1 use std
::collections
::HashSet
;
2 use std
::io
::{self, Read, Seek, SeekFrom, Write}
;
3 use std
::path
::{Path, PathBuf}
;
5 use std
::sync
::{Arc, Mutex}
;
6 use std
::task
::Context
;
8 use anyhow
::{bail, format_err, Error}
;
9 use futures
::stream
::{StreamExt, TryStreamExt}
;
10 use serde
::Deserialize
;
11 use serde_json
::{json, Value}
;
12 use tokio
::sync
::mpsc
;
13 use tokio_stream
::wrappers
::ReceiverStream
;
14 use xdg
::BaseDirectories
;
16 use pathpatterns
::{MatchEntry, MatchType, PatternFlag}
;
17 use proxmox_async
::blocking
::TokioWriterAdapter
;
18 use proxmox_io
::StdChannelWriter
;
19 use proxmox_router
::{cli::*, ApiMethod, RpcEnvironment}
;
20 use proxmox_schema
::api
;
21 use proxmox_sys
::fs
::{file_get_json, image_size, replace_file, CreateOptions}
;
22 use proxmox_time
::{epoch_i64, strftime_local}
;
23 use pxar
::accessor
::{MaybeReady, ReadAt, ReadAtOperation}
;
26 Authid
, BackupDir
, BackupGroup
, BackupNamespace
, BackupPart
, BackupType
, CryptMode
,
27 Fingerprint
, GroupListItem
, HumanByte
, PruneListItem
, PruneOptions
, RateLimitConfig
,
28 SnapshotListItem
, StorageStatus
, BACKUP_ID_SCHEMA
, BACKUP_NAMESPACE_SCHEMA
, BACKUP_TIME_SCHEMA
,
29 BACKUP_TYPE_SCHEMA
, TRAFFIC_CONTROL_BURST_SCHEMA
, TRAFFIC_CONTROL_RATE_SCHEMA
,
31 use pbs_client
::catalog_shell
::Shell
;
32 use pbs_client
::tools
::{
33 complete_archive_name
, complete_auth_id
, complete_backup_group
, complete_backup_snapshot
,
34 complete_backup_source
, complete_chunk_size
, complete_group_or_snapshot
,
35 complete_img_archive_name
, complete_pxar_archive_name
, complete_repository
, connect
,
36 connect_rate_limited
, extract_repository_from_value
,
38 crypto_parameters
, format_key_source
, get_encryption_key_password
, KEYFD_SCHEMA
,
39 KEYFILE_SCHEMA
, MASTER_PUBKEY_FD_SCHEMA
, MASTER_PUBKEY_FILE_SCHEMA
,
41 CHUNK_SIZE_SCHEMA
, REPO_URL_SCHEMA
,
44 delete_ticket_info
, parse_backup_specification
, view_task_result
, BackupReader
,
45 BackupRepository
, BackupSpecificationType
, BackupStats
, BackupWriter
, ChunkStream
,
46 FixedChunkStream
, HttpClient
, PxarBackupStream
, RemoteChunkReader
, UploadOptions
,
49 use pbs_config
::key_config
::{decrypt_key, rsa_encrypt_key_config, KeyConfig}
;
50 use pbs_datastore
::catalog
::{BackupCatalogWriter, CatalogReader, CatalogWriter}
;
51 use pbs_datastore
::chunk_store
::verify_chunk_size
;
52 use pbs_datastore
::dynamic_index
::{BufferedDynamicReader, DynamicIndexReader}
;
53 use pbs_datastore
::fixed_index
::FixedIndexReader
;
54 use pbs_datastore
::index
::IndexFile
;
55 use pbs_datastore
::manifest
::{
56 archive_type
, ArchiveType
, BackupManifest
, ENCRYPTED_KEY_BLOB_NAME
, MANIFEST_BLOB_NAME
,
58 use pbs_datastore
::read_chunk
::AsyncReadChunk
;
59 use pbs_datastore
::CATALOG_NAME
;
60 use pbs_tools
::crypt_config
::CryptConfig
;
75 fn record_repository(repo
: &BackupRepository
) {
76 let base
= match BaseDirectories
::with_prefix("proxmox-backup") {
81 // usually $HOME/.cache/proxmox-backup/repo-list
82 let path
= match base
.place_cache_file("repo-list") {
87 let mut data
= file_get_json(&path
, None
).unwrap_or_else(|_
| json
!({}
));
89 let repo
= repo
.to_string();
91 data
[&repo
] = json
! { data[&repo].as_i64().unwrap_or(0) + 1 }
;
93 let mut map
= serde_json
::map
::Map
::new();
97 let mut max_repo
= None
;
98 for (repo
, count
) in data
.as_object().unwrap() {
99 if map
.contains_key(repo
) {
102 if let Some(count
) = count
.as_i64() {
103 if count
> max_used
{
105 max_repo
= Some(repo
);
109 if let Some(repo
) = max_repo
{
110 map
.insert(repo
.to_owned(), json
!(max_used
));
115 // store max. 10 repos
120 let new_data
= json
!(map
);
122 let _
= replace_file(
124 new_data
.to_string().as_bytes(),
125 CreateOptions
::new(),
130 async
fn api_datastore_list_snapshots(
133 ns
: &BackupNamespace
,
134 group
: Option
<&BackupGroup
>,
135 ) -> Result
<Value
, Error
> {
136 let path
= format
!("api2/json/admin/datastore/{}/snapshots", store
);
138 let mut args
= match group
{
139 Some(group
) => serde_json
::to_value(group
)?
,
143 args
["backup-ns"] = serde_json
::to_value(ns
)?
;
146 let mut result
= client
.get(&path
, Some(args
)).await?
;
148 Ok(result
["data"].take())
151 pub async
fn api_datastore_latest_snapshot(
154 ns
: &BackupNamespace
,
156 ) -> Result
<BackupDir
, Error
> {
157 let list
= api_datastore_list_snapshots(client
, store
, ns
, Some(&group
)).await?
;
158 let mut list
: Vec
<SnapshotListItem
> = serde_json
::from_value(list
)?
