1 use std
::collections
::{HashSet, HashMap}
;
2 use std
::convert
::TryFrom
;
3 use std
::io
::{self, Read, Write, Seek, SeekFrom}
;
4 use std
::os
::unix
::io
::{FromRawFd, RawFd}
;
5 use std
::path
::{Path, PathBuf}
;
7 use std
::sync
::{Arc, Mutex}
;
8 use std
::task
::Context
;
10 use anyhow
::{bail, format_err, Error}
;
11 use futures
::future
::FutureExt
;
12 use futures
::stream
::{StreamExt, TryStreamExt}
;
13 use serde_json
::{json, Value}
;
14 use tokio
::sync
::mpsc
;
15 use tokio_stream
::wrappers
::ReceiverStream
;
16 use xdg
::BaseDirectories
;
18 use pathpatterns
::{MatchEntry, MatchType, PatternFlag}
;
21 time
::{strftime_local, epoch_i64}
,
22 fs
::{file_get_contents, file_get_json, replace_file, CreateOptions, image_size}
,
33 use pxar
::accessor
::{MaybeReady, ReadAt, ReadAtOperation}
;
35 use proxmox_backup
::tools
;
36 use proxmox_backup
::api2
::access
::user
::UserWithTokens
;
37 use proxmox_backup
::api2
::types
::*;
38 use proxmox_backup
::api2
::version
;
39 use proxmox_backup
::client
::*;
40 use proxmox_backup
::pxar
::catalog
::*;
41 use proxmox_backup
::backup
::{
44 rsa_encrypt_key_config
,
51 BufferedDynamicReader
,
59 ENCRYPTED_KEY_BLOB_NAME
,
68 mod proxmox_backup_client
;
69 use proxmox_backup_client
::*;
71 const ENV_VAR_PBS_FINGERPRINT
: &str = "PBS_FINGERPRINT";
72 const ENV_VAR_PBS_PASSWORD
: &str = "PBS_PASSWORD";
75 pub const REPO_URL_SCHEMA
: Schema
= StringSchema
::new("Repository URL.")
76 .format(&BACKUP_REPO_URL
)
80 pub const KEYFILE_SCHEMA
: Schema
= StringSchema
::new(
81 "Path to encryption key. All data will be encrypted using this key.")
84 pub const KEYFD_SCHEMA
: Schema
= IntegerSchema
::new(
85 "Pass an encryption key via an already opened file descriptor.")
89 const CHUNK_SIZE_SCHEMA
: Schema
= IntegerSchema
::new(
90 "Chunk size in KB. Must be a power of 2.")
96 fn get_default_repository() -> Option
<String
> {
97 std
::env
::var("PBS_REPOSITORY").ok()
100 pub fn extract_repository_from_value(
102 ) -> Result
<BackupRepository
, Error
> {
104 let repo_url
= param
["repository"]
107 .or_else(get_default_repository
)
108 .ok_or_else(|| format_err
!("unable to get (default) repository"))?
;
110 let repo
: BackupRepository
= repo_url
.parse()?
;
115 fn extract_repository_from_map(
116 param
: &HashMap
<String
, String
>,
117 ) -> Option
<BackupRepository
> {
119 param
.get("repository")
121 .or_else(get_default_repository
)
122 .and_then(|repo_url
| repo_url
.parse
::<BackupRepository
>().ok())
125 fn record_repository(repo
: &BackupRepository
) {
127 let base
= match BaseDirectories
::with_prefix("proxmox-backup") {
132 // usually $HOME/.cache/proxmox-backup/repo-list
133 let path
= match base
.place_cache_file("repo-list") {
138 let mut data
= file_get_json(&path
, None
).unwrap_or_else(|_
| json
!({}
));
140 let repo
= repo
.to_string();
142 data
[&repo
] = json
!{ data[&repo].as_i64().unwrap_or(0) + 1 }
;
144 let mut map
= serde_json
::map
::Map
::new();
147 let mut max_used
= 0;
148 let mut max_repo
= None
;
149 for (repo
, count
) in data
.as_object().unwrap() {
150 if map
.contains_key(repo
) { continue; }
151 if let Some(count
) = count
.as_i64() {
152 if count
> max_used
{
154 max_repo
= Some(repo
);
158 if let Some(repo
) = max_repo
{
159 map
.insert(repo
.to_owned(), json
!(max_used
));
163 if map
.len() > 10 { // store max. 10 repos
168 let new_data
= json
!(map
);
170 let _
= replace_file(path
, new_data
.to_string().as_bytes(), CreateOptions
::new());
173 pub fn complete_repository(_arg
: &str, _param
: &HashMap
<String
, String
>) -> Vec
<String
> {
175 let mut result
= vec
![];
177 let base
= match BaseDirectories
::with_prefix("proxmox-backup") {
182 // usually $HOME/.cache/proxmox-backup/repo-list
183 let path
= match base
.place_cache_file("repo-list") {
188 let data
= file_get_json(&path
, None
).unwrap_or_else(|_
| json
!({}
));
190 if let Some(map
) = data
.as_object() {
191 for (repo
, _count
) in map
{
192 result
.push(repo
.to_owned());
199 fn connect(repo
: &BackupRepository
) -> Result
<HttpClient
, Error
> {
200 connect_do(repo
.host(), repo
.port(), repo
.auth_id())
201 .map_err(|err
| format_err
!("error building client for repository {} - {}", repo
, err
))
204 fn connect_do(server
: &str, port
: u16, auth_id
: &Authid
) -> Result
<HttpClient
, Error
> {
205 let fingerprint
= std
::env
::var(ENV_VAR_PBS_FINGERPRINT
).ok();
207 use std
::env
::VarError
::*;
208 let password
= match std
::env
::var(ENV_VAR_PBS_PASSWORD
) {
210 Err(NotUnicode(_
)) => bail
!(format
!("{} contains bad characters", ENV_VAR_PBS_PASSWORD
)),
211 Err(NotPresent
) => None
,
214 let options
= HttpClientOptions
::new_interactive(password
, fingerprint
);
216 HttpClient
::new(server
, port
, auth_id
, options
)
219 async
fn api_datastore_list_snapshots(
222 group
: Option
<BackupGroup
>,
223 ) -> Result
<Value
, Error
> {
225 let path
= format
!("api2/json/admin/datastore/{}/snapshots", store
);
227 let mut args
= json
!({}
);
228 if let Some(group
) = group
{
229 args
["backup-type"] = group
.backup_type().into();
230 args
["backup-id"] = group
.backup_id().into();
233 let mut result
= client
.get(&path
, Some(args
)).await?
;
235 Ok(result
["data"].take())
238 pub async
fn api_datastore_latest_snapshot(
242 ) -> Result
<(String
, String
, i64), Error
> {
244 let list
= api_datastore_list_snapshots(client
, store
, Some(group
.clone())).await?
;
245 let mut list
: Vec
<SnapshotListItem
> = serde_json
::from_value(list
)?
;
248 bail
!("backup group {:?} does not contain any snapshots.", group
.group_path());
251 list
.sort_unstable_by(|a
, b
| b
.backup_time
.cmp(&a
.backup_time
));
253 let backup_time
= list
[0].backup_time
;
255 Ok((group
.backup_type().to_owned(), group
.backup_id().to_owned(), backup_time
))
258 async
fn backup_directory
<P
: AsRef
<Path
>>(
259 client
: &BackupWriter
,
262 chunk_size
: Option
<usize>,
263 catalog
: Arc
<Mutex
<CatalogWriter
<crate::tools
::StdChannelWriter
>>>,
264 pxar_create_options
: proxmox_backup
::pxar
::PxarCreateOptions
,
265 upload_options
: UploadOptions
,
266 ) -> Result
<BackupStats
, Error
> {
268 let pxar_stream
= PxarBackupStream
::open(
273 let mut chunk_stream
= ChunkStream
::new(pxar_stream
, chunk_size
);
275 let (tx
, rx
) = mpsc
::channel(10); // allow to buffer 10 chunks
277 let stream
= ReceiverStream
::new(rx
)
278 .map_err(Error
::from
);
280 // spawn chunker inside a separate task so that it can run parallel
281 tokio
::spawn(async
move {
282 while let Some(v
) = chunk_stream
.next().await
{
283 let _
= tx
.send(v
).await
;
287 if upload_options
.fixed_size
.is_some() {
288 bail
!("cannot backup directory with fixed chunk size!");
292 .upload_stream(archive_name
, stream
, upload_options
)
298 async
fn backup_image
<P
: AsRef
<Path
>>(
299 client
: &BackupWriter
,
302 chunk_size
: Option
<usize>,
303 upload_options
: UploadOptions
,
304 ) -> Result
<BackupStats
, Error
> {
306 let path
= image_path
.as_ref().to_owned();
308 let file
= tokio
::fs
::File
::open(path
).await?
