2020-07-03 14:45:47 +00:00
|
|
|
use std::os::unix::fs::OpenOptionsExt;
|
|
|
|
use std::io::{Seek, SeekFrom};
|
|
|
|
use std::sync::Arc;
|
|
|
|
|
|
|
|
use anyhow::{bail, format_err, Error};
|
|
|
|
use serde_json::Value;
|
|
|
|
|
|
|
|
use proxmox::api::{api, cli::*};
|
|
|
|
|
2021-07-19 08:50:18 +00:00
|
|
|
use pbs_client::tools::key_source::get_encryption_key_password;
|
|
|
|
use pbs_client::{BackupReader, RemoteChunkReader};
|
2021-07-20 09:06:53 +00:00
|
|
|
use pbs_tools::json::required_string_param;
|
2021-09-07 07:22:14 +00:00
|
|
|
use pbs_tools::crypt_config::CryptConfig;
|
2020-07-03 14:45:47 +00:00
|
|
|
|
|
|
|
use crate::{
|
|
|
|
REPO_URL_SCHEMA,
|
2020-07-10 08:36:13 +00:00
|
|
|
KEYFD_SCHEMA,
|
2020-07-03 14:45:47 +00:00
|
|
|
extract_repository_from_value,
|
2021-02-05 15:35:35 +00:00
|
|
|
format_key_source,
|
2020-07-03 14:45:47 +00:00
|
|
|
record_repository,
|
2020-07-10 08:36:13 +00:00
|
|
|
decrypt_key,
|
2020-07-03 14:45:47 +00:00
|
|
|
api_datastore_latest_snapshot,
|
|
|
|
complete_repository,
|
|
|
|
complete_backup_snapshot,
|
|
|
|
complete_group_or_snapshot,
|
|
|
|
complete_pxar_archive_name,
|
|
|
|
connect,
|
2021-02-05 15:35:31 +00:00
|
|
|
crypto_parameters,
|
2020-07-03 14:45:47 +00:00
|
|
|
BackupDir,
|
|
|
|
BackupGroup,
|
|
|
|
BufferedDynamicReader,
|
|
|
|
BufferedDynamicReadAt,
|
|
|
|
CatalogReader,
|
|
|
|
CATALOG_NAME,
|
|
|
|
DynamicIndexReader,
|
|
|
|
IndexFile,
|
|
|
|
Shell,
|
|
|
|
};
|
|
|
|
|
|
|
|
#[api(
|
|
|
|
input: {
|
|
|
|
properties: {
|
|
|
|
repository: {
|
|
|
|
schema: REPO_URL_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
snapshot: {
|
|
|
|
type: String,
|
|
|
|
description: "Snapshot path.",
|
|
|
|
},
|
2020-07-10 08:36:13 +00:00
|
|
|
"keyfile": {
|
|
|
|
optional: true,
|
|
|
|
type: String,
|
|
|
|
description: "Path to encryption key.",
|
|
|
|
},
|
|
|
|
"keyfd": {
|
|
|
|
schema: KEYFD_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
2020-07-03 14:45:47 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
)]
|
|
|
|
/// Dump catalog.