;
161 bail
!("backup group {} does not contain any snapshots.", group
);
164 list
.sort_unstable_by(|a
, b
| b
.backup
.time
.cmp(&a
.backup
.time
));
166 Ok((group
, list
[0].backup
.time
).into())
169 pub async
fn dir_or_last_from_group(
171 repo
: &BackupRepository
,
172 ns
: &BackupNamespace
,
174 ) -> Result
<BackupDir
, Error
> {
175 match path
.parse
::<BackupPart
>()?
{
176 BackupPart
::Dir(dir
) => Ok(dir
),
177 BackupPart
::Group(group
) => {
178 api_datastore_latest_snapshot(&client
, repo
.store(), ns
, group
).await
183 async
fn backup_directory
<P
: AsRef
<Path
>>(
184 client
: &BackupWriter
,
187 chunk_size
: Option
<usize>,
188 catalog
: Arc
<Mutex
<CatalogWriter
<TokioWriterAdapter
<StdChannelWriter
<Error
>>>>>,
189 pxar_create_options
: pbs_client
::pxar
::PxarCreateOptions
,
190 upload_options
: UploadOptions
,
191 ) -> Result
<BackupStats
, Error
> {
192 let pxar_stream
= PxarBackupStream
::open(dir_path
.as_ref(), catalog
, pxar_create_options
)?
;
193 let mut chunk_stream
= ChunkStream
::new(pxar_stream
, chunk_size
);
195 let (tx
, rx
) = mpsc
::channel(10); // allow to buffer 10 chunks
197 let stream
= ReceiverStream
::new(rx
).map_err(Error
::from
);
199 // spawn chunker inside a separate task so that it can run parallel
200 tokio
::spawn(async
move {
201 while let Some(v
) = chunk_stream
.next().await
{
202 let _
= tx
.send(v
).await
;
206 if upload_options
.fixed_size
.is_some() {
207 bail
!("cannot backup directory with fixed chunk size!");
211 .upload_stream(archive_name
, stream
, upload_options
)
217 async
fn backup_image
<P
: AsRef
<Path
>>(
218 client
: &BackupWriter
,
221 chunk_size
: Option
<usize>,
222 upload_options
: UploadOptions
,
223 ) -> Result
<BackupStats
, Error
> {
224 let path
= image_path
.as_ref().to_owned();
226 let file
= tokio
::fs
::File
::open(path
).await?
;
228 let stream
= tokio_util
::codec
::FramedRead
::new(file
, tokio_util
::codec
::BytesCodec
::new())
229 .map_err(Error
::from
);
231 let stream
= FixedChunkStream
::new(stream
, chunk_size
.unwrap_or(4 * 1024 * 1024));
233 if upload_options
.fixed_size
.is_none() {
234 bail
!("cannot backup image with dynamic chunk size!");
238 .upload_stream(archive_name
, stream
, upload_options
)
244 pub fn optional_ns_param(param
: &Value
) -> Result
<BackupNamespace
, Error
> {
245 Ok(match param
.get("ns") {
246 Some(Value
::String(ns
)) => ns
.parse()?
,
247 Some(_
) => bail
!("invalid namespace parameter"),
248 None
=> BackupNamespace
::root(),
256 schema
: REPO_URL_SCHEMA
,
260 type: BackupNamespace
,
264 schema
: OUTPUT_FORMAT
,
270 /// List backup groups.
271 async
fn list_backup_groups(param
: Value
) -> Result
<Value
, Error
> {
272 let output_format
= get_output_format(¶m
);
274 let repo
= extract_repository_from_value(¶m
)?
;
276 let client
= connect(&repo
)?
;
278 let path
= format
!("api2/json/admin/datastore/{}/groups", repo
.store());
280 let backup_ns
= optional_ns_param(¶m
)?
;
281 let mut result
= client
282 .get(&path
, Some(json
!({ "backup-ns": backup_ns }
)))
285 record_repository(&repo
);
287 let render_group_path
= |_v
: &Value
, record
: &Value
| -> Result
<String
, Error
> {
288 let item
= GroupListItem
::deserialize(record
)?
;
289 Ok(item
.backup
.to_string())
292 let render_last_backup
= |_v
: &Value
, record
: &Value
| -> Result
<String
, Error
> {
293 let item
= GroupListItem
::deserialize(record
)?
;
294 let snapshot
= BackupDir
{
296 time
: item
.last_backup
,
298 Ok(snapshot
.to_string())
301 let render_files
= |_v
: &Value
, record
: &Value
| -> Result
<String
, Error
> {
302 let item
= GroupListItem
::deserialize(record
)?
;
303 Ok(pbs_tools
::format
::render_backup_file_list(&item
.files
))
306 let options
= default_table_format_options()
307 .sortby("backup-type", false)
308 .sortby("backup-id", false)
310 ColumnConfig
::new("backup-id")
311 .renderer(render_group_path
)
315 ColumnConfig
::new("last-backup")
316 .renderer(render_last_backup
)
317 .header("last snapshot")
320 .column(ColumnConfig
::new("backup-count"))
321 .column(ColumnConfig
::new("files").renderer(render_files
));
323 let mut data
: Value
= result
["data"].take();
325 let return_type
= &pbs_api_types
::ADMIN_DATASTORE_LIST_GROUPS_RETURN_TYPE
;
327 format_and_print_result_full(&mut data
, return_type
, &output_format
, &options
);
332 fn merge_group_into(to
: &mut serde_json
::Map
<String
, Value
>, group
: BackupGroup
) {
333 match serde_json
::to_value(group
).unwrap() {
334 Value
::Object(group
) => to
.extend(group
),
343 schema
: REPO_URL_SCHEMA
,
348 description
: "Backup group.",
356 /// Change owner of a backup group
357 async
fn change_backup_owner(group
: String
, mut param
: Value
) -> Result
<(), Error
> {
358 let repo
= extract_repository_from_value(¶m
)?
;
360 let client
= connect(&repo
)?
;
362 param
.as_object_mut().unwrap().remove("repository");
364 let group
: BackupGroup
= group
.parse()?
;
366 merge_group_into(param
.as_object_mut().unwrap(), group
);
368 let path
= format
!("api2/json/admin/datastore/{}/change-owner", repo
.store());
369 client
.post(&path
, Some(param
)).await?
;
371 record_repository(&repo
);
380 schema
: REPO_URL_SCHEMA
,
386 /// Try to login. If successful, store ticket.
387 async
fn api_login(param
: Value
) -> Result
<Value
, Error
> {
388 let repo
= extract_repository_from_value(¶m
)?