;
310 let stream
= tokio_util
::codec
::FramedRead
::new(file
, tokio_util
::codec
::BytesCodec
::new())
311 .map_err(Error
::from
);
313 let stream
= FixedChunkStream
::new(stream
, chunk_size
.unwrap_or(4*1024*1024));
315 if upload_options
.fixed_size
.is_none() {
316 bail
!("cannot backup image with dynamic chunk size!");
320 .upload_stream(archive_name
, stream
, upload_options
)
330 schema
: REPO_URL_SCHEMA
,
334 schema
: OUTPUT_FORMAT
,
340 /// List backup groups.
341 async
fn list_backup_groups(param
: Value
) -> Result
<Value
, Error
> {
343 let output_format
= get_output_format(¶m
);
345 let repo
= extract_repository_from_value(¶m
)?
;
347 let client
= connect(&repo
)?
;
349 let path
= format
!("api2/json/admin/datastore/{}/groups", repo
.store());
351 let mut result
= client
.get(&path
, None
).await?
;
353 record_repository(&repo
);
355 let render_group_path
= |_v
: &Value
, record
: &Value
| -> Result
<String
, Error
> {
356 let item
: GroupListItem
= serde_json
::from_value(record
.to_owned())?
;
357 let group
= BackupGroup
::new(item
.backup_type
, item
.backup_id
);
358 Ok(group
.group_path().to_str().unwrap().to_owned())
361 let render_last_backup
= |_v
: &Value
, record
: &Value
| -> Result
<String
, Error
> {
362 let item
: GroupListItem
= serde_json
::from_value(record
.to_owned())?
;
363 let snapshot
= BackupDir
::new(item
.backup_type
, item
.backup_id
, item
.last_backup
)?
;
364 Ok(snapshot
.relative_path().to_str().unwrap().to_owned())
367 let render_files
= |_v
: &Value
, record
: &Value
| -> Result
<String
, Error
> {
368 let item
: GroupListItem
= serde_json
::from_value(record
.to_owned())?
;
369 Ok(tools
::format
::render_backup_file_list(&item
.files
))
372 let options
= default_table_format_options()
373 .sortby("backup-type", false)
374 .sortby("backup-id", false)
375 .column(ColumnConfig
::new("backup-id").renderer(render_group_path
).header("group"))
377 ColumnConfig
::new("last-backup")
378 .renderer(render_last_backup
)
379 .header("last snapshot")
382 .column(ColumnConfig
::new("backup-count"))
383 .column(ColumnConfig
::new("files").renderer(render_files
));
385 let mut data
: Value
= result
["data"].take();
387 let return_type
= &proxmox_backup
::api2
::admin
::datastore
::API_METHOD_LIST_GROUPS
.returns
;
389 format_and_print_result_full(&mut data
, return_type
, &output_format
, &options
);
398 schema
: REPO_URL_SCHEMA
,
403 description
: "Backup group.",
411 /// Change owner of a backup group
412 async
fn change_backup_owner(group
: String
, mut param
: Value
) -> Result
<(), Error
> {
414 let repo
= extract_repository_from_value(¶m
)?
;
416 let mut client
= connect(&repo
)?
;
418 param
.as_object_mut().unwrap().remove("repository");
420 let group
: BackupGroup
= group
.parse()?
;
422 param
["backup-type"] = group
.backup_type().into();
423 param
["backup-id"] = group
.backup_id().into();
425 let path
= format
!("api2/json/admin/datastore/{}/change-owner", repo
.store());
426 client
.post(&path
, Some(param
)).await?
;
428 record_repository(&repo
);
437 schema
: REPO_URL_SCHEMA
,
443 /// Try to login. If successful, store ticket.
444 async
fn api_login(param
: Value
) -> Result
<Value
, Error
> {
446 let repo
= extract_repository_from_value(¶m
)?
;
448 let client
= connect(&repo
)?
;
449 client
.login().await?
;
451 record_repository(&repo
);
460 schema
: REPO_URL_SCHEMA
,
466 /// Logout (delete stored ticket).
467 fn api_logout(param
: Value
) -> Result
<Value
, Error
> {
469 let repo
= extract_repository_from_value(¶m
)?
;
471 delete_ticket_info("proxmox-backup", repo
.host(), repo
.user())?
;
480 schema
: REPO_URL_SCHEMA
,
484 schema
: OUTPUT_FORMAT
,
490 /// Show client and optional server version
491 async
fn api_version(param
: Value
) -> Result
<(), Error
> {
493 let output_format
= get_output_format(¶m
);
495 let mut version_info
= json
!({
497 "version": version
::PROXMOX_PKG_VERSION
,
498 "release": version
::PROXMOX_PKG_RELEASE
,
499 "repoid": version
::PROXMOX_PKG_REPOID
,
503 let repo
= extract_repository_from_value(¶m
);
504 if let Ok(repo
) = repo
{
505 let client
= connect(&repo
)?
;
507 match client
.get("api2/json/version", None
).await
{
508 Ok(mut result
) => version_info
["server"] = result
["data"].take(),
509 Err(e
) => eprintln
!("could not connect to server - {}", e
),
512 if output_format
== "text" {
513 println
!("client version: {}.{}", version
::PROXMOX_PKG_VERSION
, version
::PROXMOX_PKG_RELEASE
);
514 if let Some(server
) = version_info
["server"].as_object() {
515 let server_version
= server
["version"].as_str().unwrap();
516 let server_release
= server
["release"].as_str().unwrap();
517 println
!("server version: {}.{}", server_version
, server_release
);
520 format_and_print_result(&version_info
, &output_format
);
530 schema
: REPO_URL_SCHEMA
,
534 schema
: OUTPUT_FORMAT
,
540 /// Start garbage collection for a specific repository.
541 async
fn start_garbage_collection(param
: Value
) -> Result
<Value
, Error
> {
543 let repo
= extract_repository_from_value(¶m
)?
;
545 let output_format
= get_output_format(¶m
);
547 let mut client
= connect(&repo
)?
;
549 let path
= format
!("api2/json/admin/datastore/{}/gc", repo
.store());
551 let result
= client
.post(&path
, None
).await?
;
553 record_repository(&repo
);
555 view_task_result(&mut client
, result
, &output_format
).await?
;
560 struct CatalogUploadResult
{
561 catalog_writer
: Arc
<Mutex
<CatalogWriter
<crate::tools
::StdChannelWriter
>>>,
562 result
: tokio
::sync
::oneshot
::Receiver
<Result
<BackupStats
, Error
>>,
565 fn spawn_catalog_upload(
566 client
: Arc
<BackupWriter
>,
568 ) -> Result
<CatalogUploadResult
, Error
> {
569 let (catalog_tx
, catalog_rx
) = std
::sync
::mpsc
::sync_channel(10); // allow to buffer 10 writes
570 let catalog_stream
= crate::tools
::StdChannelStream(catalog_rx
);
571 let catalog_chunk_size
= 512*1024;
572 let catalog_chunk_stream
= ChunkStream
::new(catalog_stream
, Some(catalog_chunk_size
));
574 let catalog_writer
= Arc
::new(Mutex
::new(CatalogWriter
::new(crate::tools
::StdChannelWriter
::new(catalog_tx
))?
