1 //! Datastore Management
3 use std
::collections
::HashSet
;
5 use std
::os
::unix
::ffi
::OsStrExt
;
6 use std
::path
::PathBuf
;
9 use anyhow
::{bail, format_err, Error}
;
11 use hyper
::http
::request
::Parts
;
12 use hyper
::{header, Body, Response, StatusCode}
;
13 use serde
::Deserialize
;
14 use serde_json
::{json, Value}
;
15 use tokio_stream
::wrappers
::ReceiverStream
;
17 use proxmox_async
::blocking
::WrappedReaderStream
;
18 use proxmox_async
::{io::AsyncChannelWriter, stream::AsyncReaderStream}
;
19 use proxmox_compression
::zstd
::ZstdEncoder
;
21 http_err
, list_subdirs_api_method
, ApiHandler
, ApiMethod
, ApiResponseFuture
, Permission
,
22 Router
, RpcEnvironment
, RpcEnvironmentType
, SubdirMap
,
24 use proxmox_schema
::*;
25 use proxmox_sys
::fs
::{
26 file_read_firstline
, file_read_optional_string
, replace_file
, CreateOptions
,
28 use proxmox_sys
::sortable
;
29 use proxmox_sys
::{task_log, task_warn}
;
31 use pxar
::accessor
::aio
::Accessor
;
35 print_ns_and_snapshot
, print_store_and_ns
, Authid
, BackupContent
, BackupNamespace
, BackupType
,
36 Counts
, CryptMode
, DataStoreListItem
, DataStoreStatus
, GarbageCollectionStatus
, GroupListItem
,
37 KeepOptions
, Operation
, PruneJobOptions
, RRDMode
, RRDTimeFrame
, SnapshotListItem
,
38 SnapshotVerifyState
, BACKUP_ARCHIVE_NAME_SCHEMA
, BACKUP_ID_SCHEMA
, BACKUP_NAMESPACE_SCHEMA
,
39 BACKUP_TIME_SCHEMA
, BACKUP_TYPE_SCHEMA
, DATASTORE_SCHEMA
, IGNORE_VERIFIED_BACKUPS_SCHEMA
,
40 MAX_NAMESPACE_DEPTH
, NS_MAX_DEPTH_SCHEMA
, PRIV_DATASTORE_AUDIT
, PRIV_DATASTORE_BACKUP
,
41 PRIV_DATASTORE_MODIFY
, PRIV_DATASTORE_PRUNE
, PRIV_DATASTORE_READ
, PRIV_DATASTORE_VERIFY
,
42 UPID_SCHEMA
, VERIFICATION_OUTDATED_AFTER_SCHEMA
,
44 use pbs_client
::pxar
::{create_tar, create_zip}
;
45 use pbs_config
::CachedUserInfo
;
46 use pbs_datastore
::backup_info
::BackupInfo
;
47 use pbs_datastore
::cached_chunk_reader
::CachedChunkReader
;
48 use pbs_datastore
::catalog
::{ArchiveEntry, CatalogReader}
;
49 use pbs_datastore
::data_blob
::DataBlob
;
50 use pbs_datastore
::data_blob_reader
::DataBlobReader
;
51 use pbs_datastore
::dynamic_index
::{BufferedDynamicReader, DynamicIndexReader, LocalDynamicReadAt}
;
52 use pbs_datastore
::fixed_index
::FixedIndexReader
;
53 use pbs_datastore
::index
::IndexFile
;
54 use pbs_datastore
::manifest
::{BackupManifest, CLIENT_LOG_BLOB_NAME, MANIFEST_BLOB_NAME}
;
55 use pbs_datastore
::prune
::compute_prune_info
;
57 check_backup_owner
, task_tracking
, BackupDir
, BackupGroup
, DataStore
, LocalChunkReader
,
58 StoreProgress
, CATALOG_NAME
,
60 use pbs_tools
::json
::required_string_param
;
61 use proxmox_rest_server
::{formatter, WorkerTask}
;
63 use crate::api2
::backup
::optional_ns_param
;
64 use crate::api2
::node
::rrd
::create_value_from_rrd
;
66 check_ns_privs_full
, verify_all_backups
, verify_backup_dir
, verify_backup_group
, verify_filter
,
67 ListAccessibleBackupGroups
, NS_PRIVS_OK
,
70 use crate::server
::jobstate
::Job
;
72 const GROUP_NOTES_FILE_NAME
: &str = "notes";
74 fn get_group_note_path(
77 group
: &pbs_api_types
::BackupGroup
,
79 let mut note_path
= store
.group_path(ns
, group
);
80 note_path
.push(GROUP_NOTES_FILE_NAME
);
84 // helper to unify common sequence of checks:
85 // 1. check privs on NS (full or limited access)
87 // 3. if needed (only limited access), check owner of group
88 fn check_privs_and_load_store(
92 full_access_privs
: u64,
93 partial_access_privs
: u64,
94 operation
: Option
<Operation
>,
95 backup_group
: &pbs_api_types
::BackupGroup
,
96 ) -> Result
<Arc
<DataStore
>, Error
> {
97 let limited
= check_ns_privs_full(store
, ns
, auth_id
, full_access_privs
, partial_access_privs
)?
;
99 let datastore
= DataStore
::lookup_datastore(store
, operation
)?
;
102 let owner
= datastore
.get_owner(ns
, backup_group
)?
;
103 check_backup_owner(&owner
, auth_id
)?
;
109 fn read_backup_index(
110 backup_dir
: &BackupDir
,
111 ) -> Result
<(BackupManifest
, Vec
<BackupContent
>), Error
> {
112 let (manifest
, index_size
) = backup_dir
.load_manifest()?
;
114 let mut result
= Vec
::new();
115 for item
in manifest
.files() {
116 result
.push(BackupContent
{
117 filename
: item
.filename
.clone(),
118 crypt_mode
: Some(item
.crypt_mode
),
119 size
: Some(item
.size
),
123 result
.push(BackupContent
{
124 filename
: MANIFEST_BLOB_NAME
.to_string(),
125 crypt_mode
: match manifest
.signature
{
126 Some(_
) => Some(CryptMode
::SignOnly
),
127 None
=> Some(CryptMode
::None
),
129 size
: Some(index_size
),
132 Ok((manifest
, result
))
135 fn get_all_snapshot_files(
137 ) -> Result
<(BackupManifest
, Vec
<BackupContent
>), Error
> {
138 let (manifest
, mut files
) = read_backup_index(&info
.backup_dir
)?
;
140 let file_set
= files
.iter().fold(HashSet
::new(), |mut acc
, item
| {
141 acc
.insert(item
.filename
.clone());
145 for file
in &info
.files
{
146 if file_set
.contains(file
) {
149 files
.push(BackupContent
{
150 filename
: file
.to_string(),
156 Ok((manifest
, files
))
163 schema
: DATASTORE_SCHEMA
,
166 type: BackupNamespace
,
171 returns
: pbs_api_types
::ADMIN_DATASTORE_LIST_GROUPS_RETURN_TYPE
,
173 permission
: &Permission
::Anybody
,
174 description
: "Requires DATASTORE_AUDIT for all or DATASTORE_BACKUP for owned groups on \
175 /datastore/{store}[/{namespace}]",
178 /// List backup groups.
181 ns
: Option
<BackupNamespace
>,
182 rpcenv
: &mut dyn RpcEnvironment
,
183 ) -> Result
<Vec
<GroupListItem
>, Error
> {
184 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
185 let ns
= ns
.unwrap_or_default();
187 let list_all
= !check_ns_privs_full(
191 PRIV_DATASTORE_AUDIT
,
192 PRIV_DATASTORE_BACKUP
,
195 let datastore
= DataStore
::lookup_datastore(&store
, Some(Operation
::Read
))?
;
198 .iter_backup_groups(ns
.clone())?
// FIXME: Namespaces and recursion parameters!