|
|
|
|
async fn dump_catalog(param: Value) -> Result<Value, Error> {
|
|
|
|
|
|
|
|
let repo = extract_repository_from_value(¶m)?;
|
|
|
|
|
2021-07-20 09:06:53 +00:00
|
|
|
let path = required_string_param(¶m, "snapshot")?;
|
2020-07-03 14:45:47 +00:00
|
|
|
let snapshot: BackupDir = path.parse()?;
|
|
|
|
|
2021-02-05 15:35:31 +00:00
|
|
|
let crypto = crypto_parameters(¶m)?;
|
2020-07-03 14:45:47 +00:00
|
|
|
|
2021-02-05 15:35:31 +00:00
|
|
|
let crypt_config = match crypto.enc_key {
|
2020-07-03 14:45:47 +00:00
|
|
|
None => None,
|
2020-07-10 08:36:13 +00:00
|
|
|
Some(key) => {
|
2021-02-05 15:35:35 +00:00
|
|
|
let (key, _created, _fingerprint) = decrypt_key(&key.key, &get_encryption_key_password)
|
|
|
|
.map_err(|err| {
|
|
|
|
eprintln!("{}", format_key_source(&key.source, "encryption"));
|
|
|
|
err
|
|
|
|
})?;
|
2020-07-10 08:36:13 +00:00
|
|
|
let crypt_config = CryptConfig::new(key)?;
|
|
|
|
Some(Arc::new(crypt_config))
|
2020-07-03 14:45:47 +00:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2020-11-10 10:54:50 +00:00
|
|
|
let client = connect(&repo)?;
|
2020-07-03 14:45:47 +00:00
|
|
|
|
|
|
|
let client = BackupReader::start(
|
|
|
|
client,
|
|
|
|
crypt_config.clone(),
|
|
|
|
repo.store(),
|
|
|
|
&snapshot.group().backup_type(),
|
|
|
|
&snapshot.group().backup_id(),
|
|
|
|
snapshot.backup_time(),
|
|
|
|
true,
|
|
|
|
).await?;
|
|
|
|
|
2020-07-08 14:07:14 +00:00
|
|
|
let (manifest, _) = client.download_manifest().await?;
|
2020-11-20 16:38:37 +00:00
|
|
|
manifest.check_fingerprint(crypt_config.as_ref().map(Arc::as_ref))?;
|
2020-07-03 14:45:47 +00:00
|
|
|
|
|
|
|
let index = client.download_dynamic_index(&manifest, CATALOG_NAME).await?;
|
|
|
|
|
|
|
|
let most_used = index.find_most_used_chunks(8);
|
|
|
|
|
2020-08-10 11:25:07 +00:00
|
|
|
let file_info = manifest.lookup_file_info(&CATALOG_NAME)?;
|
|
|
|
|
|
|
|
let chunk_reader = RemoteChunkReader::new(client.clone(), crypt_config, file_info.chunk_crypt_mode(), most_used);
|
2020-07-03 14:45:47 +00:00
|
|
|
|
|
|
|
let mut reader = BufferedDynamicReader::new(index, chunk_reader);
|
|
|
|
|
|
|
|
let mut catalogfile = std::fs::OpenOptions::new()
|
|
|
|
.write(true)
|
|
|
|
.read(true)
|
|
|
|
.custom_flags(libc::O_TMPFILE)
|
|
|
|
.open("/tmp")?;
|
|
|
|
|
|
|
|
std::io::copy(&mut reader, &mut catalogfile)
|
|
|
|
.map_err(|err| format_err!("unable to download catalog - {}", err))?;
|
|
|
|
|
|
|
|
catalogfile.seek(SeekFrom::Start(0))?;
|
|
|
|
|
|
|
|
let mut catalog_reader = CatalogReader::new(catalogfile);
|
|
|
|
|
|
|
|
catalog_reader.dump()?;
|
|
|
|
|
|
|
|
record_repository(&repo);
|
|
|
|
|
|
|
|
Ok(Value::Null)
|
|
|
|
}
|
|
|
|
|
|
|
|
#[api(
|
|
|
|
input: {
|
|
|
|
properties: {
|
|
|
|
"snapshot": {
|
|
|
|
type: String,
|
|
|
|
description: "Group/Snapshot path.",
|
|
|
|
},
|
|
|
|
"archive-name": {
|
|
|
|
type: String,
|
|
|
|
description: "Backup archive name.",
|
|
|
|
},
|
|
|
|
"repository": {
|
|
|
|
optional: true,
|
|
|
|
schema: REPO_URL_SCHEMA,
|
|
|
|
},
|
|
|
|
"keyfile": {
|
|
|
|
optional: true,
|
|
|
|
type: String,
|
|
|
|
description: "Path to encryption key.",
|
|
|
|
},
|
2020-07-10 08:36:13 +00:00
|
|
|
"keyfd": {
|
|
|
|
schema: KEYFD_SCHEMA,
|
|
|
|
optional: true,
|
|
|
|
},
|
|
|
|
},
|
2020-07-03 14:45:47 +00:00
|
|
|
},
|
|
|
|
)]
|
|
|
|
/// Shell to interactively inspect and restore snapshots.