));
576 let (catalog_result_tx
, catalog_result_rx
) = tokio
::sync
::oneshot
::channel();
578 let upload_options
= UploadOptions
{
581 ..UploadOptions
::default()
584 tokio
::spawn(async
move {
585 let catalog_upload_result
= client
586 .upload_stream(CATALOG_NAME
, catalog_chunk_stream
, upload_options
)
589 if let Err(ref err
) = catalog_upload_result
{
590 eprintln
!("catalog upload error - {}", err
);
594 let _
= catalog_result_tx
.send(catalog_upload_result
);
597 Ok(CatalogUploadResult { catalog_writer, result: catalog_result_rx }
)
600 #[derive(Debug, Eq, PartialEq)]
601 struct CryptoParams
{
603 enc_key
: Option
<Vec
<u8>>,
606 fn crypto_parameters(param
: &Value
) -> Result
<CryptoParams
, Error
> {
607 let keyfile
= match param
.get("keyfile") {
608 Some(Value
::String(keyfile
)) => Some(keyfile
),
609 Some(_
) => bail
!("bad --keyfile parameter type"),
613 let key_fd
= match param
.get("keyfd") {
614 Some(Value
::Number(key_fd
)) => Some(
615 RawFd
::try_from(key_fd
617 .ok_or_else(|| format_err
!("bad key fd: {:?}", key_fd
))?
619 .map_err(|err
| format_err
!("bad key fd: {:?}: {}", key_fd
, err
))?
621 Some(_
) => bail
!("bad --keyfd parameter type"),
625 let mode
: Option
<CryptMode
> = match param
.get("crypt-mode") {
626 Some(mode
) => Some(serde_json
::from_value(mode
.clone())?
),
630 let keydata
= match (keyfile
, key_fd
) {
631 (None
, None
) => None
,
632 (Some(_
), Some(_
)) => bail
!("--keyfile and --keyfd are mutually exclusive"),
633 (Some(keyfile
), None
) => {
634 eprintln
!("Using encryption key file: {}", keyfile
);
635 Some(file_get_contents(keyfile
)?
)
637 (None
, Some(fd
)) => {
638 let input
= unsafe { std::fs::File::from_raw_fd(fd) }
;
639 let mut data
= Vec
::new();
640 let _len
: usize = { input }
.read_to_end(&mut data
)
642 format_err
!("error reading encryption key from fd {}: {}", fd
, err
)
644 eprintln
!("Using encryption key from file descriptor");
649 Ok(match (keydata
, mode
) {
651 (None
, None
) => match key
::read_optional_default_encryption_key()?
{
652 None
=> CryptoParams { enc_key: None, mode: CryptMode::None }
,
654 eprintln
!("Encrypting with default encryption key!");
655 CryptoParams { enc_key, mode: CryptMode::Encrypt }
659 // just --crypt-mode=none
660 (None
, Some(CryptMode
::None
)) => CryptoParams { enc_key: None, mode: CryptMode::None }
,
662 // just --crypt-mode other than none
663 (None
, Some(mode
)) => match key
::read_optional_default_encryption_key()?
{
664 None
=> bail
!("--crypt-mode without --keyfile and no default key file available"),
666 eprintln
!("Encrypting with default encryption key!");
668 CryptoParams { enc_key, mode }
673 (enc_key
, None
) => CryptoParams { enc_key, mode: CryptMode::Encrypt }
,
675 // --keyfile and --crypt-mode=none
676 (Some(_
), Some(CryptMode
::None
)) => {
677 bail
!("--keyfile/--keyfd and --crypt-mode=none are mutually exclusive");
680 // --keyfile and --crypt-mode other than none
681 (enc_key
, Some(mode
)) => CryptoParams { enc_key, mode }
,
686 // WARNING: there must only be one test for crypto_parameters as the default key handling is not
687 // safe w.r.t. concurrency
688 fn test_crypto_parameters_handling() -> Result
<(), Error
> {
689 let some_key
= Some(vec
![1;1]);
690 let default_key
= Some(vec
![2;1]);
692 let no_key_res
= CryptoParams { enc_key: None, mode: CryptMode::None }
;
693 let some_key_res
= CryptoParams { enc_key: some_key.clone(), mode: CryptMode::Encrypt }
;
694 let some_key_sign_res
= CryptoParams { enc_key: some_key.clone(), mode: CryptMode::SignOnly }
;
695 let default_key_res
= CryptoParams { enc_key: default_key.clone(), mode: CryptMode::Encrypt }
;
696 let default_key_sign_res
= CryptoParams { enc_key: default_key.clone(), mode: CryptMode::SignOnly }
;
698 let keypath
= "./tests/keyfile.test";
699 replace_file(&keypath
, some_key
.as_ref().unwrap(), CreateOptions
::default())?
;
700 let invalid_keypath
= "./tests/invalid_keyfile.test";
702 // no params, no default key == no key
703 let res
= crypto_parameters(&json
!({}
));
704 assert_eq
!(res
.unwrap(), no_key_res
);
706 // keyfile param == key from keyfile
707 let res
= crypto_parameters(&json
!({"keyfile": keypath}
));
708 assert_eq
!(res
.unwrap(), some_key_res
);
710 // crypt mode none == no key
711 let res
= crypto_parameters(&json
!({"crypt-mode": "none"}
));
712 assert_eq
!(res
.unwrap(), no_key_res
);
714 // crypt mode encrypt/sign-only, no keyfile, no default key == Error
715 assert
!(crypto_parameters(&json
!({"crypt-mode": "sign-only"}
)).is_err());
716 assert
!(crypto_parameters(&json
!({"crypt-mode": "encrypt"}
)).is_err());
718 // crypt mode none with explicit key == Error
719 assert
!(crypto_parameters(&json
!({"crypt-mode": "none", "keyfile": keypath}
)).is_err());
721 // crypt mode sign-only/encrypt with keyfile == key from keyfile with correct mode
722 let res
= crypto_parameters(&json
!({"crypt-mode": "sign-only", "keyfile": keypath}
));
723 assert_eq
!(res
.unwrap(), some_key_sign_res
);
724 let res
= crypto_parameters(&json
!({"crypt-mode": "encrypt", "keyfile": keypath}
));
725 assert_eq
!(res
.unwrap(), some_key_res
);
727 // invalid keyfile parameter always errors
728 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath}
)).is_err());
729 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath, "crypt-mode": "none"}
)).is_err());
730 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath, "crypt-mode": "sign-only"}
)).is_err());
731 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath, "crypt-mode": "encrypt"}
)).is_err());
733 // now set a default key
734 unsafe { key::set_test_encryption_key(Ok(default_key.clone())); }
738 // no params but default key == default key
739 let res
= crypto_parameters(&json
!({}
));
740 assert_eq
!(res
.unwrap(), default_key_res
);
742 // keyfile param == key from keyfile
743 let res
= crypto_parameters(&json
!({"keyfile": keypath}
));
744 assert_eq
!(res
.unwrap(), some_key_res
);
746 // crypt mode none == no key
747 let res
= crypto_parameters(&json
!({"crypt-mode": "none"}
));
748 assert_eq
!(res
.unwrap(), no_key_res
);
750 // crypt mode encrypt/sign-only, no keyfile, default key == default key with correct mode
751 let res
= crypto_parameters(&json
!({"crypt-mode": "sign-only"}
));
752 assert_eq
!(res
.unwrap(), default_key_sign_res
);
753 let res
= crypto_parameters(&json
!({"crypt-mode": "encrypt"}
));
754 assert_eq
!(res
.unwrap(), default_key_res
);
756 // crypt mode none with explicit key == Error
757 assert
!(crypto_parameters(&json
!({"crypt-mode": "none", "keyfile": keypath}
)).is_err());
