]> git.proxmox.com Git - proxmox-backup.git/blame_incremental - src/bin/proxmox-backup-client.rs
projects / proxmox-backup.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
src/client/backup_reader.rs: add documentation
[proxmox-backup.git] / src / bin / proxmox-backup-client.rs
... / ...
CommitLineData
1//#[macro_use]
2extern crate proxmox_backup;
3
4use failure::*;
5use nix::unistd::{fork, ForkResult, pipe};
6use std::os::unix::io::RawFd;
7use chrono::{Local, Utc, TimeZone};
8use std::path::{Path, PathBuf};
9use std::collections::{HashSet, HashMap};
10use std::ffi::OsStr;
11use std::io::{BufReader, Read, Write, Seek, SeekFrom};
12use std::os::unix::fs::OpenOptionsExt;
13
14use proxmox::tools::fs::{file_get_contents, file_get_json, file_set_contents, image_size};
15
16use proxmox_backup::tools;
17use proxmox_backup::cli::*;
18use proxmox_backup::api2::types::*;
19use proxmox_backup::api_schema::*;
20use proxmox_backup::api_schema::router::*;
21use proxmox_backup::client::*;
22use proxmox_backup::backup::*;
23use proxmox_backup::pxar::{ self, catalog::* };
24
25//use proxmox_backup::backup::image_index::*;
26//use proxmox_backup::config::datastore;
27//use proxmox_backup::pxar::encoder::*;
28//use proxmox_backup::backup::datastore::*;
29
30use serde_json::{json, Value};
31//use hyper::Body;
32use std::sync::{Arc, Mutex};
33use regex::Regex;
34use xdg::BaseDirectories;
35
36use lazy_static::lazy_static;
37use futures::*;
38use tokio::sync::mpsc;
39
40lazy_static! {
41 static ref BACKUPSPEC_REGEX: Regex = Regex::new(r"^([a-zA-Z0-9_-]+\.(?:pxar|img|conf|log)):(.+)$").unwrap();
42
43 static ref REPO_URL_SCHEMA: Arc<Schema> = Arc::new(
44 StringSchema::new("Repository URL.")
45 .format(BACKUP_REPO_URL.clone())
46 .max_length(256)
47 .into()
48 );
49}
50
51
52fn get_default_repository() -> Option<String> {
53 std::env::var("PBS_REPOSITORY").ok()
54}
55
56fn extract_repository_from_value(
57 param: &Value,
58) -> Result<BackupRepository, Error> {
59
60 let repo_url = param["repository"]
61 .as_str()
62 .map(String::from)
63 .or_else(get_default_repository)
64 .ok_or_else(|| format_err!("unable to get (default) repository"))?;
65
66 let repo: BackupRepository = repo_url.parse()?;
67
68 Ok(repo)
69}
70
71fn extract_repository_from_map(
72 param: &HashMap<String, String>,
73) -> Option<BackupRepository> {
74
75 param.get("repository")
76 .map(String::from)
77 .or_else(get_default_repository)
78 .and_then(|repo_url| repo_url.parse::<BackupRepository>().ok())
79}
80
81fn record_repository(repo: &BackupRepository) {
82
83 let base = match BaseDirectories::with_prefix("proxmox-backup") {
84 Ok(v) => v,
85 _ => return,
86 };
87
88 // usually $HOME/.cache/proxmox-backup/repo-list
89 let path = match base.place_cache_file("repo-list") {
90 Ok(v) => v,
91 _ => return,
92 };
93
94 let mut data = file_get_json(&path, None).unwrap_or(json!({}));
95
96 let repo = repo.to_string();
97
98 data[&repo] = json!{ data[&repo].as_i64().unwrap_or(0) + 1 };
99
100 let mut map = serde_json::map::Map::new();
101
102 loop {
103 let mut max_used = 0;
104 let mut max_repo = None;
105 for (repo, count) in data.as_object().unwrap() {
106 if map.contains_key(repo) { continue; }
107 if let Some(count) = count.as_i64() {
108 if count > max_used {
109 max_used = count;
110 max_repo = Some(repo);
111 }
112 }
113 }
114 if let Some(repo) = max_repo {
115 map.insert(repo.to_owned(), json!(max_used));
116 } else {
117 break;
118 }
119 if map.len() > 10 { // store max. 10 repos
120 break;
121 }
122 }
123
124 let new_data = json!(map);
125
126 let _ = file_set_contents(path, new_data.to_string().as_bytes(), None);
127}
128
129fn complete_repository(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
130
131 let mut result = vec![];
132
133 let base = match BaseDirectories::with_prefix("proxmox-backup") {
134 Ok(v) => v,
135 _ => return result,
136 };
137
138 // usually $HOME/.cache/proxmox-backup/repo-list
139 let path = match base.place_cache_file("repo-list") {
140 Ok(v) => v,
141 _ => return result,
142 };
143
144 let data = file_get_json(&path, None).unwrap_or(json!({}));
145
146 if let Some(map) = data.as_object() {
147 for (repo, _count) in map {
148 result.push(repo.to_owned());
149 }
150 }
151
152 result
153}
154
155fn compute_file_csum(file: &mut std::fs::File) -> Result<([u8; 32], u64), Error> {
156
157 file.seek(SeekFrom::Start(0))?;
158
159 let mut hasher = openssl::sha::Sha256::new();
160 let mut buffer = proxmox::tools::vec::undefined(256*1024);
161 let mut size: u64 = 0;
162
163 loop {
164 let count = match file.read(&mut buffer) {
165 Ok(count) => count,
166 Err(ref err) if err.kind() == std::io::ErrorKind::Interrupted => { continue; }
167 Err(err) => return Err(err.into()),
168 };
169 if count == 0 {
170 break;
171 }
172 size += count as u64;
173 hasher.update(&buffer[..count]);
174 }
175
176 let csum = hasher.finish();
177
178 Ok((csum, size))
179}
180
181
182async fn backup_directory<P: AsRef<Path>>(
183 client: &BackupClient,
184 dir_path: P,
185 archive_name: &str,
186 chunk_size: Option<usize>,
187 device_set: Option<HashSet<u64>>,
188 verbose: bool,
189 skip_lost_and_found: bool,
190 crypt_config: Option<Arc<CryptConfig>>,
191 catalog: Arc<Mutex<CatalogBlobWriter<std::fs::File>>>,
192) -> Result<BackupStats, Error> {
193
194 let pxar_stream = PxarBackupStream::open(dir_path.as_ref(), device_set, verbose, skip_lost_and_found, catalog)?;
195 let mut chunk_stream = ChunkStream::new(pxar_stream, chunk_size);
196
197 let (mut tx, rx) = mpsc::channel(10); // allow to buffer 10 chunks
198
199 let stream = rx
200 .map_err(Error::from);
201
202 // spawn chunker inside a separate task so that it can run parallel
203 tokio::spawn(async move {
204 let _ = tx.send_all(&mut chunk_stream).await;
205 });
206
207 let stats = client
208 .upload_stream(archive_name, stream, "dynamic", None, crypt_config)
209 .await?;
210
211 Ok(stats)
212}
213
214async fn backup_image<P: AsRef<Path>>(
215 client: &BackupClient,
216 image_path: P,
217 archive_name: &str,
218 image_size: u64,
219 chunk_size: Option<usize>,
220 _verbose: bool,
221 crypt_config: Option<Arc<CryptConfig>>,
222) -> Result<BackupStats, Error> {
223
224 let path = image_path.as_ref().to_owned();
225
226 let file = tokio::fs::File::open(path).await?;
227
228 let stream = tokio::codec::FramedRead::new(file, tokio::codec::BytesCodec::new())
229 .map_err(Error::from);
230
231 let stream = FixedChunkStream::new(stream, chunk_size.unwrap_or(4*1024*1024));
232
233 let stats = client
234 .upload_stream(archive_name, stream, "fixed", Some(image_size), crypt_config)
235 .await?;
236
237 Ok(stats)
238}
239
240fn strip_server_file_expenstion(name: &str) -> String {
241
242 if name.ends_with(".didx") {
243 return name[..name.len()-5].to_owned();
244 } else if name.ends_with(".fidx") {
245 return name[..name.len()-5].to_owned();
246 } else if name.ends_with(".blob") {
247 return name[..name.len()-5].to_owned();
248 } else {
249 return name.to_owned(); // should not happen
250 }
251}
252
253fn list_backup_groups(
254 param: Value,
255 _info: &ApiMethod,
256 _rpcenv: &mut dyn RpcEnvironment,
257) -> Result<Value, Error> {
258
259 let repo = extract_repository_from_value(&param)?;
260
261 let client = HttpClient::new(repo.host(), repo.user(), None)?;
262
263 let path = format!("api2/json/admin/datastore/{}/groups", repo.store());
264
265 let mut result = async_main(async move {
266 client.get(&path, None).await
267 })?;
268
269 record_repository(&repo);
270
271 // fixme: implement and use output formatter instead ..
