[proxmox-backup.git] / src / bin / proxmox-backup-proxy.rs

use std::sync::Arc;

use anyhow::{bail, format_err, Error};
use futures::*;
use hyper;
use openssl::ssl::{SslMethod, SslAcceptor, SslFiletype};

use proxmox::try_block;
use proxmox::api::RpcEnvironmentType;

use proxmox_backup::configdir;
use proxmox_backup::buildcfg;
use proxmox_backup::server;
use proxmox_backup::tools::daemon;
use proxmox_backup::server::{ApiConfig, rest::*};
use proxmox_backup::auth_helpers::*;

fn main() {
    if let Err(err) = proxmox_backup::tools::runtime::main(run()) {
        eprintln!("Error: {}", err);
        std::process::exit(-1);
    }
}

async fn run() -> Result<(), Error> {
    if let Err(err) = syslog::init(
        syslog::Facility::LOG_DAEMON,
        log::LevelFilter::Info,
        Some("proxmox-backup-proxy")) {
        bail!("unable to inititialize syslog - {}", err);
    }

    let _ = public_auth_key(); // load with lazy_static
    let _ = csrf_secret(); // load with lazy_static

    let mut config = ApiConfig::new(
        buildcfg::JS_DIR, &proxmox_backup::api2::ROUTER, RpcEnvironmentType::PUBLIC)?;

    // add default dirs which includes jquery and bootstrap
    // my $base = '/usr/share/libpve-http-server-perl';
    // add_dirs($self->{dirs}, '/css/' => "$base/css/");
    // add_dirs($self->{dirs}, '/js/' => "$base/js/");
    // add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/");
    config.add_alias("novnc", "/usr/share/novnc-pve");
    config.add_alias("extjs", "/usr/share/javascript/extjs");
    config.add_alias("fontawesome", "/usr/share/fonts-font-awesome");
    config.add_alias("xtermjs", "/usr/share/pve-xtermjs");
    config.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit");
    config.add_alias("css", "/usr/share/javascript/proxmox-backup/css");
    config.add_alias("docs", "/usr/share/doc/proxmox-backup/html");

    let rest_server = RestServer::new(config);

    //openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes
    let key_path = configdir!("/proxy.key");
    let cert_path = configdir!("/proxy.pem");

    let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
    acceptor.set_private_key_file(key_path, SslFiletype::PEM)
        .map_err(|err| format_err!("unable to read proxy key {} - {}", key_path, err))?;
    acceptor.set_certificate_chain_file(cert_path)
        .map_err(|err| format_err!("unable to read proxy cert {} - {}", cert_path, err))?;
    acceptor.check_private_key().unwrap();

    let acceptor = Arc::new(acceptor.build());

    let server = daemon::create_daemon(
        ([0,0,0,0,0,0,0,0], 8007).into(),
        |listener, ready| {
            let connections = proxmox_backup::tools::async_io::StaticIncoming::from(listener)
                .map_err(Error::from)
                .try_filter_map(move |(sock, _addr)| {
                    let acceptor = Arc::clone(&acceptor);
                    async move {
                        sock.set_nodelay(true).unwrap();
                        sock.set_send_buffer_size(1024*1024).unwrap();
                        sock.set_recv_buffer_size(1024*1024).unwrap();
                        Ok(tokio_openssl::accept(&acceptor, sock)
                            .await
                            .ok() // handshake errors aren't be fatal, so return None to filter
                        )
                    }
                });
            let connections = proxmox_backup::tools::async_io::HyperAccept(connections);

            Ok(ready
                .and_then(|_| hyper::Server::builder(connections)
                    .serve(rest_server)
                    .with_graceful_shutdown(server::shutdown_future())
                    .map_err(Error::from)
                )
                .map_err(|err| eprintln!("server error: {}", err))
                .map(|_| ())
            )
        },
    );

    daemon::systemd_notify(daemon::SystemdNotify::Ready)?;

    let init_result: Result<(), Error> = try_block!({
        server::create_task_control_socket()?;
        server::server_state_init()?;
        Ok(())
    });

    if let Err(err) = init_result {
        bail!("unable to start daemon - {}", err);
    }

    start_task_scheduler();

    server.await?;
    log::info!("server shutting down, waiting for active workers to complete");
    proxmox_backup::server::last_worker_future().await?;
    log::info!("done - exit server");

