2 use std
::path
::{Path, PathBuf}
;
4 use anyhow
::{bail, format_err, Error}
;
7 use openssl
::ssl
::{SslMethod, SslAcceptor, SslFiletype}
;
9 use proxmox
::try_block
;
10 use proxmox
::api
::RpcEnvironmentType
;
12 use proxmox_backup
::api2
::types
::Userid
;
13 use proxmox_backup
::configdir
;
14 use proxmox_backup
::buildcfg
;
15 use proxmox_backup
::server
;
16 use proxmox_backup
::tools
::{daemon, epoch_now, epoch_now_u64}
;
17 use proxmox_backup
::server
::{ApiConfig, rest::*}
;
18 use proxmox_backup
::auth_helpers
::*;
19 use proxmox_backup
::tools
::disks
::{ DiskManage, zfs_pool_stats }
;
21 use proxmox_backup
::api2
::pull
::do_sync_job
;
23 fn main() -> Result
<(), Error
> {
24 proxmox_backup
::tools
::setup_safe_path_env();
26 let backup_uid
= proxmox_backup
::backup
::backup_user()?
.uid
;
27 let backup_gid
= proxmox_backup
::backup
::backup_group()?
.gid
;
28 let running_uid
= nix
::unistd
::Uid
::effective();
29 let running_gid
= nix
::unistd
::Gid
::effective();
31 if running_uid
!= backup_uid
|| running_gid
!= backup_gid
{
32 bail
!("proxy not running as backup user or group (got uid {} gid {})", running_uid
, running_gid
);
35 proxmox_backup
::tools
::runtime
::main(run())
38 async
fn run() -> Result
<(), Error
> {
39 if let Err(err
) = syslog
::init(
40 syslog
::Facility
::LOG_DAEMON
,
41 log
::LevelFilter
::Info
,
42 Some("proxmox-backup-proxy")) {
43 bail
!("unable to inititialize syslog - {}", err
);
46 let _
= public_auth_key(); // load with lazy_static
47 let _
= csrf_secret(); // load with lazy_static
49 let mut config
= ApiConfig
::new(
50 buildcfg
::JS_DIR
, &proxmox_backup
::api2
::ROUTER
, RpcEnvironmentType
::PUBLIC
)?
;
52 config
.add_alias("novnc", "/usr/share/novnc-pve");
53 config
.add_alias("extjs", "/usr/share/javascript/extjs");
54 config
.add_alias("fontawesome", "/usr/share/fonts-font-awesome");
55 config
.add_alias("xtermjs", "/usr/share/pve-xtermjs");
56 config
.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit");
57 config
.add_alias("css", "/usr/share/javascript/proxmox-backup/css");
58 config
.add_alias("docs", "/usr/share/doc/proxmox-backup/html");
60 let mut indexpath
= PathBuf
::from(buildcfg
::JS_DIR
);
61 indexpath
.push("index.hbs");
62 config
.register_template("index", &indexpath
)?
;
63 config
.register_template("console", "/usr/share/pve-xtermjs/index.html.hbs")?
;
65 let rest_server
= RestServer
::new(config
);
67 //openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes
68 let key_path
= configdir
!("/proxy.key");
69 let cert_path
= configdir
!("/proxy.pem");
71 let mut acceptor
= SslAcceptor
::mozilla_intermediate(SslMethod
::tls()).unwrap();
72 acceptor
.set_private_key_file(key_path
, SslFiletype
::PEM
)
73 .map_err(|err
| format_err
!("unable to read proxy key {} - {}", key_path
, err
))?
;
74 acceptor
.set_certificate_chain_file(cert_path
)
75 .map_err(|err
| format_err
!("unable to read proxy cert {} - {}", cert_path
, err
))?
;
76 acceptor
.check_private_key().unwrap();
78 let acceptor
= Arc
::new(acceptor
.build());
80 let server
= daemon
::create_daemon(
81 ([0,0,0,0,0,0,0,0], 8007).into(),
83 let connections
= proxmox_backup
::tools
::async_io
::StaticIncoming
::from(listener
)
85 .try_filter_map(move |(sock
, _addr
)| {
86 let acceptor
= Arc
::clone(&acceptor
);
88 sock
.set_nodelay(true).unwrap();
89 sock
.set_send_buffer_size(1024*1024).unwrap();
90 sock
.set_recv_buffer_size(1024*1024).unwrap();
91 Ok(tokio_openssl
::accept(&acceptor
, sock
)
93 .ok() // handshake errors aren't be fatal, so return None to filter
97 let connections
= proxmox_backup
::tools
::async_io
::HyperAccept(connections
);
100 .and_then(|_
| hyper
::Server
::builder(connections
)
102 .with_graceful_shutdown(server
::shutdown_future())
103 .map_err(Error
::from
)
105 .map_err(|err
| eprintln
!("server error: {}", err
))
111 daemon
::systemd_notify(daemon
::SystemdNotify
::Ready
)?