199 .try_fold(Vec
::new(), |mut group_info
, group
| {
202 let owner
= match datastore
.get_owner(&ns
, group
.as_ref()) {
203 Ok(auth_id
) => auth_id
,
206 "Failed to get owner of group '{}' in {} - {}",
208 print_store_and_ns(&store
, &ns
),
211 return Ok(group_info
);
214 if !list_all
&& check_backup_owner(&owner
, &auth_id
).is_err() {
215 return Ok(group_info
);
218 let snapshots
= match group
.list_backups() {
219 Ok(snapshots
) => snapshots
,
220 Err(_
) => return Ok(group_info
),
223 let backup_count
: u64 = snapshots
.len() as u64;
224 if backup_count
== 0 {
225 return Ok(group_info
);
228 let last_backup
= snapshots
230 .fold(&snapshots
[0], |a
, b
| {
231 if a
.is_finished() && a
.backup_dir
.backup_time() > b
.backup_dir
.backup_time() {
239 let note_path
= get_group_note_path(&datastore
, &ns
, group
.as_ref());
240 let comment
= file_read_firstline(¬e_path
).ok();
242 group_info
.push(GroupListItem
{
243 backup
: group
.into(),
244 last_backup
: last_backup
.backup_dir
.backup_time(),
247 files
: last_backup
.files
,
258 store
: { schema: DATASTORE_SCHEMA }
,
260 type: BackupNamespace
,
264 type: pbs_api_types
::BackupGroup
,
270 permission
: &Permission
::Anybody
,
271 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_MODIFY for any\
272 or DATASTORE_PRUNE and being the owner of the group",
275 /// Delete backup group including all snapshots.
276 pub async
fn delete_group(
278 ns
: Option
<BackupNamespace
>,
279 group
: pbs_api_types
::BackupGroup
,
280 rpcenv
: &mut dyn RpcEnvironment
,
281 ) -> Result
<Value
, Error
> {
282 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
284 tokio
::task
::spawn_blocking(move || {
285 let ns
= ns
.unwrap_or_default();
287 let datastore
= check_privs_and_load_store(
291 PRIV_DATASTORE_MODIFY
,
292 PRIV_DATASTORE_PRUNE
,
293 Some(Operation
::Write
),
297 if !datastore
.remove_backup_group(&ns
, &group
)?
{
298 bail
!("group only partially deleted due to protected snapshots");
309 store
: { schema: DATASTORE_SCHEMA }
,
311 type: BackupNamespace
,
315 type: pbs_api_types
::BackupDir
,
320 returns
: pbs_api_types
::ADMIN_DATASTORE_LIST_SNAPSHOT_FILES_RETURN_TYPE
,
322 permission
: &Permission
::Anybody
,
323 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_AUDIT or \
324 DATASTORE_READ for any or DATASTORE_BACKUP and being the owner of the group",
327 /// List snapshot files.
328 pub async
fn list_snapshot_files(
330 ns
: Option
<BackupNamespace
>,
331 backup_dir
: pbs_api_types
::BackupDir
,
333 rpcenv
: &mut dyn RpcEnvironment
,
334 ) -> Result
<Vec
<BackupContent
>, Error
> {
335 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
337 tokio
::task
::spawn_blocking(move || {
338 let ns
= ns
.unwrap_or_default();
340 let datastore
= check_privs_and_load_store(
344 PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_READ
,
345 PRIV_DATASTORE_BACKUP
,
346 Some(Operation
::Read
),
350 let snapshot
= datastore
.backup_dir(ns
, backup_dir
)?
;
352 let info
= BackupInfo
::new(snapshot
)?
;
354 let (_manifest
, files
) = get_all_snapshot_files(&info
)?
;
364 store
: { schema: DATASTORE_SCHEMA }
,
366 type: BackupNamespace
,
370 type: pbs_api_types
::BackupDir
,
376 permission
: &Permission
::Anybody
,
377 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_MODIFY for any\
378 or DATASTORE_PRUNE and being the owner of the group",
381 /// Delete backup snapshot.
382 pub async
fn delete_snapshot(
384 ns
: Option
<BackupNamespace
>,
385 backup_dir
: pbs_api_types
::BackupDir
,
387 rpcenv
: &mut dyn RpcEnvironment
,
388 ) -> Result
<Value
, Error
> {
389 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
391 tokio
::task
::spawn_blocking(move || {
392 let ns
= ns
.unwrap_or_default();
394 let datastore
= check_privs_and_load_store(
398 PRIV_DATASTORE_MODIFY
,
399 PRIV_DATASTORE_PRUNE
,
400 Some(Operation
::Write
),
404 let snapshot
= datastore
.backup_dir(ns
, backup_dir
)?
;
406 snapshot
.destroy(false)?
;
417 store
: { schema: DATASTORE_SCHEMA }
,
419 type: BackupNamespace
,
428 schema
: BACKUP_ID_SCHEMA
,
432 returns
: pbs_api_types
::ADMIN_DATASTORE_LIST_SNAPSHOTS_RETURN_TYPE
,
434 permission
: &Permission
::Anybody
,
435 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_AUDIT for any \
436 or DATASTORE_BACKUP and being the owner of the group",
439 /// List backup snapshots.
440 pub async
fn list_snapshots(
442 ns
: Option
<BackupNamespace
>,
443 backup_type
: Option
<BackupType
>,
444 backup_id
: Option
<String
>,
447 rpcenv
: &mut dyn RpcEnvironment
,
448 ) -> Result
<Vec
<SnapshotListItem
>, Error
> {
449 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
451 tokio
::task
::spawn_blocking(move || unsafe {
452 list_snapshots_blocking(store
, ns
, backup_type
, backup_id
, auth_id
)
455 .map_err(|err
| format_err
!("failed to await blocking task: {err}"))?
458 /// This must not run in a main worker thread as it potentially does tons of I/O.
459 unsafe fn list_snapshots_blocking(
461 ns
: Option
<BackupNamespace
>,
462 backup_type
: Option
<BackupType
>,
463 backup_id
: Option
<String
>,
465 ) -> Result
<Vec
<SnapshotListItem
>, Error
> {
466 let ns
= ns
.unwrap_or_default();
468 let list_all
= !check_ns_privs_full(
472 PRIV_DATASTORE_AUDIT
,
473 PRIV_DATASTORE_BACKUP
,
476 let datastore
= DataStore
::lookup_datastore(&store
, Some(Operation
::Read
))?
;
478 // FIXME: filter also owner before collecting, for doing that nicely the owner should move into
479 // backup group and provide an error free (Err -> None) accessor
480 let groups
= match (backup_type
, backup_id
) {
481 (Some(backup_type
), Some(backup_id
)) => {
482 vec
![datastore
.backup_group_from_parts(ns
.clone(), backup_type
, backup_id
)]
485 (Some(backup_type
), None
) => datastore
486 .iter_backup_type_ok(ns
.clone(), backup_type
)?
489 (None
, Some(backup_id
)) => BackupType
::iter()
490 .filter_map(|backup_type
| {
492 datastore
.backup_group_from_parts(ns
.clone(), backup_type
, backup_id
.clone());
493 group
.exists().then(move || group
)
497 (None
, None
) => datastore
.list_backup_groups(ns
.clone())?
