src/bin/proxmox-backup-manager.rs

   1 use std::path::PathBuf;
   2 use std::collections::HashMap;
   3
   4 use failure::*;
   5 use serde_json::{json, Value};
   6 use chrono::{Local, TimeZone};
   7
   8 use proxmox::api::{api, cli::*, RpcEnvironment, ApiHandler};
   9
  10 use proxmox_backup::configdir;
  11 use proxmox_backup::tools;
  12 use proxmox_backup::config::{self, remote::{self, Remote}};
  13 use proxmox_backup::api2::{self, types::* };
  14 use proxmox_backup::client::*;
  15 use proxmox_backup::tools::ticket::*;
  16 use proxmox_backup::auth_helpers::*;
  17
  18 fn render_epoch(value: &Value, _record: &Value) -> Result<String, Error> {
  19     if value.is_null() { return Ok(String::new()); }
  20     let text = match value.as_i64() {
  21         Some(epoch) => {
  22             Local.timestamp(epoch, 0).format("%c").to_string()
  23         }
  24         None => {
  25             value.to_string()
  26         }
  27     };
  28     Ok(text)
  29 }
  30
  31 fn render_status(value: &Value, record: &Value) -> Result<String, Error> {
  32     if record["endtime"].is_null() {
  33         Ok(value.as_str().unwrap_or("running").to_string())
  34     } else {
  35         Ok(value.as_str().unwrap_or("unknown").to_string())
  36     }
  37 }
  38
  39 async fn view_task_result(
  40     client: HttpClient,
  41     result: Value,
  42     output_format: &str,
  43 ) -> Result<(), Error> {
  44     let data = &result["data"];
  45     if output_format == "text" {
  46         if let Some(upid) = data.as_str() {
  47             display_task_log(client, upid, true).await?;
  48         }
  49     } else {
  50         format_and_print_result(&data, &output_format);
  51     }
  52
  53     Ok(())
  54 }
  55
  56 fn connect() -> Result<HttpClient, Error> {
  57
  58     let uid = nix::unistd::Uid::current();
  59
  60     let mut options = HttpClientOptions::new()
  61         .prefix(Some("proxmox-backup".to_string()))
  62         .verify_cert(false); // not required for connection to localhost
  63
  64     let client = if uid.is_root()  {
  65         let ticket = assemble_rsa_ticket(private_auth_key(), "PBS", Some("root@pam"), None)?;
  66         options = options.password(Some(ticket));
  67         HttpClient::new("localhost", "root@pam", options)?
  68     } else {
  69         options = options.ticket_cache(true).interactive(true);
  70         HttpClient::new("localhost", "root@pam", options)?
  71     };
  72
  73     Ok(client)
  74 }
  75
  76 #[api(
  77     input: {
  78         properties: {
  79             "output-format": {
  80                 schema: OUTPUT_FORMAT,
  81                 optional: true,
  82             },
  83         }
  84     }
  85 )]
  86 /// List configured remotes.
  87 fn list_remotes(param: Value, rpcenv: &mut dyn RpcEnvironment) -> Result<Value, Error> {
  88
  89     let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
  90
  91     let info = &api2::config::remote::API_METHOD_LIST_REMOTES;
  92     let mut data = match info.handler {
  93         ApiHandler::Sync(handler) => (handler)(param, info, rpcenv)?,
  94         _ => unreachable!(),
  95     };
  96
  97     let mut column_config = Vec::new();
  98     column_config.push(ColumnConfig::new("name"));
  99     column_config.push(ColumnConfig::new("host"));
 100     column_config.push(ColumnConfig::new("userid"));
 101     column_config.push(ColumnConfig::new("fingerprint"));
 102     column_config.push(ColumnConfig::new("comment"));
 103
 104     let options = TableFormatOptions::new()
 105         .noborder(false)
 106         .noheader(false)
 107         .column_config(column_config);
 108
 109
 110     format_and_print_result_full(&mut data, info.returns, &output_format, &options);
 111
 112     Ok(Value::Null)
 113 }
 114
 115 fn remote_commands() -> CommandLineInterface {
 116
 117     let cmd_def = CliCommandMap::new()
 118         //.insert("list", CliCommand::new(&api2::config::remote::API_METHOD_LIST_REMOTES))
 119         .insert("list", CliCommand::new(&&API_METHOD_LIST_REMOTES))
 120         .insert(
 121             "create",
 122             // fixme: howto handle password parameter?