759 // crypt mode sign-only/encrypt with keyfile == key from keyfile with correct mode
760 let res
= crypto_parameters(&json
!({"crypt-mode": "sign-only", "keyfile": keypath}
));
761 assert_eq
!(res
.unwrap(), some_key_sign_res
);
762 let res
= crypto_parameters(&json
!({"crypt-mode": "encrypt", "keyfile": keypath}
));
763 assert_eq
!(res
.unwrap(), some_key_res
);
765 // invalid keyfile parameter always errors
766 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath}
)).is_err());
767 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath, "crypt-mode": "none"}
)).is_err());
768 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath, "crypt-mode": "sign-only"}
)).is_err());
769 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath, "crypt-mode": "encrypt"}
)).is_err());
771 // now make default key retrieval error
772 unsafe { key::set_test_encryption_key(Err(format_err!("test error"))); }
776 // no params, default key retrieval errors == Error
777 assert
!(crypto_parameters(&json
!({}
)).is_err());
779 // keyfile param == key from keyfile
780 let res
= crypto_parameters(&json
!({"keyfile": keypath}
));
781 assert_eq
!(res
.unwrap(), some_key_res
);
783 // crypt mode none == no key
784 let res
= crypto_parameters(&json
!({"crypt-mode": "none"}
));
785 assert_eq
!(res
.unwrap(), no_key_res
);
787 // crypt mode encrypt/sign-only, no keyfile, default key error == Error
788 assert
!(crypto_parameters(&json
!({"crypt-mode": "sign-only"}
)).is_err());
789 assert
!(crypto_parameters(&json
!({"crypt-mode": "encrypt"}
)).is_err());
791 // crypt mode none with explicit key == Error
792 assert
!(crypto_parameters(&json
!({"crypt-mode": "none", "keyfile": keypath}
)).is_err());
794 // crypt mode sign-only/encrypt with keyfile == key from keyfile with correct mode
795 let res
= crypto_parameters(&json
!({"crypt-mode": "sign-only", "keyfile": keypath}
));
796 assert_eq
!(res
.unwrap(), some_key_sign_res
);
797 let res
= crypto_parameters(&json
!({"crypt-mode": "encrypt", "keyfile": keypath}
));
798 assert_eq
!(res
.unwrap(), some_key_res
);
800 // invalid keyfile parameter always errors
801 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath}
)).is_err());
802 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath, "crypt-mode": "none"}
)).is_err());
803 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath, "crypt-mode": "sign-only"}
)).is_err());
804 assert
!(crypto_parameters(&json
!({"keyfile": invalid_keypath, "crypt-mode": "encrypt"}
)).is_err());
813 description
: "List of backup source specifications ([<label.ext>:<path>] ...)",
815 schema
: BACKUP_SOURCE_SCHEMA
,
819 schema
: REPO_URL_SCHEMA
,
823 description
: "Include mountpoints with same st_dev number (see ``man fstat``) as specified files.",
827 description
: "Path to file.",
830 "all-file-systems": {
832 description
: "Include all mounted subdirectories.",
836 schema
: KEYFILE_SCHEMA
,
840 schema
: KEYFD_SCHEMA
,
847 "skip-lost-and-found": {
849 description
: "Skip lost+found directory.",
853 schema
: BACKUP_TYPE_SCHEMA
,
857 schema
: BACKUP_ID_SCHEMA
,
861 schema
: BACKUP_TIME_SCHEMA
,
865 schema
: CHUNK_SIZE_SCHEMA
,
870 description
: "List of paths or patterns for matching files to exclude.",
874 description
: "Path or match pattern.",
879 description
: "Max number of entries to hold in memory.",
881 default: proxmox_backup
::pxar
::ENCODER_MAX_ENTRIES
as isize,
885 description
: "Verbose output.",
891 /// Create (host) backup.
892 async
fn create_backup(
895 _rpcenv
: &mut dyn RpcEnvironment
,
896 ) -> Result
<Value
, Error
> {
898 let repo
= extract_repository_from_value(¶m
)?
;
900 let backupspec_list
= tools
::required_array_param(¶m
, "backupspec")?
;
902 let all_file_systems
= param
["all-file-systems"].as_bool().unwrap_or(false);
904 let skip_lost_and_found
= param
["skip-lost-and-found"].as_bool().unwrap_or(false);
906 let verbose
= param
["verbose"].as_bool().unwrap_or(false);
908 let backup_time_opt
= param
["backup-time"].as_i64();
910 let chunk_size_opt
= param
["chunk-size"].as_u64().map(|v
| (v
*1024) as usize);
912 if let Some(size
) = chunk_size_opt
{
913 verify_chunk_size(size
)?
;
916 let crypto
= crypto_parameters(¶m
)?
;
918 let backup_id
= param
["backup-id"].as_str().unwrap_or(&proxmox
::tools
::nodename());
920 let backup_type
= param
["backup-type"].as_str().unwrap_or("host");
922 let include_dev
= param
["include-dev"].as_array();
924 let entries_max
= param
["entries-max"].as_u64()
925 .unwrap_or(proxmox_backup
::pxar
::ENCODER_MAX_ENTRIES
as u64);
927 let empty
= Vec
::new();
928 let exclude_args
= param
["exclude"].as_array().unwrap_or(&empty
);
930 let mut pattern_list
= Vec
::with_capacity(exclude_args
.len());
931 for entry
in exclude_args
{
932 let entry
= entry
.as_str().ok_or_else(|| format_err
!("Invalid pattern string slice"))?
;
934 MatchEntry
::parse_pattern(entry
, PatternFlag
::PATH_NAME
, MatchType
::Exclude
)
935 .map_err(|err
| format_err
!("invalid exclude pattern entry: {}", err
))?
939 let mut devices
= if all_file_systems { None }
else { Some(HashSet::new()) }
;
941 if let Some(include_dev
) = include_dev
{
942 if all_file_systems
{
943 bail
!("option 'all-file-systems' conflicts with option 'include-dev'");
946 let mut set
= HashSet
::new();
947 for path
in include_dev
{
948 let path
= path
.as_str().unwrap();
949 let stat
= nix
::sys
::stat
::stat(path
)
950 .map_err(|err
| format_err
!("fstat {:?} failed - {}", path
, err
))?
;
951 set
.insert(stat
.st_dev
);
956 let mut upload_list
= vec
![];
957 let mut target_set
= HashSet
::new();
959 for backupspec
in backupspec_list
{
960 let spec
= parse_backup_specification(backupspec
.as_str().unwrap())?
;
961 let filename
= &spec
.config_string
;
962 let target
= &spec
.archive_name
;
964 if target_set
.contains(target
) {
965 bail
!("got target twice: '{}'", target
);
967 target_set
.insert(target
.to_string());
969 use std
::os
::unix
::fs
::FileTypeExt
;
971 let metadata
= std
::fs
::metadata(filename
)
972 .map_err(|err
| format_err
!("unable to access '{}' - {}", filename
, err
))?
;
973 let file_type
= metadata
.file_type();
975 match spec
.spec_type
{
976 BackupSpecificationType
::PXAR
=> {
977 if !file_type
.is_dir() {
978 bail
!("got unexpected file type (expected directory)");
980 upload_list
.push((BackupSpecificationType
::PXAR
, filename
.to_owned(), format
!("{}.didx", target
), 0));
982 BackupSpecificationType
::IMAGE
=> {
983 if !(file_type
.is_file() || file_type
.is_block_device()) {
984 bail
!("got unexpected file type (expected file or block device)");
987 let size
= image_size(&PathBuf
::from(filename
))?