;
390 let client
= connect(&repo
)?
;
391 client
.login().await?
;
393 record_repository(&repo
);
402 schema
: REPO_URL_SCHEMA
,
408 /// Logout (delete stored ticket).
409 fn api_logout(param
: Value
) -> Result
<Value
, Error
> {
410 let repo
= extract_repository_from_value(¶m
)?
;
412 delete_ticket_info("proxmox-backup", repo
.host(), repo
.user())?
;
421 schema
: REPO_URL_SCHEMA
,
425 schema
: OUTPUT_FORMAT
,
431 /// Show client and optional server version
432 async
fn api_version(param
: Value
) -> Result
<(), Error
> {
433 let output_format
= get_output_format(¶m
);
435 let mut version_info
= json
!({
437 "version": pbs_buildcfg
::PROXMOX_PKG_VERSION
,
438 "release": pbs_buildcfg
::PROXMOX_PKG_RELEASE
,
439 "repoid": pbs_buildcfg
::PROXMOX_PKG_REPOID
,
443 let repo
= extract_repository_from_value(¶m
);
444 if let Ok(repo
) = repo
{
445 let client
= connect(&repo
)?
;
447 match client
.get("api2/json/version", None
).await
{
448 Ok(mut result
) => version_info
["server"] = result
["data"].take(),
449 Err(e
) => eprintln
!("could not connect to server - {}", e
),
452 if output_format
== "text" {
454 "client version: {}.{}",
455 pbs_buildcfg
::PROXMOX_PKG_VERSION
,
456 pbs_buildcfg
::PROXMOX_PKG_RELEASE
,
458 if let Some(server
) = version_info
["server"].as_object() {
459 let server_version
= server
["version"].as_str().unwrap();
460 let server_release
= server
["release"].as_str().unwrap();
461 println
!("server version: {}.{}", server_version
, server_release
);
464 format_and_print_result(&version_info
, &output_format
);
474 schema
: REPO_URL_SCHEMA
,
478 schema
: OUTPUT_FORMAT
,
484 /// Start garbage collection for a specific repository.
485 async
fn start_garbage_collection(param
: Value
) -> Result
<Value
, Error
> {
486 let repo
= extract_repository_from_value(¶m
)?
;
488 let output_format
= get_output_format(¶m
);
490 let client
= connect(&repo
)?
;
492 let path
= format
!("api2/json/admin/datastore/{}/gc", repo
.store());
494 let result
= client
.post(&path
, None
).await?
;
496 record_repository(&repo
);
498 view_task_result(&client
, result
, &output_format
).await?
;
503 struct CatalogUploadResult
{
504 catalog_writer
: Arc
<Mutex
<CatalogWriter
<TokioWriterAdapter
<StdChannelWriter
<Error
>>>>>,
505 result
: tokio
::sync
::oneshot
::Receiver
<Result
<BackupStats
, Error
>>,
508 fn spawn_catalog_upload(
509 client
: Arc
<BackupWriter
>,
511 ) -> Result
<CatalogUploadResult
, Error
> {
512 let (catalog_tx
, catalog_rx
) = std
::sync
::mpsc
::sync_channel(10); // allow to buffer 10 writes
513 let catalog_stream
= proxmox_async
::blocking
::StdChannelStream(catalog_rx
);
514 let catalog_chunk_size
= 512 * 1024;
515 let catalog_chunk_stream
= ChunkStream
::new(catalog_stream
, Some(catalog_chunk_size
));
517 let catalog_writer
= Arc
::new(Mutex
::new(CatalogWriter
::new(TokioWriterAdapter
::new(
518 StdChannelWriter
::new(catalog_tx
),
521 let (catalog_result_tx
, catalog_result_rx
) = tokio
::sync
::oneshot
::channel();
523 let upload_options
= UploadOptions
{
526 ..UploadOptions
::default()
529 tokio
::spawn(async
move {
530 let catalog_upload_result
= client
531 .upload_stream(CATALOG_NAME
, catalog_chunk_stream
, upload_options
)
534 if let Err(ref err
) = catalog_upload_result
{
535 eprintln
!("catalog upload error - {}", err
);
539 let _
= catalog_result_tx
.send(catalog_upload_result
);
542 Ok(CatalogUploadResult
{
544 result
: catalog_result_rx
,
553 description
: "List of backup source specifications ([<label.ext>:<path>] ...)",
555 schema
: BACKUP_SOURCE_SCHEMA
,
559 schema
: REPO_URL_SCHEMA
,
563 description
: "Include mountpoints with same st_dev number (see ``man fstat``) as specified files.",
567 description
: "Path to file.",
570 "all-file-systems": {
572 description
: "Include all mounted subdirectories.",
577 schema
: KEYFILE_SCHEMA
,
581 schema
: KEYFD_SCHEMA
,
584 "master-pubkey-file": {
585 schema
: MASTER_PUBKEY_FILE_SCHEMA
,
588 "master-pubkey-fd": {
589 schema
: MASTER_PUBKEY_FD_SCHEMA
,
596 "skip-lost-and-found": {
598 description
: "Skip lost+found directory.",
603 schema
: BACKUP_NAMESPACE_SCHEMA
,
607 schema
: BACKUP_TYPE_SCHEMA
,
611 schema
: BACKUP_ID_SCHEMA
,
615 schema
: BACKUP_TIME_SCHEMA
,
619 schema
: CHUNK_SIZE_SCHEMA
,
623 schema
: TRAFFIC_CONTROL_RATE_SCHEMA
,
627 schema
: TRAFFIC_CONTROL_BURST_SCHEMA
,
632 description
: "List of paths or patterns for matching files to exclude.",
636 description
: "Path or match pattern.",
641 description
: "Max number of entries to hold in memory.",
643 default: pbs_client
::pxar
::ENCODER_MAX_ENTRIES
as isize,
647 description
: "Verbose output.",
653 description
: "Just show what backup would do, but do not upload anything.",
660 /// Create (host) backup.
661 async
fn create_backup(
663 all_file_systems
: bool
,
664 skip_lost_and_found
: bool
,
668 _rpcenv
: &mut dyn RpcEnvironment
,
669 ) -> Result
<Value
, Error
> {
670 let repo
= extract_repository_from_value(¶m
)?