 123             CliCommand::new(&api2::config::remote::API_METHOD_CREATE_REMOTE)
 124                 .arg_param(&["name"])
 125         )
 126         .insert(
 127             "update",
 128             CliCommand::new(&api2::config::remote::API_METHOD_UPDATE_REMOTE)
 129                 .arg_param(&["name"])
 130                 .completion_cb("name", config::remote::complete_remote_name)
 131         )
 132         .insert(
 133             "remove",
 134             CliCommand::new(&api2::config::remote::API_METHOD_DELETE_REMOTE)
 135                 .arg_param(&["name"])
 136                 .completion_cb("name", config::remote::complete_remote_name)
 137         );
 138
 139     cmd_def.into()
 140 }
 141
 142 fn datastore_commands() -> CommandLineInterface {
 143
 144     let cmd_def = CliCommandMap::new()
 145         .insert("list", CliCommand::new(&api2::config::datastore::API_METHOD_LIST_DATASTORES))
 146         .insert("create",
 147                 CliCommand::new(&api2::config::datastore::API_METHOD_CREATE_DATASTORE)
 148                 .arg_param(&["name", "path"])
 149         )
 150         .insert("update",
 151                 CliCommand::new(&api2::config::datastore::API_METHOD_UPDATE_DATASTORE)
 152                 .arg_param(&["name"])
 153                 .completion_cb("name", config::datastore::complete_datastore_name)
 154         )
 155         .insert("remove",
 156                 CliCommand::new(&api2::config::datastore::API_METHOD_DELETE_DATASTORE)
 157                 .arg_param(&["name"])
 158                 .completion_cb("name", config::datastore::complete_datastore_name)
 159         );
 160
 161     cmd_def.into()
 162 }
 163
 164
 165 #[api(
 166    input: {
 167         properties: {
 168             store: {
 169                 schema: DATASTORE_SCHEMA,
 170             },
 171             "output-format": {
 172                 schema: OUTPUT_FORMAT,
 173                 optional: true,
 174             },
 175         }
 176    }
 177 )]
 178 /// Start garbage collection for a specific datastore.
 179 async fn start_garbage_collection(param: Value) -> Result<Value, Error> {
 180
 181     let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
 182
 183     let store = tools::required_string_param(&param, "store")?;
 184
 185     let mut client = connect()?;
 186
 187     let path = format!("api2/json/admin/datastore/{}/gc", store);
 188
 189     let result = client.post(&path, None).await?;
 190
 191     view_task_result(client, result, &output_format).await?;
 192
 193     Ok(Value::Null)
 194 }
 195
 196 #[api(
 197    input: {
 198         properties: {
 199             store: {
 200                 schema: DATASTORE_SCHEMA,
 201             },
 202             "output-format": {
 203                 schema: OUTPUT_FORMAT,
 204                 optional: true,
 205             },
 206         }
 207    }
 208 )]
 209 /// Show garbage collection status for a specific datastore.
