tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
4,396 Commits 2 Branches 54 Tags 14 MiB
e995996290
Commit Graph

844 Commits

Author SHA1 Message Date
Dietmar Maurer
301b8aa0a5 tape: implement change-passphrase for tape encryption keys 2021-01-20 15:43:19 +01:00
Dietmar Maurer
e5b6c93323 tape: add --kdf parameter to create key api 2021-01-20 15:43:19 +01:00
Dietmar Maurer
9a045790ed cleanup KeyConfig 2021-01-20 15:43:19 +01:00
Dietmar Maurer
82a103c8f9 add "password hint" to KeyConfig 2021-01-20 15:43:19 +01:00
Dietmar Maurer
feb1645f37 tape: generate random encryptions keys and store key_config on media 2021-01-19 11:20:07 +01:00
Dietmar Maurer
8a0046f519 tape: implement encrypted backup - simple version 
This is just a proof of concept, only storing the encryption key fingerprint
inside the media-set label.
 2021-01-18 13:38:22 +01:00
Dietmar Maurer
1e93fbb5c1 tape: add encrypt property to media pool configuration 2021-01-18 13:38:22 +01:00
Dietmar Maurer
d5a48b5ce4 tape: add hardware encryption key managenent api 2021-01-18 13:38:22 +01:00
Fabian Grünbichler
0bfcea6a11 cleanup: remove unnecessary 'mut' and '.clone()' 
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2021-01-14 16:01:33 +01:00
Fabian Grünbichler
b5a202acb6 tokio 1.0: update to new Signal interface 
Signal does not yet re-implement Stream (and is not yet wrapped in
tokio-stream either).

see https://github.com/tokio-rs/tokio/pull/3383

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2021-01-14 16:01:33 +01:00
Fabian Grünbichler
0f860f712f tokio 1.0: update to new tokio-openssl interface 
connect/accept are now happening on pinned SslStreams

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2021-01-14 16:01:33 +01:00
Fabian Grünbichler
7c66701366 tokio 1.0: use ReceiverStream from tokio-stream 
to wrap a Receiver in a Stream. this will likely move back into tokio
proper once we have a std Stream..

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2021-01-14 16:01:33 +01:00
Fabian Grünbichler
0a8d773ad0 tokio 1.0: delay -> sleep 
almost the same thing, new name(s), no longer Unpin