;
672 let backupspec_list
= json
::required_array_param(¶m
, "backupspec")?
;
674 let backup_time_opt
= param
["backup-time"].as_i64();
676 let chunk_size_opt
= param
["chunk-size"].as_u64().map(|v
| (v
* 1024) as usize);
678 if let Some(size
) = chunk_size_opt
{
679 verify_chunk_size(size
)?
;
682 let rate
= match param
["rate"].as_str() {
683 Some(s
) => Some(s
.parse
::<HumanByte
>()?
),
686 let burst
= match param
["burst"].as_str() {
687 Some(s
) => Some(s
.parse
::<HumanByte
>()?
),
691 let rate_limit
= RateLimitConfig
::with_same_inout(rate
, burst
);
693 let crypto
= crypto_parameters(¶m
)?
;
695 let backup_id
= param
["backup-id"]
697 .unwrap_or(proxmox_sys
::nodename());
699 let backup_ns
: BackupNamespace
= match param
.get("backup-ns") {
702 .ok_or_else(|| format_err
!("bad namespace {:?}", ns
))?
704 None
=> BackupNamespace
::root(),
707 let backup_type
: BackupType
= param
["backup-type"].as_str().unwrap_or("host").parse()?
;
709 let include_dev
= param
["include-dev"].as_array();
711 let entries_max
= param
["entries-max"]
713 .unwrap_or(pbs_client
::pxar
::ENCODER_MAX_ENTRIES
as u64);
715 let empty
= Vec
::new();
716 let exclude_args
= param
["exclude"].as_array().unwrap_or(&empty
);
718 let mut pattern_list
= Vec
::with_capacity(exclude_args
.len());
719 for entry
in exclude_args
{
722 .ok_or_else(|| format_err
!("Invalid pattern string slice"))?
;
724 MatchEntry
::parse_pattern(entry
, PatternFlag
::PATH_NAME
, MatchType
::Exclude
)
725 .map_err(|err
| format_err
!("invalid exclude pattern entry: {}", err
))?
,
729 let mut devices
= if all_file_systems
{
735 if let Some(include_dev
) = include_dev
{
736 if all_file_systems
{
737 bail
!("option 'all-file-systems' conflicts with option 'include-dev'");
740 let mut set
= HashSet
::new();
741 for path
in include_dev
{
742 let path
= path
.as_str().unwrap();
743 let stat
= nix
::sys
::stat
::stat(path
)
744 .map_err(|err
| format_err
!("fstat {:?} failed - {}", path
, err
))?
;
745 set
.insert(stat
.st_dev
);
750 let mut upload_list
= vec
![];
751 let mut target_set
= HashSet
::new();
753 for backupspec
in backupspec_list
{
754 let spec
= parse_backup_specification(backupspec
.as_str().unwrap())?
;
755 let filename
= &spec
.config_string
;
756 let target
= &spec
.archive_name
;
758 if target_set
.contains(target
) {
759 bail
!("got target twice: '{}'", target
);
761 target_set
.insert(target
.to_string());
763 use std
::os
::unix
::fs
::FileTypeExt
;
765 let metadata
= std
::fs
::metadata(filename
)
766 .map_err(|err
| format_err
!("unable to access '{}' - {}", filename
, err
))?
;
767 let file_type
= metadata
.file_type();
769 match spec
.spec_type
{
770 BackupSpecificationType
::PXAR
=> {
771 if !file_type
.is_dir() {
772 bail
!("got unexpected file type (expected directory)");
775 BackupSpecificationType
::PXAR
,
777 format
!("{}.didx", target
),
781 BackupSpecificationType
::IMAGE
=> {
782 if !(file_type
.is_file() || file_type
.is_block_device()) {
783 bail
!("got unexpected file type (expected file or block device)");
786 let size
= image_size(&PathBuf
::from(filename
))?
;
789 bail
!("got zero-sized file '{}'", filename
);
793 BackupSpecificationType
::IMAGE
,
795 format
!("{}.fidx", target
),
799 BackupSpecificationType
::CONFIG
=> {
800 if !file_type
.is_file() {
801 bail
!("got unexpected file type (expected regular file)");
804 BackupSpecificationType
::CONFIG
,
806 format
!("{}.blob", target
),
810 BackupSpecificationType
::LOGFILE
=> {
811 if !file_type
.is_file() {
812 bail
!("got unexpected file type (expected regular file)");
815 BackupSpecificationType
::LOGFILE
,
817 format
!("{}.blob", target
),
824 let backup_time
= backup_time_opt
.unwrap_or_else(epoch_i64
);
826 let client
= connect_rate_limited(&repo
, rate_limit
)?
;
827 record_repository(&repo
);
829 let snapshot
= BackupDir
::from((backup_type
, backup_id
.to_owned(), backup_time
));
830 if backup_ns
.is_root() {
831 println
!("Starting backup: {snapshot}");
833 println
!("Starting backup: [{backup_ns}]:{snapshot}");
836 println
!("Client name: {}", proxmox_sys
::nodename());
838 let start_time
= std
::time
::Instant
::now();
841 "Starting backup protocol: {}",
842 strftime_local("%c", epoch_i64())?
845 let (crypt_config
, rsa_encrypted_key
) = match crypto
.enc_key
{
846 None
=> (None
, None
),
847 Some(key_with_source
) => {
850 format_key_source(&key_with_source
.source
, "encryption")
853 let (key
, created
, fingerprint
) =
854 decrypt_key(&key_with_source
.key
, &get_encryption_key_password
)?
;
855 println
!("Encryption key fingerprint: {}", fingerprint
);
857 let crypt_config
= CryptConfig
::new(key
)?
;
859 match crypto
.master_pubkey
{
860 Some(pem_with_source
) => {
861 println
!("{}", format_key_source(&pem_with_source
.source
, "master"));
863 let rsa
= openssl
::rsa
::Rsa
::public_key_from_pem(&pem_with_source
.key
)?
;
865 let mut key_config
= KeyConfig
::without_password(key
)?
;
866 key_config
.created
= created
; // keep original value
868 let enc_key
= rsa_encrypt_key_config(rsa
, &key_config
)?