|
|
|
|
async fn catalog_shell(param: Value) -> Result<(), Error> {
|
|
|
|
let repo = extract_repository_from_value(¶m)?;
|
2020-11-10 10:54:50 +00:00
|
|
|
let client = connect(&repo)?;
|
2021-07-20 09:06:53 +00:00
|
|
|
let path = required_string_param(¶m, "snapshot")?;
|
|
|
|
let archive_name = required_string_param(¶m, "archive-name")?;
|
2020-07-03 14:45:47 +00:00
|
|
|
|
|
|
|
let (backup_type, backup_id, backup_time) = if path.matches('/').count() == 1 {
|
|
|
|
let group: BackupGroup = path.parse()?;
|
|
|
|
api_datastore_latest_snapshot(&client, repo.store(), group).await?
|
|
|
|
} else {
|
|
|
|
let snapshot: BackupDir = path.parse()?;
|
|
|
|
(snapshot.group().backup_type().to_owned(), snapshot.group().backup_id().to_owned(), snapshot.backup_time())
|
|
|
|
};
|
|
|
|
|
2021-02-05 15:35:31 +00:00
|
|
|
let crypto = crypto_parameters(¶m)?;
|
2020-07-10 08:36:13 +00:00
|
|
|
|
2021-02-05 15:35:31 +00:00
|
|
|
let crypt_config = match crypto.enc_key {
|
2020-07-03 14:45:47 +00:00
|
|
|
None => None,
|
2020-07-10 08:36:13 +00:00
|
|
|
Some(key) => {
|
2021-02-05 15:35:35 +00:00
|
|
|
let (key, _created, _fingerprint) = decrypt_key(&key.key, &get_encryption_key_password)
|
|
|
|
.map_err(|err| {
|
|
|
|
eprintln!("{}", format_key_source(&key.source, "encryption"));
|
|
|
|
err
|
|
|
|
})?;
|
2020-07-10 08:36:13 +00:00
|
|
|
let crypt_config = CryptConfig::new(key)?;
|
|
|
|
Some(Arc::new(crypt_config))
|
2020-07-03 14:45:47 +00:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
let server_archive_name = if archive_name.ends_with(".pxar") {
|
|
|
|
format!("{}.didx", archive_name)
|
|
|
|
} else {
|
|
|
|
bail!("Can only mount pxar archives.");
|
|
|
|
};
|
|
|
|
|
|
|
|
let client = BackupReader::start(
|
|
|
|
client,
|
|
|
|
crypt_config.clone(),
|
|
|
|
repo.store(),
|
|
|
|
&backup_type,
|
|
|
|
&backup_id,
|
|
|
|
backup_time,
|
|
|
|
true,
|
|
|
|
).await?;
|
|
|
|
|
|
|
|
let mut tmpfile = std::fs::OpenOptions::new()
|
|
|
|
.write(true)
|
|
|
|
.read(true)
|
|
|
|
.custom_flags(libc::O_TMPFILE)
|
|
|
|
.open("/tmp")?;
|
|
|
|
|
2020-07-08 14:07:14 +00:00
|
|
|
let (manifest, _) = client.download_manifest().await?;
|
2020-11-20 16:38:37 +00:00
|
|
|
manifest.check_fingerprint(crypt_config.as_ref().map(Arc::as_ref))?;
|
2020-07-03 14:45:47 +00:00
|
|
|
|
|
|
|
let index = client.download_dynamic_index(&manifest, &server_archive_name).await?;
|
|
|
|
let most_used = index.find_most_used_chunks(8);
|
2020-08-10 11:25:07 +00:00
|
|
|
|
|
|
|
let file_info = manifest.lookup_file_info(&server_archive_name)?;
|
|
|
|
let chunk_reader = RemoteChunkReader::new(client.clone(), crypt_config.clone(), file_info.chunk_crypt_mode(), most_used);
|