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2021-01-14 16:01:33 +01:00
Thomas Lamprecht
1a0b410554 manager: user/token list: fix rendering 0 (never) expire date 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2021-01-14 13:59:08 +01:00
Dietmar Maurer
2d50a6192f tape: sg-tape-cmd - add more ways to specify devices 2021-01-14 13:05:26 +01:00
Dietmar Maurer
781da7f6f0 tape: add --inventorize flag to read-label API/CLI 2021-01-14 11:51:23 +01:00
Dietmar Maurer
8446fbca85 tape: rename changer_id to label_text 2021-01-13 13:26:59 +01:00
Wolfgang Bumiller
7f066a9b21 proxy: expose qrcodejs 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2021-01-11 10:22:32 +01:00
Dietmar Maurer
483da89d03 tape: improve export media to directly export from drive, add CLI 2021-01-10 13:44:44 +01:00
Dietmar Maurer
edb90f6afa tape: backup - implement export-media-set option 2021-01-10 11:59:55 +01:00
Dietmar Maurer
42967bf185 tape: backup - implement --eject-media option 2021-01-09 15:17:03 +01:00
Dietmar Maurer
5843268c47 tape: abort backup when we detect critical tape alert flags 2021-01-09 12:34:00 +01:00
Dietmar Maurer
0bf1c314da tape: show catalog status in media list 2021-01-09 10:24:48 +01:00
Dietmar Maurer
df69a4fc59 tape: implement drive clean 2021-01-08 11:32:56 +01:00
Dietmar Maurer
879569d73f tape: changer transfer - make name parameter optional 2021-01-07 17:09:47 +01:00
Dietmar Maurer
b63f833d36 tape: fix paramater name - s/slot/source-slot/ 2021-01-07 15:39:25 +01:00
Dietmar Maurer
482c6e33dd tape: changer status command: make changer name optional 2021-01-07 15:12:19 +01:00
Dietmar Maurer
46a1863f88 tape: improve MediaChange trait 
We expose the whole MtxStatus, and we can load/store from/to
specified slot numbers.
 2021-01-07 14:26:43 +01:00
Dietmar Maurer
38ae42b11a tape: changer - add export-slot config 2021-01-06 11:06:50 +01:00
Dietmar Maurer
b40ab10d38 tape: add volume_mounts and medium_passes to LinuxDriveAndMediaStatus 2021-01-05 13:43:17 +01:00
Dietmar Maurer
f8ccbfdedd tape: implement read_volume_statistics 2021-01-05 12:58:18 +01:00
Dietmar Maurer
470f1c798a tape: status - show thape alert flags 2021-01-04 13:15:30 +01:00
Dietmar Maurer
165b641c1d tape: changer status - show full slots (for cartridge without barcode) 2021-01-04 12:06:05 +01:00
Dietmar Maurer
74595b8821 tape: sg-tape-cmd tape-alert-flags 2021-01-03 10:09:43 +01:00
Dietmar Maurer
b9b4b31284 tape: add basic restore api/command 2020-12-31 10:26:48 +01:00
Dietmar Maurer
b017bbc441 tape: add restore code, implement catalog api/command 2020-12-30 09:48:18 +01:00
Dietmar Maurer
a33389c391 tape: implement media content list api 2020-12-29 11:58:26 +01:00
Dietmar Maurer
0993923ed5 tape: factor out get_drive_and_media_status 2020-12-29 08:39:06 +01:00
Dietmar Maurer
e0362b0d0f tape: correctly parse mtx import/export slots 2020-12-28 13:32:56 +01:00
Dietmar Maurer
b27c32821c tape: install new sg-tape-cmd setuid binary 2020-12-28 11:10:25 +01:00
Dietmar Maurer
5ae86dfaa1 tape: return media usage info with status command 2020-12-23 11:24:34 +01:00
Dietmar Maurer
cb80d900b3 tape: add drive status api 2020-12-22 10:42:22 +01:00
Dietmar Maurer
ee01737e87 tape: rename 'mam' api to 'cartridge-memory' 2020-12-22 09:27:34 +01:00
Dietmar Maurer
2012825913 depend on proxmox 0.9.0 2020-12-22 08:52:24 +01:00
Wolfgang Bumiller
b2362a1207 adaptions for proxmox 0.9 and proxmox-api-macro 0.3 
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-12-22 07:31:05 +01:00
Dietmar Maurer
1e20f819d5 tape: add command to read cartridge memory (MAM) 
Thsi add an additional dependency to sg3-utils (small).
 2020-12-21 12:12:33 +01:00
Dietmar Maurer
8835664653 tape: add tape backup api 2020-12-18 15:32:12 +01:00
Fabian Grünbichler
7137630d43 client: add 'import-with-master-key' command 
to import an encrypted encryption key using a master key.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-12-17 06:46:24 +01:00
Fabian Grünbichler
8acfd15d6e key: move RSA-encryption to KeyConfig 
since that is what gets encrypted, and not a CryptConfig.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-12-17 06:43:34 +01:00
Fabian Grünbichler
48fbbfeb7e fix #3197: skip fingerprint check when restoring key 
when restoring an encrypted key, the original one is obviously not
available to check the fingerprint with.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-12-17 06:37:54 +01:00
Fabian Grünbichler
9990af3042 master key: store blob name in constant 
since we will use it in more than one place.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-12-17 06:36:06 +01:00
Dietmar Maurer
c1c2c8f635 tape: cleanup MediaLocation type for direct use with API 2020-12-16 10:49:01 +01:00
Dietmar Maurer
af07ec8f29 tape: minor code cleanup 2020-12-14 16:56:26 +01:00
Dietmar Maurer
3f803af00b tape: scan - print more debug info 2020-12-14 13:16:18 +01:00
Dietmar Maurer
ac461bd651 tape: implement scan command (useful for debug) 2020-12-14 12:55:49 +01:00
Dietmar Maurer
ce955e1635 tape: implement eod cli command (debug tool) 2020-12-14 09:56:59 +01:00
Dietmar Maurer
e20d008c6a tape: rename cli 'media media-destroy' toö 'media destroy' 2020-12-14 09:30:32 +01:00
Dietmar Maurer
fb657d8ee5 tape: implement destroy_media 2020-12-14 08:58:40 +01:00
Dietmar Maurer
fba0b77469 tape: add media api 2020-12-14 07:55:57 +01:00
Dietmar Maurer
b5c1296eaa tape: make changer get_status async 2020-12-14 07:14:24 +01:00
Dietmar Maurer
7e1d4712b8 tape: rename CHANGER_ID_SCHEMA to CHANGER_NAME_SCHEMA 2020-12-13 09:22:08 +01:00
Dietmar Maurer
49c965a497 tape: rename DRIVE_ID_SCHEMA to DRIVE_NAME_SCHEMA 2020-12-13 09:18:16 +01:00
Dietmar Maurer
6fe9aedd0b tape: correctly call Async handler in proxmox-tape 2020-12-12 09:58:47 +01:00
Dietmar Maurer
663ef85992 tape: use WorkerTask for erase and rewind 2020-12-11 11:19:33 +01:00
Dietmar Maurer
e92c75815b tape: split inventory api 
inventory: sync, list labels with uuids,
update_inventory: WorkerTask, updates database
 2020-12-11 10:42:29 +01:00
Dietmar Maurer
6dbad5b4b5 tape: run label commands as WorkerTask (threads) 2020-12-11 09:10:22 +01:00
Dietmar Maurer
bff7e3f3e4 tape: implement barcode-label-mdedia 2020-12-11 07:50:19 +01:00
Dietmar Maurer
83abc7497d tape: implement inventory command 2020-12-11 07:39:28 +01:00
Dietmar Maurer
4606f34353 tape: implement read-label command 2020-12-10 13:20:39 +01:00
Dietmar Maurer
7bb720cb4d tape: implement label command 2020-12-10 12:30:27 +01:00
Dietmar Maurer
9700d5374a tape: add media pool cli 2020-12-10 11:13:12 +01:00
Dietmar Maurer
f70d8091d3 tape: implement option changer-drive-id 2020-12-10 09:09:06 +01:00
Dietmar Maurer
a3c709ef21 tape: cli cleanup - avoid api redefinition 2020-12-10 08:35:11 +01:00
Dietmar Maurer
93829fc680 tape: cleanup load-slot api 2020-12-10 08:04:55 +01:00
Dietmar Maurer
5605ca5619 tape: cli cleanup - rename scana-for-* into scan 2020-12-10 07:58:45 +01:00
Dietmar Maurer
e49f0c03d9 tape: implement load-media command 2020-12-10 07:52:56 +01:00
Dietmar Maurer
0098b712a5 tape: implement eject 2020-12-09 17:50:48 +01:00
Dietmar Maurer
5fb694e8c0 tape: implement rewind 2020-12-09 17:43:38 +01:00
Dietmar Maurer
583a68a446 tape: implement erase media 2020-12-09 17:35:31 +01:00
Dietmar Maurer
e6604cf391 tape: add command line interface proxmox-tape 2020-12-09 13:00:20 +01:00
Dietmar Maurer
6b68e5d597 client: move connect_to_localhost into client module 2020-12-09 11:59:50 +01:00
Dietmar Maurer
cafd51bf42 tape: add media state database 2020-12-09 11:21:56 +01:00
Wolfgang Bumiller
9b93c62044 remove unused descriptions from api macros 
these are now a hard error in the api macro

