[proxmox-backup.git] / src / bin / proxmox-backup-api.rs

use std::future::Future;
use std::pin::Pin;

use anyhow::{bail, Error};
use futures::*;
use http::request::Parts;
use http::Response;
use hyper::{Body, Method, StatusCode};
use http::HeaderMap;

use proxmox_lang::try_block;
use proxmox_router::{RpcEnvironmentType, UserInformation};
use proxmox_sys::fs::CreateOptions;

use proxmox_rest_server::{daemon, AuthError, ApiConfig, RestServer, RestEnvironment, ServerAdapter};

use proxmox_backup::server::auth::check_pbs_auth;
use proxmox_backup::auth_helpers::*;
use proxmox_backup::config;

fn main() {
    pbs_tools::setup_libc_malloc_opts();

    proxmox_backup::tools::setup_safe_path_env();

    if let Err(err) = proxmox_async::runtime::main(run()) {
        eprintln!("Error: {}", err);
        std::process::exit(-1);
    }
}

struct ProxmoxBackupApiAdapter;

impl ServerAdapter for ProxmoxBackupApiAdapter {

    fn get_index(
        &self,
        _env: RestEnvironment,
        _parts: Parts,
    ) -> Pin<Box<dyn Future<Output = Response<Body>> + Send>> {
        Box::pin(async move {

            let index = "<center><h1>Proxmox Backup API Server</h1></center>";

            Response::builder()
                .status(StatusCode::OK)
                .header(hyper::header::CONTENT_TYPE, "text/html")
                .body(index.into())
                .unwrap()
        })
    }

    fn check_auth<'a>(
        &'a self,
        headers: &'a HeaderMap,
        method: &'a Method,
    ) -> Pin<Box<dyn Future<Output = Result<(String, Box<dyn UserInformation + Sync + Send>), AuthError>> + Send + 'a>> {
        Box::pin(async move {
            check_pbs_auth(headers, method).await
        })
    }
}

async fn run() -> Result<(), Error> {
    if let Err(err) = syslog::init(
        syslog::Facility::LOG_DAEMON,
        log::LevelFilter::Info,
        Some("proxmox-backup-api")) {
        bail!("unable to inititialize syslog - {}", err);
    }

    config::create_configdir()?;

    config::update_self_signed_cert(false)?;

    proxmox_backup::server::create_run_dir()?;
    proxmox_backup::server::create_state_dir()?;
    proxmox_backup::server::jobstate::create_jobstate_dir()?;
    proxmox_backup::tape::create_tape_status_dir()?;
    proxmox_backup::tape::create_drive_state_dir()?;
    proxmox_backup::tape::create_changer_state_dir()?;
    proxmox_backup::tape::create_drive_lock_dir()?;

    if let Err(err) = generate_auth_key() {
        bail!("unable to generate auth key - {}", err);
    }
    let _ = private_auth_key(); // load with lazy_static

    if let Err(err) = generate_csrf_key() {
        bail!("unable to generate csrf key - {}", err);
    }
    let _ = csrf_secret(); // load with lazy_static

    let mut config = ApiConfig::new(
        pbs_buildcfg::JS_DIR,
        &proxmox_backup::api2::ROUTER,
        RpcEnvironmentType::PRIVILEGED,
        ProxmoxBackupApiAdapter,
    )?;

    let backup_user = pbs_config::backup_user()?;
    let mut commando_sock = proxmox_rest_server::CommandSocket::new(proxmox_rest_server::our_ctrl_sock(), backup_user.gid);

    let dir_opts = CreateOptions::new().owner(backup_user.uid).group(backup_user.gid);
    let file_opts = CreateOptions::new().owner(backup_user.uid).group(backup_user.gid);

    config.enable_access_log(
        pbs_buildcfg::API_ACCESS_LOG_FN,
        Some(dir_opts.clone()),
        Some(file_opts.clone()),
        &mut commando_sock,
    )?;

    config.enable_auth_log(
        pbs_buildcfg::API_AUTH_LOG_FN,
        Some(dir_opts.clone()),
        Some(file_opts.clone()),
        &mut commando_sock,
    )?;


    let rest_server = RestServer::new(config);
    proxmox_rest_server::init_worker_tasks(pbs_buildcfg::PROXMOX_BACKUP_LOG_DIR_M!().into(), file_opts.clone())?;

    // http server future:
    let server = daemon::create_daemon(
        ([127,0,0,1], 82).into(),
        move |listener| {
            let incoming = hyper::server::conn::AddrIncoming::from_listener(listener)?;