;
870 (Some(Arc
::new(crypt_config
)), Some(enc_key
))
872 _
=> (Some(Arc
::new(crypt_config
)), None
),
877 let client
= BackupWriter
::start(
879 crypt_config
.clone(),
888 let download_previous_manifest
= match client
.previous_backup_time().await
{
889 Ok(Some(backup_time
)) => {
891 "Downloading previous manifest ({})",
892 strftime_local("%c", backup_time
)?
897 println
!("No previous manifest available.");
901 // Fallback for outdated server, TODO remove/bubble up with 2.0
906 let previous_manifest
= if download_previous_manifest
{
907 match client
.download_previous_manifest().await
{
908 Ok(previous_manifest
) => {
909 match previous_manifest
.check_fingerprint(crypt_config
.as_ref().map(Arc
::as_ref
)) {
910 Ok(()) => Some(Arc
::new(previous_manifest
)),
912 println
!("Couldn't re-use previous manifest - {}", err
);
918 println
!("Couldn't download previous manifest - {}", err
);
926 let mut manifest
= BackupManifest
::new(snapshot
);
928 let mut catalog
= None
;
929 let mut catalog_result_rx
= None
;
931 let log_file
= |desc
: &str, file
: &str, target
: &str| {
932 let what
= if dry_run { "Would upload" }
else { "Upload" }
;
933 println
!("{} {} '{}' to '{}' as {}", what
, desc
, file
, repo
, target
);
936 for (backup_type
, filename
, target
, size
) in upload_list
{
937 match (backup_type
, dry_run
) {
939 (BackupSpecificationType
::CONFIG
, true) => log_file("config file", &filename
, &target
),
940 (BackupSpecificationType
::LOGFILE
, true) => log_file("log file", &filename
, &target
),
941 (BackupSpecificationType
::PXAR
, true) => log_file("directory", &filename
, &target
),
942 (BackupSpecificationType
::IMAGE
, true) => log_file("image", &filename
, &target
),
944 (BackupSpecificationType
::CONFIG
, false) => {
945 let upload_options
= UploadOptions
{
947 encrypt
: crypto
.mode
== CryptMode
::Encrypt
,
948 ..UploadOptions
::default()
951 log_file("config file", &filename
, &target
);
953 .upload_blob_from_file(&filename
, &target
, upload_options
)
955 manifest
.add_file(target
, stats
.size
, stats
.csum
, crypto
.mode
)?
;
957 (BackupSpecificationType
::LOGFILE
, false) => {
958 // fixme: remove - not needed anymore ?
959 let upload_options
= UploadOptions
{
961 encrypt
: crypto
.mode
== CryptMode
::Encrypt
,
962 ..UploadOptions
::default()
965 log_file("log file", &filename
, &target
);
967 .upload_blob_from_file(&filename
, &target
, upload_options
)
969 manifest
.add_file(target
, stats
.size
, stats
.csum
, crypto
.mode
)?
;
971 (BackupSpecificationType
::PXAR
, false) => {
972 // start catalog upload on first use
973 if catalog
.is_none() {
974 let catalog_upload_res
=
975 spawn_catalog_upload(client
.clone(), crypto
.mode
== CryptMode
::Encrypt
)?
;
976 catalog
= Some(catalog_upload_res
.catalog_writer
);
977 catalog_result_rx
= Some(catalog_upload_res
.result
);
979 let catalog
= catalog
.as_ref().unwrap();
981 log_file("directory", &filename
, &target
);
985 .start_directory(std
::ffi
::CString
::new(target
.as_str())?
.as_c_str())?
;
987 let pxar_options
= pbs_client
::pxar
::PxarCreateOptions
{
988 device_set
: devices
.clone(),
989 patterns
: pattern_list
.clone(),
990 entries_max
: entries_max
as usize,
995 let upload_options
= UploadOptions
{
996 previous_manifest
: previous_manifest
.clone(),
998 encrypt
: crypto
.mode
== CryptMode
::Encrypt
,
999 ..UploadOptions
::default()
1002 let stats
= backup_directory(
1012 manifest
.add_file(target
, stats
.size
, stats
.csum
, crypto
.mode
)?
;
1013 catalog
.lock().unwrap().end_directory()?
;
1015 (BackupSpecificationType
::IMAGE
, false) => {
1016 log_file("image", &filename
, &target
);
1018 let upload_options
= UploadOptions
{
1019 previous_manifest
: previous_manifest
.clone(),
1020 fixed_size
: Some(size
),
1022 encrypt
: crypto
.mode
== CryptMode
::Encrypt
,
1026 backup_image(&client
, &filename
, &target
, chunk_size_opt
, upload_options
)
1028 manifest
.add_file(target
, stats
.size
, stats
.csum
, crypto
.mode
)?
;
1034 println
!("dry-run: no upload happend");
1035 return Ok(Value
::Null
);
1038 // finalize and upload catalog
1039 if let Some(catalog
) = catalog
{
1040 let mutex
= Arc
::try_unwrap(catalog
)
1041 .map_err(|_
| format_err
!("unable to get catalog (still used)"))?
;
1042 let mut catalog
= mutex
.into_inner().unwrap();
1046 drop(catalog
); // close upload stream
1048 if let Some(catalog_result_rx
) = catalog_result_rx
{
1049 let stats
= catalog_result_rx
.await??
;
1050 manifest
.add_file(CATALOG_NAME
.to_owned(), stats
.size
, stats
.csum
, crypto
.mode
)?
;
1054 if let Some(rsa_encrypted_key
) = rsa_encrypted_key
{
1055 let target
= ENCRYPTED_KEY_BLOB_NAME
;
1056 println
!("Upload RSA encoded key to '{:?}' as {}", repo
, target
);
1057 let options
= UploadOptions
{
1060 ..UploadOptions
::default()
1063 .upload_blob_from_data(rsa_encrypted_key
, target
, options
)
1065 manifest
.add_file(target
.to_string(), stats
.size
, stats
.csum
, crypto
.mode
)?
;
1067 // create manifest (index.json)
1068 // manifests are never encrypted, but include a signature
1069 let manifest
= manifest
1070 .to_string(crypt_config
.as_ref().map(Arc
::as_ref
))
1071 .map_err(|err
| format_err
!("unable to format manifest - {}", err
))?
;
1074 println
!("Upload index.json to '{}'", repo
)
1076 let options
= UploadOptions
{
1079 ..UploadOptions
::default()
1082 .upload_blob_from_data(manifest
.into_bytes(), MANIFEST_BLOB_NAME
, options
)
1085 client
.finish().await?
