src/bin/proxmox-backup-api.rs

   1 use std::future::Future;
   2 use std::pin::Pin;
   3
   4 use anyhow::{bail, Error};
   5 use futures::*;
   6 use http::request::Parts;
   7 use http::Response;
   8 use hyper::{Body, Method, StatusCode};
   9 use http::HeaderMap;
  10
  11 use proxmox_lang::try_block;
  12 use proxmox_router::{RpcEnvironmentType, UserInformation};
  13 use proxmox_sys::fs::CreateOptions;
  14
  15 use proxmox_rest_server::{daemon, AuthError, ApiConfig, RestServer, RestEnvironment, ServerAdapter};
  16
  17 use proxmox_backup::server::auth::check_pbs_auth;
  18 use proxmox_backup::auth_helpers::*;
  19 use proxmox_backup::config;
  20
  21 fn main() {
  22     proxmox_backup::tools::setup_safe_path_env();
  23
  24     if let Err(err) = proxmox_async::runtime::main(run()) {
  25         eprintln!("Error: {}", err);
  26         std::process::exit(-1);
  27     }
  28 }
  29
  30 struct ProxmoxBackupApiAdapter;
  31
  32 impl ServerAdapter for ProxmoxBackupApiAdapter {
  33
  34     fn get_index(
  35         &self,
  36         _env: RestEnvironment,
  37         _parts: Parts,
  38     ) -> Pin<Box<dyn Future<Output = Response<Body>> + Send>> {
  39         Box::pin(async move {
  40
  41             let index = "<center><h1>Proxmox Backup API Server</h1></center>";
  42
  43             Response::builder()
  44                 .status(StatusCode::OK)
  45                 .header(hyper::header::CONTENT_TYPE, "text/html")
  46                 .body(index.into())
  47                 .unwrap()
  48         })
  49     }
  50
  51     fn check_auth<'a>(
  52         &'a self,
  53         headers: &'a HeaderMap,
  54         method: &'a Method,
  55     ) -> Pin<Box<dyn Future<Output = Result<(String, Box<dyn UserInformation + Sync + Send>), AuthError>> + Send + 'a>> {
  56         Box::pin(async move {
  57             check_pbs_auth(headers, method).await
  58         })
  59     }
  60 }
  61
  62 async fn run() -> Result<(), Error> {
  63     if let Err(err) = syslog::init(
  64         syslog::Facility::LOG_DAEMON,
  65         log::LevelFilter::Info,
  66         Some("proxmox-backup-api")) {
  67         bail!("unable to inititialize syslog - {}", err);
  68     }
  69
  70     config::create_configdir()?;
  71
  72     config::update_self_signed_cert(false)?;
  73
  74     proxmox_backup::server::create_run_dir()?;
  75     proxmox_backup::server::create_state_dir()?;
  76     proxmox_backup::server::jobstate::create_jobstate_dir()?;
  77     proxmox_backup::tape::create_tape_status_dir()?;
  78     proxmox_backup::tape::create_drive_state_dir()?;
  79     proxmox_backup::tape::create_changer_state_dir()?;
  80     proxmox_backup::tape::create_drive_lock_dir()?;
  81
  82     if let Err(err) = generate_auth_key() {
  83         bail!("unable to generate auth key - {}", err);
  84     }
  85     let _ = private_auth_key(); // load with lazy_static
  86
  87     if let Err(err) = generate_csrf_key() {
  88         bail!("unable to generate csrf key - {}", err);
  89     }
  90     let _ = csrf_secret(); // load with lazy_static
  91
  92     let mut config = ApiConfig::new(
  93         pbs_buildcfg::JS_DIR,
  94         &proxmox_backup::api2::ROUTER,
  95         RpcEnvironmentType::PRIVILEGED,
  96         ProxmoxBackupApiAdapter,
  97     )?;
  98
  99     let backup_user = pbs_config::backup_user()?;
 100     let mut commando_sock = proxmox_rest_server::CommandSocket::new(proxmox_rest_server::our_ctrl_sock(), backup_user.gid);
 101
 102     let dir_opts = CreateOptions::new().owner(backup_user.uid).group(backup_user.gid);
 103     let file_opts = CreateOptions::new().owner(backup_user.uid).group(backup_user.gid);
 104
 105     config.enable_access_log(
 106         pbs_buildcfg::API_ACCESS_LOG_FN,
 107         Some(dir_opts.clone()),
 108         Some(file_opts.clone()),
 109         &mut commando_sock,
 110     )?;
 111
 112     config.enable_auth_log(
 113         pbs_buildcfg::API_AUTH_LOG_FN,
 114         Some(dir_opts.clone()),
 115         Some(file_opts.clone()),
 116         &mut commando_sock,
 117     )?;
 118
 119
 120     let rest_server = RestServer::new(config);
 121     proxmox_rest_server::init_worker_tasks(pbs_buildcfg::PROXMOX_BACKUP_LOG_DIR_M!().into(), file_opts.clone())?;
 122
 123     // http server future:
 124     let server = daemon::create_daemon(
 125         ([127,0,0,1], 82).into(),
 126         move |listener| {
 127             let incoming = hyper::server::conn::AddrIncoming::from_listener(listener)?;
 128
 129             Ok(async {
 130                 daemon::systemd_notify(daemon::SystemdNotify::Ready)?;
 131
 132                 hyper::Server::builder(incoming)
 133                     .serve(rest_server)
 134                     .with_graceful_shutdown(proxmox_rest_server::shutdown_future())
 135                     .map_err(Error::from)
 136                     .await
 137             })
 138         },
 139     );
 140
 141     proxmox_rest_server::write_pid(pbs_buildcfg::PROXMOX_BACKUP_API_PID_FN)?;
 142
 143     let init_result: Result<(), Error> = try_block!({
 144         proxmox_rest_server::register_task_control_commands(&mut commando_sock)?;
 145         commando_sock.spawn()?;
 146         proxmox_rest_server::catch_shutdown_signal()?;
 147         proxmox_rest_server::catch_reload_signal()?;
 148         Ok(())
 149     });
 150
 151     if let Err(err) = init_result {
 152         bail!("unable to start daemon - {}", err);
 153     }
 154
 155     server.await?;
 156     log::info!("server shutting down, waiting for active workers to complete");
 157     proxmox_rest_server::last_worker_future().await?;
 158
 159     log::info!("done - exit server");
 160
 161     Ok(())
 162 }