;
113 let init_result
: Result
<(), Error
> = try_block
!({
114 server
::create_task_control_socket()?
;
115 server
::server_state_init()?
;
119 if let Err(err
) = init_result
{
120 bail
!("unable to start daemon - {}", err
);
123 start_task_scheduler();
124 start_stat_generator();
127 log
::info
!("server shutting down, waiting for active workers to complete");
128 proxmox_backup
::server
::last_worker_future().await?
;
129 log
::info
!("done - exit server");
134 fn start_stat_generator() {
135 let abort_future
= server
::shutdown_future();
136 let future
= Box
::pin(run_stat_generator());
137 let task
= futures
::future
::select(future
, abort_future
);
138 tokio
::spawn(task
.map(|_
| ()));
141 fn start_task_scheduler() {
142 let abort_future
= server
::shutdown_future();
143 let future
= Box
::pin(run_task_scheduler());
144 let task
= futures
::future
::select(future
, abort_future
);
145 tokio
::spawn(task
.map(|_
| ()));
148 use std
::time
:: {Instant, Duration}
;
150 fn next_minute() -> Result
<Instant
, Error
> {
151 let epoch_now
= epoch_now()?
;
152 let epoch_next
= Duration
::from_secs((epoch_now
.as_secs()/60 + 1)*60);
153 Ok(Instant
::now() + epoch_next
- epoch_now
)
156 async
fn run_task_scheduler() {
158 let mut count
: usize = 0;
163 let delay_target
= match next_minute() { // try to run very minute
166 eprintln
!("task scheduler: compute next minute failed - {}", err
);
167 tokio
::time
::delay_until(tokio
::time
::Instant
::from_std(Instant
::now() + Duration
::from_secs(60))).await
;
172 if count
> 2 { // wait 1..2 minutes before starting
173 match schedule_tasks().catch_unwind().await
{
175 match panic
.downcast
::<&str>() {
177 eprintln
!("task scheduler panic: {}", msg
);
180 eprintln
!("task scheduler panic - unknown type");
185 eprintln
!("task scheduler failed - {:?}", err
);
191 tokio
::time
::delay_until(tokio
::time
::Instant
::from_std(delay_target
)).await
;
195 async
fn schedule_tasks() -> Result
<(), Error
> {
197 schedule_datastore_garbage_collection().await
;
198 schedule_datastore_prune().await
;
199 schedule_datastore_sync_jobs().await
;
204 fn lookup_last_worker(worker_type
: &str, worker_id
: &str) -> Result
<Option
<server
::UPID
>, Error
> {
206 let list
= proxmox_backup
::server
::read_task_list()?