;
1087 let end_time
= std
::time
::Instant
::now();
1088 let elapsed
= end_time
.duration_since(start_time
);
1089 println
!("Duration: {:.2}s", elapsed
.as_secs_f64());
1091 println
!("End Time: {}", strftime_local("%c", epoch_i64())?
);
1096 async
fn dump_image
<W
: Write
>(
1097 client
: Arc
<BackupReader
>,
1098 crypt_config
: Option
<Arc
<CryptConfig
>>,
1099 crypt_mode
: CryptMode
,
1100 index
: FixedIndexReader
,
1103 ) -> Result
<(), Error
> {
1104 let most_used
= index
.find_most_used_chunks(8);
1106 let chunk_reader
= RemoteChunkReader
::new(client
.clone(), crypt_config
, crypt_mode
, most_used
);
1108 // Note: we avoid using BufferedFixedReader, because that add an additional buffer/copy
1109 // and thus slows down reading. Instead, directly use RemoteChunkReader
1112 let start_time
= std
::time
::Instant
::now();
1114 for pos
in 0..index
.index_count() {
1115 let digest
= index
.index_digest(pos
).unwrap();
1116 let raw_data
= chunk_reader
.read_chunk(digest
).await?
;
1117 writer
.write_all(&raw_data
)?
;
1118 bytes
+= raw_data
.len();
1120 let next_per
= ((pos
+ 1) * 100) / index
.index_count();
1121 if per
!= next_per
{
1123 "progress {}% (read {} bytes, duration {} sec)",
1126 start_time
.elapsed().as_secs()
1133 let end_time
= std
::time
::Instant
::now();
1134 let elapsed
= end_time
.duration_since(start_time
);
1136 "restore image complete (bytes={}, duration={:.2}s, speed={:.2}MB/s)",
1138 elapsed
.as_secs_f64(),
1139 bytes
as f64 / (1024.0 * 1024.0 * elapsed
.as_secs_f64())
1145 fn parse_archive_type(name
: &str) -> (String
, ArchiveType
) {
1146 if name
.ends_with(".didx") || name
.ends_with(".fidx") || name
.ends_with(".blob") {
1147 (name
.into(), archive_type(name
).unwrap())
1148 } else if name
.ends_with(".pxar") {
1149 (format
!("{}.didx", name
), ArchiveType
::DynamicIndex
)
1150 } else if name
.ends_with(".img") {
1151 (format
!("{}.fidx", name
), ArchiveType
::FixedIndex
)
1153 (format
!("{}.blob", name
), ArchiveType
::Blob
)
1161 schema
: REPO_URL_SCHEMA
,
1165 type: BackupNamespace
,
1170 description
: "Group/Snapshot path.",
1173 description
: "Backup archive name.",
1178 description
: r
###"Target directory path. Use '-' to write to standard output.
1180 We do not extract '.pxar' archives when writing to standard output.
1185 schema
: TRAFFIC_CONTROL_RATE_SCHEMA
,
1189 schema
: TRAFFIC_CONTROL_BURST_SCHEMA
,
1192 "allow-existing-dirs": {
1194 description
: "Do not fail if directories already exists.",
1198 schema
: KEYFILE_SCHEMA
,
1202 schema
: KEYFD_SCHEMA
,
1212 /// Restore backup repository.
1213 async
fn restore(param
: Value
) -> Result
<Value
, Error
> {
1214 let repo
= extract_repository_from_value(¶m
)?
;
1216 let verbose
= param
["verbose"].as_bool().unwrap_or(false);
1218 let allow_existing_dirs
= param
["allow-existing-dirs"].as_bool().unwrap_or(false);
1220 let archive_name
= json
::required_string_param(¶m
, "archive-name")?
;
1222 let rate
= match param
["rate"].as_str() {
1223 Some(s
) => Some(s
.parse
::<HumanByte
>()?
),
1226 let burst
= match param
["burst"].as_str() {
1227 Some(s
) => Some(s
.parse
::<HumanByte
>()?
),
1231 let rate_limit
= RateLimitConfig
::with_same_inout(rate
, burst
);
1233 let client
= connect_rate_limited(&repo
, rate_limit
)?
;
1234 record_repository(&repo
);
1236 let ns
= match param
.get("ns") {
1237 Some(Value
::String(ns
)) => ns
.parse()?
,
1238 Some(_
) => bail
!("invalid namespace parameter"),
1239 None
=> BackupNamespace
::root(),
1241 let path
= json
::required_string_param(¶m
, "snapshot")?
;
1243 let backup_dir
= dir_or_last_from_group(&client
, &repo
, &ns
, &path
).await?
;
1245 let target
= json
::required_string_param(¶m
, "target")?
;
1246 let target
= if target
== "-" { None }
else { Some(target) }
;
1248 let crypto
= crypto_parameters(¶m
)?
;
1250 let crypt_config
= match crypto
.enc_key
{
1254 decrypt_key(&key
.key
, &get_encryption_key_password
).map_err(|err
| {
1255 eprintln
!("{}", format_key_source(&key
.source
, "encryption"));
1258 Some(Arc
::new(CryptConfig
::new(key
)?
))
1262 let client
= BackupReader
::start(
1264 crypt_config
.clone(),
1272 let (archive_name
, archive_type
) = parse_archive_type(archive_name
);
1274 let (manifest
, backup_index_data
) = client
.download_manifest().await?
;
1276 if archive_name
== ENCRYPTED_KEY_BLOB_NAME
&& crypt_config
.is_none() {
1277 eprintln
!("Restoring encrypted key blob without original key - skipping manifest fingerprint check!")
1279 if manifest
.signature
.is_some() {
1280 if let Some(key
) = &crypto
.enc_key
{
1281 eprintln
!("{}", format_key_source(&key
.source
, "encryption"));
1283 if let Some(config
) = &crypt_config
{
1284 eprintln
!("Fingerprint: {}", Fingerprint
::new(config
.fingerprint()));
1287 manifest
.check_fingerprint(crypt_config
.as_ref().map(Arc
::as_ref
))?
;
1290 if archive_name
== MANIFEST_BLOB_NAME
{
1291 if let Some(target
) = target
{
1292 replace_file(target
, &backup_index_data
, CreateOptions
::new(), false)?