2020-07-03 14:45:47 +00:00
|
|
|
let reader = BufferedDynamicReader::new(index, chunk_reader);
|
|
|
|
let archive_size = reader.archive_size();
|
2021-07-19 08:50:18 +00:00
|
|
|
let reader: pbs_client::pxar::fuse::Reader =
|
2020-07-03 14:45:47 +00:00
|
|
|
Arc::new(BufferedDynamicReadAt::new(reader));
|
2021-07-19 08:50:18 +00:00
|
|
|
let decoder = pbs_client::pxar::fuse::Accessor::new(reader, archive_size).await?;
|
2020-07-03 14:45:47 +00:00
|
|
|
|
|
|
|
client.download(CATALOG_NAME, &mut tmpfile).await?;
|
|
|
|
let index = DynamicIndexReader::new(tmpfile)
|
|
|
|
.map_err(|err| format_err!("unable to read catalog index - {}", err))?;
|
|
|
|
|
|
|
|
// Note: do not use values stored in index (not trusted) - instead, computed them again
|
|
|
|
let (csum, size) = index.compute_csum();
|
|
|
|
manifest.verify_file(CATALOG_NAME, &csum, size)?;
|
|
|
|
|
|
|
|
let most_used = index.find_most_used_chunks(8);
|
2020-08-10 11:25:07 +00:00
|
|
|
|
|
|
|
let file_info = manifest.lookup_file_info(&CATALOG_NAME)?;
|
|
|
|
let chunk_reader = RemoteChunkReader::new(client.clone(), crypt_config, file_info.chunk_crypt_mode(), most_used);
|
2020-07-03 14:45:47 +00:00
|
|
|
let mut reader = BufferedDynamicReader::new(index, chunk_reader);
|
|
|
|
let mut catalogfile = std::fs::OpenOptions::new()
|
|
|
|
.write(true)
|
|
|
|
.read(true)
|
|
|
|
.custom_flags(libc::O_TMPFILE)
|
|
|
|
.open("/tmp")?;
|
|
|
|
|
|
|
|
std::io::copy(&mut reader, &mut catalogfile)
|
|
|
|
.map_err(|err| format_err!("unable to download catalog - {}", err))?;
|
|
|
|
|
|
|
|
catalogfile.seek(SeekFrom::Start(0))?;
|
|
|
|
let catalog_reader = CatalogReader::new(catalogfile);
|
|
|
|
let state = Shell::new(
|
|
|
|
catalog_reader,
|
|
|
|
&server_archive_name,
|
|
|
|
decoder,
|
|
|
|
).await?;
|
|
|
|
|
|
|
|
println!("Starting interactive shell");
|
|
|
|
state.shell().await?;
|
|
|
|
|
|
|
|
record_repository(&repo);
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn catalog_mgmt_cli() -> CliCommandMap {
|
|
|
|
let catalog_shell_cmd_def = CliCommand::new(&API_METHOD_CATALOG_SHELL)
|
|
|
|
.arg_param(&["snapshot", "archive-name"])
|
|
|
|
.completion_cb("repository", complete_repository)
|
|
|
|
.completion_cb("archive-name", complete_pxar_archive_name)
|
|
|
|
.completion_cb("snapshot", complete_group_or_snapshot);
|
|
|
|
|
|
|
|
let catalog_dump_cmd_def = CliCommand::new(&API_METHOD_DUMP_CATALOG)
|
|
|
|
.arg_param(&["snapshot"])
|
|
|
|
.completion_cb("repository", complete_repository)
|
|
|
|
.completion_cb("snapshot", complete_backup_snapshot);
|
|
|
|
|
|
|
|
CliCommandMap::new()
|
|
|
|
.insert("dump", catalog_dump_cmd_def)
|
|
|
|
.insert("shell", catalog_shell_cmd_def)
|
|
|
|
}
|