272 let list = result["data"].as_array_mut().unwrap();
273
274 list.sort_unstable_by(|a, b| {
275 let a_id = a["backup-id"].as_str().unwrap();
276 let a_backup_type = a["backup-type"].as_str().unwrap();
277 let b_id = b["backup-id"].as_str().unwrap();
278 let b_backup_type = b["backup-type"].as_str().unwrap();
279
280 let type_order = a_backup_type.cmp(b_backup_type);
281 if type_order == std::cmp::Ordering::Equal {
282 a_id.cmp(b_id)
283 } else {
284 type_order
285 }
286 });
287
288 let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
289
290 let mut result = vec![];
291
292 for item in list {
293
294 let id = item["backup-id"].as_str().unwrap();
295 let btype = item["backup-type"].as_str().unwrap();
296 let epoch = item["last-backup"].as_i64().unwrap();
297 let last_backup = Utc.timestamp(epoch, 0);
298 let backup_count = item["backup-count"].as_u64().unwrap();
299
300 let group = BackupGroup::new(btype, id);
301
302 let path = group.group_path().to_str().unwrap().to_owned();
303
304 let files = item["files"].as_array().unwrap().iter()
305 .map(|v| strip_server_file_expenstion(v.as_str().unwrap())).collect();
306
307 if output_format == "text" {
308 println!(
309 "{:20} | {} | {:5} | {}",
310 path,
311 BackupDir::backup_time_to_string(last_backup),
312 backup_count,
313 tools::join(&files, ' '),
314 );
315 } else {
316 result.push(json!({
317 "backup-type": btype,
318 "backup-id": id,
319 "last-backup": epoch,
320 "backup-count": backup_count,
321 "files": files,
322 }));
323 }
324 }
325
326 if output_format != "text" { format_and_print_result(&result.into(), &output_format); }
327
328 Ok(Value::Null)
329}
330
331fn list_snapshots(
332 param: Value,
333 _info: &ApiMethod,
334 _rpcenv: &mut dyn RpcEnvironment,
335) -> Result<Value, Error> {
336
337 let repo = extract_repository_from_value(&param)?;
338
339 let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
340
341 let client = HttpClient::new(repo.host(), repo.user(), None)?;
342
343 let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
344
345 let mut args = json!({});
346 if let Some(path) = param["group"].as_str() {
347 let group = BackupGroup::parse(path)?;
348 args["backup-type"] = group.backup_type().into();
349 args["backup-id"] = group.backup_id().into();
350 }
351
352 let result = async_main(async move {
353 client.get(&path, Some(args)).await
354 })?;
355
356 record_repository(&repo);
357
358 let list = result["data"].as_array().unwrap();
359
360 let mut result = vec![];
361
362 for item in list {
363
364 let id = item["backup-id"].as_str().unwrap();
365 let btype = item["backup-type"].as_str().unwrap();
366 let epoch = item["backup-time"].as_i64().unwrap();
367
368 let snapshot = BackupDir::new(btype, id, epoch);
369
370 let path = snapshot.relative_path().to_str().unwrap().to_owned();
371
372 let files = item["files"].as_array().unwrap().iter()
373 .map(|v| strip_server_file_expenstion(v.as_str().unwrap())).collect();
374
375 if output_format == "text" {
376 let size_str = if let Some(size) = item["size"].as_u64() {
377 size.to_string()
378 } else {
379 String::from("-")
380 };
381 println!("{} | {} | {}", path, size_str, tools::join(&files, ' '));
382 } else {
383 let mut data = json!({
384 "backup-type": btype,
385 "backup-id": id,
386 "backup-time": epoch,
387 "files": files,
388 });
389 if let Some(size) = item["size"].as_u64() {
390 data["size"] = size.into();
391 }
392 result.push(data);
393 }
394 }
395
396 if output_format != "text" { format_and_print_result(&result.into(), &output_format); }
397
398 Ok(Value::Null)
399}
400
401fn forget_snapshots(
402 param: Value,
403 _info: &ApiMethod,
404 _rpcenv: &mut dyn RpcEnvironment,
405) -> Result<Value, Error> {
406
407 let repo = extract_repository_from_value(&param)?;
408
409 let path = tools::required_string_param(&param, "snapshot")?;
410 let snapshot = BackupDir::parse(path)?;
411
412 let mut client = HttpClient::new(repo.host(), repo.user(), None)?;
413
414 let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
415
416 let result = async_main(async move {
417 client.delete(&path, Some(json!({
418 "backup-type": snapshot.group().backup_type(),
419 "backup-id": snapshot.group().backup_id(),
420 "backup-time": snapshot.backup_time().timestamp(),
421 }))).await
422 })?;
423
424 record_repository(&repo);
425
426 Ok(result)
427}
428
429fn api_login(
430 param: Value,
431 _info: &ApiMethod,
432 _rpcenv: &mut dyn RpcEnvironment,
433) -> Result<Value, Error> {
434
435 let repo = extract_repository_from_value(&param)?;
436
437 let client = HttpClient::new(repo.host(), repo.user(), None)?;
438 async_main(async move { client.login().await })?;
439
440 record_repository(&repo);
441
442 Ok(Value::Null)
443}
444
445fn api_logout(
446 param: Value,
447 _info: &ApiMethod,
448 _rpcenv: &mut dyn RpcEnvironment,
449) -> Result<Value, Error> {
450
451 let repo = extract_repository_from_value(&param)?;
452
453 delete_ticket_info(repo.host(), repo.user())?;
454
455 Ok(Value::Null)
456}
457
458fn dump_catalog(
459 param: Value,
460 _info: &ApiMethod,
461 _rpcenv: &mut dyn RpcEnvironment,
462) -> Result<Value, Error> {
463
464 let repo = extract_repository_from_value(&param)?;
465
466 let path = tools::required_string_param(&param, "snapshot")?;
467 let snapshot = BackupDir::parse(path)?;
468
469 let keyfile = param["keyfile"].as_str().map(|p| PathBuf::from(p));
470
471 let crypt_config = match keyfile {
472 None => None,
473 Some(path) => {
474 let (key, _) = load_and_decrtypt_key(&path, get_encryption_key_password)?;
475 Some(Arc::new(CryptConfig::new(key)?))
476 }
477 };
478
479 let client = HttpClient::new(repo.host(), repo.user(), None)?;
480
481 async_main(async move {
482 let client = BackupReader::start(
483 client,
484 repo.store(),
485 &snapshot.group().backup_type(),
486 &snapshot.group().backup_id(),
487 snapshot.backup_time(),
488 true,
489 ).await?;
490
491 let backup_index_data = download_index_blob(client.clone(), crypt_config.clone()).await?;
492 let backup_index: Value = serde_json::from_slice(&backup_index_data[..])?;
493
494 let blob_file = std::fs::OpenOptions::new()
495 .read(true)
496 .write(true)
497 .custom_flags(libc::O_TMPFILE)
498 .open("/tmp")?;
499
500 let mut blob_file = client.download(CATALOG_BLOB_NAME, blob_file).await?;
501
502 let (csum, size) = compute_file_csum(&mut blob_file)?;
503 verify_index_file(&backup_index, CATALOG_BLOB_NAME, &csum, size)?;
504
505 blob_file.seek(SeekFrom::Start(0))?;
506
507 let reader = BufReader::new(blob_file);
508 let mut catalog_reader = CatalogBlobReader::new(reader, crypt_config)?;
509
510 catalog_reader.dump()?;
511
512 record_repository(&repo);
513
514 Ok::<(), Error>(())
515 })?;
516
517 Ok(Value::Null)
518}
519
520fn list_snapshot_files(
521 param: Value,
522 _info: &ApiMethod,
523 _rpcenv: &mut dyn RpcEnvironment,
524) -> Result<Value, Error> {
525
526 let repo = extract_repository_from_value(&param)?;
527
528 let path = tools::required_string_param(&param, "snapshot")?;
529 let snapshot = BackupDir::parse(path)?;
530
531 let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
532
533 let client = HttpClient::new(repo.host(), repo.user(), None)?;
534
535 let path = format!("api2/json/admin/datastore/{}/files", repo.store());
536
537 let mut result = async_main(async move {
538 client.get(&path, Some(json!({
539 "backup-type": snapshot.group().backup_type(),
540 "backup-id": snapshot.group().backup_id(),
541 "backup-time": snapshot.backup_time().timestamp(),
542 }))).await
543 })?;
544
545 record_repository(&repo);
546
547 let list: Value = result["data"].take();
548
549 if output_format == "text" {
550 for item in list.as_array().unwrap().iter() {
551 println!(
552 "{} {}",
553 strip_server_file_expenstion(item["filename"].as_str().unwrap()),
554 item["size"].as_u64().unwrap_or(0),
555 );
556 }
557 } else {
558 format_and_print_result(&list, &output_format);
559 }
560
561 Ok(Value::Null)
562}
563
564fn start_garbage_collection(
565 param: Value,
566 _info: &ApiMethod,
567 _rpcenv: &mut dyn RpcEnvironment,
568) -> Result<Value, Error> {
569
570 let repo = extract_repository_from_value(&param)?;
571
572 let mut client = HttpClient::new(repo.host(), repo.user(), None)?;
573
574 let path = format!("api2/json/admin/datastore/{}/gc", repo.store());
575
576 let result = async_main(async move { client.post(&path, None).await })?;
577
578 record_repository(&repo);
579
580 Ok(result)
581}
582
583fn parse_backupspec(value: &str) -> Result<(&str, &str), Error> {
584
585 if let Some(caps) = BACKUPSPEC_REGEX.captures(value) {
586 return Ok((caps.get(1).unwrap().as_str(), caps.get(2).unwrap().as_str()));
587 }
588 bail!("unable to parse directory specification '{}'", value);
589}
590
591fn create_backup(
592 param: Value,
593 _info: &ApiMethod,
594 _rpcenv: &mut dyn RpcEnvironment,
595) -> Result<Value, Error> {
596
597 let repo = extract_repository_from_value(&param)?;
598
599 let backupspec_list = tools::required_array_param(&param, "backupspec")?;
