I'd like to be able to give access to two-three people so they can install stuff on my proxmox.
In order for these guys to be able to create a vm/lxc, they have to have the Datastore.AllocateTemplate on the storage which is only found in PVEDatastoreAdmin.
So in order for two people to create machines they have to be on different storages otherwise they both have to be PVEDatastoreAdmin which means they can read each other's images.
We can solve this if on a storage we have ext4 and on top of it directory per user and the directory is a storage. This means the machines are either qcow or raw. This means we cannot use one LVM-thin storage. We can use lvm-thin per user which means we need to know how much each user needs.
Is there a way to avoid creating directories per user. and use one lvm-thin storage and every user only sees their own machines and they can create new ones?
In order for these guys to be able to create a vm/lxc, they have to have the Datastore.AllocateTemplate on the storage which is only found in PVEDatastoreAdmin.
So in order for two people to create machines they have to be on different storages otherwise they both have to be PVEDatastoreAdmin which means they can read each other's images.
We can solve this if on a storage we have ext4 and on top of it directory per user and the directory is a storage. This means the machines are either qcow or raw. This means we cannot use one LVM-thin storage. We can use lvm-thin per user which means we need to know how much each user needs.
Is there a way to avoid creating directories per user. and use one lvm-thin storage and every user only sees their own machines and they can create new ones?