;
208 let mut last
: Option
<&server
::UPID
> = None
;
210 for entry
in list
.iter() {
211 if entry
.upid
.worker_type
== worker_type
{
212 if let Some(ref id
) = entry
.upid
.worker_id
{
216 if upid
.starttime
< entry
.upid
.starttime
{
217 last
= Some(&entry
.upid
)
221 last
= Some(&entry
.upid
)
233 async
fn schedule_datastore_garbage_collection() {
235 use proxmox_backup
::backup
::DataStore
;
236 use proxmox_backup
::server
::{UPID, WorkerTask}
;
237 use proxmox_backup
::config
::datastore
::{self, DataStoreConfig}
;
238 use proxmox_backup
::tools
::systemd
::time
::{
239 parse_calendar_event
, compute_next_event
};
241 let config
= match datastore
::config() {
243 eprintln
!("unable to read datastore config - {}", err
);
246 Ok((config
, _digest
)) => config
,
249 for (store
, (_
, store_config
)) in config
.sections
{
250 let datastore
= match DataStore
::lookup_datastore(&store
) {
251 Ok(datastore
) => datastore
,
253 eprintln
!("lookup_datastore failed - {}", err
);
258 let store_config
: DataStoreConfig
= match serde_json
::from_value(store_config
) {
261 eprintln
!("datastore config from_value failed - {}", err
);
266 let event_str
= match store_config
.gc_schedule
{
267 Some(event_str
) => event_str
,
271 let event
= match parse_calendar_event(&event_str
) {
274 eprintln
!("unable to parse schedule '{}' - {}", event_str
, err
);
279 if datastore
.garbage_collection_running() { continue; }
281 let worker_type
= "garbage_collection";
283 let stat
= datastore
.last_gc_status();
284 let last
= if let Some(upid_str
) = stat
.upid
{
285 match upid_str
.parse
::<UPID
>() {
286 Ok(upid
) => upid
.starttime
,
288 eprintln
!("unable to parse upid '{}' - {}", upid_str
, err
);
293 match lookup_last_worker(worker_type
, &store
) {
294 Ok(Some(upid
)) => upid
.starttime
,
297 eprintln
!("lookup_last_job_start failed: {}", err
);
303 let next
= match compute_next_event(&event
, last
, false) {
304 Ok(Some(next
)) => next
,
305 Ok(None
) => continue,
307 eprintln
!("compute_next_event for '{}' failed - {}", event_str
, err
);
312 let now
= match epoch_now_u64() {
313 Ok(epoch_now
) => epoch_now
as i64,
315 eprintln
!("query system time failed - {}", err
);
319 if next
> now { continue; }
321 let store2
= store
.clone();
323 if let Err(err
) = WorkerTask
::new_thread(
326 Userid
::backup_userid().clone(),
329 worker
.log(format
!("starting garbage collection on store {}", store
));
330 worker
.log(format
!("task triggered by schedule '{}'", event_str
));
331 datastore
.garbage_collection(&worker
)
334 eprintln
!("unable to start garbage collection on store {} - {}", store2
, err
);
339 async
fn schedule_datastore_prune() {
341 use proxmox_backup
::backup
::{
342 PruneOptions
, DataStore
, BackupGroup
, BackupDir
, compute_prune_info
};
343 use proxmox_backup
::server
::{WorkerTask}
;
344 use proxmox_backup
::config
::datastore
::{self, DataStoreConfig}
;
345 use proxmox_backup
::tools
::systemd
::time
::{
346 parse_calendar_event
, compute_next_event
};
348 let config
= match datastore
::config() {
350 eprintln
!("unable to read datastore config - {}", err
);
353 Ok((config
, _digest
)) => config
,
356 for (store
, (_
, store_config
)) in config
.sections
{
357 let datastore
= match DataStore
::lookup_datastore(&store
) {
358 Ok(datastore
) => datastore
,
360 eprintln
!("lookup_datastore '{}' failed - {}", store
, err
);
365 let store_config
: DataStoreConfig
= match serde_json
::from_value(store_config
) {
368 eprintln
!("datastore '{}' config from_value failed - {}", store
, err
);
373 let event_str
= match store_config
.prune_schedule
{
374 Some(event_str
) => event_str
,
378 let prune_options
= PruneOptions
{
379 keep_last
: store_config
.keep_last
,
380 keep_hourly
: store_config
.keep_hourly
,
381 keep_daily
: store_config
.keep_daily
,
382 keep_weekly
: store_config
.keep_weekly
,
383 keep_monthly
: store_config
.keep_monthly
,
384 keep_yearly
: store_config
.keep_yearly
,
387 if !prune_options
.keeps_something() { // no prune settings - keep all
391 let event
= match parse_calendar_event(&event_str
) {
394 eprintln
!("unable to parse schedule '{}' - {}", event_str
, err
);
399 let worker_type
= "prune";
401 let last
= match lookup_last_worker(worker_type
, &store
) {
403 if proxmox_backup
::server
::worker_is_active_local(&upid
) {
410 eprintln
!("lookup_last_job_start failed: {}", err
);
415 let next
= match compute_next_event(&event
, last
, false) {
416 Ok(Some(next
)) => next
,
417 Ok(None
) => continue,
419 eprintln
!("compute_next_event for '{}' failed - {}", event_str
, err
);
424 let now
= match epoch_now_u64() {
425 Ok(epoch_now
) => epoch_now
as i64,
427 eprintln
!("query system time failed - {}", err
);
431 if next
> now { continue; }
433 let store2
= store
.clone();
435 if let Err(err
) = WorkerTask
::new_thread(
438 Userid
::backup_userid().clone(),
441 worker
.log(format
!("Starting datastore prune on store \"{}\"", store
));
442 worker
.log(format
!("task triggered by schedule '{}'", event_str
));
443 worker
.log(format
!("retention options: {}", prune_options
.cli_options_string()));
445 let base_path
= datastore
.base_path();
447 let groups
= BackupGroup
::list_groups(&base_path
)?