,
500 let info_to_snapshot_list_item
= |group
: &BackupGroup
, owner
, info
: BackupInfo
| {
501 let backup
= pbs_api_types
::BackupDir
{
503 time
: info
.backup_dir
.backup_time(),
505 let protected
= info
.backup_dir
.is_protected();
507 match get_all_snapshot_files(&info
) {
508 Ok((manifest
, files
)) => {
509 // extract the first line from notes
510 let comment
: Option
<String
> = manifest
.unprotected
["notes"]
512 .and_then(|notes
| notes
.lines().next())
515 let fingerprint
= match manifest
.fingerprint() {
518 eprintln
!("error parsing fingerprint: '{}'", err
);
523 let verification
= manifest
.unprotected
["verify_state"].clone();
524 let verification
: Option
<SnapshotVerifyState
> =
525 match serde_json
::from_value(verification
) {
526 Ok(verify
) => verify
,
528 eprintln
!("error parsing verification state : '{}'", err
);
533 let size
= Some(files
.iter().map(|x
| x
.size
.unwrap_or(0)).sum());
547 eprintln
!("error during snapshot file listing: '{}'", err
);
551 .map(|filename
| BackupContent
{
572 groups
.iter().try_fold(Vec
::new(), |mut snapshots
, group
| {
573 let owner
= match group
.get_owner() {
574 Ok(auth_id
) => auth_id
,
577 "Failed to get owner of group '{}' in {} - {}",
579 print_store_and_ns(&store
, &ns
),
582 return Ok(snapshots
);
586 if !list_all
&& check_backup_owner(&owner
, &auth_id
).is_err() {
587 return Ok(snapshots
);
590 let group_backups
= group
.list_backups()?
;
595 .map(|info
| info_to_snapshot_list_item(group
, Some(owner
.clone()), info
)),
602 async
fn get_snapshots_count(
603 store
: &Arc
<DataStore
>,
604 owner
: Option
<&Authid
>,
605 ) -> Result
<Counts
, Error
> {
606 let store
= Arc
::clone(store
);
607 let owner
= owner
.cloned();
608 tokio
::task
::spawn_blocking(move || {
609 let root_ns
= Default
::default();
610 ListAccessibleBackupGroups
::new_with_privs(
614 Some(PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_READ
),
618 .try_fold(Counts
::default(), |mut counts
, group
| {
619 let group
= match group
{
621 Err(_
) => return Ok(counts
), // TODO: add this as error counts?
623 let snapshot_count
= group
.list_backups()?
.len() as u64;
625 // only include groups with snapshots, counting/displaying empty groups can confuse
626 if snapshot_count
> 0 {
627 let type_count
= match group
.backup_type() {
628 BackupType
::Ct
=> counts
.ct
.get_or_insert(Default
::default()),
629 BackupType
::Vm
=> counts
.vm
.get_or_insert(Default
::default()),
630 BackupType
::Host
=> counts
.host
.get_or_insert(Default
::default()),
633 type_count
.groups
+= 1;
634 type_count
.snapshots
+= snapshot_count
;
647 schema
: DATASTORE_SCHEMA
,
653 description
: "Include additional information like snapshot counts and GC status.",
659 type: DataStoreStatus
,
662 permission
: &Permission
::Anybody
,
663 description
: "Requires on /datastore/{store} either DATASTORE_AUDIT or DATASTORE_BACKUP for \
664 the full statistics. Counts of accessible groups are always returned, if any",
667 /// Get datastore status.
672 rpcenv
: &mut dyn RpcEnvironment
,
673 ) -> Result
<DataStoreStatus
, Error
> {
674 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
675 let user_info
= CachedUserInfo
::new()?
;
676 let store_privs
= user_info
.lookup_privs(&auth_id
, &["datastore", &store
]);
678 let datastore
= DataStore
::lookup_datastore(&store
, Some(Operation
::Read
));
680 let store_stats
= if store_privs
& (PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_BACKUP
) != 0 {
682 } else if store_privs
& PRIV_DATASTORE_READ
!= 0 {
683 false // allow at least counts, user can read groups anyway..
685 match user_info
.any_privs_below(&auth_id
, &["datastore", &store
], NS_PRIVS_OK
) {
686 // avoid leaking existence info if users hasn't at least any priv. below
687 Ok(false) | Err(_
) => return Err(http_err
!(FORBIDDEN
, "permission check failed")),
691 let datastore
= datastore?
; // only unwrap no to avoid leaking existence info
693 let (counts
, gc_status
) = if verbose
{
694 let filter_owner
= if store_privs
& PRIV_DATASTORE_AUDIT
!= 0 {
700 let counts
= Some(get_snapshots_count(&datastore
, filter_owner
).await?
);
701 let gc_status
= if store_stats
{
702 Some(datastore
.last_gc_status())
713 let storage
= crate::tools
::fs
::fs_info(datastore
.base_path()).await?
;
715 total
: storage
.total
,
717 avail
: storage
.available
,
736 schema
: DATASTORE_SCHEMA
,
739 type: BackupNamespace
,
747 schema
: BACKUP_ID_SCHEMA
,
751 schema
: IGNORE_VERIFIED_BACKUPS_SCHEMA
,
755 schema
: VERIFICATION_OUTDATED_AFTER_SCHEMA
,
759 schema
: BACKUP_TIME_SCHEMA
,
763 schema
: NS_MAX_DEPTH_SCHEMA
,
772 permission
: &Permission
::Anybody
,
773 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_VERIFY for any \
774 or DATASTORE_BACKUP and being the owner of the group",
779 /// This function can verify a single backup snapshot, all backup from a backup group,
780 /// or all backups in the datastore.
781 #[allow(clippy::too_many_arguments)]
784 ns
: Option
<BackupNamespace
>,
785 backup_type
: Option
<BackupType
>,
786 backup_id
: Option
<String
>,
787 backup_time
: Option
<i64>,
788 ignore_verified
: Option
<bool
>,
789 outdated_after
: Option
<i64>,
790 max_depth
: Option
<usize>,
791 rpcenv
: &mut dyn RpcEnvironment
,
792 ) -> Result
<Value
, Error
> {
793 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
794 let ns
= ns
.unwrap_or_default();
796 let owner_check_required
= check_ns_privs_full(
800 PRIV_DATASTORE_VERIFY
,
801 PRIV_DATASTORE_BACKUP
,
804 let datastore
= DataStore
::lookup_datastore(&store
, Some(Operation
::Read
))?
;
805 let ignore_verified
= ignore_verified
.unwrap_or(true);
809 let mut backup_dir
= None
;
810 let mut backup_group
= None
;
811 let mut worker_type
= "verify";
813 match (backup_type
, backup_id
, backup_time
) {
814 (Some(backup_type
), Some(backup_id
), Some(backup_time
)) => {
816 "{}:{}/{}/{}/{:08X}",
818 ns
.display_as_path(),
824 datastore
.backup_dir_from_parts(ns
.clone(), backup_type
, backup_id
, backup_time
)?
;
826 if owner_check_required
{
827 let owner
= datastore
.get_owner(dir
.backup_ns(), dir
.as_ref())?
;
828 check_backup_owner(&owner
, &auth_id
)?
;
831 backup_dir
= Some(dir
);
832 worker_type
= "verify_snapshot";
834 (Some(backup_type
), Some(backup_id
), None
) => {
838 ns
.display_as_path(),
842 let group
= pbs_api_types
::BackupGroup
::from((backup_type
, backup_id
));
844 if owner_check_required
{
845 let owner
= datastore
.get_owner(&ns
, &group
)?
;
846 check_backup_owner(&owner
, &auth_id
)?
