Commit Graph

557 Commits

Author SHA1 Message Date
Dietmar Maurer
95aee7e032 tools/common_regex.rs: add more docu 2019-02-16 12:36:01 +01:00
Dietmar Maurer
99be8844c7 buildcfg.rs: improve doc 2019-02-16 12:31:39 +01:00
Dietmar Maurer
a8f268afbb fix configuration dir permission
Carefully set and check permissions ...
2019-02-16 12:19:13 +01:00
Dietmar Maurer
aada2a9719 config/datastore.rs: remove unused code 2019-02-16 10:10:45 +01:00
Dietmar Maurer
d11594db4c config/datastore.rs: return empty config if file does not exist 2019-02-16 10:06:08 +01:00
Dietmar Maurer
12400210a2 tools::file_get_contents - improve error message 2019-02-16 09:42:00 +01:00
Dietmar Maurer
6235a41862 tools::file_read_firstline - improve error message 2019-02-16 09:36:29 +01:00
Dietmar Maurer
17ed456c2e change proxy user from www-data to backup 2019-02-16 09:29:04 +01:00
Dietmar Maurer
5d14eb6a76 tools.rs: new helper to get uid/gid for the sepcified system user.
Or is there an easier way to get that info?
2019-02-15 15:33:12 +01:00
Dietmar Maurer
f0a6112451 backup/datastore.rs: improve error reporting 2019-02-15 14:33:03 +01:00
Dietmar Maurer
9b50c16103 section_config.rs: simplify parser by using new try_block macro 2019-02-15 12:13:15 +01:00
Dietmar Maurer
fe651dd6e5 tools.rs: fix doc tests 2019-02-15 11:33:51 +01:00
Dietmar Maurer
e80503d2a6 tools.rs: document try_block macro 2019-02-15 11:20:45 +01:00
Dietmar Maurer
f0dbba8cbe tools.rs: new try_block macro 2019-02-15 10:59:12 +01:00
Wolfgang Bumiller
1d77b6cf6b update to pam 0.7 (renamed from pam-auth)
It now supports custom conversation methods, so instead of
new() we ask for a default authenticator taking a password
via with_password(). Since the password is now handled by
the now separate conversation handler, `set_credentials()`
is now called on the handler we get via `.get_handler()`.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-15 10:34:40 +01:00
Dietmar Maurer
d4736445fe server/rest.rs: add method to log message 2019-02-15 10:16:12 +01:00
Dietmar Maurer
f02e6fc478 api2/admin/datastore/catar.rs: simplify/fix debug message 2019-02-15 10:04:37 +01:00
Dietmar Maurer
44c00c0dfd server/rest.rs: log full error messages 2019-02-15 09:55:12 +01:00
Dietmar Maurer
7171b3e079 server/rest.rs: use a protocol extension to avoid double log
Instead of modifying the response header itself.
2019-02-14 16:04:24 +01:00
Dietmar Maurer
7e03988caf avoid double logging of proxied requests 2019-02-14 13:28:41 +01:00
Dietmar Maurer
af6f80d3db Revert "backup/datastore: fn open is a private implementation detail"
This reverts commit 3dacd9a660.

I currently use this in some test ...
2019-02-14 13:13:49 +01:00
Dietmar Maurer
78a1fa6722 src/server/rest.rs: log failed requests 2019-02-14 13:07:34 +01:00
Wolfgang Bumiller
2cc90617dd tools/fs: mark ReadDir as Send
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 12:37:31 +01:00
Wolfgang Bumiller
62f2422f6a backup/chunk_store: verify chunk file names
get_chunk_iterator() should skip over files which aren't an
actual chunk

