Configuration Files¶
All Proxmox Backup Server configuration files reside in the directory
/etc/proxmox-backup/.
acl.cfg¶
File Format¶
This file contains the access control list for the Proxmox Backup Server API.
Each line starts with acl:, followed by 4 additional values
separated by colon.
- propagate
Propagate permissions down the hierarchy
- path
The object path
- User/Token
List of users and tokens
- Role
List of assigned roles
Here is an example list:
acl:1:/:root@pam!test:Admin
acl:1:/datastore/store1:user1@pbs:DatastoreAdmin
You can use the proxmox-backup-manager acl command to manipulate
this file.
Roles¶
The following roles exist:
AdminAdministrator
AuditAuditor
NoAccessDisable Access
DatastoreAdminDatastore Administrator
DatastoreReaderDatastore Reader (inspect datastore content and do restores)
DatastoreBackupDatastore Backup (backup and restore owned backups)
DatastorePowerUserDatastore PowerUser (backup, restore and prune owned backup)
DatastoreAuditDatastore Auditor
RemoteAuditRemote Auditor
RemoteAdminRemote Administrator
RemoteSyncOperatorSyncronisation Opertator
TapeAuditTape Auditor
TapeAdminTape Administrator
TapeOperatorTape Operator
TapeReaderTape Reader
datastore.cfg¶
File Format¶
This file contains a list of datastore configuration sections. Each
section starts with the header datastore: <name>, followed by the
datastore configuration options.
datastore: <name1>
path <path1>
<option1> <value1>
...
datastore: <name2>
path <path2>
...
You can use the proxmox-backup-manager datastore command to manipulate
this file.
Options¶
Required properties:
path<string>Directory name
Optional properties:
comment<string>Comment (single line).
gc-schedule<calendar-event>Run garbage collection job at specified schedule.
maintenance-mode[type=<enum> [,message=<string>]]Maintenance mode, type is either 'offline' or 'read-only', message should be enclosed in "
type=read-only|offline|deleteMaintenance type.
message=<string>Message describing the reason for the maintenance.
notify[[gc=<enum>] [,prune=<enum>] [,sync=<enum>] [,verify=<enum>]]Datastore notification setting
gc=never|always|errorWhen do we send notifications
prune=never|always|errorWhen do we send notifications
sync=never|always|errorWhen do we send notifications
verify=never|always|errorWhen do we send notifications
notify-user<string>User ID
prune-schedule<calendar-event>Run prune job at specified schedule.
tuning[[chunk-order=<enum>] [,sync-level=<enum>]]Datastore tuning options
chunk-order=none|inode (default=inode)The order to sort chunks by
sync-level=none|file|filesystem (default=filesystem)The level of syncing that is done when writing into a datastore.
verify-new<boolean>If enabled, all new backups will be verified right after completion.
keep-daily<integer> (1 - N)Number of daily backups to keep.
keep-hourly<integer> (1 - N)Number of hourly backups to keep.
keep-last<integer> (1 - N)Number of backups to keep.
keep-monthly<integer> (1 - N)Number of monthly backups to keep.
keep-weekly<integer> (1 - N)Number of weekly backups to keep.
keep-yearly<integer> (1 - N)Number of yearly backups to keep.
domains.cfg¶
File Format¶
This file contains the list authentication realms.
Each user configuration section starts with the header <realm-type>: <name>,
followed by the realm's configuration options.
For LDAP realms, the LDAP bind password is stored in ldap_passwords.json.
openid: master
client-id pbs
comment
issuer-url http://192.168.0.10:8080/realms/master
username-claim username
ldap: ldap-server
base-dn OU=People,DC=ldap-server,DC=example,DC=com
mode ldaps
server1 192.168.0.10
sync-attributes email=mail
sync-defaults-options enable-new=0,remove-vanished=acl;entry
user-attr uid
user-classes inetorgperson,posixaccount,person,user
You can use the proxmox-backup-manager openid and proxmox-backup-manager ldap commands to manipulate
this file.
Options¶
Section type 'ldap': LDAP configuration properties.
Required properties:
base-dn<string>LDAP Domain
server1<string>LDAP server address
user-attr<string>Username attribute. Used to map a
useridto LDAP to an LDAPdn.