;
849 backup_group
= Some(datastore
.backup_group(ns
.clone(), group
));
850 worker_type
= "verify_group";
852 (None
, None
, None
) => {
853 worker_id
= if ns
.is_root() {
856 format
!("{}:{}", store
, ns
.display_as_path())
859 _
=> bail
!("parameters do not specify a backup group or snapshot"),
862 let to_stdout
= rpcenv
.env_type() == RpcEnvironmentType
::CLI
;
864 let upid_str
= WorkerTask
::new_thread(
870 let verify_worker
= crate::backup
::VerifyWorker
::new(worker
.clone(), datastore
);
871 let failed_dirs
= if let Some(backup_dir
) = backup_dir
{
872 let mut res
= Vec
::new();
873 if !verify_backup_dir(
876 worker
.upid().clone(),
877 Some(&move |manifest
| verify_filter(ignore_verified
, outdated_after
, manifest
)),
879 res
.push(print_ns_and_snapshot(
880 backup_dir
.backup_ns(),
885 } else if let Some(backup_group
) = backup_group
{
889 &mut StoreProgress
::new(1),
891 Some(&move |manifest
| verify_filter(ignore_verified
, outdated_after
, manifest
)),
894 let owner
= if owner_check_required
{
906 Some(&move |manifest
| verify_filter(ignore_verified
, outdated_after
, manifest
)),
909 if !failed_dirs
.is_empty() {
910 task_log
!(worker
, "Failed to verify the following snapshots/groups:");
911 for dir
in failed_dirs
{
912 task_log
!(worker
, "\t{}", dir
);
914 bail
!("verification failed - please check the log for details");
927 type: pbs_api_types
::BackupGroup
,
934 description
: "Just show what prune would do, but do not delete anything.",
941 schema
: DATASTORE_SCHEMA
,
944 type: BackupNamespace
,
949 returns
: pbs_api_types
::ADMIN_DATASTORE_PRUNE_RETURN_TYPE
,
951 permission
: &Permission
::Anybody
,
952 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_MODIFY for any\
953 or DATASTORE_PRUNE and being the owner of the group",
956 /// Prune a group on the datastore
958 group
: pbs_api_types
::BackupGroup
,
960 keep_options
: KeepOptions
,
962 ns
: Option
<BackupNamespace
>,
964 rpcenv
: &mut dyn RpcEnvironment
,
965 ) -> Result
<Value
, Error
> {
966 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
967 let ns
= ns
.unwrap_or_default();
968 let datastore
= check_privs_and_load_store(
972 PRIV_DATASTORE_MODIFY
,
973 PRIV_DATASTORE_PRUNE
,
974 Some(Operation
::Write
),
978 let worker_id
= format
!("{}:{}:{}", store
, ns
, group
);
979 let group
= datastore
.backup_group(ns
.clone(), group
);
981 let mut prune_result
= Vec
::new();
983 let list
= group
.list_backups()?
;
985 let mut prune_info
= compute_prune_info(list
, &keep_options
)?
;
987 prune_info
.reverse(); // delete older snapshots first
989 let keep_all
= !keep_options
.keeps_something();
992 for (info
, mark
) in prune_info
{
993 let keep
= keep_all
|| mark
.keep();
995 let mut result
= json
!({
996 "backup-type": info
.backup_dir
.backup_type(),
997 "backup-id": info
.backup_dir
.backup_id(),
998 "backup-time": info
.backup_dir
.backup_time(),
1000 "protected": mark
.protected(),
1002 let prune_ns
= info
.backup_dir
.backup_ns();
1003 if !prune_ns
.is_root() {
1004 result
["ns"] = serde_json
::to_value(prune_ns
)?
;
1006 prune_result
.push(result
);
1008 return Ok(json
!(prune_result
));
1011 // We use a WorkerTask just to have a task log, but run synchrounously
1012 let worker
= WorkerTask
::new("prune", Some(worker_id
), auth_id
.to_string(), true)?
;
1015 task_log
!(worker
, "No prune selection - keeping all files.");
1017 let mut opts
= Vec
::new();
1019 opts
.push(format
!("--ns {ns}"));
1021 crate::server
::cli_keep_options(&mut opts
, &keep_options
);
1023 task_log
!(worker
, "retention options: {}", opts
.join(" "));
1026 "Starting prune on {} group \"{}\"",
1027 print_store_and_ns(&store
, &ns
),
1032 for (info
, mark
) in prune_info
{
1033 let keep
= keep_all
|| mark
.keep();
1035 let backup_time
= info
.backup_dir
.backup_time();
1036 let timestamp
= info
.backup_dir
.backup_time_string();
1037 let group
: &pbs_api_types
::BackupGroup
= info
.backup_dir
.as_ref();
1039 let msg
= format
!("{}/{}/{} {}", group
.ty
, group
.id
, timestamp
, mark
,);
1041 task_log
!(worker
, "{}", msg
);
1043 prune_result
.push(json
!({
1044 "backup-type": group
.ty
,
1045 "backup-id": group
.id
,
1046 "backup-time": backup_time
,
1048 "protected": mark
.protected(),
1051 if !(dry_run
|| keep
) {
1052 if let Err(err
) = info
.backup_dir
.destroy(false) {
1055 "failed to remove dir {:?}: {}",
1056 info
.backup_dir
.relative_path(),
1063 worker
.log_result(&Ok(()));
1065 Ok(json
!(prune_result
))
1075 description
: "Just show what prune would do, but do not delete anything.",
1078 type: PruneJobOptions
,
1082 schema
: DATASTORE_SCHEMA
,
1087 schema
: UPID_SCHEMA
,
1090 permission
: &Permission
::Anybody
,
1091 description
: "Requires Datastore.Modify or Datastore.Prune on the datastore/namespace.",
1094 /// Prune the datastore
1095 pub fn prune_datastore(
1097 prune_options
: PruneJobOptions
,
1100 rpcenv
: &mut dyn RpcEnvironment
,
1101 ) -> Result
<String
, Error
> {
1102 let user_info
= CachedUserInfo
::new()?
;
1104 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1106 user_info
.check_privs(
1108 &prune_options
.acl_path(&store
),
1109 PRIV_DATASTORE_MODIFY
| PRIV_DATASTORE_PRUNE
,
1113 let datastore
= DataStore
::lookup_datastore(&store
, Some(Operation
::Write
))?
;
1114 let ns
= prune_options
.ns
.clone().unwrap_or_default();
1115 let worker_id
= format
!("{}:{}", store
, ns
);
1117 let to_stdout
= rpcenv
.env_type() == RpcEnvironmentType
::CLI
;
1119 let upid_str
= WorkerTask
::new_thread(
1122 auth_id
.to_string(),
1125 crate::server
::prune_datastore(worker
, auth_id
, prune_options
, datastore
, dry_run
)
1136 schema
: DATASTORE_SCHEMA
,
1141 schema
: UPID_SCHEMA
,
1144 permission
: &Permission
::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_MODIFY
, false),
1147 /// Start garbage collection.
1148 pub fn start_garbage_collection(
1151 rpcenv
: &mut dyn RpcEnvironment
,
1152 ) -> Result
<Value
, Error
> {
1153 let datastore
= DataStore
::lookup_datastore(&store
, Some(Operation
::Write
))?
;
1154 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1156 let job
= Job
::new("garbage_collection", &store
)
1157 .map_err(|_
| format_err
!("garbage collection already running"))?
;
1159 let to_stdout
= rpcenv
.env_type() == RpcEnvironmentType
::CLI
;
1162 crate::server
::do_garbage_collection_job(job
, datastore
, &auth_id
, None
, to_stdout
)
1165 "unable to start garbage collection job on datastore {} - {}",
1178 schema
: DATASTORE_SCHEMA
,
1183 type: GarbageCollectionStatus
,
1186 permission
: &Permission
::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_AUDIT
, false),
1189 /// Garbage collection status.
1190 pub fn garbage_collection_status(
1193 _rpcenv
: &mut dyn RpcEnvironment
,
1194 ) -> Result
<GarbageCollectionStatus
, Error
> {
1195 let datastore
= DataStore
::lookup_datastore(&store
, Some(Operation
::Read
))?
;
1197 let status
= datastore
.last_gc_status();
1204 description
: "List the accessible datastores.",
1206 items
: { type: DataStoreListItem }
,
1209 permission
: &Permission
::Anybody
,
1213 pub fn get_datastore_list(
1216 rpcenv
: &mut dyn RpcEnvironment
,
1217 ) -> Result
<Vec
<DataStoreListItem
>, Error
> {
1218 let (config
, _digest
) = pbs_config
::datastore
::config()?
;
1220 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1221 let user_info
= CachedUserInfo
::new()?