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 12:37:31 +01:00
Wolfgang Bumiller
3dacd9a660 backup/datastore: fn open is a private implementation detail
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 12:37:31 +01:00
Wolfgang Bumiller
9739aca41f backup/chunk_store: open base dir in get_chunk_iterator
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 12:37:31 +01:00
Dietmar Maurer
db4868ef4f src/client/backup_repo.rs - improve docu 2019-02-14 11:17:08 +01:00
Dietmar Maurer
151c6ce27d src/client.rs: improve library structure and docu 2019-02-14 11:11:39 +01:00
Wolfgang Bumiller
dd1bfe6c12 tools/timer: add module documentation
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 10:13:42 +01:00
Wolfgang Bumiller
c7f481b642 backup: replace ChunkIterator
Instead we just build the iterator using our
tools::fs::read_subdir iterator as follows:
Use the index range (0..0x10000) as an iterator, map() it
to yield a subdirectory iterator for each index, then
flatten it.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 10:09:59 +01:00
Wolfgang Bumiller
121f18efb7 tools: use scan_subdir iterator for scandir
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 10:09:59 +01:00
Wolfgang Bumiller
32286b039c tools/fs: add file_name_utf8_unchecked shortcut
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 10:09:59 +01:00
Wolfgang Bumiller
806d7a6a35 tools/fs: change scan_subdir to use filter_file_name_regex
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 10:09:59 +01:00
Wolfgang Bumiller
53e1e7ca72 tools/fs: add filter_file_name_regex to FileIterOps
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 10:09:59 +01:00
Wolfgang Bumiller
23fba9d777 tools/fs: add FileIterOps trait and FileTypeFilter
FileIterOps will provide operations on file entry iterators.
For now this provides a file type filter.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 10:09:59 +01:00
Wolfgang Bumiller
1db416150d tools/fs: let ReadDir iterator yield ReadDirEntry
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 10:09:59 +01:00
Wolfgang Bumiller
b12505da69 tools/fs: add ReadDirEntry helper
This wraps nix::dir::Entry with the parent and additionally
exposes the parent directory file descriptor since we need
it to perform openat().

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 10:09:59 +01:00
Wolfgang Bumiller
a25f863afd tools/fs: add scan_subdir helper
This filters the results of read_subdir with a regex.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 10:09:59 +01:00
Wolfgang Bumiller
b4d5787de9 tools: start fs submodule, add read_subdir
This creates an iterator relative to a RawFd via
nix::dir::Dir over nix::dir::Entrys.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-14 10:09:59 +01:00
Dietmar Maurer
0dffe3f99a src/client/http_client.rs: try to login
use an environment var to store passphrase (PBS_PASSWORD)
2019-02-13 14:31:43 +01:00
Dietmar Maurer
33d64b81e0 src/bin/proxmox-backup-client.rs: define and use BackupRepository 2019-02-13 12:30:52 +01:00
Wolfgang Bumiller
4a3f65172c client: use hyper-tls for now
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-13 11:03:09 +01:00
Wolfgang Bumiller
42d6e4fb05 tools: borrow: implement Deref for Tied
Eg. if you have an x: Tied<Dir, Iterator> now you can simply
call x.next() as it'll dereference to the Iterator.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-13 11:03:09 +01:00
Dietmar Maurer
541a302224 api2/admin/datastore/catar.rs: use nested file extensions
i.e. archive.catar.didx
2019-02-13 10:37:00 +01:00
Dietmar Maurer
e5064ba607 simplify backup lib structure (pub use xxx:*), improve doc 2019-02-12 14:13:31 +01:00
Dietmar Maurer
d78345bcfc src/backup.rs - improve doc 2019-02-12 13:27:11 +01:00
Dietmar Maurer
93d5d77952 rename ArchiveIndex to DynamicIndex
also changed the file extension from .aidx to .didx
2019-02-12 12:05:33 +01:00
Dietmar Maurer
91a905b6dd rename ImageIndex to FixedIndex
also changed the file extension fron .iidx to .fidx
2019-02-12 11:50:45 +01:00
Wolfgang Bumiller
82bc0ad40c backup: fixup warnings and readd lost file type check
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-12 10:43:43 +01:00
Wolfgang Bumiller
9349d2a1d2 backup: cleanup long lines
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-12 10:39:11 +01:00
Wolfgang Bumiller
fdd71f5286 backup: use ChunkIterator for sweep_unused_chunks
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-12 10:39:11 +01:00
Wolfgang Bumiller
c9e7f4dc8b backup: add optional progress callback to ChunkIterator
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-12 10:39:11 +01:00
Wolfgang Bumiller
4070096c6a backup: add ChunkIterator
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-12 10:39:11 +01:00
Wolfgang Bumiller
6ed25cbe3a tools: add Tied value
Tie two dependent values together, such as a nix::Dir with
its nix::dir::Iter<'a> where 'a is tied to the Dir's
lifetime, making it otherwise impossible to return them or
store them in a struct.