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-12-09 10:55:18 +01:00
Wolfgang Bumiller
35fe981c7d client: use tools::pipe instead of nix 
nix::unistd::pipe returns unguarded RawFds which should be
avoided

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-11-30 11:25:53 +01:00
Fabian Grünbichler
490560e0c6 restore: print to STDERR 
else restoring to STDOUT is broken..

Reported-by: Dominic Jäger <d.jaeger@proxmox.com>

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-25 14:38:02 +01:00
Dietmar Maurer
0c9209b04c cli: rename command "upload-log" to "snapshot upload-log" 2020-11-25 07:57:39 +01:00
Dietmar Maurer
edebd52374 cli: rename command "forget" to "snapshot forget" 2020-11-25 07:57:39 +01:00
Dietmar Maurer
61205f00fb cli: rename command "files" to "snapshot files" 2020-11-25 07:57:39 +01:00
Dietmar Maurer
731eeef25b cli: use new alias feature for "snapshots" 
Now maps to "snapshot list".
 2020-11-24 13:26:43 +01:00
Dominik Csapak
a65e3e4bc0 client: add 'snapshot notes show/update' command 
to show and update snapshot notes from the cli

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-24 11:44:19 +01:00
Fabian Grünbichler
8b7f8d3f3d expose previous backup time in backup env 
and use this information to add more information to client backup log
and guide the download manifest decision.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-24 08:44:55 +01:00
Fabian Grünbichler
f1e2904150 paperkey: refactor common code 
from formatting functions to main function, and pass along the key data
lines instead of the full string.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-24 07:57:21 +01:00
Fabian Grünbichler
23f9503a31 client: check fingerprint after downloading manifest 
this is stricter than the check that happened on manifest load, as it
also fails if the manifest is signed but we don't have a key available.

add some additional output at the start of a backup to indicate whether
a previous manifest is available to base the backup on.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-24 07:55:12 +01:00
Dietmar Maurer
5e17dbf2bb cli: cleanup 'key show' - use format_and_print_result_full 
We now expose all key derivation functions on the cli, so users can
choose between scrypt or pbkdf2.
 2020-11-24 07:32:34 +01:00
Fabian Grünbichler
dfb04575ad client: add 'key show' command 
for (pretty-)printing a keyfile.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-23 13:15:29 +01:00
Fabian Grünbichler
6f2626ae19 client: print key fingerprint and master key 
for operations where it makes sense.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-23 13:11:26 +01:00
Fabian Grünbichler
37e60ddcde key: add fingerprint to key config 
and set/generate it on
- key creation
- key passphrase change
- key decryption if not already set
- key encryption with master key

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-11-23 13:03:46 +01:00
Dominik Csapak
968a0ab261 fix systemd-encoded upid strings in http client 
since we systemd-encode parts of the upid string, and those can contain
characters that are invalid in urls (e.g. '\'), we have to percent encode
those

add a 'percent_encode_component' helper, so that we can maybe change
the AsciiSet for all uses at the same time

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-11-19 11:01:19 +01:00
Fabian Ebner
58fcbf5ab7 client: expose all-file-systems option 
Useful to avoid the need for a long (and possibly changing) list of include-dev
options in certain situations, e.g. nested ZFS file systems. The option is
already implemented and seems to work as expected. The checks for virtual
filesystems are not affected by this option.

Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
 2020-11-16 16:59:14 +01:00
Thomas Lamprecht
fc5a012068 manager: versions: non-verbose should actually print server pkg info 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-11-12 10:28:03 +01:00