 210 async fn garbage_collection_status(param: Value) -> Result<Value, Error> {
 211
 212     let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
 213
 214     let store = tools::required_string_param(&param, "store")?;
 215
 216     let client = connect()?;
 217
 218     let path = format!("api2/json/admin/datastore/{}/gc", store);
 219
 220     let mut result = client.get(&path, None).await?;
 221     let mut data = result["data"].take();
 222     let schema = api2::admin::datastore::API_RETURN_SCHEMA_GARBAGE_COLLECTION_STATUS;
 223
 224     let options = TableFormatOptions::new()
 225         .noborder(false)
 226         .noheader(false);
 227
 228     format_and_print_result_full(&mut data, schema, &output_format, &options);
 229
 230     Ok(Value::Null)
 231 }
 232
 233 fn garbage_collection_commands() -> CommandLineInterface {
 234
 235     let cmd_def = CliCommandMap::new()
 236         .insert("status",
 237                 CliCommand::new(&API_METHOD_GARBAGE_COLLECTION_STATUS)
 238                 .arg_param(&["store"])
 239                 .completion_cb("store", config::datastore::complete_datastore_name)
 240         )
 241         .insert("start",
 242                 CliCommand::new(&API_METHOD_START_GARBAGE_COLLECTION)
 243                 .arg_param(&["store"])
 244                 .completion_cb("store", config::datastore::complete_datastore_name)
 245         );
 246
 247     cmd_def.into()
 248 }
 249
 250 #[api(
 251     input: {
 252         properties: {
 253             limit: {
 254                 description: "The maximal number of tasks to list.",
 255                 type: Integer,
 256                 optional: true,
 257                 minimum: 1,
 258                 maximum: 1000,
 259                 default: 50,
 260             },
 261             "output-format": {
 262                 schema: OUTPUT_FORMAT,
 263                 optional: true,
 264             },
 265             all: {
 266                 type: Boolean,
 267                 description: "Also list stopped tasks.",
 268                 optional: true,
 269             }
 270         }
 271     }
 272 )]
 273 /// List running server tasks.
 274 async fn task_list(param: Value) -> Result<Value, Error> {
 275
 276     let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
 277
 278     let client = connect()?;
 279
 280     let limit = param["limit"].as_u64().unwrap_or(50) as usize;
 281     let running = !param["all"].as_bool().unwrap_or(false);
 282     let args = json!({
 283         "running": running,
 284         "start": 0,
 285         "limit": limit,
 286     });
 287     let mut result = client.get("api2/json/nodes/localhost/tasks", Some(args)).await?;
 288
 289     let mut data = result["data"].take();
 290     let schema = api2::node::tasks::API_RETURN_SCHEMA_LIST_TASKS;
 291
 292     let mut column_config = Vec::new();
 293     column_config.push(ColumnConfig::new("starttime").right_align(false).renderer(render_epoch));
 294     column_config.push(ColumnConfig::new("endtime").right_align(false).renderer(render_epoch));
 295     column_config.push(ColumnConfig::new("upid"));
 296     column_config.push(ColumnConfig::new("status").renderer(render_status));
 297
 298     let options = TableFormatOptions::new()
 299         .noborder(false)
 300         .noheader(false)
 301         .column_config(column_config);
 302
 303     format_and_print_result_full(&mut data, schema, &output_format, &options);
 304
 305     Ok(Value::Null)
 306 }
 307
 308 #[api(
 309     input: {
 310         properties: {
 311             upid: {
 312                 schema: UPID_SCHEMA,
 313             },
 314         }
 315     }
 316 )]
 317 /// Display the task log.
 318 async fn task_log(param: Value) -> Result<Value, Error> {
 319
 320     let upid = tools::required_string_param(&param, "upid")?;
 321
 322     let client = connect()?;
 323
 324     display_task_log(client, upid, true).await?;
 325
 326     Ok(Value::Null)
 327 }
 328
 329 #[api(
 330     input: {
 331         properties: {
 332             upid: {
 333                 schema: UPID_SCHEMA,
 334             },
 335         }
 336     }
 337 )]
 338 /// Try to stop a specific task.