;
989 if size
== 0 { bail!("got zero-sized file '{}'
", filename); }
991 upload_list.push((BackupSpecificationType::IMAGE, filename.to_owned(), format!("{}
.fidx
", target), size));
993 BackupSpecificationType::CONFIG => {
994 if !file_type.is_file() {
995 bail!("got unexpected file
type (expected regular file
)");
997 upload_list.push((BackupSpecificationType::CONFIG, filename.to_owned(), format!("{}
.blob
", target), metadata.len()));
999 BackupSpecificationType::LOGFILE => {
1000 if !file_type.is_file() {
1001 bail!("got unexpected file
type (expected regular file
)");
1003 upload_list.push((BackupSpecificationType::LOGFILE, filename.to_owned(), format!("{}
.blob
", target), metadata.len()));
1008 let backup_time = backup_time_opt.unwrap_or_else(epoch_i64);
1010 let client = connect(&repo)?;
1011 record_repository(&repo);
1013 println!("Starting backup
: {}
/{}
/{}
", backup_type, backup_id, BackupDir::backup_time_to_string(backup_time)?);
1015 println!("Client name
: {}
", proxmox::tools::nodename());
1017 let start_time = std::time::Instant::now();
1019 println!("Starting backup protocol
: {}
", strftime_local("%c
", epoch_i64())?);
1021 let (crypt_config, rsa_encrypted_key) = match crypto.enc_key {
1022 None => (None, None),
1024 let (key, created, fingerprint) = decrypt_key(&key, &key::get_encryption_key_password)?;
1025 println!("Encryption key fingerprint
: {}
", fingerprint);
1027 let crypt_config = CryptConfig::new(key)?;
1029 match key::find_default_master_pubkey()? {
1030 Some(ref path) if path.exists() => {
1031 let pem_data = file_get_contents(path)?;
1032 let rsa = openssl::rsa::Rsa::public_key_from_pem(&pem_data)?;
1034 let mut key_config = KeyConfig::without_password(key)?;
1035 key_config.created = created; // keep original value
1037 let enc_key = rsa_encrypt_key_config(rsa, &key_config)?;
1038 println!("Master key '{:?}'
", path);
1040 (Some(Arc::new(crypt_config)), Some(enc_key))
1042 _ => (Some(Arc::new(crypt_config)), None),
1047 let client = BackupWriter::start(
1049 crypt_config.clone(),
1058 let download_previous_manifest = match client.previous_backup_time().await {
1059 Ok(Some(backup_time)) => {
1061 "Downloading previous
manifest ({}
)",
1062 strftime_local("%c
", backup_time)?
1067 println!("No previous manifest available
.");
1071 // Fallback for outdated server, TODO remove/bubble up with 2.0
1076 let previous_manifest = if download_previous_manifest {
1077 match client.download_previous_manifest().await {
1078 Ok(previous_manifest) => {
1079 match previous_manifest.check_fingerprint(crypt_config.as_ref().map(Arc::as_ref)) {
1080 Ok(()) => Some(Arc::new(previous_manifest)),
1082 println!("Couldn't re
-use previous manifest
- {}
", err);
1088 println!("Couldn't download previous manifest
- {}
", err);
1096 let snapshot = BackupDir::new(backup_type, backup_id, backup_time)?;
1097 let mut manifest = BackupManifest::new(snapshot);
1099 let mut catalog = None;
1100 let mut catalog_result_rx = None;
1102 for (backup_type, filename, target, size) in upload_list {
1104 BackupSpecificationType::CONFIG => {
1105 let upload_options = UploadOptions {
1107 encrypt: crypto.mode == CryptMode::Encrypt,
1108 ..UploadOptions::default()
1111 println!("Upload config file '{}' to '{}'
as {}
", filename, repo, target);
1113 .upload_blob_from_file(&filename, &target, upload_options)
1115 manifest.add_file(target, stats.size, stats.csum, crypto.mode)?;
1117 BackupSpecificationType::LOGFILE => { // fixme: remove - not needed anymore ?
1118 let upload_options = UploadOptions {
1120 encrypt: crypto.mode == CryptMode::Encrypt,
1121 ..UploadOptions::default()
1124 println!("Upload log file '{}' to '{}'
as {}
", filename, repo, target);
1126 .upload_blob_from_file(&filename, &target, upload_options)
1128 manifest.add_file(target, stats.size, stats.csum, crypto.mode)?;
1130 BackupSpecificationType::PXAR => {
1131 // start catalog upload on first use
1132 if catalog.is_none() {
1133 let catalog_upload_res = spawn_catalog_upload(client.clone(), crypto.mode == CryptMode::Encrypt)?;
1134 catalog = Some(catalog_upload_res.catalog_writer);
1135 catalog_result_rx = Some(catalog_upload_res.result);
1137 let catalog = catalog.as_ref().unwrap();
1139 println!("Upload directory '{}' to '{}'
as {}
", filename, repo, target);
1140 catalog.lock().unwrap().start_directory(std::ffi::CString::new(target.as_str())?.as_c_str())?;
1142 let pxar_options = proxmox_backup::pxar::PxarCreateOptions {
1143 device_set: devices.clone(),
1144 patterns: pattern_list.clone(),
1145 entries_max: entries_max as usize,
1146 skip_lost_and_found,
1150 let upload_options = UploadOptions {
1151 previous_manifest: previous_manifest.clone(),
1153 encrypt: crypto.mode == CryptMode::Encrypt,
1154 ..UploadOptions::default()
1157 let stats = backup_directory(
1166 manifest.add_file(target, stats.size, stats.csum, crypto.mode)?;
1167 catalog.lock().unwrap().end_directory()?;
1169 BackupSpecificationType::IMAGE => {
1170 println!("Upload image '{}' to '{:?}'
as {}
", filename, repo, target);
1172 let upload_options = UploadOptions {
1173 previous_manifest: previous_manifest.clone(),
1174 fixed_size: Some(size),
1176 encrypt: crypto.mode == CryptMode::Encrypt,
1179 let stats = backup_image(
1186 manifest.add_file(target, stats.size, stats.csum, crypto.mode)?;
1191 // finalize and upload catalog
1192 if let Some(catalog) = catalog {
1193 let mutex = Arc::try_unwrap(catalog)
1194 .map_err(|_| format_err!("unable to get
catalog (still used
)"))?;
1195 let mut catalog = mutex.into_inner().unwrap();
1199 drop(catalog); // close upload stream
1201 if let Some(catalog_result_rx) = catalog_result_rx {
1202 let stats = catalog_result_rx.await??;
1203 manifest.add_file(CATALOG_NAME.to_owned(), stats.size, stats.csum, crypto.mode)?;
1207 if let Some(rsa_encrypted_key) = rsa_encrypted_key {
1208 let target = ENCRYPTED_KEY_BLOB_NAME;
1209 println!("Upload RSA encoded key to '{:?}'
as {}
", repo, target);
1210 let options = UploadOptions { compress: false, encrypt: false, ..UploadOptions::default() };
1212 .upload_blob_from_data(rsa_encrypted_key, target, options)
1214 manifest.add_file(target.to_string(), stats.size, stats.csum, crypto.mode)?;
1217 // create manifest (index.json)
1218 // manifests are never encrypted, but include a signature
1219 let manifest = manifest.to_string(crypt_config.as_ref().map(Arc::as_ref))
1220 .map_err(|err| format_err!("unable to format manifest
- {}
", err))?;
1223 if verbose { println!("Upload index.json to '{}'", repo
) };
1224 let options
= UploadOptions { compress: true, encrypt: false, ..UploadOptions::default() }
;
1226 .upload_blob_from_data(manifest
.into_bytes(), MANIFEST_BLOB_NAME
, options
)
1229 client
.finish().await?
;
1231 let end_time
= std
::time
::Instant
::now();
1232 let elapsed
= end_time
.duration_since(start_time
);
1233 println
!("Duration: {:.2}s", elapsed
.as_secs_f64());
1235 println
!("End Time: {}", strftime_local("%c", epoch_i64())?
);
1240 fn complete_backup_source(arg
: &str, param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1242 let mut result
= vec
![];
1244 let data
: Vec
<&str> = arg
.splitn(2, '
:'
).collect();
1246 if data
.len() != 2 {
1247 result
.push(String
::from("root.pxar:/"));
1248 result
.push(String
::from("etc.pxar:/etc"));
1252 let files
= tools
::complete_file_name(data
[1], param
);
1255 result
.push(format
!("{}:{}", data
[0], file
));
1261 async
fn dump_image
<W
: Write
>(
1262 client
: Arc
<BackupReader
>,
1263 crypt_config
: Option
<Arc
<CryptConfig
>>,
1264 crypt_mode
: CryptMode
,
1265 index
: FixedIndexReader
,
1268 ) -> Result
<(), Error
> {
1270 let most_used
= index
.find_most_used_chunks(8);
1272 let chunk_reader
= RemoteChunkReader
::new(client
.clone(), crypt_config
, crypt_mode
, most_used
);
1274 // Note: we avoid using BufferedFixedReader, because that add an additional buffer/copy
1275 // and thus slows down reading. Instead, directly use RemoteChunkReader
1278 let start_time
= std
::time
::Instant
::now();
1280 for pos
in 0..index
.index_count() {
1281 let digest
= index
.index_digest(pos
).unwrap();
1282 let raw_data
= chunk_reader
.read_chunk(&digest
).await?