    Ok(())
}

fn start_task_scheduler() {
    let abort_future = server::shutdown_future();
    let future = Box::pin(run_task_scheduler());
    let task = futures::future::select(future, abort_future);
    tokio::spawn(task.map(|_| ()));
}

use std::time:: {Instant, Duration, SystemTime, UNIX_EPOCH};

fn next_minute() -> Result<Instant, Error> {
    let epoch_now = SystemTime::now().duration_since(UNIX_EPOCH)?;
    let epoch_next = Duration::from_secs((epoch_now.as_secs()/60 + 1)*60);
    Ok(Instant::now() + epoch_next - epoch_now)
}

async fn run_task_scheduler() {

    let mut count: usize = 0;

    loop {
        count += 1;

        let delay_target = match next_minute() {  // try to run very minute
            Ok(d) => d,
            Err(err) => {
                eprintln!("task scheduler: compute next minute failed - {}", err);
                tokio::time::delay_until(tokio::time::Instant::from_std(Instant::now() + Duration::from_secs(60))).await;
                continue;
            }
        };

        if count > 2 { // wait 1..2 minutes before starting
            match schedule_tasks().catch_unwind().await {
                Err(panic) => {
                    match panic.downcast::<&str>() {
                        Ok(msg) => {
                            eprintln!("task scheduler panic: {}", msg);
                        }
                        Err(_) => {
                            eprintln!("task scheduler panic - unknown type");
                        }
                    }
                }
                Ok(Err(err)) => {
                    eprintln!("task scheduler failed - {:?}", err);
                }
                Ok(Ok(_)) => {}
            }
        }

        tokio::time::delay_until(tokio::time::Instant::from_std(delay_target)).await;
    }
}

async fn schedule_tasks() -> Result<(), Error> {

    schedule_datastore_garbage_collection().await;

    Ok(())
}

fn lookup_last_worker_start(worker_type: &str, worker_id: &str) -> Result<i64, Error> {

    let list = proxmox_backup::server::read_task_list()?;

    for entry in list {
        if entry.upid.worker_type == worker_type {
            if let Some(id) = entry.upid.worker_id {
                if id == worker_id {
                    return Ok(entry.upid.starttime);
                }
            }
        }
    }

    Ok(0)
}


async fn schedule_datastore_garbage_collection() {

    use proxmox_backup::backup::DataStore;
    use proxmox_backup::server::{UPID, WorkerTask};
    use proxmox_backup::tools::systemd::time::{
        parse_calendar_event, compute_next_event};

    let config = match proxmox_backup::config::datastore::config() {
        Err(err) => {
            eprintln!("unable to read datastore config - {}", err);
            return;
        }
        Ok((config, _digest)) => config,
    };

    for (store, (_, store_config)) in config.sections {
        let datastore = match DataStore::lookup_datastore(&store) {
            Ok(datastore) => datastore,
            Err(err) => {
                eprintln!("lookup_datastore failed - {}", err);
                continue;
            }
        };

        let store_config: proxmox_backup::config::datastore::DataStoreConfig = match serde_json::from_value(store_config) {
            Ok(c) => c,
            Err(err) => {
                eprintln!("datastore config from_value failed - {}", err);
                continue;
            }
        };

        let event_str = match store_config.gc_schedule {
            Some(event_str) => event_str,
            None => continue,
        };

        let event = match parse_calendar_event(&event_str) {
            Ok(event) => event,
            Err(err) => {
                eprintln!("unable to parse schedule '{}' - {}", event_str, err);
                continue;
            }
        };

        if datastore.garbage_collection_running() { continue; }

        let worker_type = "garbage_collection";

        let stat = datastore.last_gc_status();
        let last = if let Some(upid_str) = stat.upid {
            match upid_str.parse::<UPID>() {
                Ok(upid) => upid.starttime,
                Err(err) => {
                    eprintln!("unable to parse upid '{}' - {}", upid_str, err);
                    continue;
                }
            }
        } else {
            match lookup_last_worker_start(worker_type, &store) {
                Ok(t) => t,
                Err(err) => {
                    eprintln!("lookup_last_job_start failed: {}", err);
                    continue;
                }
            }
        };