600
601 let all_file_systems = param["all-file-systems"].as_bool().unwrap_or(false);
602
603 let skip_lost_and_found = param["skip-lost-and-found"].as_bool().unwrap_or(false);
604
605 let verbose = param["verbose"].as_bool().unwrap_or(false);
606
607 let backup_time_opt = param["backup-time"].as_i64();
608
609 let chunk_size_opt = param["chunk-size"].as_u64().map(|v| (v*1024) as usize);
610
611 if let Some(size) = chunk_size_opt {
612 verify_chunk_size(size)?;
613 }
614
615 let keyfile = param["keyfile"].as_str().map(|p| PathBuf::from(p));
616
617 let backup_id = param["backup-id"].as_str().unwrap_or(&proxmox::tools::nodename());
618
619 let backup_type = param["backup-type"].as_str().unwrap_or("host");
620
621 let include_dev = param["include-dev"].as_array();
622
623 let mut devices = if all_file_systems { None } else { Some(HashSet::new()) };
624
625 if let Some(include_dev) = include_dev {
626 if all_file_systems {
627 bail!("option 'all-file-systems' conflicts with option 'include-dev'");
628 }
629
630 let mut set = HashSet::new();
631 for path in include_dev {
632 let path = path.as_str().unwrap();
633 let stat = nix::sys::stat::stat(path)
634 .map_err(|err| format_err!("fstat {:?} failed - {}", path, err))?;
635 set.insert(stat.st_dev);
636 }
637 devices = Some(set);
638 }
639
640 let mut upload_list = vec![];
641
642 enum BackupType { PXAR, IMAGE, CONFIG, LOGFILE };
643
644 for backupspec in backupspec_list {
645 let (target, filename) = parse_backupspec(backupspec.as_str().unwrap())?;
646
647 use std::os::unix::fs::FileTypeExt;
648
649 let metadata = std::fs::metadata(filename)
650 .map_err(|err| format_err!("unable to access '{}' - {}", filename, err))?;
651 let file_type = metadata.file_type();
652
653 let extension = target.rsplit('.').next()
654 .ok_or(format_err!("missing target file extenion '{}'", target))?;
655
656 match extension {
657 "pxar" => {
658 if !file_type.is_dir() {
659 bail!("got unexpected file type (expected directory)");
660 }
661 upload_list.push((BackupType::PXAR, filename.to_owned(), format!("{}.didx", target), 0));
662 }
663 "img" => {
664
665 if !(file_type.is_file() || file_type.is_block_device()) {
666 bail!("got unexpected file type (expected file or block device)");
667 }
668
669 let size = image_size(&PathBuf::from(filename))?;
670
671 if size == 0 { bail!("got zero-sized file '{}'", filename); }
672
673 upload_list.push((BackupType::IMAGE, filename.to_owned(), format!("{}.fidx", target), size));
674 }
675 "conf" => {
676 if !file_type.is_file() {
677 bail!("got unexpected file type (expected regular file)");
678 }
679 upload_list.push((BackupType::CONFIG, filename.to_owned(), format!("{}.blob", target), metadata.len()));
680 }
681 "log" => {
682 if !file_type.is_file() {
683 bail!("got unexpected file type (expected regular file)");
684 }
685 upload_list.push((BackupType::LOGFILE, filename.to_owned(), format!("{}.blob", target), metadata.len()));
686 }
687 _ => {
688 bail!("got unknown archive extension '{}'", extension);
689 }
690 }
691 }
692
693 let backup_time = Utc.timestamp(backup_time_opt.unwrap_or(Utc::now().timestamp()), 0);
694
695 let client = HttpClient::new(repo.host(), repo.user(), None)?;
696 record_repository(&repo);
697
698 println!("Starting backup: {}/{}/{}", backup_type, backup_id, BackupDir::backup_time_to_string(backup_time));
699
700 println!("Client name: {}", proxmox::tools::nodename());
701
702 let start_time = Local::now();
703
704 println!("Starting protocol: {}", start_time.to_rfc3339_opts(chrono::SecondsFormat::Secs, false));
705
706 let (crypt_config, rsa_encrypted_key) = match keyfile {
707 None => (None, None),
708 Some(path) => {
709 let (key, created) = load_and_decrtypt_key(&path, get_encryption_key_password)?;
710
711 let crypt_config = CryptConfig::new(key)?;
712
713 let path = master_pubkey_path()?;
714 if path.exists() {
715 let pem_data = file_get_contents(&path)?;
716 let rsa = openssl::rsa::Rsa::public_key_from_pem(&pem_data)?;
717 let enc_key = crypt_config.generate_rsa_encoded_key(rsa, created)?;
718 (Some(Arc::new(crypt_config)), Some(enc_key))
719 } else {
720 (Some(Arc::new(crypt_config)), None)
721 }
722 }
723 };
724
725 async_main(async move {
726 let client = client
727 .start_backup(repo.store(), backup_type, &backup_id, backup_time, verbose)
728 .await?;
729
730 let mut file_list = vec![];
731
732 // fixme: encrypt/sign catalog?
733 let catalog_file = std::fs::OpenOptions::new()
734 .write(true)
735 .read(true)
736 .custom_flags(libc::O_TMPFILE)
737 .open("/tmp")?;
738
739 let catalog = Arc::new(Mutex::new(CatalogBlobWriter::new_compressed(catalog_file)?));
740 let mut upload_catalog = false;
741
742 for (backup_type, filename, target, size) in upload_list {
743 match backup_type {
744 BackupType::CONFIG => {
745 println!("Upload config file '{}' to '{:?}' as {}", filename, repo, target);
746 let stats = client
747 .upload_blob_from_file(&filename, &target, crypt_config.clone(), true)
748 .await?;
749 file_list.push((target, stats));
750 }
751 BackupType::LOGFILE => { // fixme: remove - not needed anymore ?
752 println!("Upload log file '{}' to '{:?}' as {}", filename, repo, target);
753 let stats = client
754 .upload_blob_from_file(&filename, &target, crypt_config.clone(), true)
755 .await?;
756 file_list.push((target, stats));
757 }
758 BackupType::PXAR => {
759 upload_catalog = true;
760 println!("Upload directory '{}' to '{:?}' as {}", filename, repo, target);
761 catalog.lock().unwrap().start_directory(std::ffi::CString::new(target.as_str())?.as_c_str())?;
762 let stats = backup_directory(
763 &client,
764 &filename,
765 &target,
766 chunk_size_opt,
767 devices.clone(),
768 verbose,
769 skip_lost_and_found,
770 crypt_config.clone(),
771 catalog.clone(),
772 ).await?;
773 file_list.push((target, stats));
774 catalog.lock().unwrap().end_directory()?;
775 }
776 BackupType::IMAGE => {
777 println!("Upload image '{}' to '{:?}' as {}", filename, repo, target);
778 let stats = backup_image(
779 &client,
780 &filename,
781 &target,
782 size,
783 chunk_size_opt,
784 verbose,
785 crypt_config.clone(),
786 ).await?;
787 file_list.push((target, stats));
788 }
789 }
790 }
791
792 // finalize and upload catalog
793 if upload_catalog {
794 let mutex = Arc::try_unwrap(catalog)
795 .map_err(|_| format_err!("unable to get catalog (still used)"))?;
796 let mut catalog_file = mutex.into_inner().unwrap().finish()?;
797
798 let target = CATALOG_BLOB_NAME;
799
800 catalog_file.seek(SeekFrom::Start(0))?;
801
802 let stats = client.upload_blob(catalog_file, target).await?;
803 file_list.push((target.to_owned(), stats));
804 }
805
806 if let Some(rsa_encrypted_key) = rsa_encrypted_key {
807 let target = "rsa-encrypted.key";
808 println!("Upload RSA encoded key to '{:?}' as {}", repo, target);
809 let stats = client
810 .upload_blob_from_data(rsa_encrypted_key, target, None, false, false)
811 .await?;
812 file_list.push((format!("{}.blob", target), stats));
813
814 // openssl rsautl -decrypt -inkey master-private.pem -in rsa-encrypted.key -out t
815 /*
816 let mut buffer2 = vec![0u8; rsa.size() as usize];
817 let pem_data = file_get_contents("master-private.pem")?;
818 let rsa = openssl::rsa::Rsa::private_key_from_pem(&pem_data)?;
819 let len = rsa.private_decrypt(&buffer, &mut buffer2, openssl::rsa::Padding::PKCS1)?;
820 println!("TEST {} {:?}", len, buffer2);
821 */
822 }
823
824 // create index.json
825 let file_list = file_list.iter()
826 .fold(vec![], |mut acc, (filename, stats)| {
827 acc.push(json!({
828 "filename": filename,
829 "size": stats.size,
830 "csum": proxmox::tools::digest_to_hex(&stats.csum),
831 }));
832 acc
833 });
834
835 let index = json!({
836 "backup-type": backup_type,
837 "backup-id": backup_id,
838 "backup-time": backup_time.timestamp(),
839 "files": file_list,
840 });
841
842 println!("Upload index.json to '{:?}'", repo);
843 let index_data = serde_json::to_string_pretty(&index)?.into();
844 client
845 .upload_blob_from_data(index_data, "index.json.blob", crypt_config.clone(), true, true)
846 .await?;
847
848 client.finish().await?;
849
850 let end_time = Local::now();
851 let elapsed = end_time.signed_duration_since(start_time);
852 println!("Duration: {}", elapsed);
853
854 println!("End Time: {}", end_time.to_rfc3339_opts(chrono::SecondsFormat::Secs, false));
855
856 Ok(Value::Null)
857 })
858}
859
860fn complete_backup_source(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
861
862 let mut result = vec![];
863
864 let data: Vec<&str> = arg.splitn(2, ':').collect();
865
866 if data.len() != 2 {
867 result.push(String::from("root.pxar:/"));
868 result.push(String::from("etc.pxar:/etc"));
869 return result;
870 }
871
872 let files = tools::complete_file_name(data[1], param);
873
874 for file in files {
875 result.push(format!("{}:{}", data[0], file));
876 }
877
878 result
879}
880
881fn restore(
882 param: Value,
883 _info: &ApiMethod,
884 _rpcenv: &mut dyn RpcEnvironment,
885) -> Result<Value, Error> {