;
1283 writer
.write_all(&raw_data
)?
;
1284 bytes
+= raw_data
.len();
1286 let next_per
= ((pos
+1)*100)/index
.index_count();
1287 if per
!= next_per
{
1288 eprintln
!("progress {}% (read {} bytes, duration {} sec)",
1289 next_per
, bytes
, start_time
.elapsed().as_secs());
1295 let end_time
= std
::time
::Instant
::now();
1296 let elapsed
= end_time
.duration_since(start_time
);
1297 eprintln
!("restore image complete (bytes={}, duration={:.2}s, speed={:.2}MB/s)",
1299 elapsed
.as_secs_f64(),
1300 bytes
as f64/(1024.0*1024.0*elapsed
.as_secs_f64())
1307 fn parse_archive_type(name
: &str) -> (String
, ArchiveType
) {
1308 if name
.ends_with(".didx") || name
.ends_with(".fidx") || name
.ends_with(".blob") {
1309 (name
.into(), archive_type(name
).unwrap())
1310 } else if name
.ends_with(".pxar") {
1311 (format
!("{}.didx", name
), ArchiveType
::DynamicIndex
)
1312 } else if name
.ends_with(".img") {
1313 (format
!("{}.fidx", name
), ArchiveType
::FixedIndex
)
1315 (format
!("{}.blob", name
), ArchiveType
::Blob
)
1323 schema
: REPO_URL_SCHEMA
,
1328 description
: "Group/Snapshot path.",
1331 description
: "Backup archive name.",
1336 description
: r
###"Target directory path. Use '-' to write to standard output.
1338 We do not extraxt '.pxar' archives when writing to standard output.
1342 "allow-existing-dirs": {
1344 description
: "Do not fail if directories already exists.",
1348 schema
: KEYFILE_SCHEMA
,
1352 schema
: KEYFD_SCHEMA
,
1362 /// Restore backup repository.
1363 async
fn restore(param
: Value
) -> Result
<Value
, Error
> {
1364 let repo
= extract_repository_from_value(¶m
)?
;
1366 let verbose
= param
["verbose"].as_bool().unwrap_or(false);
1368 let allow_existing_dirs
= param
["allow-existing-dirs"].as_bool().unwrap_or(false);
1370 let archive_name
= tools
::required_string_param(¶m
, "archive-name")?
;
1372 let client
= connect(&repo
)?
;
1374 record_repository(&repo
);
1376 let path
= tools
::required_string_param(¶m
, "snapshot")?
;
1378 let (backup_type
, backup_id
, backup_time
) = if path
.matches('
/'
).count() == 1 {
1379 let group
: BackupGroup
= path
.parse()?
;
1380 api_datastore_latest_snapshot(&client
, repo
.store(), group
).await?
1382 let snapshot
: BackupDir
= path
.parse()?
;
1383 (snapshot
.group().backup_type().to_owned(), snapshot
.group().backup_id().to_owned(), snapshot
.backup_time())
1386 let target
= tools
::required_string_param(¶m
, "target")?
;
1387 let target
= if target
== "-" { None }
else { Some(target) }
;
1389 let crypto
= crypto_parameters(¶m
)?
;
1391 let crypt_config
= match crypto
.enc_key
{
1394 let (key
, _
, fingerprint
) = decrypt_key(&key
, &key
::get_encryption_key_password
)?
;
1395 eprintln
!("Encryption key fingerprint: '{}'", fingerprint
);
1396 Some(Arc
::new(CryptConfig
::new(key
)?
))
1400 let client
= BackupReader
::start(
1402 crypt_config
.clone(),
1410 let (archive_name
, archive_type
) = parse_archive_type(archive_name
);
1412 let (manifest
, backup_index_data
) = client
.download_manifest().await?
;
1414 if archive_name
== ENCRYPTED_KEY_BLOB_NAME
&& crypt_config
.is_none() {
1415 eprintln
!("Restoring encrypted key blob without original key - skipping manifest fingerprint check!")
1417 manifest
.check_fingerprint(crypt_config
.as_ref().map(Arc
::as_ref
))?
;
1420 if archive_name
== MANIFEST_BLOB_NAME
{
1421 if let Some(target
) = target
{
1422 replace_file(target
, &backup_index_data
, CreateOptions
::new())?
;
1424 let stdout
= std
::io
::stdout();
1425 let mut writer
= stdout
.lock();
1426 writer
.write_all(&backup_index_data
)
1427 .map_err(|err
| format_err
!("unable to pipe data - {}", err
))?
;
1430 return Ok(Value
::Null
);
1433 let file_info
= manifest
.lookup_file_info(&archive_name
)?
;
1435 if archive_type
== ArchiveType
::Blob
{
1437 let mut reader
= client
.download_blob(&manifest
, &archive_name
).await?
;
1439 if let Some(target
) = target
{
1440 let mut writer
= std
::fs
::OpenOptions
::new()
1445 .map_err(|err
| format_err
!("unable to create target file {:?} - {}", target
, err
))?
;
1446 std
::io
::copy(&mut reader
, &mut writer
)?
;
1448 let stdout
= std
::io
::stdout();
1449 let mut writer
= stdout
.lock();
1450 std
::io
::copy(&mut reader
, &mut writer
)
1451 .map_err(|err
| format_err
!("unable to pipe data - {}", err
))?
;
1454 } else if archive_type
== ArchiveType
::DynamicIndex
{
1456 let index
= client
.download_dynamic_index(&manifest
, &archive_name
).await?
;
1458 let most_used
= index
.find_most_used_chunks(8);
1460 let chunk_reader
= RemoteChunkReader
::new(client
.clone(), crypt_config
, file_info
.chunk_crypt_mode(), most_used
);
1462 let mut reader
= BufferedDynamicReader
::new(index
, chunk_reader
);
1464 let options
= proxmox_backup
::pxar
::PxarExtractOptions
{
1466 extract_match_default
: true,
1467 allow_existing_dirs
,
1471 if let Some(target
) = target
{
1472 proxmox_backup
::pxar
::extract_archive(
1473 pxar
::decoder
::Decoder
::from_std(reader
)?
,
1475 proxmox_backup
::pxar
::Flags
::DEFAULT
,
1478 println
!("{:?}", path
);
1483 .map_err(|err
| format_err
!("error extracting archive - {}", err
))?
;
1485 let mut writer
= std
::fs
::OpenOptions
::new()
1487 .open("/dev/stdout")
1488 .map_err(|err
| format_err
!("unable to open /dev/stdout - {}", err
))?
;
1490 std
::io
::copy(&mut reader
, &mut writer
)
1491 .map_err(|err
| format_err
!("unable to pipe data - {}", err
))?
;
1493 } else if archive_type
== ArchiveType
::FixedIndex
{
1495 let index
= client
.download_fixed_index(&manifest
, &archive_name
).await?
;
1497 let mut writer
= if let Some(target
) = target
{
1498 std
::fs
::OpenOptions
::new()
1503 .map_err(|err
| format_err
!("unable to create target file {:?} - {}", target
, err
))?
1505 std
::fs
::OpenOptions
::new()
1507 .open("/dev/stdout")
1508 .map_err(|err
| format_err
!("unable to open /dev/stdout - {}", err
))?
1511 dump_image(client
.clone(), crypt_config
.clone(), file_info
.chunk_crypt_mode(), index
, &mut writer
, verbose
).await?
;
1517 const API_METHOD_PRUNE
: ApiMethod
= ApiMethod
::new(
1518 &ApiHandler
::Async(&prune
),
1520 "Prune a backup repository.",
1521 &proxmox_backup
::add_common_prune_prameters
!([
1522 ("dry-run", true, &BooleanSchema
::new(
1523 "Just show what prune would do, but do not delete anything.")