Alternatively we could try the 'rental' crate.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-12 10:39:11 +01:00
Wolfgang Bumiller
9ac1045c7b bin: manager: fixup datastore parameter name
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-12 10:39:11 +01:00
Dietmar Maurer
8f8d5a420c avoid compiler warning 2019-02-11 15:12:01 +01:00
Dietmar Maurer
aa5a4060ab bin/proxmox-backup-api.rs: improve error handling 2019-02-11 15:11:42 +01:00
Dietmar Maurer
4223d9f800 bin/proxmox-backup-proxy.rs: improve error handling 2019-02-11 14:43:26 +01:00
Wolfgang Bumiller
ace9e3531a access: use proxmox-backup-auth for pam
allows customization via /etc/pam.d/proxmox-backup-auth

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-07 13:40:22 +01:00
Wolfgang Bumiller
13f8310cac api2: time: use /etc/localtime as fallback
in case there is no /etc/timezone

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-05 14:14:56 +01:00
Wolfgang Bumiller
a7cac14ed9 tools: use std::fs::read for file_get_contents
Until we add the extra options like we have in pve, just use
the already existing (since 1.26) shortcut.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-04 15:35:32 +01:00
Wolfgang Bumiller
e937034c86 remove some rather inconvenient debug output
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-04 15:34:38 +01:00
Wolfgang Bumiller
9d02e5c38a proxy: use <configdir>/server.pfx for tls
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-04 15:19:32 +01:00
Wolfgang Bumiller
9f4962d396 introduce buildcfg module and PROXMOX_CONFIGDIR
buildcfg.rs should contain convenience variables or macros
for using build-time configured variables

For now we replace hardcoded "/etc/proxmox-backup/<foo>"
with configdir!("<foo>").

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-04 15:13:08 +01:00
Wolfgang Bumiller
0d176f3681 proxy: use TLS via tokio-tls
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-04 14:56:07 +01:00
Wolfgang Bumiller
e0a5d1ca2f tests: chunk_store: cleanup .testdir
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-01 10:41:54 +01:00
Wolfgang Bumiller
a4f9188300 tests: import lazy_static as needed
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-01 10:41:54 +01:00
Wolfgang Bumiller
6285b251e7 don't hardcode /usr/share paths
Add a defines.mk file defining the standard default layout
for installation (PREFIX, DATAROOTDIR, LIBDIR etc.).

Add a $(JSDIR) variable and use env!("JSDIR") in place of
the hardcoded /usr/share/javascript/proxmox-backup path.

Have defines.mk include an *optional* local.mak to override
JSDIR to www/ during local development.

Add `make install` targets and remove debian/install.