;
1223 let mut list
= Vec
::new();
1225 for (store
, (_
, data
)) in &config
.sections
{
1226 let acl_path
= &["datastore", store
];
1227 let user_privs
= user_info
.lookup_privs(&auth_id
, acl_path
);
1228 let allowed
= (user_privs
& (PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_BACKUP
)) != 0;
1230 let mut allow_id
= false;
1232 if let Ok(any_privs
) = user_info
.any_privs_below(&auth_id
, acl_path
, NS_PRIVS_OK
) {
1233 allow_id
= any_privs
;
1237 if allowed
|| allow_id
{
1238 list
.push(DataStoreListItem
{
1239 store
: store
.clone(),
1240 comment
: if !allowed
{
1243 data
["comment"].as_str().map(String
::from
)
1245 maintenance
: data
["maintenance-mode"].as_str().map(String
::from
),
1254 pub const API_METHOD_DOWNLOAD_FILE
: ApiMethod
= ApiMethod
::new(
1255 &ApiHandler
::AsyncHttp(&download_file
),
1257 "Download single raw file from backup snapshot.",
1259 ("store", false, &DATASTORE_SCHEMA
),
1260 ("ns", true, &BACKUP_NAMESPACE_SCHEMA
),
1261 ("backup-type", false, &BACKUP_TYPE_SCHEMA
),
1262 ("backup-id", false, &BACKUP_ID_SCHEMA
),
1263 ("backup-time", false, &BACKUP_TIME_SCHEMA
),
1264 ("file-name", false, &BACKUP_ARCHIVE_NAME_SCHEMA
),
1270 "Requires on /datastore/{store}[/{namespace}] either DATASTORE_READ for any or \
1271 DATASTORE_BACKUP and being the owner of the group",
1273 &Permission
::Anybody
,
1276 pub fn download_file(
1281 rpcenv
: Box
<dyn RpcEnvironment
>,
1282 ) -> ApiResponseFuture
{
1284 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1285 let store
= required_string_param(¶m
, "store")?
;
1286 let backup_ns
= optional_ns_param(¶m
)?
;
1288 let backup_dir
: pbs_api_types
::BackupDir
= Deserialize
::deserialize(¶m
)?
;
1289 let datastore
= check_privs_and_load_store(
1293 PRIV_DATASTORE_READ
,
1294 PRIV_DATASTORE_BACKUP
,
1295 Some(Operation
::Read
),
1299 let file_name
= required_string_param(¶m
, "file-name")?
.to_owned();
1302 "Download {} from {} ({}/{})",
1304 print_store_and_ns(store
, &backup_ns
),
1309 let backup_dir
= datastore
.backup_dir(backup_ns
, backup_dir
)?
;
1311 let mut path
= datastore
.base_path();
1312 path
.push(backup_dir
.relative_path());
1313 path
.push(&file_name
);
1315 let file
= tokio
::fs
::File
::open(&path
)
1317 .map_err(|err
| http_err
!(BAD_REQUEST
, "File open failed: {}", err
))?
;
1320 tokio_util
::codec
::FramedRead
::new(file
, tokio_util
::codec
::BytesCodec
::new())
1321 .map_ok(|bytes
| bytes
.freeze())
1322 .map_err(move |err
| {
1323 eprintln
!("error during streaming of '{:?}' - {}", &path
, err
);
1326 let body
= Body
::wrap_stream(payload
);
1328 // fixme: set other headers ?
1329 Ok(Response
::builder()
1330 .status(StatusCode
::OK
)
1331 .header(header
::CONTENT_TYPE
, "application/octet-stream")
1339 pub const API_METHOD_DOWNLOAD_FILE_DECODED
: ApiMethod
= ApiMethod
::new(
1340 &ApiHandler
::AsyncHttp(&download_file_decoded
),
1342 "Download single decoded file from backup snapshot. Only works if it's not encrypted.",
1344 ("store", false, &DATASTORE_SCHEMA
),
1345 ("ns", true, &BACKUP_NAMESPACE_SCHEMA
),
1346 ("backup-type", false, &BACKUP_TYPE_SCHEMA
),
1347 ("backup-id", false, &BACKUP_ID_SCHEMA
),
1348 ("backup-time", false, &BACKUP_TIME_SCHEMA
),
1349 ("file-name", false, &BACKUP_ARCHIVE_NAME_SCHEMA
),
1355 "Requires on /datastore/{store}[/{namespace}] either DATASTORE_READ for any or \
1356 DATASTORE_BACKUP and being the owner of the group",
1358 &Permission
::Anybody
,
1361 pub fn download_file_decoded(
1366 rpcenv
: Box
<dyn RpcEnvironment
>,
1367 ) -> ApiResponseFuture
{
1369 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1370 let store
= required_string_param(¶m
, "store")?
;
1371 let backup_ns
= optional_ns_param(¶m
)?
;
1373 let backup_dir_api
: pbs_api_types
::BackupDir
= Deserialize
::deserialize(¶m
)?
;
1374 let datastore
= check_privs_and_load_store(
1378 PRIV_DATASTORE_READ
,
1379 PRIV_DATASTORE_BACKUP
,
1380 Some(Operation
::Read
),
1381 &backup_dir_api
.group
,
1384 let file_name
= required_string_param(¶m
, "file-name")?
.to_owned();
1385 let backup_dir
= datastore
.backup_dir(backup_ns
.clone(), backup_dir_api
.clone())?
;
1387 let (manifest
, files
) = read_backup_index(&backup_dir
)?
;
1389 if file
.filename
== file_name
&& file
.crypt_mode
== Some(CryptMode
::Encrypt
) {
1390 bail
!("cannot decode '{}' - is encrypted", file_name
);
1395 "Download {} from {} ({}/{})",
1397 print_store_and_ns(store
, &backup_ns
),
1402 let mut path
= datastore
.base_path();
1403 path
.push(backup_dir
.relative_path());
1404 path
.push(&file_name
);
1406 let (_
, extension
) = file_name
.rsplit_once('
.'
).unwrap();
1408 let body
= match extension
{
1410 let index
= DynamicIndexReader
::open(&path
).map_err(|err
| {
1411 format_err
!("unable to read dynamic index '{:?}' - {}", &path
, err
)
1413 let (csum
, size
) = index
.compute_csum();
1414 manifest
.verify_file(&file_name
, &csum
, size
)?
;
1416 let chunk_reader
= LocalChunkReader
::new(datastore
, None
, CryptMode
::None
);
1417 let reader
= CachedChunkReader
::new(chunk_reader
, index
, 1).seekable();
1418 Body
::wrap_stream(AsyncReaderStream
::new(reader
).map_err(move |err
| {
1419 eprintln
!("error during streaming of '{:?}' - {}", path
, err
);
1424 let index
= FixedIndexReader
::open(&path
).map_err(|err
| {
1425 format_err
!("unable to read fixed index '{:?}' - {}", &path
, err
)
1428 let (csum
, size
) = index
.compute_csum();
1429 manifest
.verify_file(&file_name
, &csum
, size
)?
;
1431 let chunk_reader
= LocalChunkReader
::new(datastore
, None
, CryptMode
::None
);
1432 let reader
= CachedChunkReader
::new(chunk_reader
, index
, 1).seekable();
1434 AsyncReaderStream
::with_buffer_size(reader
, 4 * 1024 * 1024).map_err(
1436 eprintln
!("error during streaming of '{:?}' - {}", path
, err
);
1443 let file
= std
::fs
::File
::open(&path
)
1444 .map_err(|err
| http_err
!(BAD_REQUEST
, "File open failed: {}", err
))?
;
1446 // FIXME: load full blob to verify index checksum?
1449 WrappedReaderStream
::new(DataBlobReader
::new(file
, None
)?
).map_err(
1451 eprintln
!("error during streaming of '{:?}' - {}", path
, err
);
1458 bail
!("cannot download '{}' files", extension
);
1462 // fixme: set other headers ?