886 async_main(restore_do(param))
887}
888
889async fn download_index_blob(client: Arc<BackupReader>, crypt_config: Option<Arc<CryptConfig>>) -> Result<Vec<u8>, Error> {
890
891 let index_data = client.download(INDEX_BLOB_NAME, Vec::with_capacity(64*1024)).await?;
892 let blob = DataBlob::from_raw(index_data)?;
893 blob.verify_crc()?;
894 blob.decode(crypt_config.as_ref().map(Arc::as_ref))
895}
896
897fn verify_index_file(backup_index: &Value, name: &str, csum: &[u8; 32], size: u64) -> Result<(), Error> {
898
899 let files = backup_index["files"]
900 .as_array()
901 .ok_or_else(|| format_err!("mailformed index - missing 'files' property"))?;
902
903 let info = files.iter().find(|v| {
904 match v["filename"].as_str() {
905 Some(filename) => filename == name,
906 None => false,
907 }
908 });
909
910 let info = match info {
911 None => bail!("index does not contain file '{}'", name),
912 Some(info) => info,
913 };
914
915 match info["size"].as_u64() {
916 None => bail!("index does not contain property 'size' for file '{}'", name),
917 Some(expected_size) => {
918 if expected_size != size {
919 bail!("verify index failed - wrong size for file '{}' ({} != {}", name, expected_size, size);
920 }
921 }
922 };
923
924 match info["csum"].as_str() {
925 None => bail!("index does not contain property 'csum' for file '{}'", name),
926 Some(expected_csum) => {
927 let expected_csum = &proxmox::tools::hex_to_digest(expected_csum)?;
928 if expected_csum != csum {
929 bail!("verify index failed - wrong checksum for file '{}'", name);
930 }
931 }
932 };
933
934 Ok(())
935}
936
937fn dump_image<W: Write>(
938 client: Arc<BackupReader>,
939 crypt_config: Option<Arc<CryptConfig>>,
940 index: FixedIndexReader,
941 mut writer: W,
942 verbose: bool,
943) -> Result<(), Error> {
944
945 let most_used = index.find_most_used_chunks(8);
946
947 let mut chunk_reader = RemoteChunkReader::new(client.clone(), crypt_config, most_used);
948
949 // Note: we avoid using BufferedFixedReader, because that add an additional buffer/copy
950 // and thus slows down reading. Instead, directly use RemoteChunkReader
951 let mut per = 0;
952 let mut bytes = 0;
953 let start_time = std::time::Instant::now();
954
955 for pos in 0..index.index_count() {
956 let digest = index.index_digest(pos).unwrap();
957 let raw_data = chunk_reader.read_chunk(&digest)?;
958 writer.write_all(&raw_data)?;
959 bytes += raw_data.len();
960 if verbose {
961 let next_per = ((pos+1)*100)/index.index_count();
962 if per != next_per {
963 eprintln!("progress {}% (read {} bytes, duration {} sec)",
964 next_per, bytes, start_time.elapsed().as_secs());
965 per = next_per;
966 }
967 }
968 }
969
970 let end_time = std::time::Instant::now();
971 let elapsed = end_time.duration_since(start_time);
972 eprintln!("restore image complete (bytes={}, duration={:.2}s, speed={:.2}MB/s)",
973 bytes,
974 elapsed.as_secs_f64(),
975 bytes as f64/(1024.0*1024.0*elapsed.as_secs_f64())
976 );
977
978
979 Ok(())
980}
981
982async fn restore_do(param: Value) -> Result<Value, Error> {
983 let repo = extract_repository_from_value(&param)?;
984
985 let verbose = param["verbose"].as_bool().unwrap_or(false);
986
987 let allow_existing_dirs = param["allow-existing-dirs"].as_bool().unwrap_or(false);
988
989 let archive_name = tools::required_string_param(&param, "archive-name")?;
990
991 let client = HttpClient::new(repo.host(), repo.user(), None)?;
992
993 record_repository(&repo);
994
995 let path = tools::required_string_param(&param, "snapshot")?;
996
997 let (backup_type, backup_id, backup_time) = if path.matches('/').count() == 1 {
998 let group = BackupGroup::parse(path)?;
999
1000 let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
1001 let result = client.get(&path, Some(json!({
1002 "backup-type": group.backup_type(),
1003 "backup-id": group.backup_id(),
1004 }))).await?;
1005
1006 let list = result["data"].as_array().unwrap();
1007 if list.len() == 0 {
1008 bail!("backup group '{}' does not contain any snapshots:", path);
1009 }
1010
1011 let epoch = list[0]["backup-time"].as_i64().unwrap();
1012 let backup_time = Utc.timestamp(epoch, 0);
1013 (group.backup_type().to_owned(), group.backup_id().to_owned(), backup_time)
1014 } else {
1015 let snapshot = BackupDir::parse(path)?;
1016 (snapshot.group().backup_type().to_owned(), snapshot.group().backup_id().to_owned(), snapshot.backup_time())
1017 };
1018
1019 let target = tools::required_string_param(&param, "target")?;
1020 let target = if target == "-" { None } else { Some(target) };
1021
1022 let keyfile = param["keyfile"].as_str().map(|p| PathBuf::from(p));
1023
1024 let crypt_config = match keyfile {
1025 None => None,
1026 Some(path) => {
1027 let (key, _) = load_and_decrtypt_key(&path, get_encryption_key_password)?;
1028 Some(Arc::new(CryptConfig::new(key)?))
1029 }
1030 };
1031
1032 let server_archive_name = if archive_name.ends_with(".pxar") {
1033 format!("{}.didx", archive_name)
1034 } else if archive_name.ends_with(".img") {
1035 format!("{}.fidx", archive_name)
1036 } else {
1037 format!("{}.blob", archive_name)
1038 };
1039
1040 let client = BackupReader::start(client, repo.store(), &backup_type, &backup_id, backup_time, true).await?;
1041
1042 let tmpfile = std::fs::OpenOptions::new()
1043 .write(true)
1044 .read(true)
1045 .custom_flags(libc::O_TMPFILE)
1046 .open("/tmp")?;
1047
1048
1049 let backup_index_data = download_index_blob(client.clone(), crypt_config.clone()).await?;
1050 let backup_index: Value = serde_json::from_slice(&backup_index_data[..])?;
1051
1052 if server_archive_name == INDEX_BLOB_NAME {
1053 if let Some(target) = target {
1054 file_set_contents(target, &backup_index_data, None)?;
1055 } else {
1056 let stdout = std::io::stdout();
1057 let mut writer = stdout.lock();
1058 writer.write_all(&backup_index_data)
1059 .map_err(|err| format_err!("unable to pipe data - {}", err))?;
1060 }
1061
1062 } else if server_archive_name.ends_with(".blob") {
1063 let mut tmpfile = client.download(&server_archive_name, tmpfile).await?;
1064
1065 let (csum, size) = compute_file_csum(&mut tmpfile)?;
1066 verify_index_file(&backup_index, &server_archive_name, &csum, size)?;
1067
1068 tmpfile.seek(SeekFrom::Start(0))?;
1069 let mut reader = DataBlobReader::new(tmpfile, crypt_config)?;
1070
1071 if let Some(target) = target {
1072 let mut writer = std::fs::OpenOptions::new()
1073 .write(true)
1074 .create(true)
1075 .create_new(true)
1076 .open(target)
1077 .map_err(|err| format_err!("unable to create target file {:?} - {}", target, err))?;
1078 std::io::copy(&mut reader, &mut writer)?;
1079 } else {
1080 let stdout = std::io::stdout();
1081 let mut writer = stdout.lock();
1082 std::io::copy(&mut reader, &mut writer)
1083 .map_err(|err| format_err!("unable to pipe data - {}", err))?;
1084 }
1085
1086 } else if server_archive_name.ends_with(".didx") {
1087 let tmpfile = client.download(&server_archive_name, tmpfile).await?;
1088
1089 let index = DynamicIndexReader::new(tmpfile)
1090 .map_err(|err| format_err!("unable to read dynamic index '{}' - {}", archive_name, err))?;
1091
1092 // Note: do not use values stored in index (not trusted) - instead, computed them again
1093 let (csum, size) = index.compute_csum();
1094
1095 verify_index_file(&backup_index, &server_archive_name, &csum, size)?;
1096
1097 let most_used = index.find_most_used_chunks(8);
1098
1099 let chunk_reader = RemoteChunkReader::new(client.clone(), crypt_config, most_used);
1100
1101 let mut reader = BufferedDynamicReader::new(index, chunk_reader);
1102
1103 if let Some(target) = target {
1104
1105 let feature_flags = pxar::flags::DEFAULT;
1106 let mut decoder = pxar::SequentialDecoder::new(&mut reader, feature_flags, |path| {
1107 if verbose {
1108 eprintln!("{:?}", path);
1109 }
1110 Ok(())
1111 });
1112 decoder.set_allow_existing_dirs(allow_existing_dirs);
1113
1114 decoder.restore(Path::new(target), &Vec::new())?;
1115 } else {
1116 let mut writer = std::fs::OpenOptions::new()
1117 .write(true)
1118 .open("/dev/stdout")
1119 .map_err(|err| format_err!("unable to open /dev/stdout - {}", err))?;
1120
1121 std::io::copy(&mut reader, &mut writer)
1122 .map_err(|err| format_err!("unable to pipe data - {}", err))?;
1123 }
1124 } else if server_archive_name.ends_with(".fidx") {
1125 let tmpfile = client.download(&server_archive_name, tmpfile).await?;
1126
1127 let index = FixedIndexReader::new(tmpfile)
1128 .map_err(|err| format_err!("unable to read fixed index '{}' - {}", archive_name, err))?;
1129
1130 // Note: do not use values stored in index (not trusted) - instead, computed them again
1131 let (csum, size) = index.compute_csum();
1132
1133 verify_index_file(&backup_index, &server_archive_name, &csum, size)?;
1134
1135 let mut writer = if let Some(target) = target {
1136 std::fs::OpenOptions::new()
1137 .write(true)
1138 .create(true)
1139 .create_new(true)
1140 .open(target)
1141 .map_err(|err| format_err!("unable to create target file {:?} - {}", target, err))?