Optional properties:
bind-dn<string>LDAP Domain
capath<string>CA certificate to use for the server. The path can point to either a file, or a directory. If it points to a file, the PEM-formatted X.509 certificate stored at the path will be added as a trusted certificate. If the path points to a directory, the directory replaces the system's default certificate store at /etc/ssl/certs - Every file in the directory will be loaded as a trusted certificate.
comment<string>Comment (single line).
filter<string>Custom LDAP search filter for user sync
modeldap|ldap+starttls|ldaps (default=ldap)LDAP connection type
port<integer> (0 - 65535)Port
server2<string>Fallback LDAP server address
sync-attributes[[email=<string>] [,firstname=<string>] [,lastname=<string>]]Comma-separated list of key=value pairs for specifying which LDAP attributes map to which PBS user field. For example, to map the LDAP attribute
mailto PBS'semail, writeemail=mail.email=<string>Name of the LDAP attribute containing the user's email address
firstname=<string>Name of the LDAP attribute containing the user's first name
lastname=<string>Name of the LDAP attribute containing the user's last name
sync-defaults-options[[enable-new=<1|0>] [,remove-vanished=<string>]]sync defaults options
enable-new=<boolean>Enable new users after sync
remove-vanished=[acl|entry|properties, ...]A semicolon-seperated list of things to remove when they or the user vanishes during user synchronization. The following values are possible:
entryremoves the user when not returned from the sync;propertiesremoves any properties on existing user that do not appear in the source.aclremoves ACLs when the user is not returned from the sync.
user-classes[<string>, ...] (default=inetorgperson,posixaccount,person,user)Comma-separated list of allowed objectClass values for user synchronization. For instance, if
user-classesis set toperson,user, then user synchronization will consider all LDAP entities whereobjectClass: personorobjectClass: user.verify<boolean> (default=false)Verify server certificate
Section type 'openid': OpenID configuration properties.
Required properties:
client-id<string>OpenID Client ID
issuer-url<string>OpenID Issuer Url
Optional properties:
acr-values[<string>, ...]OpenID ACR List
autocreate<boolean> (default=false)Automatically create users if they do not exist.
client-key<string>OpenID Client Key
comment<string>Comment (single line).
prompt<string>OpenID Prompt
scopes[<string>, ...] (default=email profile)OpenID Scope List
username-claim<string>Use the value of this attribute/claim as unique user name. It is up to the identity provider to guarantee the uniqueness. The OpenID specification only guarantees that Subject ('sub') is unique. Also make sure that the user is not allowed to change that attribute by himself!
media-pool.cfg¶
File Format¶
Each entry starts with the header pool: <name>, followed by the
media pool configuration options.
pool: company1
allocation always
retention overwrite
pool: ...
You can use the proxmox-tape pool command to manipulate this file.
Options¶
Optional properties:
allocation<string>Media set allocation policy ('continue', 'always', or a calendar event).
comment<string>Comment (single line).
encrypt<string>Tape encryption key fingerprint (sha256).
retention<string>Media retention policy ('overwrite', 'keep', or time span).
template<string>Media set naming template (may contain strftime() time format specifications).
tape.cfg¶
File Format¶
Each LTO drive configuration section starts with the header lto: <name>,
followed by the drive configuration options.
Tape changer configurations start with the header changer: <name>,
followed by the changer configuration options.
lto: hh8
changer sl3
path /dev/tape/by-id/scsi-10WT065325-nst
changer: sl3
export-slots 14,15,16
path /dev/tape/by-id/scsi-CJ0JBE0059
You can use the proxmox-tape drive and proxmox-tape changer
commands to manipulate this file.
Note
The virtual: drive type is experimental and should only be used
for debugging.
Options¶
Section type 'changer': SCSI tape changer
Required properties:
path<string>Path to Linux generic SCSI device (e.g. '/dev/sg4')
Optional properties:
export-slots[<integer>, ...]A list of slot numbers, comma separated. Those slots are reserved for Import/Export, i.e. any media in those slots are considered to be 'offline'.
Section type 'virtual': Simulate tape drives (only for test and debug)
Required properties:
path<string>Path to directory
Optional properties:
max-size<integer> (0 - N)Virtual tape size
Section type 'lto': Lto SCSI tape driver
Required properties:
path<string>The path to a LTO SCSI-generic tape device (i.e. '/dev/sg0')
Optional properties:
changer<string>Tape Changer Identifier.
changer-drivenum<integer> (0 - 255) (default=0)Associated changer drive number (requires option changer)
tape-job.cfg¶
File Format¶
Each entry starts with the header backup: <name>, followed by the
job configuration options.
backup: job1
drive hh8
pool p4
store store3
schedule daily
backup: ...
You can use the proxmox-tape backup-job command to manipulate
this file.
Options¶
Required properties:
drive<string>Drive Identifier.
pool<string>Media pool name.
store<string>Datastore name.