Note that service files are now in $libdir/proxmox-backup/
as there's usually no point in starting them from the
command line, so /usr/sbin makes no sense.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-01 10:41:54 +01:00
Wolfgang Bumiller
8e4df103dd remove useless command option from daemons
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-02-01 10:41:54 +01:00
Dietmar Maurer
6278365fd9 improve ApiMethod docu 2019-02-01 10:38:07 +01:00
Dietmar Maurer
4b2cdeb9a6 implement relead_timezone flag 2019-02-01 10:04:46 +01:00
Dietmar Maurer
c82bc1a1f9 depend on pam-auth, use pam for root login
Please use username "root@pam" for login via GUI.
2019-02-01 09:30:50 +01:00
Dietmar Maurer
a154a8e8a4 delay unauthorized request (rate limit) 2019-01-31 14:34:21 +01:00
Dietmar Maurer
5996577ab6 move http error class to router.rs 2019-01-31 13:22:30 +01:00
Dietmar Maurer
b9903d6331 server/rest.rs: verify auth cookie 2019-01-31 12:22:00 +01:00
Dietmar Maurer
f484eed3c2 Utils.js: fix cookie handling
Use unsecure cookie foör testing.
2019-01-31 10:08:08 +01:00
Dietmar Maurer
9f49fe1d5d avoid compiler warnings 2019-01-30 18:25:37 +01:00
Dietmar Maurer
34f956bc25 api2/access.rs: add ticket api 2019-01-30 15:16:10 +01:00
Wolfgang Bumiller
1bf446a33e fix timer_delete call
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-01-30 12:04:20 +01:00
Dietmar Maurer
cf671670a0 auth_helpers.rs: add timestamp to csrf token 2019-01-29 17:50:03 +01:00
Dietmar Maurer
1e76cbc6a2 auth_helpers.rs: implement assemble_csrf_prevention_token 2019-01-29 17:41:45 +01:00
Dietmar Maurer
d01e2420f7 load auth keys on startup 2019-01-29 17:21:58 +01:00
Dietmar Maurer
6c30068ebf auth_helpers.rs: split code into separate file 2019-01-29 16:55:49 +01:00
Dietmar Maurer
39a90ca6c5 bin/proxmox-backup-api.rs: gererate secret for csrf token 2019-01-29 13:15:33 +01:00
Dietmar Maurer
26027a151e tools/ticket.rs: remove debug statements 2019-01-29 13:04:01 +01:00
Dietmar Maurer
8d04280b29 tools/ticket.rs: add basic ticket support 2019-01-29 12:59:07 +01:00
Dietmar Maurer
c8f3f9b1af server/rest.rs: simplify proxy code
Only pass neccessary parameters.
2019-01-28 18:22:16 +01:00
Dietmar Maurer
a859fa95a9 add protected flag for some api methods 2019-01-28 18:16:47 +01:00
Dietmar Maurer
a3da38ddfd server/rest.rs: implement proxy_sync_api_request 2019-01-28 18:06:42 +01:00
Dietmar Maurer
f120483353 server/rest.rs: add proxy_sync_api_request() dummy 2019-01-28 17:30:39 +01:00
Dietmar Maurer
4e4df8e2f0 api/router.rs: add new 'protected' flag to ApiMethod 2019-01-28 17:18:42 +01:00
Dietmar Maurer
5bb3398171 server/formatter.rs: fix extjs error format 2019-01-28 13:44:48 +01:00
Dietmar Maurer
02c7a75520 src/bin/proxmox-backup-proxy.rs: implement unpriviledged server
We want to run the public server as user www-data. Requests needing
root priviledges needs to be proxied to the proxmox-backup.service, which
now listens to 127.0.0.1:82.
2019-01-28 13:29:58 +01:00
Dietmar Maurer
48849593ee api2/node/services.rs: implement service commands 2019-01-27 12:40:31 +01:00
Dietmar Maurer
d7d23785f0 RpcEnvironment: implement set_user() and get_user() 2019-01-27 10:52:26 +01:00
Dietmar Maurer
162b979394 RpcEnvironment: add environment type enum RpcEnvironmentType 2019-01-27 10:33:42 +01:00
Dietmar Maurer
e82dad9700 also pass rpcenv to async handlers 2019-01-27 10:18:52 +01:00
Dietmar Maurer
d2ab5f19e2 api2/node/services.rs: start services api 2019-01-26 17:54:18 +01:00
Dietmar Maurer
0f253593c6 move rpc environment implementation to separate files 2019-01-26 15:08:02 +01:00
Dietmar Maurer
6049b71f41 api: pass RpcEnvirnment to api handlers 2019-01-26 14:50:37 +01:00