 339 async fn task_stop(param: Value) -> Result<Value, Error> {
 340
 341     let upid_str = tools::required_string_param(&param, "upid")?;
 342
 343     let mut client = connect()?;
 344
 345     let path = format!("api2/json/nodes/localhost/tasks/{}", upid_str);
 346     let _ = client.delete(&path, None).await?;
 347
 348     Ok(Value::Null)
 349 }
 350
 351 fn task_mgmt_cli() -> CommandLineInterface {
 352
 353     let task_log_cmd_def = CliCommand::new(&API_METHOD_TASK_LOG)
 354         .arg_param(&["upid"]);
 355
 356     let task_stop_cmd_def = CliCommand::new(&API_METHOD_TASK_STOP)
 357         .arg_param(&["upid"]);
 358
 359     let cmd_def = CliCommandMap::new()
 360         .insert("list", CliCommand::new(&API_METHOD_TASK_LIST))
 361         .insert("log", task_log_cmd_def)
 362         .insert("stop", task_stop_cmd_def);
 363
 364     cmd_def.into()
 365 }
 366
 367 fn x509name_to_string(name: &openssl::x509::X509NameRef) -> Result<String, Error> {
 368     let mut parts = Vec::new();
 369     for entry in name.entries() {
 370         parts.push(format!("{} = {}", entry.object().nid().short_name()?, entry.data().as_utf8()?));
 371     }
 372     Ok(parts.join(", "))
 373 }
 374
 375 #[api]
 376 /// Diplay node certificate information.
 377 fn cert_info() -> Result<(), Error> {
 378
 379     let cert_path = PathBuf::from(configdir!("/proxy.pem"));
 380
 381     let cert_pem = proxmox::tools::fs::file_get_contents(&cert_path)?;
 382
 383     let cert = openssl::x509::X509::from_pem(&cert_pem)?;
 384
 385     println!("Subject: {}", x509name_to_string(cert.subject_name())?);
 386
 387     if let Some(san) = cert.subject_alt_names() {
 388         for name in san.iter() {
 389             if let Some(v) = name.dnsname() {
 390                 println!("    DNS:{}", v);
 391             } else if let Some(v) = name.ipaddress() {
 392                 println!("    IP:{:?}", v);
 393             } else if let Some(v) = name.email() {
 394                 println!("    EMAIL:{}", v);
 395             } else if let Some(v) = name.uri() {
 396                 println!("    URI:{}", v);
 397             }
 398         }
 399     }
 400
 401     println!("Issuer: {}", x509name_to_string(cert.issuer_name())?);
 402     println!("Validity:");
 403     println!("    Not Before: {}", cert.not_before());
 404     println!("    Not After : {}", cert.not_after());
 405
 406     let fp = cert.digest(openssl::hash::MessageDigest::sha256())?;
 407     let fp_string = proxmox::tools::digest_to_hex(&fp);
 408     let fp_string = fp_string.as_bytes().chunks(2).map(|v| std::str::from_utf8(v).unwrap())
 409         .collect::<Vec<&str>>().join(":");
 410
 411     println!("Fingerprint (sha256): {}", fp_string);
 412
 413     let pubkey = cert.public_key()?;
 414     println!("Public key type: {}", openssl::nid::Nid::from_raw(pubkey.id().as_raw()).long_name()?);
 415     println!("Public key bits: {}", pubkey.bits());
 416
 417     Ok(())
 418 }
 419
 420 #[api(
 421     input: {
 422         properties: {
 423             force: {
 424                 description: "Force generation of new SSL certifate.",
 425                 type:  Boolean,
 426                 optional:true,
 427             },
 428         }
 429     },
 430 )]
 431 /// Update node certificates and generate all needed files/directories.