        let next = match compute_next_event(&event, last, false) {
            Ok(next) => next,
            Err(err) => {
                eprintln!("compute_next_event for '{}' failed - {}", event_str, err);
                continue;
            }
        };
        let now = match SystemTime::now().duration_since(UNIX_EPOCH) {
            Ok(epoch_now) => epoch_now.as_secs() as i64,
            Err(err) => {
                eprintln!("query system time failed - {}", err);
                continue;
            }
        };
        if next > now  { continue; }

        let store2 = store.clone();

        if let Err(err) = WorkerTask::new_thread(
            worker_type,
            Some(store.clone()),
            "root@pam",
            false,
            move |worker| {
                worker.log(format!("starting garbage collection on store {}", store));
                worker.log(format!("task triggered by schedule '{}'", event_str));
                datastore.garbage_collection(&worker)
            }
        ) {
            eprintln!("unable to start garbage collection on store {} - {}", store2, err);
        }
    }
}
Commit	Line	Data
a2479cfa WB	1	use std::sync::Arc;
a2479cfa WB	2
f7d4e4b5	3	use anyhow::{bail, format_err, Error};
a2479cfa WB	4	use futures::*;
	5	use hyper;
	6	use openssl::ssl::{SslMethod, SslAcceptor, SslFiletype};
	7
9ea4bce4	8	use proxmox::try_block;
a2479cfa WB	9	use proxmox::api::RpcEnvironmentType;
a2479cfa WB	10
a2ca7137	11	use proxmox_backup::configdir;
4a7de56e	12	use proxmox_backup::buildcfg;
e3f41f21	13	use proxmox_backup::server;
a690ecac	14	use proxmox_backup::tools::daemon;
e57e1cd8	15	use proxmox_backup::server::{ApiConfig, rest::*};
d01e2420	16	use proxmox_backup::auth_helpers::*;
02c7a755	17
d973aa82 WB	18	fn main() {
d973aa82 WB	19	if let Err(err) = proxmox_backup::tools::runtime::main(run()) {
4223d9f8 DM	20	eprintln!("Error: {}", err);
	21	std::process::exit(-1);
	22	}
	23	}
	24
fda5797b	25	async fn run() -> Result<(), Error> {
02c7a755 DM	26	if let Err(err) = syslog::init(
	27	syslog::Facility::LOG_DAEMON,
	28	log::LevelFilter::Info,
	29	Some("proxmox-backup-proxy")) {
4223d9f8	30	bail!("unable to inititialize syslog - {}", err);
02c7a755 DM	31	}
02c7a755 DM	32
d01e2420 DM	33	let _ = public_auth_key(); // load with lazy_static
	34	let _ = csrf_secret(); // load with lazy_static
	35
02c7a755	36	let mut config = ApiConfig::new(
f9e3b110	37	buildcfg::JS_DIR, &proxmox_backup::api2::ROUTER, RpcEnvironmentType::PUBLIC)?;
02c7a755 DM	38
	39	// add default dirs which includes jquery and bootstrap
	40	// my $base = '/usr/share/libpve-http-server-perl';
	41	// add_dirs($self->{dirs}, '/css/' => "$base/css/");
	42	// add_dirs($self->{dirs}, '/js/' => "$base/js/");
	43	// add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/");
	44	config.add_alias("novnc", "/usr/share/novnc-pve");
	45	config.add_alias("extjs", "/usr/share/javascript/extjs");
	46	config.add_alias("fontawesome", "/usr/share/fonts-font-awesome");
	47	config.add_alias("xtermjs", "/usr/share/pve-xtermjs");
	48	config.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit");
2d694f8f	49	config.add_alias("css", "/usr/share/javascript/proxmox-backup/css");
9c01e73c	50	config.add_alias("docs", "/usr/share/doc/proxmox-backup/html");
02c7a755 DM	51
	52	let rest_server = RestServer::new(config);
	53
6d1f61b2 DM	54	//openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes
	55	let key_path = configdir!("/proxy.key");
	56	let cert_path = configdir!("/proxy.pem");
	57
	58	let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