1463 Ok(Response
::builder()
1464 .status(StatusCode
::OK
)
1465 .header(header
::CONTENT_TYPE
, "application/octet-stream")
1473 pub const API_METHOD_UPLOAD_BACKUP_LOG
: ApiMethod
= ApiMethod
::new(
1474 &ApiHandler
::AsyncHttp(&upload_backup_log
),
1476 "Upload the client backup log file into a backup snapshot ('client.log.blob').",
1478 ("store", false, &DATASTORE_SCHEMA
),
1479 ("ns", true, &BACKUP_NAMESPACE_SCHEMA
),
1480 ("backup-type", false, &BACKUP_TYPE_SCHEMA
),
1481 ("backup-id", false, &BACKUP_ID_SCHEMA
),
1482 ("backup-time", false, &BACKUP_TIME_SCHEMA
),
1487 Some("Only the backup creator/owner is allowed to do this."),
1488 &Permission
::Anybody
,
1491 pub fn upload_backup_log(
1496 rpcenv
: Box
<dyn RpcEnvironment
>,
1497 ) -> ApiResponseFuture
{
1499 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1500 let store
= required_string_param(¶m
, "store")?
;
1501 let backup_ns
= optional_ns_param(¶m
)?
;
1503 let backup_dir_api
: pbs_api_types
::BackupDir
= Deserialize
::deserialize(¶m
)?
;
1505 let datastore
= check_privs_and_load_store(
1510 PRIV_DATASTORE_BACKUP
,
1511 Some(Operation
::Write
),
1512 &backup_dir_api
.group
,
1514 let backup_dir
= datastore
.backup_dir(backup_ns
.clone(), backup_dir_api
.clone())?
;
1516 let file_name
= CLIENT_LOG_BLOB_NAME
;
1518 let mut path
= backup_dir
.full_path();
1519 path
.push(&file_name
);
1522 bail
!("backup already contains a log.");
1526 "Upload backup log to {} {backup_dir_api}/{file_name}",
1527 print_store_and_ns(store
, &backup_ns
),
1531 .map_err(Error
::from
)
1532 .try_fold(Vec
::new(), |mut acc
, chunk
| {
1533 acc
.extend_from_slice(&*chunk
);
1534 future
::ok
::<_
, Error
>(acc
)
1538 // always verify blob/CRC at server side
1539 let blob
= DataBlob
::load_from_reader(&mut &data
[..])?
;
1541 replace_file(&path
, blob
.raw_data(), CreateOptions
::new(), false)?
;
1543 // fixme: use correct formatter
1544 Ok(formatter
::JSON_FORMATTER
.format_data(Value
::Null
, &*rpcenv
))
1552 store
: { schema: DATASTORE_SCHEMA }
,
1554 type: BackupNamespace
,
1558 type: pbs_api_types
::BackupDir
,
1562 description
: "Base64 encoded path.",
1568 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_READ for any or \
1569 DATASTORE_BACKUP and being the owner of the group",
1570 permission
: &Permission
::Anybody
,
1573 /// Get the entries of the given path of the catalog
1574 pub async
fn catalog(
1576 ns
: Option
<BackupNamespace
>,
1577 backup_dir
: pbs_api_types
::BackupDir
,
1579 rpcenv
: &mut dyn RpcEnvironment
,
1580 ) -> Result
<Vec
<ArchiveEntry
>, Error
> {
1581 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1583 tokio
::task
::spawn_blocking(move || {
1584 let ns
= ns
.unwrap_or_default();
1586 let datastore
= check_privs_and_load_store(
1590 PRIV_DATASTORE_READ
,
1591 PRIV_DATASTORE_BACKUP
,
1592 Some(Operation
::Read
),
1596 let backup_dir
= datastore
.backup_dir(ns
, backup_dir
)?
;
1598 let file_name
= CATALOG_NAME
;
1600 let (manifest
, files
) = read_backup_index(&backup_dir
)?
;
1602 if file
.filename
== file_name
&& file
.crypt_mode
== Some(CryptMode
::Encrypt
) {
1603 bail
!("cannot decode '{}' - is encrypted", file_name
);
1607 let mut path
= datastore
.base_path();
1608 path
.push(backup_dir
.relative_path());
1609 path
.push(file_name
);
1611 let index
= DynamicIndexReader
::open(&path
)
1612 .map_err(|err
| format_err
!("unable to read dynamic index '{:?}' - {}", &path
, err
))?
;
1614 let (csum
, size
) = index
.compute_csum();
1615 manifest
.verify_file(file_name
, &csum
, size
)?
;
1617 let chunk_reader
= LocalChunkReader
::new(datastore
, None
, CryptMode
::None
);
1618 let reader
= BufferedDynamicReader
::new(index
, chunk_reader
);
1620 let mut catalog_reader
= CatalogReader
::new(reader
);
1622 let path
= if filepath
!= "root" && filepath
!= "/" {
1623 base64
::decode(filepath
)?
1628 catalog_reader
.list_dir_contents(&path
)
1634 pub const API_METHOD_PXAR_FILE_DOWNLOAD
: ApiMethod
= ApiMethod
::new(
1635 &ApiHandler
::AsyncHttp(&pxar_file_download
),
1637 "Download single file from pxar file of a backup snapshot. Only works if it's not encrypted.",
1639 ("store", false, &DATASTORE_SCHEMA
),
1640 ("ns", true, &BACKUP_NAMESPACE_SCHEMA
),
1641 ("backup-type", false, &BACKUP_TYPE_SCHEMA
),
1642 ("backup-id", false, &BACKUP_ID_SCHEMA
),
1643 ("backup-time", false, &BACKUP_TIME_SCHEMA
),
1644 ("filepath", false, &StringSchema
::new("Base64 encoded path").schema()),
1645 ("tar", true, &BooleanSchema
::new("Download as .tar.zst").schema()),
1650 "Requires on /datastore/{store}[/{namespace}] either DATASTORE_READ for any or \
1651 DATASTORE_BACKUP and being the owner of the group",
1653 &Permission
::Anybody
,
1656 pub fn pxar_file_download(
1661 rpcenv
: Box
<dyn RpcEnvironment
>,
1662 ) -> ApiResponseFuture
{
1664 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1665 let store
= required_string_param(¶m
, "store")?
;
1666 let ns
= optional_ns_param(¶m
)?
;
1668 let backup_dir
: pbs_api_types
::BackupDir
= Deserialize
::deserialize(¶m
)?
;
1669 let datastore
= check_privs_and_load_store(
1673 PRIV_DATASTORE_READ
,
1674 PRIV_DATASTORE_BACKUP
,
1675 Some(Operation
::Read
),
1679 let backup_dir
= datastore
.backup_dir(ns
, backup_dir
)?
;
1681 let filepath
= required_string_param(¶m
, "filepath")?
.to_owned();
1683 let tar
= param
["tar"].as_bool().unwrap_or(false);
1685 let mut components
= base64
::decode(&filepath
)?
;
1686 if !components
.is_empty() && components
[0] == b'
/'
{
1687 components
.remove(0);
1690 let mut split
= components
.splitn(2, |c
| *c
== b'
/'
);
1691 let pxar_name
= std
::str::from_utf8(split
.next().unwrap())?
;
1692 let file_path
= split
.next().unwrap_or(b
"/");
1693 let (manifest
, files
) = read_backup_index(&backup_dir
)?
;
1695 if file
.filename
== pxar_name
&& file
.crypt_mode
== Some(CryptMode
::Encrypt
) {
1696 bail
!("cannot decode '{}' - is encrypted", pxar_name
);
1700 let mut path
= datastore
.base_path();
1701 path
.push(backup_dir
.relative_path());
1702 path
.push(pxar_name
);
1704 let index
= DynamicIndexReader
::open(&path
)
1705 .map_err(|err
| format_err
!("unable to read dynamic index '{:?}' - {}", &path
, err
))?
;
1707 let (csum
, size
) = index
.compute_csum();
1708 manifest
.verify_file(pxar_name
, &csum
, size
)?
