From da4b30e8e5f7e42c7ebe702ce91c40d8dc1d9672 Mon Sep 17 00:00:00 2001 From: Aliaksandr Valialkin Date: Thu, 8 Feb 2024 17:10:02 +0200 Subject: [PATCH] docs: update -help output after 83e55456e212267e8c55151a541790bd4f820187 --- docs/vmbackup.md | 16 +++++++++++++++- docs/vmbackupmanager.md | 22 +++++++++++++--------- docs/vmgateway.md | 6 +++++- docs/vmrestore.md | 16 +++++++++++++++- 4 files changed, 48 insertions(+), 12 deletions(-) diff --git a/docs/vmbackup.md b/docs/vmbackup.md index efc71f732..105f86164 100644 --- a/docs/vmbackup.md +++ b/docs/vmbackup.md @@ -404,6 +404,10 @@ Run `vmbackup -help` in order to see all the available options: -metricsAuthKey value Auth key for /metrics endpoint. It must be passed via authKey query arg. It overrides httpAuth.* settings Flag value can be read from the given file when using -metricsAuthKey=file:///abs/path/to/file or -metricsAuthKey=file://./relative/path/to/file . Flag value can be read from the given http/https url when using -metricsAuthKey=http://host/path or -metricsAuthKey=https://host/path + -mtls + Whether to require valid client certificate for https requests to -httpListenAddr . This flag works only if -tls flag is set. See also -mtlsCAFile . This flag is available only in Enterprise binaries. See https://docs.victoriametrics.com/enterprise.html + -mtlsCAFile string + Optional path to TLS Root CA for verifying client certificates when -mtls is enabled. By default the host system TLS Root CA is used for client certificate verification. This flag is available only in Enterprise binaries. See https://docs.victoriametrics.com/enterprise.html -origin string Optional origin directory on the remote storage with old backup for server-side copying when performing full backup. This speeds up full backups -pprofAuthKey value @@ -434,6 +438,16 @@ Run `vmbackup -help` in order to see all the available options: VictoriaMetrics create snapshot url. When this is given a snapshot will automatically be created during backup. Example: http://victoriametrics:8428/snapshot/create . There is no need in setting -snapshotName if -snapshot.createURL is set -snapshot.deleteURL string VictoriaMetrics delete snapshot url. Optional. Will be generated from -snapshot.createURL if not provided. All created snapshots will be automatically deleted. Example: http://victoriametrics:8428/snapshot/delete + -snapshot.tlsCAFile string + Optional path to TLS CA file to use for verifying connections to -snapshotCreateURL. By default, system CA is used + -snapshot.tlsCertFile string + Optional path to client-side TLS certificate file to use when connecting to -snapshotCreateURL + -snapshot.tlsInsecureSkipVerify + Whether to skip tls verification when connecting to -snapshotCreateURL + -snapshot.tlsKeyFile string + Optional path to client-side TLS certificate key to use when connecting to -snapshotCreateURL + -snapshot.tlsServerName string + Optional TLS server name to use for connections to -snapshotCreateURL. By default, the server name from -snapshotCreateURL is used -snapshotName string Name for the snapshot to backup. See https://docs.victoriametrics.com/Single-server-VictoriaMetrics.html#how-to-work-with-snapshots. There is no need in setting -snapshotName if -snapshot.createURL is set -snapshot.tlsInsecureSkipVerify @@ -449,7 +463,7 @@ Run `vmbackup -help` in order to see all the available options: -storageDataPath string Path to VictoriaMetrics data. Must match -storageDataPath from VictoriaMetrics or vmstorage (default "victoria-metrics-data") -tls - Whether to enable TLS for incoming HTTP requests at -httpListenAddr (aka https). -tlsCertFile and -tlsKeyFile must be set if -tls is set + Whether to enable TLS for incoming HTTP requests at -httpListenAddr (aka https). -tlsCertFile and -tlsKeyFile must be set if -tls is set. See also -mtls -tlsCertFile string Path to file with TLS certificate if -tls is set. Prefer ECDSA certs instead of RSA certs as RSA certs are slower. The provided certificate file is automatically re-read every second, so it can be dynamically updated -tlsCipherSuites array diff --git a/docs/vmbackupmanager.md b/docs/vmbackupmanager.md index 2e3fa9ce7..6646981e7 100644 --- a/docs/vmbackupmanager.md +++ b/docs/vmbackupmanager.md @@ -533,6 +533,10 @@ The shortlist of configuration flags is the following: -metricsAuthKey value Auth key for /metrics endpoint. It must be passed via authKey query arg. It overrides httpAuth.