But I don't think its fair to claim I'm spreading FUD.
I'm sorry about that comment, I though I removed it before hitting Post.
You weren't here a year ago when lots of people were trying to do custom scripts on bootup for various things and with each FreeNAS update it not only broke their scripts, but in some cases cost them their data because they really didn't know what they were doing and just started trying things hoping to get it to work.
I spent enough years in software maintenance to know what are users capable to doing to their systems/data ;).
When I saw the OP's question I fired up an VM to see how difficult it is. I unlocked the pool (config DB, keys in /data/geli, geli attach, zpool import, notifier.py, ...), I can do that properly, no problem. However, I decided to not provide the instructions as they were a bit complex even for simple cases (only one pool, no old keys in /data/geli) and much more complex if I wanted to cover all cases. Then I remembered the new API, checked the documentation and figured you only need one HTTP request (one line in python) to unlock the pool. Btw., the API is not python specific. I used python as it is available in FreeNAS (and the documentation uses it as well), but anything that is able to generate HTTP requests will work.
I'm not sure how "solid" the API is at this point as it really hasn't been tested by much of anyone I know of.
Time to increment that counter :).
There is nothing to be afraid of, there aren't hundreds of new untested lines of code. This is what runs when you use the unlock API:
Code:
def unlock(self, request, **kwargs):
self.method_check(request, allowed=['post'])
bundle, obj = self._get_parent(request, kwargs)
deserialized = self.deserialize(
request,
request.body,
format=request.META.get('CONTENT_TYPE', 'application/json'),
)
form = UnlockPassphraseForm(
data=deserialized,
)
if not form.is_valid():
raise ImmediateHttpResponse(
response=self.error_response(request, form.errors)
)
else:
form.done(obj)
return HttpResponse('Volume has been unlocked.', status=202)
On line 6 it decodes the parameters you sent in the request. On line 11 it creates the
Unlock form (
UnlockPassphraseForm()) and fills in the form fields based on the received data. It is exactly the same form you use when you unlock the pool via GUI, just this one isn't displayed anywhere. On line 14 it runs the form validation (
form.is_valid()) -- again, the same validation that happens when you use the form in GUI. Any problem is reported immediately. On line 19 it "clicks" the OK button on the form (
form.done()). And that's it, the volume is unlocked.
Personally, I see it as a "work in progress" until its been tested a little more thoroughly.
You never tried it, but you see it as a "work in progress", hmm...
The great thing about APIs is that you can often easily automate the testing. There actually is a nice test suite that verifies the FreeNAS API functionality:
https://github.com/freenas/freenas/tree/master/gui/api/tests