	59	acceptor.set_private_key_file(key_path, SslFiletype::PEM)
	60	.map_err(\|err\| format_err!("unable to read proxy key {} - {}", key_path, err))?;
	61	acceptor.set_certificate_chain_file(cert_path)
	62	.map_err(\|err\| format_err!("unable to read proxy cert {} - {}", cert_path, err))?;
	63	acceptor.check_private_key().unwrap();
	64
	65	let acceptor = Arc::new(acceptor.build());
0d176f36	66
a690ecac WB	67	let server = daemon::create_daemon(
a690ecac WB	68	([0,0,0,0,0,0,0,0], 8007).into(),
083ff3fd	69	\|listener, ready\| {
db0cb9ce	70	let connections = proxmox_backup::tools::async_io::StaticIncoming::from(listener)
a690ecac	71	.map_err(Error::from)
db0cb9ce	72	.try_filter_map(move \|(sock, _addr)\| {
fda5797b WB	73	let acceptor = Arc::clone(&acceptor);
	74	async move {
	75	sock.set_nodelay(true).unwrap();
	76	sock.set_send_buffer_size(1024*1024).unwrap();
	77	sock.set_recv_buffer_size(1024*1024).unwrap();
	78	Ok(tokio_openssl::accept(&acceptor, sock)
	79	.await
	80	.ok() // handshake errors aren't be fatal, so return None to filter
	81	)
a690ecac	82	}
a690ecac	83	});
db0cb9ce	84	let connections = proxmox_backup::tools::async_io::HyperAccept(connections);
083ff3fd WB	85
	86	Ok(ready
	87	.and_then(\|_\| hyper::Server::builder(connections)
	88	.serve(rest_server)
	89	.with_graceful_shutdown(server::shutdown_future())
	90	.map_err(Error::from)
	91	)
	92	.map_err(\|err\| eprintln!("server error: {}", err))
	93	.map(\|_\| ())
a690ecac	94	)
a2ca7137	95	},
083ff3fd	96	);
a2ca7137	97
d98c9a7a WB	98	daemon::systemd_notify(daemon::SystemdNotify::Ready)?;
d98c9a7a WB	99
fda5797b WB	100	let init_result: Result<(), Error> = try_block!({
	101	server::create_task_control_socket()?;
	102	server::server_state_init()?;
	103	Ok(())
	104	});
d607b886	105
fda5797b WB	106	if let Err(err) = init_result {
	107	bail!("unable to start daemon - {}", err);
	108	}
e3f41f21	109
8545480a DM	110	start_task_scheduler();
8545480a DM	111
083ff3fd	112	server.await?;
a546a8a0 WB	113	log::info!("server shutting down, waiting for active workers to complete");
a546a8a0 WB	114	proxmox_backup::server::last_worker_future().await?;
fda5797b	115	log::info!("done - exit server");
e3f41f21	116
4223d9f8	117	Ok(())
02c7a755	118	}
8545480a DM	119
	120	fn start_task_scheduler() {
	121	let abort_future = server::shutdown_future();
	122	let future = Box::pin(run_task_scheduler());
	123	let task = futures::future::select(future, abort_future);
	124	tokio::spawn(task.map(\|_\| ()));
	125	}
	126
	127	use std::time:: {Instant, Duration, SystemTime, UNIX_EPOCH};
	128
	129	fn next_minute() -> Result<Instant, Error> {
	130	let epoch_now = SystemTime::now().duration_since(UNIX_EPOCH)?;
	131	let epoch_next = Duration::from_secs((epoch_now.as_secs()/60 + 1)*60);
	132	Ok(Instant::now() + epoch_next - epoch_now)
	133	}
	134
	135	async fn run_task_scheduler() {
	136
	137	let mut count: usize = 0;
	138
	139	loop {
	140	count += 1;
	141
	142	let delay_target = match next_minute() { // try to run very minute
	143	Ok(d) => d,
	144	Err(err) => {
	145	eprintln!("task scheduler: compute next minute failed - {}", err);
	146	tokio::time::delay_until(tokio::time::Instant::from_std(Instant::now() + Duration::from_secs(60))).await;
	147	continue;
	148	}
	149	};
	150
	151	if count > 2 { // wait 1..2 minutes before starting
	152	match schedule_tasks().catch_unwind().await {
	153	Err(panic) => {
	154	match panic.downcast::<&str>() {
	155	Ok(msg) => {
	156	eprintln!("task scheduler panic: {}", msg);
	157	}
	158	Err(_) => {
	159	eprintln!("task scheduler panic - unknown type");