1142 } else {
1143 std::fs::OpenOptions::new()
1144 .write(true)
1145 .open("/dev/stdout")
1146 .map_err(|err| format_err!("unable to open /dev/stdout - {}", err))?
1147 };
1148
1149 dump_image(client.clone(), crypt_config.clone(), index, &mut writer, verbose)?;
1150
1151 } else {
1152 bail!("unknown archive file extension (expected .pxar of .img)");
1153 }
1154
1155 Ok(Value::Null)
1156}
1157
1158fn upload_log(
1159 param: Value,
1160 _info: &ApiMethod,
1161 _rpcenv: &mut dyn RpcEnvironment,
1162) -> Result<Value, Error> {
1163
1164 let logfile = tools::required_string_param(&param, "logfile")?;
1165 let repo = extract_repository_from_value(&param)?;
1166
1167 let snapshot = tools::required_string_param(&param, "snapshot")?;
1168 let snapshot = BackupDir::parse(snapshot)?;
1169
1170 let mut client = HttpClient::new(repo.host(), repo.user(), None)?;
1171
1172 let keyfile = param["keyfile"].as_str().map(|p| PathBuf::from(p));
1173
1174 let crypt_config = match keyfile {
1175 None => None,
1176 Some(path) => {
1177 let (key, _created) = load_and_decrtypt_key(&path, get_encryption_key_password)?;
1178 let crypt_config = CryptConfig::new(key)?;
1179 Some(Arc::new(crypt_config))
1180 }
1181 };
1182
1183 let data = file_get_contents(logfile)?;
1184
1185 let blob = DataBlob::encode(&data, crypt_config.as_ref().map(Arc::as_ref), true)?;
1186
1187 let raw_data = blob.into_inner();
1188
1189 let path = format!("api2/json/admin/datastore/{}/upload-backup-log", repo.store());
1190
1191 let args = json!({
1192 "backup-type": snapshot.group().backup_type(),
1193 "backup-id": snapshot.group().backup_id(),
1194 "backup-time": snapshot.backup_time().timestamp(),
1195 });
1196
1197 let body = hyper::Body::from(raw_data);
1198
1199 async_main(async move {
1200 client.upload("application/octet-stream", body, &path, Some(args)).await
1201 })
1202}
1203
1204fn prune(
1205 mut param: Value,
1206 _info: &ApiMethod,
1207 _rpcenv: &mut dyn RpcEnvironment,
1208) -> Result<Value, Error> {
1209
1210 let repo = extract_repository_from_value(&param)?;
1211
1212 let mut client = HttpClient::new(repo.host(), repo.user(), None)?;
1213
1214 let path = format!("api2/json/admin/datastore/{}/prune", repo.store());
1215
1216 let group = tools::required_string_param(&param, "group")?;
1217 let group = BackupGroup::parse(group)?;
1218
1219 param.as_object_mut().unwrap().remove("repository");
1220 param.as_object_mut().unwrap().remove("group");
1221
1222 param["backup-type"] = group.backup_type().into();
1223 param["backup-id"] = group.backup_id().into();
1224
1225 let _result = async_main(async move { client.post(&path, Some(param)).await })?;
1226
1227 record_repository(&repo);
1228
1229 Ok(Value::Null)
1230}
1231
1232fn status(
1233 param: Value,
1234 _info: &ApiMethod,
1235 _rpcenv: &mut dyn RpcEnvironment,
1236) -> Result<Value, Error> {
1237
1238 let repo = extract_repository_from_value(&param)?;
1239
1240 let output_format = param["output-format"].as_str().unwrap_or("text").to_owned();
1241
1242 let client = HttpClient::new(repo.host(), repo.user(), None)?;
1243
1244 let path = format!("api2/json/admin/datastore/{}/status", repo.store());
1245
1246 let result = async_main(async move { client.get(&path, None).await })?;
1247 let data = &result["data"];
1248
1249 record_repository(&repo);
1250
1251 if output_format == "text" {
1252 let total = data["total"].as_u64().unwrap();
1253 let used = data["used"].as_u64().unwrap();
1254 let avail = data["avail"].as_u64().unwrap();
1255 let roundup = total/200;
1256
1257 println!(
1258 "total: {} used: {} ({} %) available: {}",
1259 total,
1260 used,
1261 ((used+roundup)*100)/total,
1262 avail,
1263 );
1264 } else {
1265 format_and_print_result(data, &output_format);
1266 }
1267
1268 Ok(Value::Null)
1269}
1270
1271// like get, but simply ignore errors and return Null instead
1272async fn try_get(repo: &BackupRepository, url: &str) -> Value {
1273
1274 let client = match HttpClient::new(repo.host(), repo.user(), None) {
1275 Ok(v) => v,
1276 _ => return Value::Null,
1277 };
1278
1279 let mut resp = match client.get(url, None).await {
1280 Ok(v) => v,
1281 _ => return Value::Null,
1282 };
1283
1284 if let Some(map) = resp.as_object_mut() {
1285 if let Some(data) = map.remove("data") {
1286 return data;
1287 }
1288 }
1289 Value::Null
1290}
1291
1292fn complete_backup_group(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1293 async_main(async { complete_backup_group_do(param).await })
1294}
1295
1296async fn complete_backup_group_do(param: &HashMap<String, String>) -> Vec<String> {
1297
1298 let mut result = vec![];
1299
1300 let repo = match extract_repository_from_map(param) {
1301 Some(v) => v,
1302 _ => return result,
1303 };
1304
1305 let path = format!("api2/json/admin/datastore/{}/groups", repo.store());
1306
1307 let data = try_get(&repo, &path).await;
1308
1309 if let Some(list) = data.as_array() {
1310 for item in list {
1311 if let (Some(backup_id), Some(backup_type)) =
1312 (item["backup-id"].as_str(), item["backup-type"].as_str())
1313 {
1314 result.push(format!("{}/{}", backup_type, backup_id));
1315 }
1316 }
1317 }
1318
1319 result
1320}
1321
1322fn complete_group_or_snapshot(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1323 async_main(async { complete_group_or_snapshot_do(arg, param).await })
1324}
1325
1326async fn complete_group_or_snapshot_do(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1327
1328 if arg.matches('/').count() < 2 {
1329 let groups = complete_backup_group_do(param).await;
1330 let mut result = vec![];
1331 for group in groups {
1332 result.push(group.to_string());
1333 result.push(format!("{}/", group));
1334 }
1335 return result;
1336 }
1337
1338 complete_backup_snapshot_do(param).await
1339}
1340
1341fn complete_backup_snapshot(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1342 async_main(async { complete_backup_snapshot_do(param).await })
1343}
1344
1345async fn complete_backup_snapshot_do(param: &HashMap<String, String>) -> Vec<String> {
1346
1347 let mut result = vec![];
1348
1349 let repo = match extract_repository_from_map(param) {
1350 Some(v) => v,
1351 _ => return result,
1352 };
1353
1354 let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
1355
1356 let data = try_get(&repo, &path).await;
1357
1358 if let Some(list) = data.as_array() {
1359 for item in list {
1360 if let (Some(backup_id), Some(backup_type), Some(backup_time)) =
1361 (item["backup-id"].as_str(), item["backup-type"].as_str(), item["backup-time"].as_i64())
1362 {
1363 let snapshot = BackupDir::new(backup_type, backup_id, backup_time);
1364 result.push(snapshot.relative_path().to_str().unwrap().to_owned());
1365 }
1366 }
1367 }
1368
1369 result
1370}
1371
1372fn complete_server_file_name(_arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1373 async_main(async { complete_server_file_name_do(param).await })
1374}
1375
1376async fn complete_server_file_name_do(param: &HashMap<String, String>) -> Vec<String> {
1377
1378 let mut result = vec![];
1379
1380 let repo = match extract_repository_from_map(param) {
1381 Some(v) => v,
1382 _ => return result,
1383 };
1384
1385 let snapshot = match param.get("snapshot") {
1386 Some(path) => {
1387 match BackupDir::parse(path) {
1388 Ok(v) => v,
1389 _ => return result,
1390 }
1391 }
1392 _ => return result,
1393 };
1394
1395 let query = tools::json_object_to_query(json!({
1396 "backup-type": snapshot.group().backup_type(),
