qemu/ProcessorEdit.js:191
@@ -1965,9 +1962,8 @@ msgid "Confirm"
msgstr "Conferma"
#: proxmox-widget-toolkit/src/window/PasswordEdit.js:47
-#, fuzzy
msgid "Confirm New Password"
-msgstr "Conferma Password"
+msgstr "Conferma Password Nuova"
#: proxmox-backup/www/tape/window/EncryptionEdit.js:45
msgid "Confirm Password"
@@ -2558,9 +2554,8 @@ msgid "Default (Errors)"
msgstr "Predefinito (Errori)"
#: pve-manager/www/manager6/window/GuestImport.js:554
-#, fuzzy
msgid "Default Bridge"
-msgstr "Predefinito è origine"
+msgstr "Bridge Predefinita"
#: proxmox-backup/www/tape/window/TapeRestore.js:39
msgid "Default Datastore"
@@ -2579,9 +2574,8 @@ msgid "Default Relay"
msgstr "Relay Predefinito"
#: pve-manager/www/manager6/window/GuestImport.js:486
-#, fuzzy
msgid "Default Storage"
-msgstr "Datastore Predefinito"
+msgstr "Storage Predefinito"
#: proxmox-widget-toolkit/src/window/AuthEditLDAP.js:344
#: pve-manager/www/manager6/dc/AuthEditLDAP.js:255
@@ -2823,14 +2817,12 @@ msgid "Device Ineligible"
msgstr "Dispositivo non qualificato"
#: pve-manager/www/manager6/lxc/Resources.js:395
-#, fuzzy
msgid "Device Passthrough"
-msgstr "Classe Dispositivo"
+msgstr "Passthrough Dispositivo"
#: pve-manager/www/manager6/lxc/DeviceEdit.js:53
-#, fuzzy
msgid "Device Path"
-msgstr "Dispositivo"
+msgstr "Path Dispositivo"
#: pve-manager/www/manager6/ceph/OSDDetails.js:228
msgid "Device node"
@@ -2984,9 +2976,8 @@ msgid "Do not use any media"
msgstr "Non usare nessun media"
#: proxmox-widget-toolkit/src/panel/NotificationConfigView.js:14
-#, fuzzy
msgid "Do you want to reset {0} to its default settings?"
-msgstr "Vuoi veramente resettare la VM {0}?"
+msgstr "Vuoi resettare {0} sulle impostazioni predefinite?"
#: proxmox-widget-toolkit/src/panel/NotificationConfigView.js:120
msgid "Do you want to send a test notification to '{0}'?"
@@ -3177,14 +3168,12 @@ msgid "E-Mail attribute"
msgstr "Attributo e-mail"
#: pve-manager/www/manager6/node/ACME.js:212
-#, fuzzy
msgid "EAB Key"
-msgstr "Chiave API"
+msgstr "Chiave EAB"
#: pve-manager/www/manager6/node/ACME.js:202
-#, fuzzy
msgid "EAB Key ID"
-msgstr "Chiavi ID"
+msgstr "ID chiave EAB"
#: proxmox-widget-toolkit/src/Utils.js:740
msgid "EB"
@@ -3328,7 +3317,6 @@ msgid "Edit existing encryption key (dangerous!)"
msgstr "Modifica encryption key esistente (pericoloso!)"
#: proxmox-widget-toolkit/src/panel/NotesView.js:145
-#, fuzzy
msgid "Edit notes"
msgstr "Modifica Annotazioni"
@@ -3907,9 +3895,8 @@ msgstr ""
#: pve-manager/www/manager6/panel/BackupAdvancedOptions.js:103
#: pve-manager/www/manager6/panel/BackupAdvancedOptions.js:126
#: pve-manager/www/manager6/panel/BackupAdvancedOptions.js:151
-#, fuzzy
msgid "Fallback"
-msgstr "Rollback"
+msgstr ""
#: proxmox-widget-toolkit/src/window/AuthEditLDAP.js:155
#: pve-manager/www/manager6/dc/AuthEditAD.js:38
@@ -4111,14 +4098,12 @@ msgid "Flags"
msgstr ""
#: pve-manager/www/manager6/panel/BackupAdvancedOptions.js:168
-#, fuzzy
msgid "Fleecing"
-msgstr "Fencing"
+msgstr ""
#: pve-manager/www/manager6/panel/BackupAdvancedOptions.js:183
-#, fuzzy
msgid "Fleecing Storage"
-msgstr "Storage EFI"
+msgstr "Storage per Fleecing"
#: pve-manager/www/manager6/qemu/Options.js:129
msgid "Floppy"
@@ -4263,9 +4248,8 @@ msgstr "Dal Backup"
#: pve-manager/www/manager6/window/GuestImport.js:660
#: pve-manager/www/manager6/window/GuestImport.js:846
-#, fuzzy
msgid "From Default"
-msgstr "Predefinitio"
+msgstr "Dal Predefinitio"
#: pve-manager/www/manager6/qemu/PCIEdit.js:302
#: pve-manager/www/manager6/qemu/PCIEdit.js:311
@@ -4819,9 +4803,8