1525 ("group", false, &StringSchema
::new("Backup group.").schema()),
1527 ("output-format", true, &OUTPUT_FORMAT
),
1531 &BooleanSchema
::new("Minimal output - only show removals.")
1534 ("repository", true, &REPO_URL_SCHEMA
),
1542 _rpcenv
: &'a
mut dyn RpcEnvironment
,
1543 ) -> proxmox
::api
::ApiFuture
<'a
> {
1545 prune_async(param
).await
1549 async
fn prune_async(mut param
: Value
) -> Result
<Value
, Error
> {
1550 let repo
= extract_repository_from_value(¶m
)?
;
1552 let mut client
= connect(&repo
)?
;
1554 let path
= format
!("api2/json/admin/datastore/{}/prune", repo
.store());
1556 let group
= tools
::required_string_param(¶m
, "group")?
;
1557 let group
: BackupGroup
= group
.parse()?
;
1559 let output_format
= get_output_format(¶m
);
1561 let quiet
= param
["quiet"].as_bool().unwrap_or(false);
1563 param
.as_object_mut().unwrap().remove("repository");
1564 param
.as_object_mut().unwrap().remove("group");
1565 param
.as_object_mut().unwrap().remove("output-format");
1566 param
.as_object_mut().unwrap().remove("quiet");
1568 param
["backup-type"] = group
.backup_type().into();
1569 param
["backup-id"] = group
.backup_id().into();
1571 let mut result
= client
.post(&path
, Some(param
)).await?
;
1573 record_repository(&repo
);
1575 let render_snapshot_path
= |_v
: &Value
, record
: &Value
| -> Result
<String
, Error
> {
1576 let item
: PruneListItem
= serde_json
::from_value(record
.to_owned())?
;
1577 let snapshot
= BackupDir
::new(item
.backup_type
, item
.backup_id
, item
.backup_time
)?
;
1578 Ok(snapshot
.relative_path().to_str().unwrap().to_owned())
1581 let render_prune_action
= |v
: &Value
, _record
: &Value
| -> Result
<String
, Error
> {
1582 Ok(match v
.as_bool() {
1583 Some(true) => "keep",
1584 Some(false) => "remove",
1589 let options
= default_table_format_options()
1590 .sortby("backup-type", false)
1591 .sortby("backup-id", false)
1592 .sortby("backup-time", false)
1593 .column(ColumnConfig
::new("backup-id").renderer(render_snapshot_path
).header("snapshot"))
1594 .column(ColumnConfig
::new("backup-time").renderer(tools
::format
::render_epoch
).header("date"))
1595 .column(ColumnConfig
::new("keep").renderer(render_prune_action
).header("action"))
1598 let return_type
= &proxmox_backup
::api2
::admin
::datastore
::API_METHOD_PRUNE
.returns
;
1600 let mut data
= result
["data"].take();
1603 let list
: Vec
<Value
> = data
.as_array().unwrap().iter().filter(|item
| {
1604 item
["keep"].as_bool() == Some(false)
1605 }).cloned().collect();
1609 format_and_print_result_full(&mut data
, return_type
, &output_format
, &options
);
1618 schema
: REPO_URL_SCHEMA
,
1622 schema
: OUTPUT_FORMAT
,
1628 type: StorageStatus
,
1631 /// Get repository status.
1632 async
fn status(param
: Value
) -> Result
<Value
, Error
> {
1634 let repo
= extract_repository_from_value(¶m
)?
;
1636 let output_format
= get_output_format(¶m
);
1638 let client
= connect(&repo
)?
;
1640 let path
= format
!("api2/json/admin/datastore/{}/status", repo
.store());
1642 let mut result
= client
.get(&path
, None
).await?
;
1643 let mut data
= result
["data"].take();
1645 record_repository(&repo
);
1647 let render_total_percentage
= |v
: &Value
, record
: &Value
| -> Result
<String
, Error
> {
1648 let v
= v
.as_u64().unwrap();
1649 let total
= record
["total"].as_u64().unwrap();
1650 let roundup
= total
/200;
1651 let per
= ((v
+roundup
)*100)/total
;
1652 let info
= format
!(" ({} %)", per
);
1653 Ok(format
!("{} {:>8}", v
, info
))
1656 let options
= default_table_format_options()
1658 .column(ColumnConfig
::new("total").renderer(render_total_percentage
))
1659 .column(ColumnConfig
::new("used").renderer(render_total_percentage
))
1660 .column(ColumnConfig
::new("avail").renderer(render_total_percentage
));
1662 let return_type
= &API_METHOD_STATUS
.returns
;
1664 format_and_print_result_full(&mut data
, return_type
, &output_format
, &options
);
1669 // like get, but simply ignore errors and return Null instead
1670 async
fn try_get(repo
: &BackupRepository
, url
: &str) -> Value
{
1672 let fingerprint
= std
::env
::var(ENV_VAR_PBS_FINGERPRINT
).ok();
1673 let password
= std
::env
::var(ENV_VAR_PBS_PASSWORD
).ok();
1675 // ticket cache, but no questions asked
1676 let options
= HttpClientOptions
::new_interactive(password
, fingerprint
)
1677 .interactive(false);
1679 let client
= match HttpClient
::new(repo
.host(), repo
.port(), repo
.auth_id(), options
) {
1681 _
=> return Value
::Null
,
1684 let mut resp
= match client
.get(url
, None
).await
{
1686 _
=> return Value
::Null
,
1689 if let Some(map
) = resp
.as_object_mut() {
1690 if let Some(data
) = map
.remove("data") {
1697 fn complete_backup_group(_arg
: &str, param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1698 proxmox_backup
::tools
::runtime
::main(async { complete_backup_group_do(param).await }
)
1701 async
fn complete_backup_group_do(param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1703 let mut result
= vec
![];
1705 let repo
= match extract_repository_from_map(param
) {
1710 let path
= format
!("api2/json/admin/datastore/{}/groups", repo
.store());
1712 let data
= try_get(&repo
, &path
).await
;
1714 if let Some(list
) = data
.as_array() {
1716 if let (Some(backup_id
), Some(backup_type
)) =
1717 (item
["backup-id"].as_str(), item
["backup-type"].as_str())
1719 result
.push(format
!("{}/{}", backup_type
, backup_id
));
1727 pub fn complete_group_or_snapshot(arg
: &str, param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1728 proxmox_backup
::tools
::runtime
::main(async { complete_group_or_snapshot_do(arg, param).await }
)
1731 async
fn complete_group_or_snapshot_do(arg
: &str, param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1733 if arg
.matches('
/'
).count() < 2 {
1734 let groups
= complete_backup_group_do(param
).await
;
1735 let mut result
= vec
![];
1736 for group
in groups
{
1737 result
.push(group
.to_string());
1738 result
.push(format
!("{}/", group
));
1743 complete_backup_snapshot_do(param
).await
1746 fn complete_backup_snapshot(_arg
: &str, param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1747 proxmox_backup
::tools
::runtime
::main(async { complete_backup_snapshot_do(param).await }
)
1750 async
fn complete_backup_snapshot_do(param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1752 let mut result
= vec
![];
1754 let repo
= match extract_repository_from_map(param
) {
1759 let path
= format
!("api2/json/admin/datastore/{}/snapshots", repo
.store());
1761 let data
= try_get(&repo
, &path
).await
;
1763 if let Some(list
) = data
.as_array() {
1765 if let (Some(backup_id
), Some(backup_type
), Some(backup_time
)) =
1766 (item
["backup-id"].as_str(), item
["backup-type"].as_str(), item
["backup-time"].as_i64())
1768 if let Ok(snapshot
) = BackupDir
::new(backup_type
, backup_id
, backup_time
) {
1769 result
.push(snapshot
.relative_path().to_str().unwrap().to_owned());
1778 fn complete_server_file_name(_arg
: &str, param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1779 proxmox_backup
::tools