;
1710 let chunk_reader
= LocalChunkReader
::new(datastore
, None
, CryptMode
::None
);
1711 let reader
= BufferedDynamicReader
::new(index
, chunk_reader
);
1712 let archive_size
= reader
.archive_size();
1713 let reader
= LocalDynamicReadAt
::new(reader
);
1715 let decoder
= Accessor
::new(reader
, archive_size
).await?
;
1716 let root
= decoder
.open_root().await?
;
1717 let path
= OsStr
::from_bytes(file_path
).to_os_string();
1721 .ok_or_else(|| format_err
!("error opening '{:?}'", path
))?
;
1723 let body
= match file
.kind() {
1724 EntryKind
::File { .. }
=> Body
::wrap_stream(
1725 AsyncReaderStream
::new(file
.contents().await?
).map_err(move |err
| {
1726 eprintln
!("error during streaming of file '{:?}' - {}", filepath
, err
);
1730 EntryKind
::Hardlink(_
) => Body
::wrap_stream(
1731 AsyncReaderStream
::new(decoder
.follow_hardlink(&file
).await?
.contents().await?
)
1732 .map_err(move |err
| {
1733 eprintln
!("error during streaming of hardlink '{:?}' - {}", path
, err
);
1737 EntryKind
::Directory
=> {
1738 let (sender
, receiver
) = tokio
::sync
::mpsc
::channel
::<Result
<_
, Error
>>(100);
1739 let channelwriter
= AsyncChannelWriter
::new(sender
, 1024 * 1024);
1741 proxmox_rest_server
::spawn_internal_task(create_tar(
1746 let zstdstream
= ZstdEncoder
::new(ReceiverStream
::new(receiver
))?
;
1747 Body
::wrap_stream(zstdstream
.map_err(move |err
| {
1748 log
::error
!("error during streaming of tar.zst '{:?}' - {}", path
, err
);
1752 proxmox_rest_server
::spawn_internal_task(create_zip(
1757 Body
::wrap_stream(ReceiverStream
::new(receiver
).map_err(move |err
| {
1758 log
::error
!("error during streaming of zip '{:?}' - {}", path
, err
);
1763 other
=> bail
!("cannot download file of type {:?}", other
),
1766 // fixme: set other headers ?
1767 Ok(Response
::builder()
1768 .status(StatusCode
::OK
)
1769 .header(header
::CONTENT_TYPE
, "application/octet-stream")
1780 schema
: DATASTORE_SCHEMA
,
1791 permission
: &Permission
::Privilege(
1792 &["datastore", "{store}"], PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_BACKUP
, true),
1795 /// Read datastore stats
1796 pub fn get_rrd_stats(
1798 timeframe
: RRDTimeFrame
,
1801 ) -> Result
<Value
, Error
> {
1802 let datastore
= DataStore
::lookup_datastore(&store
, Some(Operation
::Read
))?
;
1803 let disk_manager
= crate::tools
::disks
::DiskManage
::new();
1805 let mut rrd_fields
= vec
![
1814 // we do not have io_ticks for zpools, so don't include them
1815 match disk_manager
.find_mounted_device(&datastore
.base_path()) {
1816 Ok(Some((fs_type
, _
, _
))) if fs_type
.as_str() == "zfs" => {}
1817 _
=> rrd_fields
.push("io_ticks"),
1820 create_value_from_rrd(&format
!("datastore/{}", store
), &rrd_fields
, timeframe
, cf
)
1827 schema
: DATASTORE_SCHEMA
,
1832 permission
: &Permission
::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_AUDIT
, true),
1835 /// Read datastore stats
1836 pub fn get_active_operations(store
: String
, _param
: Value
) -> Result
<Value
, Error
> {
1837 let active_operations
= task_tracking
::get_active_operations(&store
)?
;
1839 "read": active_operations
.read
,
1840 "write": active_operations
.write
,
1847 store
: { schema: DATASTORE_SCHEMA }
,
1849 type: BackupNamespace
,
1853 type: pbs_api_types
::BackupGroup
,
1859 permission
: &Permission
::Anybody
,
1860 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_AUDIT for any \
1861 or DATASTORE_BACKUP and being the owner of the group",
1864 /// Get "notes" for a backup group
1865 pub fn get_group_notes(
1867 ns
: Option
<BackupNamespace
>,
1868 backup_group
: pbs_api_types
::BackupGroup
,
1869 rpcenv
: &mut dyn RpcEnvironment
,
1870 ) -> Result
<String
, Error
> {
1871 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1872 let ns
= ns
.unwrap_or_default();
1874 let datastore
= check_privs_and_load_store(
1878 PRIV_DATASTORE_AUDIT
,
1879 PRIV_DATASTORE_BACKUP
,
1880 Some(Operation
::Read
),
1884 let note_path
= get_group_note_path(&datastore
, &ns
, &backup_group
);
1885 Ok(file_read_optional_string(note_path
)?
.unwrap_or_else(|| "".to_owned()))
1891 store
: { schema: DATASTORE_SCHEMA }
,
1893 type: BackupNamespace
,
1897 type: pbs_api_types
::BackupGroup
,
1901 description
: "A multiline text.",
1906 permission
: &Permission
::Anybody
,
1907 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_MODIFY for any \
1908 or DATASTORE_BACKUP and being the owner of the group",
1911 /// Set "notes" for a backup group
1912 pub fn set_group_notes(
1914 ns
: Option
<BackupNamespace
>,
1915 backup_group
: pbs_api_types
::BackupGroup
,
1917 rpcenv
: &mut dyn RpcEnvironment
,
1918 ) -> Result
<(), Error
> {
1919 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1920 let ns
= ns
.unwrap_or_default();
1922 let datastore
= check_privs_and_load_store(
1926 PRIV_DATASTORE_MODIFY
,
1927 PRIV_DATASTORE_BACKUP
,
1928 Some(Operation
::Write
),
1932 let note_path
= get_group_note_path(&datastore
, &ns
, &backup_group
);
1933 replace_file(note_path
, notes
.as_bytes(), CreateOptions
::new(), false)?
;
1941 store
: { schema: DATASTORE_SCHEMA }
,
1943 type: BackupNamespace
,
1947 type: pbs_api_types
::BackupDir
,
1953 permission
: &Permission
::Anybody
,
1954 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_AUDIT for any \
1955 or DATASTORE_BACKUP and being the owner of the group",
1958 /// Get "notes" for a specific backup
1961 ns
: Option
<BackupNamespace
>,
1962 backup_dir
: pbs_api_types
::BackupDir
,
1963 rpcenv
: &mut dyn RpcEnvironment
,
1964 ) -> Result
<String
, Error
> {
1965 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1966 let ns
= ns
.unwrap_or_default();
1968 let datastore
= check_privs_and_load_store(
1972 PRIV_DATASTORE_AUDIT
,
1973 PRIV_DATASTORE_BACKUP
,
1974 Some(Operation
::Read
),
1978 let backup_dir
= datastore
.backup_dir(ns
, backup_dir
)?
;
1980 let (manifest
, _
) = backup_dir
.load_manifest()?
;
1982 let notes
= manifest
.unprotected
["notes"].as_str().unwrap_or("");
1984 Ok(String
::from(notes
))
1990 store
: { schema: DATASTORE_SCHEMA }
,
1992 type: BackupNamespace
,
1996 type: pbs_api_types
::BackupDir
,
2000 description
: "A multiline text.",
2005 permission
: &Permission
::Anybody
,
2006 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_MODIFY for any \
2007 or DATASTORE_BACKUP and being the owner of the group",
2010 /// Set "notes" for a specific backup
2013 ns
: Option
<BackupNamespace
>,
2014 backup_dir
: pbs_api_types
::BackupDir
,
2016 rpcenv
: &mut dyn RpcEnvironment
,
2017 ) -> Result
<(), Error
> {
2018 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
2019 let ns
= ns
.unwrap_or_default();
2021 let datastore
= check_privs_and_load_store(
2025 PRIV_DATASTORE_MODIFY
,
2026 PRIV_DATASTORE_BACKUP
,
2027 Some(Operation
::Write
),
2031 let backup_dir
= datastore
.backup_dir(ns
, backup_dir
)?