	160	}
	161	}
	162	}
	163	Ok(Err(err)) => {
	164	eprintln!("task scheduler failed - {:?}", err);
	165	}
	166	Ok(Ok(_)) => {}
	167	}
	168	}
	169
	170	tokio::time::delay_until(tokio::time::Instant::from_std(delay_target)).await;
	171	}
	172	}
	173
	174	async fn schedule_tasks() -> Result<(), Error> {
	175
	176	schedule_datastore_garbage_collection().await;
	177
	178	Ok(())
	179	}
	180
	181	fn lookup_last_worker_start(worker_type: &str, worker_id: &str) -> Result<i64, Error> {
	182
183	let list = proxmox_backup::server::read_task_list()?;
184
185	for entry in list {
186	if entry.upid.worker_type == worker_type {
187	if let Some(id) = entry.upid.worker_id {
188	if id == worker_id {
189	return Ok(entry.upid.starttime);
190	}
191	}
192	}
193	}
194
195	Ok(0)
196	}
197
198
199	async fn schedule_datastore_garbage_collection() {
200
201	use proxmox_backup::backup::DataStore;
202	use proxmox_backup::server::{UPID, WorkerTask};
203	use proxmox_backup::tools::systemd::time::{
204	parse_calendar_event, compute_next_event};
205
206	let config = match proxmox_backup::config::datastore::config() {
207	Err(err) => {
208	eprintln!("unable to read datastore config - {}", err);
209	return;
210	}
211	Ok((config, _digest)) => config,
212	};
213
214	for (store, (_, store_config)) in config.sections {
215	let datastore = match DataStore::lookup_datastore(&store) {
216	Ok(datastore) => datastore,
217	Err(err) => {
218	eprintln!("lookup_datastore failed - {}", err);
219	continue;
220	}
221	};
222
223	let store_config: proxmox_backup::config::datastore::DataStoreConfig = match serde_json::from_value(store_config) {
224	Ok(c) => c,
225	Err(err) => {
226	eprintln!("datastore config from_value failed - {}", err);
227	continue;
228	}
229	};
230
231	let event_str = match store_config.gc_schedule {
232	Some(event_str) => event_str,
233	None => continue,
234	};
235
236	let event = match parse_calendar_event(&event_str) {
237	Ok(event) => event,
238	Err(err) => {
239	eprintln!("unable to parse schedule '{}' - {}", event_str, err);
240	continue;
241	}
242	};
243
244	if datastore.garbage_collection_running() { continue; }
245
246	let worker_type = "garbage_collection";
247
248	let stat = datastore.last_gc_status();
249	let last = if let Some(upid_str) = stat.upid {
250	match upid_str.parse::<UPID>() {
251	Ok(upid) => upid.starttime,
252	Err(err) => {
253	eprintln!("unable to parse upid '{}' - {}", upid_str, err);
254	continue;
255	}
256	}
257	} else {
258	match lookup_last_worker_start(worker_type, &store) {
259	Ok(t) => t,
260	Err(err) => {
261	eprintln!("lookup_last_job_start failed: {}", err);
262	continue;
263	}
264	}
265	};
266
267	let next = match compute_next_event(&event, last, false) {
268	Ok(next) => next,
269	Err(err) => {
270	eprintln!("compute_next_event for '{}' failed - {}", event_str, err);
271	continue;
272	}
273	};
274	let now = match SystemTime::now().duration_since(UNIX_EPOCH) {
275	Ok(epoch_now) => epoch_now.as_secs() as i64,
276	Err(err) => {
277	eprintln!("query system time failed - {}", err);
278	continue;
279	}
280	};
281	if next > now { continue; }
282
283	let store2 = store.clone();
284
285	if let Err(err) = WorkerTask::new_thread(
286	worker_type,
287	Some(store.clone()),
288	"root@pam",
289	false,
290	move \|worker\| {
291	worker.log(format!("starting garbage collection on store {}", store));
292	worker.log(format!("task triggered by schedule '{}'", event_str));
293	datastore.garbage_collection(&worker)
294	}
295	) {
296	eprintln!("unable to start garbage collection on store {} - {}", store2, err);
297	}
298	}
299	}