1397 "backup-id": snapshot.group().backup_id(),
1398 "backup-time": snapshot.backup_time().timestamp(),
1399 })).unwrap();
1400
1401 let path = format!("api2/json/admin/datastore/{}/files?{}", repo.store(), query);
1402
1403 let data = try_get(&repo, &path).await;
1404
1405 if let Some(list) = data.as_array() {
1406 for item in list {
1407 if let Some(filename) = item["filename"].as_str() {
1408 result.push(filename.to_owned());
1409 }
1410 }
1411 }
1412
1413 result
1414}
1415
1416fn complete_archive_name(arg: &str, param: &HashMap<String, String>) -> Vec<String> {
1417 complete_server_file_name(arg, param)
1418 .iter()
1419 .map(|v| strip_server_file_expenstion(&v))
1420 .collect()
1421}
1422
1423fn complete_chunk_size(_arg: &str, _param: &HashMap<String, String>) -> Vec<String> {
1424
1425 let mut result = vec![];
1426
1427 let mut size = 64;
1428 loop {
1429 result.push(size.to_string());
1430 size = size * 2;
1431 if size > 4096 { break; }
1432 }
1433
1434 result
1435}
1436
1437fn get_encryption_key_password() -> Result<Vec<u8>, Error> {
1438
1439 // fixme: implement other input methods
1440
1441 use std::env::VarError::*;
1442 match std::env::var("PBS_ENCRYPTION_PASSWORD") {
1443 Ok(p) => return Ok(p.as_bytes().to_vec()),
1444 Err(NotUnicode(_)) => bail!("PBS_ENCRYPTION_PASSWORD contains bad characters"),
1445 Err(NotPresent) => {
1446 // Try another method
1447 }
1448 }
1449
1450 // If we're on a TTY, query the user for a password
1451 if crate::tools::tty::stdin_isatty() {
1452 return Ok(crate::tools::tty::read_password("Encryption Key Password: ")?);
1453 }
1454
1455 bail!("no password input mechanism available");
1456}
1457
1458fn key_create(
1459 param: Value,
1460 _info: &ApiMethod,
1461 _rpcenv: &mut dyn RpcEnvironment,
1462) -> Result<Value, Error> {
1463
1464 let path = tools::required_string_param(&param, "path")?;
1465 let path = PathBuf::from(path);
1466
1467 let kdf = param["kdf"].as_str().unwrap_or("scrypt");
1468
1469 let key = proxmox::sys::linux::random_data(32)?;
1470
1471 if kdf == "scrypt" {
1472 // always read passphrase from tty
1473 if !crate::tools::tty::stdin_isatty() {
1474 bail!("unable to read passphrase - no tty");
1475 }
1476
1477 let password = crate::tools::tty::read_password("Encryption Key Password: ")?;
1478
1479 let key_config = encrypt_key_with_passphrase(&key, &password)?;
1480
1481 store_key_config(&path, false, key_config)?;
1482
1483 Ok(Value::Null)
1484 } else if kdf == "none" {
1485 let created = Local.timestamp(Local::now().timestamp(), 0);
1486
1487 store_key_config(&path, false, KeyConfig {
1488 kdf: None,
1489 created,
1490 modified: created,
1491 data: key,
1492 })?;
1493
1494 Ok(Value::Null)
1495 } else {
1496 unreachable!();
1497 }
1498}
1499
1500fn master_pubkey_path() -> Result<PathBuf, Error> {
1501 let base = BaseDirectories::with_prefix("proxmox-backup")?;
1502
1503 // usually $HOME/.config/proxmox-backup/master-public.pem
1504 let path = base.place_config_file("master-public.pem")?;
1505
1506 Ok(path)
1507}
1508
1509fn key_import_master_pubkey(
1510 param: Value,
1511 _info: &ApiMethod,
1512 _rpcenv: &mut dyn RpcEnvironment,
1513) -> Result<Value, Error> {
1514
1515 let path = tools::required_string_param(&param, "path")?;
1516 let path = PathBuf::from(path);
1517
1518 let pem_data = file_get_contents(&path)?;
1519
1520 if let Err(err) = openssl::pkey::PKey::public_key_from_pem(&pem_data) {
1521 bail!("Unable to decode PEM data - {}", err);
1522 }
1523
1524 let target_path = master_pubkey_path()?;
1525
1526 file_set_contents(&target_path, &pem_data, None)?;
1527
1528 println!("Imported public master key to {:?}", target_path);
1529
1530 Ok(Value::Null)
1531}
1532
1533fn key_create_master_key(
1534 _param: Value,
1535 _info: &ApiMethod,
1536 _rpcenv: &mut dyn RpcEnvironment,
1537) -> Result<Value, Error> {
1538
1539 // we need a TTY to query the new password
1540 if !crate::tools::tty::stdin_isatty() {
1541 bail!("unable to create master key - no tty");
1542 }
1543
1544 let rsa = openssl::rsa::Rsa::generate(4096)?;
1545 let pkey = openssl::pkey::PKey::from_rsa(rsa)?;
1546
1547 let new_pw = String::from_utf8(crate::tools::tty::read_password("Master Key Password: ")?)?;
1548 let verify_pw = String::from_utf8(crate::tools::tty::read_password("Verify Password: ")?)?;
1549
1550 if new_pw != verify_pw {
1551 bail!("Password verification fail!");
1552 }
1553
1554 if new_pw.len() < 5 {
1555 bail!("Password is too short!");
1556 }
1557
1558 let pub_key: Vec<u8> = pkey.public_key_to_pem()?;
1559 let filename_pub = "master-public.pem";
1560 println!("Writing public master key to {}", filename_pub);
1561 file_set_contents(filename_pub, pub_key.as_slice(), None)?;
1562
1563 let cipher = openssl::symm::Cipher::aes_256_cbc();
1564 let priv_key: Vec<u8> = pkey.private_key_to_pem_pkcs8_passphrase(cipher, new_pw.as_bytes())?;
1565
1566 let filename_priv = "master-private.pem";
1567 println!("Writing private master key to {}", filename_priv);
1568 file_set_contents(filename_priv, priv_key.as_slice(), None)?;
1569
1570 Ok(Value::Null)
1571}
1572
1573fn key_change_passphrase(
1574 param: Value,
1575 _info: &ApiMethod,
1576 _rpcenv: &mut dyn RpcEnvironment,
1577) -> Result<Value, Error> {
1578
1579 let path = tools::required_string_param(&param, "path")?;
1580 let path = PathBuf::from(path);
1581
1582 let kdf = param["kdf"].as_str().unwrap_or("scrypt");
1583
1584 // we need a TTY to query the new password
1585 if !crate::tools::tty::stdin_isatty() {
1586 bail!("unable to change passphrase - no tty");
1587 }
1588
1589 let (key, created) = load_and_decrtypt_key(&path, get_encryption_key_password)?;
1590
1591 if kdf == "scrypt" {
1592
1593 let new_pw = String::from_utf8(crate::tools::tty::read_password("New Password: ")?)?;
1594 let verify_pw = String::from_utf8(crate::tools::tty::read_password("Verify Password: ")?)?;
1595
1596 if new_pw != verify_pw {
1597 bail!("Password verification fail!");
1598 }
1599
1600 if new_pw.len() < 5 {
1601 bail!("Password is too short!");
1602 }
1603
1604 let mut new_key_config = encrypt_key_with_passphrase(&key, new_pw.as_bytes())?;
1605 new_key_config.created = created; // keep original value
1606
1607 store_key_config(&path, true, new_key_config)?;
1608
1609 Ok(Value::Null)
1610 } else if kdf == "none" {
1611 let modified = Local.timestamp(Local::now().timestamp(), 0);
1612
1613 store_key_config(&path, true, KeyConfig {
1614 kdf: None,
1615 created, // keep original value
1616 modified,
1617 data: key.to_vec(),
1618 })?;
1619
1620 Ok(Value::Null)
1621 } else {
1622 unreachable!();
1623 }
1624}
1625
1626fn key_mgmt_cli() -> CliCommandMap {
1627
1628 let kdf_schema: Arc<Schema> = Arc::new(
1629 StringSchema::new("Key derivation function. Choose 'none' to store the key unecrypted.")
1630 .format(Arc::new(ApiStringFormat::Enum(&["scrypt", "none"])))
1631 .default("scrypt")
1632 .into()
1633 );
1634
1635 let key_create_cmd_def = CliCommand::new(
1636 ApiMethod::new(
1637 key_create,
1638 ObjectSchema::new("Create a new encryption key.")
1639 .required("path", StringSchema::new("File system path."))
1640 .optional("kdf", kdf_schema.clone())
1641 ))
1642 .arg_param(vec!["path"])
1643 .completion_cb("path", tools::complete_file_name);
1644
1645 let key_change_passphrase_cmd_def = CliCommand::new(
1646 ApiMethod::new(
1647 key_change_passphrase,
1648 ObjectSchema::new("Change the passphrase required to decrypt the key.")
1649 .required("path", StringSchema::new("File system path."))