            Ok(async {
                daemon::systemd_notify(daemon::SystemdNotify::Ready)?;

                hyper::Server::builder(incoming)
                    .serve(rest_server)
                    .with_graceful_shutdown(proxmox_rest_server::shutdown_future())
                    .map_err(Error::from)
                    .await
            })
        },
    );

    proxmox_rest_server::write_pid(pbs_buildcfg::PROXMOX_BACKUP_API_PID_FN)?;

    let init_result: Result<(), Error> = try_block!({
        proxmox_rest_server::register_task_control_commands(&mut commando_sock)?;
        commando_sock.spawn()?;
        proxmox_rest_server::catch_shutdown_signal()?;
        proxmox_rest_server::catch_reload_signal()?;
        Ok(())
    });

    if let Err(err) = init_result {
        bail!("unable to start daemon - {}", err);
    }

    server.await?;
    log::info!("server shutting down, waiting for active workers to complete");
    proxmox_rest_server::last_worker_future().await?;

    log::info!("done - exit server");

    Ok(())
}
Commit	Line	Data
6680878b DM	1	use std::future::Future;
	2	use std::pin::Pin;
	3
f7d4e4b5	4	use anyhow::{bail, Error};
e76ac3a4	5	use futures::*;
7fa9a37c DM	6	use http::request::Parts;
7fa9a37c DM	7	use http::Response;
608806e8 DM	8	use hyper::{Body, Method, StatusCode};
608806e8 DM	9	use http::HeaderMap;
e76ac3a4	10
6ef1b649 WB	11	use proxmox_lang::try_block;
6ef1b649 WB	12	use proxmox_router::{RpcEnvironmentType, UserInformation};
25877d05	13	use proxmox_sys::fs::CreateOptions;
e76ac3a4	14
608806e8	15	use proxmox_rest_server::{daemon, AuthError, ApiConfig, RestServer, RestEnvironment, ServerAdapter};
8bca935f	16
608806e8	17	use proxmox_backup::server::auth::check_pbs_auth;
6c30068e	18	use proxmox_backup::auth_helpers::*;
a8f268af	19	use proxmox_backup::config;
886e5ce8	20
d973aa82	21	fn main() {
d91a0f9f DM	22	pbs_tools::setup_libc_malloc_opts();
d91a0f9f DM	23
ac7513e3 DM	24	proxmox_backup::tools::setup_safe_path_env();
ac7513e3 DM	25
9a1b24b6	26	if let Err(err) = proxmox_async::runtime::main(run()) {
aa5a4060 DM	27	eprintln!("Error: {}", err);
	28	std::process::exit(-1);
	29	}
	30	}
	31
608806e8	32	struct ProxmoxBackupApiAdapter;
7fa9a37c	33
608806e8	34	impl ServerAdapter for ProxmoxBackupApiAdapter {
7fa9a37c	35
608806e8 DM	36	fn get_index(
	37	&self,
	38	_env: RestEnvironment,
	39	_parts: Parts,
	40	) -> Pin<Box<dyn Future<Output = Response<Body>> + Send>> {
	41	Box::pin(async move {
	42
	43	let index = "<center><h1>Proxmox Backup API Server</h1></center>";
	44
	45	Response::builder()
	46	.status(StatusCode::OK)
	47	.header(hyper::header::CONTENT_TYPE, "text/html")
	48	.body(index.into())
	49	.unwrap()
	50	})
	51	}
	52
	53	fn check_auth<'a>(
	54	&'a self,
	55	headers: &'a HeaderMap,
	56	method: &'a Method,
	57	) -> Pin<Box<dyn Future<Output = Result<(String, Box<dyn UserInformation + Sync + Send>), AuthError>> + Send + 'a>> {
	58	Box::pin(async move {
	59	check_pbs_auth(headers, method).await
	60	})
	61	}
7fa9a37c DM	62	}
7fa9a37c DM	63
e76ac3a4	64	async fn run() -> Result<(), Error> {
d96d8273 DM	65	if let Err(err) = syslog::init(
	66	syslog::Facility::LOG_DAEMON,
	67	log::LevelFilter::Info,
	68	Some("proxmox-backup-api")) {
aa5a4060	69	bail!("unable to inititialize syslog - {}", err);
a8f268af DM	70	}
	71
	72	config::create_configdir()?;
d96d8273	73
22be470d DM	74	config::update_self_signed_cert(false)?;
22be470d DM	75
6c76aa43	76	proxmox_backup::server::create_run_dir()?;
bf013be1	77	proxmox_backup::server::create_state_dir()?;