;
448 for group
in groups
{
449 let list
= group
.list_backups(&base_path
)?
;
450 let mut prune_info
= compute_prune_info(list
, &prune_options
)?
;
451 prune_info
.reverse(); // delete older snapshots first
453 worker
.log(format
!("Starting prune on store \"{}\" group \"{}/{}\"",
454 store
, group
.backup_type(), group
.backup_id()));
456 for (info
, keep
) in prune_info
{
459 if keep { "keep" }
else { "remove" }
,
460 group
.backup_type(), group
.backup_id(),
461 BackupDir
::backup_time_to_string(info
.backup_dir
.backup_time())));
464 datastore
.remove_backup_dir(&info
.backup_dir
, true)?
;
472 eprintln
!("unable to start datastore prune on store {} - {}", store2
, err
);
477 async
fn schedule_datastore_sync_jobs() {
479 use proxmox_backup
::{
480 config
::{ sync::{self, SyncJobConfig}
, jobstate
::{self, Job}
},
481 tools
::systemd
::time
::{ parse_calendar_event, compute_next_event }
,
484 let config
= match sync
::config() {
486 eprintln
!("unable to read sync job config - {}", err
);
489 Ok((config
, _digest
)) => config
,
492 for (job_id
, (_
, job_config
)) in config
.sections
{
493 let job_config
: SyncJobConfig
= match serde_json
::from_value(job_config
) {
496 eprintln
!("sync job config from_value failed - {}", err
);
501 let event_str
= match job_config
.schedule
{
502 Some(ref event_str
) => event_str
.clone(),
506 let event
= match parse_calendar_event(&event_str
) {
509 eprintln
!("unable to parse schedule '{}' - {}", event_str
, err
);
514 let worker_type
= "syncjob";
516 let last
= match jobstate
::last_run_time(worker_type
, &job_id
) {
519 eprintln
!("could not get last run time of {} {}: {}", worker_type
, job_id
, err
);
524 let next
= match compute_next_event(&event
, last
, false) {
525 Ok(Some(next
)) => next
,
526 Ok(None
) => continue,
528 eprintln
!("compute_next_event for '{}' failed - {}", event_str
, err
);
533 let now
= match epoch_now_u64() {
534 Ok(epoch_now
) => epoch_now
as i64,
536 eprintln
!("query system time failed - {}", err
);
540 if next
> now { continue; }
542 let job
= match Job
::new(worker_type
, &job_id
) {
544 Err(_
) => continue, // could not get lock
547 let userid
= Userid
::backup_userid().clone();
549 if let Err(err
) = do_sync_job(job
, job_config
, &userid
, Some(event_str
)) {
550 eprintln
!("unable to start datastore sync job {} - {}", &job_id
, err
);
555 async
fn run_stat_generator() {
560 let save
= if count
>= 6 { count = 0; true }
else { false }
;
562 let delay_target
= Instant
::now() + Duration
::from_secs(10);
564 generate_host_stats(save
).await
;
566 tokio
::time
::delay_until(tokio
::time
::Instant
::from_std(delay_target
)).await
;
572 fn rrd_update_gauge(name
: &str, value
: f64, save
: bool
) {
573 use proxmox_backup
::rrd
;
574 if let Err(err
) = rrd
::update_value(name
, value
, rrd
::DST
::Gauge
, save
) {
575 eprintln
!("rrd::update_value '{}' failed - {}", name
, err
);
579 fn rrd_update_derive(name
: &str, value
: f64, save
: bool
) {
580 use proxmox_backup
::rrd
;
581 if let Err(err
) = rrd
::update_value(name
, value
, rrd
::DST
::Derive
, save
) {
582 eprintln
!("rrd::update_value '{}' failed - {}", name
, err
);
586 async
fn generate_host_stats(save
: bool
) {
587 use proxmox
::sys
::linux
::procfs
::{
588 read_meminfo
, read_proc_stat
, read_proc_net_dev
, read_loadavg
};
589 use proxmox_backup
::config
::datastore
;
592 proxmox_backup
::tools
::runtime
::block_in_place(move || {