;
2034 .update_manifest(|manifest
| {
2035 manifest
.unprotected
["notes"] = notes
.into();
2037 .map_err(|err
| format_err
!("unable to update manifest blob - {}", err
))?
;
2045 store
: { schema: DATASTORE_SCHEMA }
,
2047 type: BackupNamespace
,
2051 type: pbs_api_types
::BackupDir
,
2057 permission
: &Permission
::Anybody
,
2058 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_AUDIT for any \
2059 or DATASTORE_BACKUP and being the owner of the group",
2062 /// Query protection for a specific backup
2063 pub fn get_protection(
2065 ns
: Option
<BackupNamespace
>,
2066 backup_dir
: pbs_api_types
::BackupDir
,
2067 rpcenv
: &mut dyn RpcEnvironment
,
2068 ) -> Result
<bool
, Error
> {
2069 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
2070 let ns
= ns
.unwrap_or_default();
2071 let datastore
= check_privs_and_load_store(
2075 PRIV_DATASTORE_AUDIT
,
2076 PRIV_DATASTORE_BACKUP
,
2077 Some(Operation
::Read
),
2081 let backup_dir
= datastore
.backup_dir(ns
, backup_dir
)?
;
2083 Ok(backup_dir
.is_protected())
2089 store
: { schema: DATASTORE_SCHEMA }
,
2091 type: BackupNamespace
,
2095 type: pbs_api_types
::BackupDir
,
2099 description
: "Enable/disable protection.",
2104 permission
: &Permission
::Anybody
,
2105 description
: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_MODIFY for any \
2106 or DATASTORE_BACKUP and being the owner of the group",
2109 /// En- or disable protection for a specific backup
2110 pub async
fn set_protection(
2112 ns
: Option
<BackupNamespace
>,
2113 backup_dir
: pbs_api_types
::BackupDir
,
2115 rpcenv
: &mut dyn RpcEnvironment
,
2116 ) -> Result
<(), Error
> {
2117 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
2119 tokio
::task
::spawn_blocking(move || {
2120 let ns
= ns
.unwrap_or_default();
2121 let datastore
= check_privs_and_load_store(
2125 PRIV_DATASTORE_MODIFY
,
2126 PRIV_DATASTORE_BACKUP
,
2127 Some(Operation
::Write
),
2131 let backup_dir
= datastore
.backup_dir(ns
, backup_dir
)?
;
2133 datastore
.update_protection(&backup_dir
, protected
)
2141 store
: { schema: DATASTORE_SCHEMA }
,
2143 type: BackupNamespace
,
2147 type: pbs_api_types
::BackupGroup
,
2156 permission
: &Permission
::Anybody
,
2157 description
: "Datastore.Modify on whole datastore, or changing ownership between user and \
2158 a user's token for owned backups with Datastore.Backup"
2161 /// Change owner of a backup group
2162 pub async
fn set_backup_owner(
2164 ns
: Option
<BackupNamespace
>,
2165 backup_group
: pbs_api_types
::BackupGroup
,
2167 rpcenv
: &mut dyn RpcEnvironment
,
2168 ) -> Result
<(), Error
> {
2169 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
2171 tokio
::task
::spawn_blocking(move || {
2172 let ns
= ns
.unwrap_or_default();
2173 let owner_check_required
= check_ns_privs_full(
2177 PRIV_DATASTORE_MODIFY
,
2178 PRIV_DATASTORE_BACKUP
,
2181 let datastore
= DataStore
::lookup_datastore(&store
, Some(Operation
::Write
))?
;
2183 let backup_group
= datastore
.backup_group(ns
, backup_group
);
2185 if owner_check_required
{
2186 let owner
= backup_group
.get_owner()?
;
2188 let allowed
= match (owner
.is_token(), new_owner
.is_token()) {
2190 // API token to API token, owned by same user
2191 let owner
= owner
.user();
2192 let new_owner
= new_owner
.user();
2193 owner
== new_owner
&& Authid
::from(owner
.clone()) == auth_id
2196 // API token to API token owner
2197 Authid
::from(owner
.user().clone()) == auth_id
&& new_owner
== auth_id
2200 // API token owner to API token
2201 owner
== auth_id
&& Authid
::from(new_owner
.user().clone()) == auth_id
2204 // User to User, not allowed for unprivileged users
2210 return Err(http_err
!(
2212 "{} does not have permission to change owner of backup group '{}' to {}",
2214 backup_group
.group(),
2220 let user_info
= CachedUserInfo
::new()?
;
2222 if !user_info
.is_active_auth_id(&new_owner
) {
2224 "{} '{}' is inactive or non-existent",
2225 if new_owner
.is_token() {
2226 "API token".to_string()
2234 backup_group
.set_owner(&new_owner
, true)?
;
2242 const DATASTORE_INFO_SUBDIRS
: SubdirMap
= &[
2244 "active-operations",
2245 &Router
::new().get(&API_METHOD_GET_ACTIVE_OPERATIONS
),
2247 ("catalog", &Router
::new().get(&API_METHOD_CATALOG
)),
2250 &Router
::new().post(&API_METHOD_SET_BACKUP_OWNER
),
2254 &Router
::new().download(&API_METHOD_DOWNLOAD_FILE
),
2258 &Router
::new().download(&API_METHOD_DOWNLOAD_FILE_DECODED
),
2260 ("files", &Router
::new().get(&API_METHOD_LIST_SNAPSHOT_FILES
)),
2264 .get(&API_METHOD_GARBAGE_COLLECTION_STATUS
)
2265 .post(&API_METHOD_START_GARBAGE_COLLECTION
),
2270 .get(&API_METHOD_GET_GROUP_NOTES
)
2271 .put(&API_METHOD_SET_GROUP_NOTES
),
2276 .get(&API_METHOD_LIST_GROUPS
)
2277 .delete(&API_METHOD_DELETE_GROUP
),
2281 // FIXME: move into datastore:: sub-module?!
2282 &crate::api2
::admin
::namespace
::ROUTER
,
2287 .get(&API_METHOD_GET_NOTES
)
2288 .put(&API_METHOD_SET_NOTES
),
2293 .get(&API_METHOD_GET_PROTECTION
)
2294 .put(&API_METHOD_SET_PROTECTION
),
2296 ("prune", &Router
::new().post(&API_METHOD_PRUNE
)),
2299 &Router
::new().post(&API_METHOD_PRUNE_DATASTORE
),
2302 "pxar-file-download",
2303 &Router
::new().download(&API_METHOD_PXAR_FILE_DOWNLOAD
),
2305 ("rrd", &Router
::new().get(&API_METHOD_GET_RRD_STATS
)),
2309 .get(&API_METHOD_LIST_SNAPSHOTS
)
2310 .delete(&API_METHOD_DELETE_SNAPSHOT
),
2312 ("status", &Router
::new().get(&API_METHOD_STATUS
)),
2314 "upload-backup-log",
2315 &Router
::new().upload(&API_METHOD_UPLOAD_BACKUP_LOG
),
2317 ("verify", &Router
::new().post(&API_METHOD_VERIFY
)),
2320 const DATASTORE_INFO_ROUTER
: Router
= Router
::new()
2321 .get(&list_subdirs_api_method
!(DATASTORE_INFO_SUBDIRS
))
2322 .subdirs(DATASTORE_INFO_SUBDIRS
);
2324 pub const ROUTER
: Router
= Router
::new()
2325 .get(&API_METHOD_GET_DATASTORE_LIST
)
2326 .match_all("store", &DATASTORE_INFO_ROUTER
);