 432 fn update_certs(force: Option<bool>) -> Result<(), Error> {
 433
 434     config::create_configdir()?;
 435
 436     if let Err(err) = generate_auth_key() {
 437         bail!("unable to generate auth key - {}", err);
 438     }
 439
 440     if let Err(err) = generate_csrf_key() {
 441         bail!("unable to generate csrf key - {}", err);
 442     }
 443
 444     config::update_self_signed_cert(force.unwrap_or(false))?;
 445
 446     Ok(())
 447 }
 448
 449 fn cert_mgmt_cli() -> CommandLineInterface {
 450
 451     let cmd_def = CliCommandMap::new()
 452         .insert("info", CliCommand::new(&API_METHOD_CERT_INFO))
 453         .insert("update", CliCommand::new(&API_METHOD_UPDATE_CERTS));
 454
 455     cmd_def.into()
 456 }
 457
 458 // fixme: avoid API redefinition
 459 #[api(
 460    input: {
 461         properties: {
 462             "local-store": {
 463                 schema: DATASTORE_SCHEMA,
 464             },
 465             remote: {
 466                 schema: REMOTE_ID_SCHEMA,
 467             },
 468             "remote-store": {
 469                 schema: DATASTORE_SCHEMA,
 470             },
 471             delete: {
 472                 description: "Delete vanished backups. This remove the local copy if the remote backup was deleted.",
 473                 type: Boolean,
 474                 optional: true,
 475                 default: true,
 476             },
 477             "output-format": {
 478                 schema: OUTPUT_FORMAT,
 479                 optional: true,
 480             },
 481         }
 482    }
 483 )]
 484 /// Sync datastore from another repository
 485 async fn pull_datastore(
 486     remote: String,
 487     remote_store: String,
 488     local_store: String,
 489     delete: Option<bool>,
 490     output_format: Option<String>,
 491 ) -> Result<Value, Error> {
 492
 493     let output_format = output_format.unwrap_or("text".to_string());
 494
 495     let mut client = connect()?;
 496
 497     let mut args = json!({
 498         "store": local_store,
 499         "remote": remote,
 500         "remote-store": remote_store,
 501     });
 502
 503     if let Some(delete) = delete {
 504         args["delete"] = delete.into();
 505     }
 506
 507     let result = client.post("api2/json/pull", Some(args)).await?;
 508
 509     view_task_result(client, result, &output_format).await?;
 510
 511     Ok(Value::Null)
 512 }
 513
 514 fn main() {
 515
 516     let cmd_def = CliCommandMap::new()
 517         .insert("datastore", datastore_commands())
 518         .insert("remote", remote_commands())
 519         .insert("garbage-collection", garbage_collection_commands())
 520         .insert("cert", cert_mgmt_cli())
 521         .insert("task", task_mgmt_cli())
 522         .insert(
 523             "pull",
 524             CliCommand::new(&API_METHOD_PULL_DATASTORE)
 525                 .arg_param(&["remote", "remote-store", "local-store"])
 526                 .completion_cb("local-store", config::datastore::complete_datastore_name)
 527                 .completion_cb("remote", config::remote::complete_remote_name)
 528                 .completion_cb("remote-store", complete_remote_datastore_name)
 529         );
 530
 531     proxmox_backup::tools::runtime::main(run_async_cli_command(cmd_def));
 532 }
 533
 534 // shell completion helper
 535 pub fn complete_remote_datastore_name(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
 536
 537     let mut list = Vec::new();
 538
 539     let _ = proxmox::try_block!({
 540         let remote = param.get("remote").ok_or_else(|| format_err!("no remote"))?;
 541         let (remote_config, _digest) = remote::config()?;
 542
 543         let remote: Remote = remote_config.lookup("remote", &remote)?;
 544
 545         let options = HttpClientOptions::new()
 546             .password(Some(remote.password.clone()))
 547             .fingerprint(remote.fingerprint.clone());
 548
 549         let client = HttpClient::new(
 550             &remote.host,
 551             &remote.userid,
 552             options,
 553         )?;
 554
 555         let mut rt = tokio::runtime::Runtime::new().unwrap();
 556         let result = rt.block_on(client.get("api2/json/admin/datastore", None))?;
 557
 558         if let Some(data) = result["data"].as_array() {
 559             for item in data {
 560                 if let Some(store) = item["store"].as_str() {
 561                     list.push(store.to_owned());
 562                 }
 563             }
 564         }
 565
 566         Ok(())
 567     }).map_err(|_err: Error| { /* ignore */ });
 568
 569     list
 570 }