* settings Flag value can be read from the given file when using -metricsAuthKey=file:///abs/path/to/file or -metricsAuthKey=file://./relative/path/to/file . Flag value can be read from the given http/https url when using -metricsAuthKey=http://host/path or -metricsAuthKey=https://host/path + -mtls + Whether to require valid client certificate for https requests to -httpListenAddr . This flag works only if -tls flag is set. See also -mtlsCAFile . This flag is available only in Enterprise binaries. See https://docs.victoriametrics.com/enterprise.html + -mtlsCAFile string + Optional path to TLS Root CA for verifying client certificates when -mtls is enabled. By default the host system TLS Root CA is used for client certificate verification. This flag is available only in Enterprise binaries. See https://docs.victoriametrics.com/enterprise.html -pprofAuthKey value Auth key for /debug/pprof/* endpoints. It must be passed via authKey query arg. It overrides httpAuth.* settings Flag value can be read from the given file when using -pprofAuthKey=file:///abs/path/to/file or -pprofAuthKey=file://./relative/path/to/file . Flag value can be read from the given http/https url when using -pprofAuthKey=http://host/path or -pprofAuthKey=https://host/path @@ -563,20 +567,20 @@ The shortlist of configuration flags is the following: VictoriaMetrics create snapshot url. When this is given a snapshot will automatically be created during backup.Example: http://victoriametrics:8428/snapshot/create -snapshot.deleteURL string VictoriaMetrics delete snapshot url. Optional. Will be generated from snapshot.createURL if not provided. All created snaphosts will be automatically deleted.Example: http://victoriametrics:8428/snapshot/delete - -snapshot.tlsInsecureSkipVerify - Optional Whether to skip tls verification when connecting to -snapshotCreateURL - -snapshot.tlsCertFile + -snapshot.tlsCAFile string + Optional path to TLS CA file to use for verifying connections to -snapshotCreateURL. By default, system CA is used + -snapshot.tlsCertFile string Optional path to client-side TLS certificate file to use when connecting to -snapshotCreateURL - -snapshot.tlsKeyFile + -snapshot.tlsInsecureSkipVerify + Whether to skip tls verification when connecting to -snapshotCreateURL + -snapshot.tlsKeyFile string Optional path to client-side TLS certificate key to use when connecting to -snapshotCreateURL - -snapshot.tlsCAFile - Optional path to client-side TLS CA file to use when connecting to -snapshotCreateURL - -snapshot.tlsServerName - Optional path to client-side TLS tlsServerName to use when connecting to -snapshotCreateURL + -snapshot.tlsServerName string + Optional TLS server name to use for connections to -snapshotCreateURL. By default, the server name from -snapshotCreateURL is used -storageDataPath string Path to VictoriaMetrics data. Must match -storageDataPath from VictoriaMetrics or vmstorage (default "victoria-metrics-data") -tls - Whether to enable TLS for incoming HTTP requests at -httpListenAddr (aka https). -tlsCertFile and -tlsKeyFile must be set if -tls is set + Whether to enable TLS for incoming HTTP requests at -httpListenAddr (aka https). -tlsCertFile and -tlsKeyFile must be set if -tls is set. See also -mtls -tlsCertFile string Path to file with TLS certificate if -tls is set. Prefer ECDSA certs instead of RSA certs as RSA certs are slower. The provided certificate file is automatically re-read every second, so it can be dynamically updated -tlsCipherSuites array diff --git a/docs/vmgateway.md b/docs/vmgateway.md index 47b728770..35292f919 100644 --- a/docs/vmgateway.md +++ b/docs/vmgateway.md @@ -434,6 +434,10 @@ Below is the list of configuration flags (it can be viewed by running `./vmgatew -metricsAuthKey value Auth key for /metrics endpoint. It must be passed via authKey query arg. It overrides httpAuth.* settings Flag value can be read from the given file when using -metricsAuthKey=file:///abs/path/to/file or -metricsAuthKey=file://./relative/path/to/file . Flag value can be read from the given http/https url when using -metricsAuthKey=http://host/path or -metricsAuthKey=https://host/path + -mtls + Whether to require valid client certificate for https requests to -httpListenAddr . This flag works only if -tls flag is set. See also -mtlsCAFile . This flag is available only in Enterprise binaries. See https://docs.victoriametrics.com/enterprise.html + -mtlsCAFile string + Optional path to TLS Root CA for verifying client certificates when -mtls is enabled. By default the host system TLS Root CA is used for client certificate verification. This flag is available only in Enterprise binaries. See https://docs.victoriametrics.com/enterprise.html -pprofAuthKey value Auth key for /debug/pprof/* endpoints. It must be passed via authKey query arg. It overrides httpAuth.