::runtime
::main(async { complete_server_file_name_do(param).await }
)
1782 async
fn complete_server_file_name_do(param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1784 let mut result
= vec
![];
1786 let repo
= match extract_repository_from_map(param
) {
1791 let snapshot
: BackupDir
= match param
.get("snapshot") {
1793 match path
.parse() {
1801 let query
= tools
::json_object_to_query(json
!({
1802 "backup-type": snapshot
.group().backup_type(),
1803 "backup-id": snapshot
.group().backup_id(),
1804 "backup-time": snapshot
.backup_time(),
1807 let path
= format
!("api2/json/admin/datastore/{}/files?{}", repo
.store(), query
);
1809 let data
= try_get(&repo
, &path
).await
;
1811 if let Some(list
) = data
.as_array() {
1813 if let Some(filename
) = item
["filename"].as_str() {
1814 result
.push(filename
.to_owned());
1822 fn complete_archive_name(arg
: &str, param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1823 complete_server_file_name(arg
, param
)
1825 .map(|v
| tools
::format
::strip_server_file_extension(&v
))
1829 pub fn complete_pxar_archive_name(arg
: &str, param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1830 complete_server_file_name(arg
, param
)
1832 .filter_map(|name
| {
1833 if name
.ends_with(".pxar.didx") {
1834 Some(tools
::format
::strip_server_file_extension(name
))
1842 pub fn complete_img_archive_name(arg
: &str, param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1843 complete_server_file_name(arg
, param
)
1845 .filter_map(|name
| {
1846 if name
.ends_with(".img.fidx") {
1847 Some(tools
::format
::strip_server_file_extension(name
))
1855 fn complete_chunk_size(_arg
: &str, _param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1857 let mut result
= vec
![];
1861 result
.push(size
.to_string());
1863 if size
> 4096 { break; }
1869 fn complete_auth_id(_arg
: &str, param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1870 proxmox_backup
::tools
::runtime
::main(async { complete_auth_id_do(param).await }
)
1873 async
fn complete_auth_id_do(param
: &HashMap
<String
, String
>) -> Vec
<String
> {
1875 let mut result
= vec
![];
1877 let repo
= match extract_repository_from_map(param
) {
1882 let data
= try_get(&repo
, "api2/json/access/users?include_tokens=true").await
;
1884 if let Ok(parsed
) = serde_json
::from_value
::<Vec
<UserWithTokens
>>(data
) {
1885 for user
in parsed
{
1886 result
.push(user
.userid
.to_string());
1887 for token
in user
.tokens
{
1888 result
.push(token
.tokenid
.to_string());
1896 use proxmox_backup
::client
::RemoteChunkReader
;
1897 /// This is a workaround until we have cleaned up the chunk/reader/... infrastructure for better
1900 /// Ideally BufferedDynamicReader gets replaced so the LruCache maps to `BroadcastFuture<Chunk>`,
1901 /// so that we can properly access it from multiple threads simultaneously while not issuing
1902 /// duplicate simultaneous reads over http.
1903 pub struct BufferedDynamicReadAt
{
1904 inner
: Mutex
<BufferedDynamicReader
<RemoteChunkReader
>>,
1907 impl BufferedDynamicReadAt
{
1908 fn new(inner
: BufferedDynamicReader
<RemoteChunkReader
>) -> Self {
1910 inner
: Mutex
::new(inner
),
1915 impl ReadAt
for BufferedDynamicReadAt
{
1916 fn start_read_at
<'a
>(
1917 self: Pin
<&'a
Self>,
1921 ) -> MaybeReady
<io
::Result
<usize>, ReadAtOperation
<'a
>> {
1922 MaybeReady
::Ready(tokio
::task
::block_in_place(move || {
1923 let mut reader
= self.inner
.lock().unwrap();
1924 reader
.seek(SeekFrom
::Start(offset
))?
;
1925 Ok(reader
.read(buf
)?
)
1929 fn poll_complete
<'a
>(
1930 self: Pin
<&'a
Self>,
1931 _op
: ReadAtOperation
<'a
>,
1932 ) -> MaybeReady
<io
::Result
<usize>, ReadAtOperation
<'a
>> {
1933 panic
!("LocalDynamicReadAt::start_read_at returned Pending");
1939 let backup_cmd_def
= CliCommand
::new(&API_METHOD_CREATE_BACKUP
)
1940 .arg_param(&["backupspec"])
1941 .completion_cb("repository", complete_repository
)
1942 .completion_cb("backupspec", complete_backup_source
)
1943 .completion_cb("keyfile", tools
::complete_file_name
)
1944 .completion_cb("chunk-size", complete_chunk_size
);
1946 let benchmark_cmd_def
= CliCommand
::new(&API_METHOD_BENCHMARK
)
1947 .completion_cb("repository", complete_repository
)
1948 .completion_cb("keyfile", tools
::complete_file_name
);
1950 let list_cmd_def
= CliCommand
::new(&API_METHOD_LIST_BACKUP_GROUPS
)
1951 .completion_cb("repository", complete_repository
);
1953 let garbage_collect_cmd_def
= CliCommand
::new(&API_METHOD_START_GARBAGE_COLLECTION
)
1954 .completion_cb("repository", complete_repository
);
1956 let restore_cmd_def
= CliCommand
::new(&API_METHOD_RESTORE
)
1957 .arg_param(&["snapshot", "archive-name", "target"])
1958 .completion_cb("repository", complete_repository
)
1959 .completion_cb("snapshot", complete_group_or_snapshot
)
1960 .completion_cb("archive-name", complete_archive_name
)
1961 .completion_cb("target", tools
::complete_file_name
);
1963 let prune_cmd_def
= CliCommand
::new(&API_METHOD_PRUNE
)
1964 .arg_param(&["group"])
1965 .completion_cb("group", complete_backup_group
)
1966 .completion_cb("repository", complete_repository
);
1968 let status_cmd_def
= CliCommand
::new(&API_METHOD_STATUS
)
1969 .completion_cb("repository", complete_repository
);
1971 let login_cmd_def
= CliCommand
::new(&API_METHOD_API_LOGIN
)
1972 .completion_cb("repository", complete_repository
);
1974 let logout_cmd_def
= CliCommand
::new(&API_METHOD_API_LOGOUT
)
1975 .completion_cb("repository", complete_repository
);
1977 let version_cmd_def
= CliCommand
::new(&API_METHOD_API_VERSION
)
1978 .completion_cb("repository", complete_repository
);
1980 let change_owner_cmd_def
= CliCommand
::new(&API_METHOD_CHANGE_BACKUP_OWNER
)
1981 .arg_param(&["group", "new-owner"])
1982 .completion_cb("group", complete_backup_group
)
1983 .completion_cb("new-owner", complete_auth_id
)
1984 .completion_cb("repository", complete_repository
);
1986 let cmd_def
= CliCommandMap
::new()
1987 .insert("backup", backup_cmd_def
)
1988 .insert("garbage-collect", garbage_collect_cmd_def
)
1989 .insert("list", list_cmd_def
)
1990 .insert("login", login_cmd_def
)
1991 .insert("logout", logout_cmd_def
)
1992 .insert("prune", prune_cmd_def
)
1993 .insert("restore", restore_cmd_def
)
1994 .insert("snapshot", snapshot_mgtm_cli())
1995 .insert("status", status_cmd_def
)
1996 .insert("key", key
::cli())
1997 .insert("mount", mount_cmd_def())
1998 .insert("map", map_cmd_def())
1999 .insert("unmap", unmap_cmd_def())
2000 .insert("catalog", catalog_mgmt_cli())
2001 .insert("task", task_mgmt_cli())
2002 .insert("version", version_cmd_def
)
2003 .insert("benchmark", benchmark_cmd_def
)
2004 .insert("change-owner", change_owner_cmd_def
)
2006 .alias(&["files"], &["snapshot", "files"])
2007 .alias(&["forget"], &["snapshot", "forget"])
2008 .alias(&["upload-log"], &["snapshot", "upload-log"])
2009 .alias(&["snapshots"], &["snapshot", "list"])
2012 let rpcenv
= CliEnvironment
::new();
2013 run_cli_command(cmd_def
, rpcenv
, Some(|future
| {
2014 proxmox_backup
::tools
::runtime
::main(future
)