1650 .optional("kdf", kdf_schema.clone())
1651 ))
1652 .arg_param(vec!["path"])
1653 .completion_cb("path", tools::complete_file_name);
1654
1655 let key_create_master_key_cmd_def = CliCommand::new(
1656 ApiMethod::new(
1657 key_create_master_key,
1658 ObjectSchema::new("Create a new 4096 bit RSA master pub/priv key pair.")
1659 ));
1660
1661 let key_import_master_pubkey_cmd_def = CliCommand::new(
1662 ApiMethod::new(
1663 key_import_master_pubkey,
1664 ObjectSchema::new("Import a new RSA public key and use it as master key. The key is expected to be in '.pem' format.")
1665 .required("path", StringSchema::new("File system path."))
1666 ))
1667 .arg_param(vec!["path"])
1668 .completion_cb("path", tools::complete_file_name);
1669
1670 let cmd_def = CliCommandMap::new()
1671 .insert("create".to_owned(), key_create_cmd_def.into())
1672 .insert("create-master-key".to_owned(), key_create_master_key_cmd_def.into())
1673 .insert("import-master-pubkey".to_owned(), key_import_master_pubkey_cmd_def.into())
1674 .insert("change-passphrase".to_owned(), key_change_passphrase_cmd_def.into());
1675
1676 cmd_def
1677}
1678
1679
1680fn mount(
1681 param: Value,
1682 _info: &ApiMethod,
1683 _rpcenv: &mut dyn RpcEnvironment,
1684) -> Result<Value, Error> {
1685 let verbose = param["verbose"].as_bool().unwrap_or(false);
1686 if verbose {
1687 // This will stay in foreground with debug output enabled as None is
1688 // passed for the RawFd.
1689 return async_main(mount_do(param, None));
1690 }
1691
1692 // Process should be deamonized.
1693 // Make sure to fork before the async runtime is instantiated to avoid troubles.
1694 let pipe = pipe()?;
1695 match fork() {
1696 Ok(ForkResult::Parent { child: _, .. }) => {
1697 nix::unistd::close(pipe.1).unwrap();
1698 // Blocks the parent process until we are ready to go in the child
1699 let _res = nix::unistd::read(pipe.0, &mut [0]).unwrap();
1700 Ok(Value::Null)
1701 }
1702 Ok(ForkResult::Child) => {
1703 nix::unistd::close(pipe.0).unwrap();
1704 nix::unistd::setsid().unwrap();
1705 async_main(mount_do(param, Some(pipe.1)))
1706 }
1707 Err(_) => bail!("failed to daemonize process"),
1708 }
1709}
1710
1711async fn mount_do(param: Value, pipe: Option<RawFd>) -> Result<Value, Error> {
1712 let repo = extract_repository_from_value(&param)?;
1713 let archive_name = tools::required_string_param(&param, "archive-name")?;
1714 let target = tools::required_string_param(&param, "target")?;
1715 let client = HttpClient::new(repo.host(), repo.user(), None)?;
1716
1717 record_repository(&repo);
1718
1719 let path = tools::required_string_param(&param, "snapshot")?;
1720 let (backup_type, backup_id, backup_time) = if path.matches('/').count() == 1 {
1721 let group = BackupGroup::parse(path)?;
1722
1723 let path = format!("api2/json/admin/datastore/{}/snapshots", repo.store());
1724 let result = client.get(&path, Some(json!({
1725 "backup-type": group.backup_type(),
1726 "backup-id": group.backup_id(),
1727 }))).await?;
1728
1729 let list = result["data"].as_array().unwrap();
1730 if list.len() == 0 {
1731 bail!("backup group '{}' does not contain any snapshots:", path);
1732 }
1733
1734 let epoch = list[0]["backup-time"].as_i64().unwrap();
1735 let backup_time = Utc.timestamp(epoch, 0);
1736 (group.backup_type().to_owned(), group.backup_id().to_owned(), backup_time)
1737 } else {
1738 let snapshot = BackupDir::parse(path)?;
1739 (snapshot.group().backup_type().to_owned(), snapshot.group().backup_id().to_owned(), snapshot.backup_time())
1740 };
1741
1742 let keyfile = param["keyfile"].as_str().map(|p| PathBuf::from(p));
1743 let crypt_config = match keyfile {
1744 None => None,
1745 Some(path) => {
1746 let (key, _) = load_and_decrtypt_key(&path, get_encryption_key_password)?;
1747 Some(Arc::new(CryptConfig::new(key)?))
1748 }
1749 };
1750
1751 let server_archive_name = if archive_name.ends_with(".pxar") {
1752 format!("{}.didx", archive_name)
1753 } else {
1754 bail!("Can only mount pxar archives.");
1755 };
1756
1757 let client = BackupReader::start(client, repo.store(), &backup_type, &backup_id, backup_time, true).await?;
1758
1759 let tmpfile = std::fs::OpenOptions::new()
1760 .write(true)
1761 .read(true)
1762 .custom_flags(libc::O_TMPFILE)
1763 .open("/tmp")?;
1764
1765 let backup_index_data = download_index_blob(client.clone(), crypt_config.clone()).await?;
1766 let backup_index: Value = serde_json::from_slice(&backup_index_data[..])?;
1767 if server_archive_name.ends_with(".didx") {
1768 let tmpfile = client.download(&server_archive_name, tmpfile).await?;
1769 let index = DynamicIndexReader::new(tmpfile)
1770 .map_err(|err| format_err!("unable to read dynamic index '{}' - {}", archive_name, err))?;
1771
1772 // Note: do not use values stored in index (not trusted) - instead, computed them again
1773 let (csum, size) = index.compute_csum();
1774 verify_index_file(&backup_index, &server_archive_name, &csum, size)?;
1775
1776 let most_used = index.find_most_used_chunks(8);
1777 let chunk_reader = RemoteChunkReader::new(client.clone(), crypt_config, most_used);
1778 let reader = BufferedDynamicReader::new(index, chunk_reader);
1779 let decoder =
1780 pxar::Decoder::<Box<dyn pxar::fuse::ReadSeek>, fn(&Path) -> Result<(), Error>>::new(
1781 Box::new(reader),
1782 |_| Ok(()),
1783 )?;
1784 let options = OsStr::new("ro,default_permissions");
1785 let mut session = pxar::fuse::Session::from_decoder(decoder, &options, pipe.is_none())
1786 .map_err(|err| format_err!("pxar mount failed: {}", err))?;
1787
1788 // Mount the session but not call fuse deamonize as this will cause
1789 // issues with the runtime after the fork
1790 let deamonize = false;
1791 session.mount(&Path::new(target), deamonize)?;
1792
1793 if let Some(pipe) = pipe {
1794 nix::unistd::chdir(Path::new("/")).unwrap();
1795 // Finish creation of deamon by redirecting filedescriptors.
1796 let nullfd = nix::fcntl::open(
1797 "/dev/null",
1798 nix::fcntl::OFlag::O_RDWR,
1799 nix::sys::stat::Mode::empty(),
1800 ).unwrap();
1801 nix::unistd::dup2(nullfd, 0).unwrap();
1802 nix::unistd::dup2(nullfd, 1).unwrap();
1803 nix::unistd::dup2(nullfd, 2).unwrap();
1804 if nullfd > 2 {
1805 nix::unistd::close(nullfd).unwrap();
1806 }
1807 // Signal the parent process that we are done with the setup and it can
1808 // terminate.
1809 nix::unistd::write(pipe, &mut [0u8])?;
1810 nix::unistd::close(pipe).unwrap();
1811 }
1812
1813 let multithreaded = true;
1814 session.run_loop(multithreaded)?;
1815 } else {
1816 bail!("unknown archive file extension (expected .pxar)");
1817 }
1818
1819 Ok(Value::Null)
1820}
1821
1822fn main() {
1823
1824 let backup_source_schema: Arc<Schema> = Arc::new(
1825 StringSchema::new("Backup source specification ([<label>:<path>]).")
1826 .format(Arc::new(ApiStringFormat::Pattern(&BACKUPSPEC_REGEX)))
1827 .into()
1828 );
1829
1830 let backup_cmd_def = CliCommand::new(
1831 ApiMethod::new(
1832 create_backup,
1833 ObjectSchema::new("Create (host) backup.")
1834 .required(
1835 "backupspec",
1836 ArraySchema::new(
1837 "List of backup source specifications ([<label.ext>:<path>] ...)",
1838 backup_source_schema,
1839 ).min_length(1)
1840 )
1841 .optional("repository", REPO_URL_SCHEMA.clone())
1842 .optional(
1843 "include-dev",
1844 ArraySchema::new(
1845 "Include mountpoints with same st_dev number (see ``man fstat``) as specified files.",
1846 StringSchema::new("Path to file.").into()
1847 )
1848 )
1849 .optional(
1850 "keyfile",
1851 StringSchema::new("Path to encryption key. All data will be encrypted using this key."))
1852 .optional(
1853 "verbose",
1854 BooleanSchema::new("Verbose output.").default(false))
1855 .optional(
1856 "skip-lost-and-found",
1857 BooleanSchema::new("Skip lost+found directory").default(false))
1858 .optional(
1859 "backup-type",
1860 BACKUP_TYPE_SCHEMA.clone()
1861 )
1862 .optional(
1863 "backup-id",
1864 BACKUP_ID_SCHEMA.clone()
1865 )
1866 .optional(
1867 "backup-time",
1868 BACKUP_TIME_SCHEMA.clone()
1869 )
1870 .optional(
1871 "chunk-size",
1872 IntegerSchema::new("Chunk size in KB. Must be a power of 2.")
1873 .minimum(64)
1874 .maximum(4096)
1875 .default(4096)
1876 )
1877 ))
1878 .arg_param(vec!["backupspec"])
1879 .completion_cb("repository", complete_repository)
1880 .completion_cb("backupspec", complete_backup_source)
1881 .completion_cb("keyfile", tools::complete_file_name)
1882 .completion_cb("chunk-size", complete_chunk_size);
1883
1884 let upload_log_cmd_def = CliCommand::new(
1885 ApiMethod::new(
1886 upload_log,
1887 ObjectSchema::new("Upload backup log file.")
1888 .required("snapshot", StringSchema::new("Snapshot path."))