594 match read_proc_stat() {
596 rrd_update_gauge("host/cpu", stat
.cpu
, save
);
597 rrd_update_gauge("host/iowait", stat
.iowait_percent
, save
);
600 eprintln
!("read_proc_stat failed - {}", err
);
604 match read_meminfo() {
606 rrd_update_gauge("host/memtotal", meminfo
.memtotal
as f64, save
);
607 rrd_update_gauge("host/memused", meminfo
.memused
as f64, save
);
608 rrd_update_gauge("host/swaptotal", meminfo
.swaptotal
as f64, save
);
609 rrd_update_gauge("host/swapused", meminfo
.swapused
as f64, save
);
612 eprintln
!("read_meminfo failed - {}", err
);
616 match read_proc_net_dev() {
618 use proxmox_backup
::config
::network
::is_physical_nic
;
622 if !is_physical_nic(&item
.device
) { continue; }
623 netin
+= item
.receive
;
626 rrd_update_derive("host/netin", netin
as f64, save
);
627 rrd_update_derive("host/netout", netout
as f64, save
);
630 eprintln
!("read_prox_net_dev failed - {}", err
);
634 match read_loadavg() {
636 rrd_update_gauge("host/loadavg", loadavg
.0 as f64, save
);
639 eprintln
!("read_loadavg failed - {}", err
);
643 let disk_manager
= DiskManage
::new();
645 gather_disk_stats(disk_manager
.clone(), Path
::new("/"), "host", save
);
647 match datastore
::config() {
649 let datastore_list
: Vec
<datastore
::DataStoreConfig
> =
650 config
.convert_to_typed_array("datastore").unwrap_or(Vec
::new());
652 for config
in datastore_list
{
654 let rrd_prefix
= format
!("datastore/{}", config
.name
);
655 let path
= std
::path
::Path
::new(&config
.path
);
656 gather_disk_stats(disk_manager
.clone(), path
, &rrd_prefix
, save
);
660 eprintln
!("read datastore config failed - {}", err
);
667 fn gather_disk_stats(disk_manager
: Arc
<DiskManage
>, path
: &Path
, rrd_prefix
: &str, save
: bool
) {
669 match proxmox_backup
::tools
::disks
::disk_usage(path
) {
671 let rrd_key
= format
!("{}/total", rrd_prefix
);
672 rrd_update_gauge(&rrd_key
, status
.total
as f64, save
);
673 let rrd_key
= format
!("{}/used", rrd_prefix
);
674 rrd_update_gauge(&rrd_key
, status
.used
as f64, save
);
677 eprintln
!("read disk_usage on {:?} failed - {}", path
, err
);
681 match disk_manager
.find_mounted_device(path
) {
683 Ok(Some((fs_type
, device
, source
))) => {
684 let mut device_stat
= None
;
685 match fs_type
.as_str() {
687 if let Some(pool
) = source
{
688 match zfs_pool_stats(&pool
) {
689 Ok(stat
) => device_stat
= stat
,
690 Err(err
) => eprintln
!("zfs_pool_stats({:?}) failed - {}", pool
, err
),
695 if let Ok(disk
) = disk_manager
.clone().disk_by_dev_num(device
.into_dev_t()) {
696 match disk
.read_stat() {
697 Ok(stat
) => device_stat
= stat
,
698 Err(err
) => eprintln
!("disk.read_stat {:?} failed - {}", path
, err
),
703 if let Some(stat
) = device_stat
{
704 let rrd_key
= format
!("{}/read_ios", rrd_prefix
);
705 rrd_update_derive(&rrd_key
, stat
.read_ios
as f64, save
);
706 let rrd_key
= format
!("{}/read_bytes", rrd_prefix
);
707 rrd_update_derive(&rrd_key
, (stat
.read_sectors
*512) as f64, save
);
709 let rrd_key
= format
!("{}/write_ios", rrd_prefix
);
710 rrd_update_derive(&rrd_key
, stat
.write_ios
as f64, save
);
711 let rrd_key
= format
!("{}/write_bytes", rrd_prefix
);
712 rrd_update_derive(&rrd_key
, (stat
.write_sectors
*512) as f64, save
);
714 let rrd_key
= format
!("{}/io_ticks", rrd_prefix
);
715 rrd_update_derive(&rrd_key
, (stat
.io_ticks
as f64)/1000.0, save
);
719 eprintln
!("find_mounted_device failed - {}", err
);