]> git.proxmox.com Git - proxmox-backup.git/blob - src/bin/proxmox-backup-api.rs
rest server: cleanup auth-log handling
[proxmox-backup.git] / src / bin / proxmox-backup-api.rs
1 use anyhow::{bail, Error};
2 use futures::*;
3 use http::request::Parts;
4 use http::Response;
5 use hyper::{Body, StatusCode};
6 use hyper::header;
7
8 use proxmox::try_block;
9 use proxmox::api::RpcEnvironmentType;
10 use proxmox::tools::fs::CreateOptions;
11
12 use pbs_tools::auth::private_auth_key;
13 use proxmox_rest_server::ApiConfig;
14
15 use proxmox_backup::server::{
16 self,
17 auth::default_api_auth,
18 rest::*,
19 };
20 use proxmox_rest_server::daemon;
21
22 use proxmox_backup::auth_helpers::*;
23 use proxmox_backup::config;
24
25 fn main() {
26 proxmox_backup::tools::setup_safe_path_env();
27
28 if let Err(err) = pbs_runtime::main(run()) {
29 eprintln!("Error: {}", err);
30 std::process::exit(-1);
31 }
32 }
33
34 fn get_index(
35 _auth_id: Option<String>,
36 _language: Option<String>,
37 _api: &ApiConfig,
38 _parts: Parts,
39 ) -> Response<Body> {
40
41 let index = "<center><h1>Proxmox Backup API Server</h1></center>";
42
43 Response::builder()
44 .status(StatusCode::OK)
45 .header(header::CONTENT_TYPE, "text/html")
46 .body(index.into())
47 .unwrap()
48 }
49
50 async fn run() -> Result<(), Error> {
51 if let Err(err) = syslog::init(
52 syslog::Facility::LOG_DAEMON,
53 log::LevelFilter::Info,
54 Some("proxmox-backup-api")) {
55 bail!("unable to inititialize syslog - {}", err);
56 }
57
58 server::create_task_log_dirs()?;
59
60 config::create_configdir()?;
61
62 config::update_self_signed_cert(false)?;
63
64 proxmox_backup::server::create_run_dir()?;
65
66 proxmox_backup::rrd::create_rrdb_dir()?;
67 proxmox_backup::server::jobstate::create_jobstate_dir()?;
68 proxmox_backup::tape::create_tape_status_dir()?;
69 proxmox_backup::tape::create_drive_state_dir()?;
70 proxmox_backup::tape::create_changer_state_dir()?;
71 proxmox_backup::tape::create_drive_lock_dir()?;
72
73 if let Err(err) = generate_auth_key() {
74 bail!("unable to generate auth key - {}", err);
75 }
76 let _ = private_auth_key(); // load with lazy_static
77
78 if let Err(err) = generate_csrf_key() {
79 bail!("unable to generate csrf key - {}", err);
80 }
81 let _ = csrf_secret(); // load with lazy_static
82
83 let mut config = ApiConfig::new(
84 pbs_buildcfg::JS_DIR,
85 &proxmox_backup::api2::ROUTER,
86 RpcEnvironmentType::PRIVILEGED,
87 default_api_auth(),
88 get_index,
89 )?;
90
91 let backup_user = pbs_config::backup_user()?;
92 let mut commando_sock = proxmox_rest_server::CommandoSocket::new(crate::server::our_ctrl_sock(), backup_user.gid);
93
94 let dir_opts = CreateOptions::new().owner(backup_user.uid).group(backup_user.gid);
95 let file_opts = CreateOptions::new().owner(backup_user.uid).group(backup_user.gid);
96
97 config.enable_file_log(
98 pbs_buildcfg::API_ACCESS_LOG_FN,
99 Some(dir_opts.clone()),
100 Some(file_opts.clone()),
101 &mut commando_sock,
102 )?;
103
104 config.enable_auth_log(
105 pbs_buildcfg::API_AUTH_LOG_FN,
106 Some(dir_opts),
107 Some(file_opts),
108 &mut commando_sock,
109 )?;
110
111
112 let rest_server = RestServer::new(config);
113
114 // http server future:
115 let server = daemon::create_daemon(
116 ([127,0,0,1], 82).into(),
117 move |listener, ready| {
118 let incoming = proxmox_backup::tools::async_io::StaticIncoming::from(listener);
119 Ok(ready
120 .and_then(|_| hyper::Server::builder(incoming)
121 .serve(rest_server)
122 .with_graceful_shutdown(proxmox_rest_server::shutdown_future())
123 .map_err(Error::from)
124 )
125 .map(|e| {
126 if let Err(e) = e {
127 eprintln!("server error: {}", e);
128 }
129 })
130 )
131 },
132 "proxmox-backup.service",
133 );
134
135 server::write_pid(pbs_buildcfg::PROXMOX_BACKUP_API_PID_FN)?;
136 daemon::systemd_notify(daemon::SystemdNotify::Ready)?;
137
138 let init_result: Result<(), Error> = try_block!({
139 server::register_task_control_commands(&mut commando_sock)?;
140 commando_sock.spawn()?;
141 proxmox_rest_server::server_state_init()?;
142 Ok(())
143 });
144
145 if let Err(err) = init_result {
146 bail!("unable to start daemon - {}", err);
147 }
148
149 server.await?;
150 log::info!("server shutting down, waiting for active workers to complete");
151 proxmox_rest_server::last_worker_future().await?;
152
153 log::info!("done - exit server");
154
155 Ok(())
156 }