Optional properties:
comment<string>Comment (single line).
schedule<calendar-event>Run sync job at specified schedule.
eject-media<boolean>Eject media upon job completion.
export-media-set<boolean>Export media set upon job completion.
group-filter<type:<vm|ct|host>|group:GROUP|regex:RE>List of group filters. Can be specified more than once.
latest-only<boolean>Backup latest snapshots only.
max-depth<integer> (0 - 7) (default=7)How many levels of namespaces should be operated on (0 == no recursion)
notify-user<string>User ID
ns<string>Namespace.
user.cfg¶
File Format¶
This file contains the list of API users and API tokens.
Each user configuration section starts with the header user: <name>,
followed by the user configuration options.
API token configuration starts with the header token:
<userid!token_name>, followed by the token configuration. The data
used to authenticate tokens is stored in a separate file
(token.shadow).
user: root@pam
comment Superuser
email test@example.local
...
token: root@pam!token1
comment API test token
enable true
expire 0
user: ...
You can use the proxmox-backup-manager user command to manipulate
this file.
Options¶
Section type 'user': User properties.
Optional properties:
comment<string>Comment (single line).
email<string>E-Mail Address.
enable<boolean> (default=true)Enable the account (default). You can set this to '0' to disable the account.
expire<integer> (0 - N) (default=0)Account expiration date (seconds since epoch). '0' means no expiration date.
firstname<string>First name.
lastname<string>Last name.
Section type 'token': ApiToken properties.
Optional properties:
comment<string>Comment (single line).
enable<boolean> (default=true)Enable the account (default). You can set this to '0' to disable the account.
expire<integer> (0 - N) (default=0)Account expiration date (seconds since epoch). '0' means no expiration date.
remote.cfg¶
File Format¶
This file contains information used to access remote servers.
Each entry starts with the header remote: <name>, followed by the
remote configuration options.
remote: server1
host server1.local
auth-id sync@pbs
...
remote: ...
You can use the proxmox-backup-manager remote command to manipulate
this file.
Options¶
Required properties:
password<string>Password or auth token for remote host (stored as base64 string).
auth-id<string>Authentication ID
host<string>DNS name or IP address.
Optional properties:
comment<string>Comment (single line).
fingerprint<string>X509 certificate fingerprint (sha256).
port<integer>The (optional) port
sync.cfg¶
File Format¶
Each entry starts with the header sync: <name>, followed by the
job configuration options.
sync: job1
store store1
remote-store store1
remote lina
sync: ...
You can use the proxmox-backup-manager sync-job command to manipulate
this file.
Options¶
Required properties:
remote<string>Remote ID.
remote-store<string>Datastore name.
store<string>Datastore name.
Optional properties:
comment<string>Comment (single line).
group-filter<type:<vm|ct|host>|group:GROUP|regex:RE>List of group filters. Can be specified more than once.
max-depth<integer> (0 - 7)How many levels of namespaces should be operated on (0 == no recursion, empty == automatic full recursion, namespace depths reduce maximum allowed value)
ns<string>Namespace.
owner<string>Authentication ID
remote-ns<string>Namespace.
remove-vanished<boolean> (default=false)Delete vanished backups. This remove the local copy if the remote backup was deleted.
schedule<calendar-event>Run sync job at specified schedule.
transfer-last<integer> (1 - N)Limit transfer to last N snapshots (per group), skipping others
burst-in<string>Byte size with optional unit (B, KB (base 10), MB, GB, ..., KiB (base 2), MiB, Gib, ...).
burst-out<string>Byte size with optional unit (B, KB (base 10), MB, GB, ..., KiB (base 2), MiB, Gib, ...).
rate-in<string>Byte size with optional unit (B, KB (base 10), MB, GB, ..., KiB (base 2), MiB, Gib, ...).
rate-out<string>Byte size with optional unit (B, KB (base 10), MB, GB, ..., KiB (base 2), MiB, Gib, ...).
verification.cfg¶
File Format¶
Each entry starts with the header verification: <name>, followed by the
job configuration options.
verification: verify-store2
ignore-verified true
outdated-after 7
schedule daily
store store2
verification: ...
You can use the proxmox-backup-manager verify-job command to manipulate
this file.
Options¶
Required properties:
store<string>Datastore name.
Optional properties:
comment<string>Comment (single line).
ignore-verified<boolean> (default=true)Do not verify backups that are already verified if their verification is not outdated.
max-depth<integer> (0 - 7) (default=7)How many levels of namespaces should be operated on (0 == no recursion)
ns<string>Namespace.
outdated-after<integer> (0 - N)Days after that a verification becomes outdated. (0 is deprecated)'
schedule<calendar-event>Run verify job at specified schedule.