* settings Flag value can be read from the given file when using -pprofAuthKey=file:///abs/path/to/file or -pprofAuthKey=file://./relative/path/to/file . Flag value can be read from the given http/https url when using -pprofAuthKey=http://host/path or -pprofAuthKey=https://host/path @@ -468,7 +472,7 @@ Below is the list of configuration flags (it can be viewed by running `./vmgatew -remoteRead.disablePathAppend Whether to disable automatic appending of '/api/v1/query' path to the configured -datasource.url and -remoteRead.url -tls - Whether to enable TLS for incoming HTTP requests at -httpListenAddr (aka https). -tlsCertFile and -tlsKeyFile must be set if -tls is set + Whether to enable TLS for incoming HTTP requests at -httpListenAddr (aka https). -tlsCertFile and -tlsKeyFile must be set if -tls is set. See also -mtls -tlsCertFile string Path to file with TLS certificate if -tls is set. Prefer ECDSA certs instead of RSA certs as RSA certs are slower. The provided certificate file is automatically re-read every second, so it can be dynamically updated -tlsCipherSuites array diff --git a/docs/vmrestore.md b/docs/vmrestore.md index de3d76407..ea3582425 100644 --- a/docs/vmrestore.md +++ b/docs/vmrestore.md @@ -189,6 +189,10 @@ i.e. the end result would be similar to [rsync --delete](https://askubuntu.com/q -metricsAuthKey value Auth key for /metrics endpoint. It must be passed via authKey query arg. It overrides httpAuth.* settings Flag value can be read from the given file when using -metricsAuthKey=file:///abs/path/to/file or -metricsAuthKey=file://./relative/path/to/file . Flag value can be read from the given http/https url when using -metricsAuthKey=http://host/path or -metricsAuthKey=https://host/path + -mtls + Whether to require valid client certificate for https requests to -httpListenAddr . This flag works only if -tls flag is set. See also -mtlsCAFile . This flag is available only in Enterprise binaries. See https://docs.victoriametrics.com/enterprise.html + -mtlsCAFile string + Optional path to TLS Root CA for verifying client certificates when -mtls is enabled. By default the host system TLS Root CA is used for client certificate verification. This flag is available only in Enterprise binaries. See https://docs.victoriametrics.com/enterprise.html -pprofAuthKey value Auth key for /debug/pprof/* endpoints. It must be passed via authKey query arg. It overrides httpAuth.* settings Flag value can be read from the given file when using -pprofAuthKey=file:///abs/path/to/file or -pprofAuthKey=file://./relative/path/to/file . Flag value can be read from the given http/https url when using -pprofAuthKey=http://host/path or -pprofAuthKey=https://host/path @@ -215,12 +219,22 @@ i.e. the end result would be similar to [rsync --delete](https://askubuntu.com/q See https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html -skipBackupCompleteCheck Whether to skip checking for 'backup complete' file in -src. This may be useful for restoring from old backups, which were created without 'backup complete' file + -snapshot.tlsCAFile string + Optional path to TLS CA file to use for verifying connections to -snapshotCreateURL. By default, system CA is used + -snapshot.tlsCertFile string + Optional path to client-side TLS certificate file to use when connecting to -snapshotCreateURL + -snapshot.tlsInsecureSkipVerify + Whether to skip tls verification when connecting to -snapshotCreateURL + -snapshot.tlsKeyFile string + Optional path to client-side TLS certificate key to use when connecting to -snapshotCreateURL + -snapshot.tlsServerName string + Optional TLS server name to use for connections to -snapshotCreateURL. By default, the server name from -snapshotCreateURL is used -src string Source path with backup on the remote storage. Example: gs://bucket/path/to/backup, s3://bucket/path/to/backup, azblob://container/path/to/backup or fs:///path/to/local/backup -storageDataPath string Destination path where backup must be restored. VictoriaMetrics must be stopped when restoring from backup. -storageDataPath dir can be non-empty. In this case the contents of -storageDataPath dir is synchronized with -src contents, i.e. it works like 'rsync --delete' (default "victoria-metrics-data") -tls - Whether to enable TLS for incoming HTTP requests at -httpListenAddr (aka https). -tlsCertFile and -tlsKeyFile must be set if -tls is set + Whether to enable TLS for incoming HTTP requests at -httpListenAddr (aka https). -tlsCertFile and -tlsKeyFile must be set if -tls is set. See also -mtls -tlsCertFile string Path to file with TLS certificate if -tls is set. Prefer ECDSA certs instead of RSA certs as RSA certs are slower. The provided certificate file is automatically re-read every second, so it can be dynamically updated -tlsCipherSuites array