1889 .required("logfile", StringSchema::new("The path to the log file you want to upload."))
1890 .optional("repository", REPO_URL_SCHEMA.clone())
1891 .optional(
1892 "keyfile",
1893 StringSchema::new("Path to encryption key. All data will be encrypted using this key."))
1894 ))
1895 .arg_param(vec!["snapshot", "logfile"])
1896 .completion_cb("snapshot", complete_backup_snapshot)
1897 .completion_cb("logfile", tools::complete_file_name)
1898 .completion_cb("keyfile", tools::complete_file_name)
1899 .completion_cb("repository", complete_repository);
1900
1901 let list_cmd_def = CliCommand::new(
1902 ApiMethod::new(
1903 list_backup_groups,
1904 ObjectSchema::new("List backup groups.")
1905 .optional("repository", REPO_URL_SCHEMA.clone())
1906 .optional("output-format", OUTPUT_FORMAT.clone())
1907 ))
1908 .completion_cb("repository", complete_repository);
1909
1910 let snapshots_cmd_def = CliCommand::new(
1911 ApiMethod::new(
1912 list_snapshots,
1913 ObjectSchema::new("List backup snapshots.")
1914 .optional("group", StringSchema::new("Backup group."))
1915 .optional("repository", REPO_URL_SCHEMA.clone())
1916 .optional("output-format", OUTPUT_FORMAT.clone())
1917 ))
1918 .arg_param(vec!["group"])
1919 .completion_cb("group", complete_backup_group)
1920 .completion_cb("repository", complete_repository);
1921
1922 let forget_cmd_def = CliCommand::new(
1923 ApiMethod::new(
1924 forget_snapshots,
1925 ObjectSchema::new("Forget (remove) backup snapshots.")
1926 .required("snapshot", StringSchema::new("Snapshot path."))
1927 .optional("repository", REPO_URL_SCHEMA.clone())
1928 ))
1929 .arg_param(vec!["snapshot"])
1930 .completion_cb("repository", complete_repository)
1931 .completion_cb("snapshot", complete_backup_snapshot);
1932
1933 let garbage_collect_cmd_def = CliCommand::new(
1934 ApiMethod::new(
1935 start_garbage_collection,
1936 ObjectSchema::new("Start garbage collection for a specific repository.")
1937 .optional("repository", REPO_URL_SCHEMA.clone())
1938 ))
1939 .completion_cb("repository", complete_repository);
1940
1941 let restore_cmd_def = CliCommand::new(
1942 ApiMethod::new(
1943 restore,
1944 ObjectSchema::new("Restore backup repository.")
1945 .required("snapshot", StringSchema::new("Group/Snapshot path."))
1946 .required("archive-name", StringSchema::new("Backup archive name."))
1947 .required("target", StringSchema::new(r###"Target directory path. Use '-' to write to stdandard output.
1948
1949We do not extraxt '.pxar' archives when writing to stdandard output.
1950
1951"###
1952 ))
1953 .optional(
1954 "allow-existing-dirs",
1955 BooleanSchema::new("Do not fail if directories already exists.").default(false))
1956 .optional("repository", REPO_URL_SCHEMA.clone())
1957 .optional("keyfile", StringSchema::new("Path to encryption key."))
1958 .optional(
1959 "verbose",
1960 BooleanSchema::new("Verbose output.").default(false)
1961 )
1962 ))
1963 .arg_param(vec!["snapshot", "archive-name", "target"])
1964 .completion_cb("repository", complete_repository)
1965 .completion_cb("snapshot", complete_group_or_snapshot)
1966 .completion_cb("archive-name", complete_archive_name)
1967 .completion_cb("target", tools::complete_file_name);
1968
1969 let files_cmd_def = CliCommand::new(
1970 ApiMethod::new(
1971 list_snapshot_files,
1972 ObjectSchema::new("List snapshot files.")
1973 .required("snapshot", StringSchema::new("Snapshot path."))
1974 .optional("repository", REPO_URL_SCHEMA.clone())
1975 .optional("output-format", OUTPUT_FORMAT.clone())
1976 ))
1977 .arg_param(vec!["snapshot"])
1978 .completion_cb("repository", complete_repository)
1979 .completion_cb("snapshot", complete_backup_snapshot);
1980
1981 let catalog_cmd_def = CliCommand::new(
1982 ApiMethod::new(
1983 dump_catalog,
1984 ObjectSchema::new("Dump catalog.")
1985 .required("snapshot", StringSchema::new("Snapshot path."))
1986 .optional("repository", REPO_URL_SCHEMA.clone())
1987 ))
1988 .arg_param(vec!["snapshot"])
1989 .completion_cb("repository", complete_repository)
1990 .completion_cb("snapshot", complete_backup_snapshot);
1991
1992 let prune_cmd_def = CliCommand::new(
1993 ApiMethod::new(
1994 prune,
1995 proxmox_backup::api2::admin::datastore::add_common_prune_prameters(
1996 ObjectSchema::new("Prune backup repository.")
1997 .required("group", StringSchema::new("Backup group."))
1998 .optional("repository", REPO_URL_SCHEMA.clone())
1999 )
2000 ))
2001 .arg_param(vec!["group"])
2002 .completion_cb("group", complete_backup_group)
2003 .completion_cb("repository", complete_repository);
2004
2005 let status_cmd_def = CliCommand::new(
2006 ApiMethod::new(
2007 status,
2008 ObjectSchema::new("Get repository status.")
2009 .optional("repository", REPO_URL_SCHEMA.clone())
2010 .optional("output-format", OUTPUT_FORMAT.clone())
2011 ))
2012 .completion_cb("repository", complete_repository);
2013
2014 let login_cmd_def = CliCommand::new(
2015 ApiMethod::new(
2016 api_login,
2017 ObjectSchema::new("Try to login. If successful, store ticket.")
2018 .optional("repository", REPO_URL_SCHEMA.clone())
2019 ))
2020 .completion_cb("repository", complete_repository);
2021
2022 let logout_cmd_def = CliCommand::new(
2023 ApiMethod::new(
2024 api_logout,
2025 ObjectSchema::new("Logout (delete stored ticket).")
2026 .optional("repository", REPO_URL_SCHEMA.clone())
2027 ))
2028 .completion_cb("repository", complete_repository);
2029
2030 let mount_cmd_def = CliCommand::new(
2031 ApiMethod::new(
2032 mount,
2033 ObjectSchema::new("Mount pxar archive.")
2034 .required("snapshot", StringSchema::new("Group/Snapshot path."))
2035 .required("archive-name", StringSchema::new("Backup archive name."))
2036 .required("target", StringSchema::new("Target directory path."))
2037 .optional("repository", REPO_URL_SCHEMA.clone())
2038 .optional("keyfile", StringSchema::new("Path to encryption key."))
2039 .optional("verbose", BooleanSchema::new("Verbose output.").default(false))
2040 ))
2041 .arg_param(vec!["snapshot", "archive-name", "target"])
2042 .completion_cb("repository", complete_repository)
2043 .completion_cb("snapshot", complete_group_or_snapshot)
2044 .completion_cb("archive-name", complete_archive_name)
2045 .completion_cb("target", tools::complete_file_name);
2046
2047 let cmd_def = CliCommandMap::new()
2048 .insert("backup".to_owned(), backup_cmd_def.into())
2049 .insert("upload-log".to_owned(), upload_log_cmd_def.into())
2050 .insert("forget".to_owned(), forget_cmd_def.into())
2051 .insert("catalog".to_owned(), catalog_cmd_def.into())
2052 .insert("garbage-collect".to_owned(), garbage_collect_cmd_def.into())
2053 .insert("list".to_owned(), list_cmd_def.into())
2054 .insert("login".to_owned(), login_cmd_def.into())
2055 .insert("logout".to_owned(), logout_cmd_def.into())
2056 .insert("prune".to_owned(), prune_cmd_def.into())
2057 .insert("restore".to_owned(), restore_cmd_def.into())
2058 .insert("snapshots".to_owned(), snapshots_cmd_def.into())
2059 .insert("files".to_owned(), files_cmd_def.into())
2060 .insert("status".to_owned(), status_cmd_def.into())
2061 .insert("key".to_owned(), key_mgmt_cli().into())
2062 .insert("mount".to_owned(), mount_cmd_def.into());
2063
2064 run_cli_command(cmd_def.into());
2065}
2066
2067fn async_main<F: Future>(fut: F) -> <F as Future>::Output {
2068 let rt = tokio::runtime::Runtime::new().unwrap();
2069 let ret = rt.block_on(fut);
2070 rt.shutdown_now();
2071 ret
2072}
Proxmox Backup Server and Client