;
1294 let stdout
= std
::io
::stdout();
1295 let mut writer
= stdout
.lock();
1297 .write_all(&backup_index_data
)
1298 .map_err(|err
| format_err
!("unable to pipe data - {}", err
))?
;
1301 return Ok(Value
::Null
);
1304 let file_info
= manifest
.lookup_file_info(&archive_name
)?
;
1306 if archive_type
== ArchiveType
::Blob
{
1307 let mut reader
= client
.download_blob(&manifest
, &archive_name
).await?
;
1309 if let Some(target
) = target
{
1310 let mut writer
= std
::fs
::OpenOptions
::new()
1316 format_err
!("unable to create target file {:?} - {}", target
, err
)
1318 std
::io
::copy(&mut reader
, &mut writer
)?
;
1320 let stdout
= std
::io
::stdout();
1321 let mut writer
= stdout
.lock();
1322 std
::io
::copy(&mut reader
, &mut writer
)
1323 .map_err(|err
| format_err
!("unable to pipe data - {}", err
))?
;
1325 } else if archive_type
== ArchiveType
::DynamicIndex
{
1327 .download_dynamic_index(&manifest
, &archive_name
)
1330 let most_used
= index
.find_most_used_chunks(8);
1332 let chunk_reader
= RemoteChunkReader
::new(
1335 file_info
.chunk_crypt_mode(),
1339 let mut reader
= BufferedDynamicReader
::new(index
, chunk_reader
);
1341 let options
= pbs_client
::pxar
::PxarExtractOptions
{
1343 extract_match_default
: true,
1344 allow_existing_dirs
,
1348 if let Some(target
) = target
{
1349 pbs_client
::pxar
::extract_archive(
1350 pxar
::decoder
::Decoder
::from_std(reader
)?
,
1352 pbs_client
::pxar
::Flags
::DEFAULT
,
1355 println
!("{:?}", path
);
1360 .map_err(|err
| format_err
!("error extracting archive - {}", err
))?
;
1362 let mut writer
= std
::fs
::OpenOptions
::new()
1364 .open("/dev/stdout")
1365 .map_err(|err
| format_err
!("unable to open /dev/stdout - {}", err
))?
;
1367 std
::io
::copy(&mut reader
, &mut writer
)
1368 .map_err(|err
| format_err
!("unable to pipe data - {}", err
))?
;
1370 } else if archive_type
== ArchiveType
::FixedIndex
{
1372 .download_fixed_index(&manifest
, &archive_name
)
1375 let mut writer
= if let Some(target
) = target
{
1376 std
::fs
::OpenOptions
::new()
1381 .map_err(|err
| format_err
!("unable to create target file {:?} - {}", target
, err
))?
1383 std
::fs
::OpenOptions
::new()
1385 .open("/dev/stdout")
1386 .map_err(|err
| format_err
!("unable to open /dev/stdout - {}", err
))?
1391 crypt_config
.clone(),
1392 file_info
.chunk_crypt_mode(),
1409 description
: "Just show what prune would do, but do not delete anything.",
1413 description
: "Backup group",
1420 schema
: OUTPUT_FORMAT
,
1427 description
: "Minimal output - only show removals.",
1430 schema
: REPO_URL_SCHEMA
,
1436 /// Prune a backup repository.
1438 dry_run
: Option
<bool
>,
1440 prune_options
: PruneOptions
,
1443 ) -> Result
<Value
, Error
> {
1444 let repo
= extract_repository_from_value(¶m
)?
;
1446 let client
= connect(&repo
)?
;
1448 let path
= format
!("api2/json/admin/datastore/{}/prune", repo
.store());
1450 let group
: BackupGroup
= group
.parse()?
;
1452 let output_format
= extract_output_format(&mut param
);
1454 let mut api_param
= serde_json
::to_value(prune_options
)?
;
1455 if let Some(dry_run
) = dry_run
{
1456 api_param
["dry-run"] = dry_run
.into();
1458 merge_group_into(api_param
.as_object_mut().unwrap(), group
);
1460 let mut result
= client
.post(&path
, Some(api_param
)).await?
;
1462 record_repository(&repo
);
1464 let render_snapshot_path
= |_v
: &Value
, record
: &Value
| -> Result
<String
, Error
> {
1465 let item
: PruneListItem
= serde_json
::from_value(record
.to_owned())?
;
1466 Ok(item
.backup
.to_string())
1469 let render_prune_action
= |v
: &Value
, _record
: &Value
| -> Result
<String
, Error
> {
1470 Ok(match v
.as_bool() {
1471 Some(true) => "keep",
1472 Some(false) => "remove",
1478 let options
= default_table_format_options()
1479 .sortby("backup-type", false)
1480 .sortby("backup-id", false)
1481 .sortby("backup-time", false)
1483 ColumnConfig
::new("backup-id")
1484 .renderer(render_snapshot_path
)
1485 .header("snapshot"),
1488 ColumnConfig
::new("backup-time")
1489 .renderer(pbs_tools
::format
::render_epoch
)
1493 ColumnConfig
::new("keep")
1494 .renderer(render_prune_action
)
1498 let return_type
= &pbs_api_types
::ADMIN_DATASTORE_PRUNE_RETURN_TYPE
;
1500 let mut data
= result
["data"].take();
1503 let list
: Vec
<Value
> = data
1507 .filter(|item
| item
["keep"].as_bool() == Some(false))
1513 format_and_print_result_full(&mut data
, return_type
, &output_format
, &options
);
1522 schema
: REPO_URL_SCHEMA
,
1526 schema
: OUTPUT_FORMAT
,
1532 type: StorageStatus
,
1535 /// Get repository status.
1536 async
fn status(param
: Value
) -> Result
<Value
, Error
> {
1537 let repo
= extract_repository_from_value(¶m
)?
;
1539 let output_format
= get_output_format(¶m
);
1541 let client
= connect(&repo
)?
;
1543 let path
= format
!("api2/json/admin/datastore/{}/status", repo
.store());
1545 let mut result
= client
.get(&path
, None
).await?