1298618a	78	proxmox_backup::server::jobstate::create_jobstate_dir()?;
cafd51bf	79	proxmox_backup::tape::create_tape_status_dir()?;
cd44fb8d DM	80	proxmox_backup::tape::create_drive_state_dir()?;
cd44fb8d DM	81	proxmox_backup::tape::create_changer_state_dir()?;
a0cd0f9c	82	proxmox_backup::tape::create_drive_lock_dir()?;
eaeda365	83
39a90ca6	84	if let Err(err) = generate_auth_key() {
aa5a4060	85	bail!("unable to generate auth key - {}", err);
8d04280b	86	}
d01e2420	87	let _ = private_auth_key(); // load with lazy_static
8d04280b	88
39a90ca6	89	if let Err(err) = generate_csrf_key() {
aa5a4060	90	bail!("unable to generate csrf key - {}", err);
39a90ca6	91	}
d01e2420	92	let _ = csrf_secret(); // load with lazy_static
39a90ca6	93
fd6d2438	94	let mut config = ApiConfig::new(
af06decd	95	pbs_buildcfg::JS_DIR,
26858dba SR	96	&proxmox_backup::api2::ROUTER,
26858dba SR	97	RpcEnvironmentType::PRIVILEGED,
608806e8	98	ProxmoxBackupApiAdapter,
26858dba	99	)?;
eaeda365	100
fd6d2438	101	let backup_user = pbs_config::backup_user()?;
49e25688	102	let mut commando_sock = proxmox_rest_server::CommandSocket::new(proxmox_rest_server::our_ctrl_sock(), backup_user.gid);
a68768cf	103
fd6d2438 DM	104	let dir_opts = CreateOptions::new().owner(backup_user.uid).group(backup_user.gid);
	105	let file_opts = CreateOptions::new().owner(backup_user.uid).group(backup_user.gid);
	106
0d5d15c9	107	config.enable_access_log(
fd6d2438	108	pbs_buildcfg::API_ACCESS_LOG_FN,
36b7085e DM	109	Some(dir_opts.clone()),
	110	Some(file_opts.clone()),
	111	&mut commando_sock,
	112	)?;
	113
	114	config.enable_auth_log(
	115	pbs_buildcfg::API_AUTH_LOG_FN,
0a33fba4 DM	116	Some(dir_opts.clone()),
0a33fba4 DM	117	Some(file_opts.clone()),
fd6d2438 DM	118	&mut commando_sock,
fd6d2438 DM	119	)?;
8e7e2223	120
36b7085e	121
9bc17e8d	122	let rest_server = RestServer::new(config);
b9700a9f	123	proxmox_rest_server::init_worker_tasks(pbs_buildcfg::PROXMOX_BACKUP_LOG_DIR_M!().into(), file_opts.clone())?;
886e5ce8	124
5e7bc50a	125	// http server future:
a690ecac WB	126	let server = daemon::create_daemon(
a690ecac WB	127	([127,0,0,1], 82).into(),
d2654200	128	move \|listener\| {
6f0565fa DC	129	let incoming = hyper::server::conn::AddrIncoming::from_listener(listener)?;
6f0565fa DC	130
d2654200 DM	131	Ok(async {
	132	daemon::systemd_notify(daemon::SystemdNotify::Ready)?;
	133
	134	hyper::Server::builder(incoming)
083ff3fd	135	.serve(rest_server)
fd6d2438	136	.with_graceful_shutdown(proxmox_rest_server::shutdown_future())
083ff3fd	137	.map_err(Error::from)
d2654200 DM	138	.await
d2654200 DM	139	})
5e7bc50a	140	},
083ff3fd	141	);
5e7bc50a	142
b9700a9f	143	proxmox_rest_server::write_pid(pbs_buildcfg::PROXMOX_BACKUP_API_PID_FN)?;
d98c9a7a	144
e76ac3a4	145	let init_result: Result<(), Error> = try_block!({
b9700a9f	146	proxmox_rest_server::register_task_control_commands(&mut commando_sock)?;
a68768cf	147	commando_sock.spawn()?;
fd1b65cc DM	148	proxmox_rest_server::catch_shutdown_signal()?;
fd1b65cc DM	149	proxmox_rest_server::catch_reload_signal()?;
e76ac3a4 WB	150	Ok(())
e76ac3a4 WB	151	});
e3f41f21	152
e76ac3a4 WB	153	if let Err(err) = init_result {
	154	bail!("unable to start daemon - {}", err);
	155	}
d607b886	156
083ff3fd	157	server.await?;
a546a8a0	158	log::info!("server shutting down, waiting for active workers to complete");
fd6d2438	159	proxmox_rest_server::last_worker_future().await?;
e3f41f21	160
e76ac3a4	161	log::info!("done - exit server");
eaeda365	162
aa5a4060	163	Ok(())
d8d978eb	164	}