;
1546 let mut data
= result
["data"].take();
1548 record_repository(&repo
);
1550 let render_total_percentage
= |v
: &Value
, record
: &Value
| -> Result
<String
, Error
> {
1551 let v
= v
.as_u64().unwrap();
1552 let total
= record
["total"].as_u64().unwrap();
1553 let roundup
= total
/ 200;
1554 let per
= ((v
+ roundup
) * 100) / total
;
1555 let info
= format
!(" ({} %)", per
);
1556 Ok(format
!("{} {:>8}", v
, info
))
1559 let options
= default_table_format_options()
1561 .column(ColumnConfig
::new("total").renderer(render_total_percentage
))
1562 .column(ColumnConfig
::new("used").renderer(render_total_percentage
))
1563 .column(ColumnConfig
::new("avail").renderer(render_total_percentage
));
1565 let return_type
= &API_METHOD_STATUS
.returns
;
1567 format_and_print_result_full(&mut data
, return_type
, &output_format
, &options
);
1572 /// This is a workaround until we have cleaned up the chunk/reader/... infrastructure for better
1575 /// Ideally BufferedDynamicReader gets replaced so the LruCache maps to `BroadcastFuture<Chunk>`,
1576 /// so that we can properly access it from multiple threads simultaneously while not issuing
1577 /// duplicate simultaneous reads over http.
1578 pub struct BufferedDynamicReadAt
{
1579 inner
: Mutex
<BufferedDynamicReader
<RemoteChunkReader
>>,
1582 impl BufferedDynamicReadAt
{
1583 fn new(inner
: BufferedDynamicReader
<RemoteChunkReader
>) -> Self {
1585 inner
: Mutex
::new(inner
),
1590 impl ReadAt
for BufferedDynamicReadAt
{
1591 fn start_read_at
<'a
>(
1592 self: Pin
<&'a
Self>,
1596 ) -> MaybeReady
<io
::Result
<usize>, ReadAtOperation
<'a
>> {
1597 MaybeReady
::Ready(tokio
::task
::block_in_place(move || {
1598 let mut reader
= self.inner
.lock().unwrap();
1599 reader
.seek(SeekFrom
::Start(offset
))?
;
1604 fn poll_complete
<'a
>(
1605 self: Pin
<&'a
Self>,
1606 _op
: ReadAtOperation
<'a
>,
1607 ) -> MaybeReady
<io
::Result
<usize>, ReadAtOperation
<'a
>> {
1608 panic
!("BufferedDynamicReadAt::start_read_at returned Pending");
1613 pbs_tools
::setup_libc_malloc_opts();
1615 let backup_cmd_def
= CliCommand
::new(&API_METHOD_CREATE_BACKUP
)
1616 .arg_param(&["backupspec"])
1617 .completion_cb("repository", complete_repository
)
1618 .completion_cb("backupspec", complete_backup_source
)
1619 .completion_cb("keyfile", complete_file_name
)
1620 .completion_cb("master-pubkey-file", complete_file_name
)
1621 .completion_cb("chunk-size", complete_chunk_size
);
1623 let benchmark_cmd_def
= CliCommand
::new(&API_METHOD_BENCHMARK
)
1624 .completion_cb("repository", complete_repository
)
1625 .completion_cb("keyfile", complete_file_name
);
1627 let list_cmd_def
= CliCommand
::new(&API_METHOD_LIST_BACKUP_GROUPS
)
1628 .completion_cb("repository", complete_repository
);
1630 let garbage_collect_cmd_def
= CliCommand
::new(&API_METHOD_START_GARBAGE_COLLECTION
)
1631 .completion_cb("repository", complete_repository
);
1633 let restore_cmd_def
= CliCommand
::new(&API_METHOD_RESTORE
)
1634 .arg_param(&["snapshot", "archive-name", "target"])
1635 .completion_cb("repository", complete_repository
)
1636 .completion_cb("snapshot", complete_group_or_snapshot
)
1637 .completion_cb("archive-name", complete_archive_name
)
1638 .completion_cb("target", complete_file_name
);
1640 let prune_cmd_def
= CliCommand
::new(&API_METHOD_PRUNE
)
1641 .arg_param(&["group"])
1642 .completion_cb("group", complete_backup_group
)
1643 .completion_cb("repository", complete_repository
);
1645 let status_cmd_def
=
1646 CliCommand
::new(&API_METHOD_STATUS
).completion_cb("repository", complete_repository
);
1649 CliCommand
::new(&API_METHOD_API_LOGIN
).completion_cb("repository", complete_repository
);
1651 let logout_cmd_def
=
1652 CliCommand
::new(&API_METHOD_API_LOGOUT
).completion_cb("repository", complete_repository
);
1654 let version_cmd_def
=
1655 CliCommand
::new(&API_METHOD_API_VERSION
).completion_cb("repository", complete_repository
);
1657 let change_owner_cmd_def
= CliCommand
::new(&API_METHOD_CHANGE_BACKUP_OWNER
)
1658 .arg_param(&["group", "new-owner"])
1659 .completion_cb("group", complete_backup_group
)
1660 .completion_cb("new-owner", complete_auth_id
)
1661 .completion_cb("repository", complete_repository
);
1663 let cmd_def
= CliCommandMap
::new()
1664 .insert("backup", backup_cmd_def
)
1665 .insert("garbage-collect", garbage_collect_cmd_def
)
1666 .insert("list", list_cmd_def
)
1667 .insert("login", login_cmd_def
)
1668 .insert("logout", logout_cmd_def
)
1669 .insert("prune", prune_cmd_def
)
1670 .insert("restore", restore_cmd_def
)
1671 .insert("snapshot", snapshot_mgtm_cli())
1672 .insert("status", status_cmd_def
)
1673 .insert("key", key
::cli())
1674 .insert("mount", mount_cmd_def())
1675 .insert("map", map_cmd_def())
1676 .insert("unmap", unmap_cmd_def())
1677 .insert("catalog", catalog_mgmt_cli())
1678 .insert("task", task_mgmt_cli())
1679 .insert("version", version_cmd_def
)
1680 .insert("benchmark", benchmark_cmd_def
)
1681 .insert("change-owner", change_owner_cmd_def
)
1682 .alias(&["files"], &["snapshot", "files"])
1683 .alias(&["forget"], &["snapshot", "forget"])
1684 .alias(&["upload-log"], &["snapshot", "upload-log"])
1685 .alias(&["snapshots"], &["snapshot", "list"]);
1687 let rpcenv
= CliEnvironment
::new();
1691 Some(|future
| proxmox_async
::runtime
::main(future
)),