tyler/proxmox-backup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: tyler:v0.8.16
Branches Tags
tyler:master tyler:stable-1
tyler:v2.2.1 tyler:v2.1.2 tyler:2.1.2 tyler:2.1.1 tyler:v2.0.12 tyler:v2.0.10 tyler:v1.1.10 tyler:v1.1.3 tyler:v1.1.2 tyler:v1.0.13 tyler:v1.0.11 tyler:v1.0.10 tyler:v1.0.9 tyler:v1.0.8 tyler:v1.0.7 tyler:v1.0.6 tyler:v1.0.5 tyler:v1.0.4 tyler:v1.0.3 tyler:v1.0.1 tyler:v0.9.7 tyler:v0.9.6 tyler:v0.9.5 tyler:v0.9.4 tyler:v0.9.3 tyler:v0.9.2 tyler:v0.9.1 tyler:v0.9.0 tyler:v0.8.21 tyler:v0.8.19 tyler:v0.8.17 tyler:v0.8.16 tyler:v0.8.15 tyler:v0.8.14 tyler:v0.8.13 tyler:v0.8.12 tyler:v0.8.11 tyler:v0.8.10 tyler:v0.8.9 tyler:v0.8.8 tyler:v0.8.7 tyler:v0.8.6 tyler:v0.8.2 tyler:v0.8.0 tyler:v0.7.0 tyler:v0.6.0 tyler:v0.5.0 tyler:v0.4.0 tyler:v0.3.0 tyler:v0.2.3 tyler:v0.2.2 tyler:v0.2.1 tyler:v0.2.0 tyler:v0.1.3
...
compare: tyler:v0.8.21
Branches Tags
tyler:master tyler:stable-1
tyler:v2.2.1 tyler:v2.1.2 tyler:2.1.2 tyler:2.1.1 tyler:v2.0.12 tyler:v2.0.10 tyler:v1.1.10 tyler:v1.1.3 tyler:v1.1.2 tyler:v1.0.13 tyler:v1.0.11 tyler:v1.0.10 tyler:v1.0.9 tyler:v1.0.8 tyler:v1.0.7 tyler:v1.0.6 tyler:v1.0.5 tyler:v1.0.4 tyler:v1.0.3 tyler:v1.0.1 tyler:v0.9.7 tyler:v0.9.6 tyler:v0.9.5 tyler:v0.9.4 tyler:v0.9.3 tyler:v0.9.2 tyler:v0.9.1 tyler:v0.9.0 tyler:v0.8.21 tyler:v0.8.19 tyler:v0.8.17 tyler:v0.8.16 tyler:v0.8.15 tyler:v0.8.14 tyler:v0.8.13 tyler:v0.8.12 tyler:v0.8.11 tyler:v0.8.10 tyler:v0.8.9 tyler:v0.8.8 tyler:v0.8.7 tyler:v0.8.6 tyler:v0.8.2 tyler:v0.8.0 tyler:v0.7.0 tyler:v0.6.0 tyler:v0.5.0 tyler:v0.4.0 tyler:v0.3.0 tyler:v0.2.3 tyler:v0.2.2 tyler:v0.2.1 tyler:v0.2.0 tyler:v0.1.3

70 Commits
v0.8.16 ... v0.8.21

Author SHA1 Message Date
Dietmar Maurer
cfe01b2e6a bump version to 0.8.21-1 2020-09-25 13:20:35 +02:00
Dietmar Maurer
b19b032be3 debian/control: update 2020-09-25 13:17:49 +02:00
Dietmar Maurer
5441708634 src/client/pull.rs: use new ParallelHandler 2020-09-25 12:58:20 +02:00
Dietmar Maurer
3c9b370255 src/tools/parallel_handler.rs: execute closure inside a thread pool 2020-09-25 12:58:20 +02:00
Dietmar Maurer
510544770b depend on crossbeam-channel 2020-09-25 12:58:20 +02:00
Thomas Lamprecht
e8293841c2 docs: html: show "Proxmox Backup" in navi for small devices 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-09-24 20:03:17 +02:00
Thomas Lamprecht
46114bf28e docs: html: improve css for small displays 
fixed-width navi/toc links were not switched in color for small width
displays, and thus they were barely readable as the background
switches to dark for small widths.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-09-24 20:03:17 +02:00
Thomas Lamprecht
0d7e61f06f docs: buildsys: add more dependencies to html target 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-09-24 19:45:23 +02:00
Thomas Lamprecht
fd6a54dfbc docs: conf: fix conf for new alabaster theme version 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-09-24 19:44:50 +02:00
Thomas Lamprecht
1ea5722b8f docs: html: adapt custom css 
highlighting the current chapter and some other small formatting
improvements

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-09-24 19:44:00 +02:00
Thomas Lamprecht
bc8fadf494 docs: index: hide todo list toctree and genindex 
I do not found another way to disable inclusion in the sidebar...

The genindex information is alredy provided through glossary

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-09-24 19:43:18 +02:00
Thomas Lamprecht
a76934ad33 docs: html: adapt sidebar in index page 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-09-24 19:41:19 +02:00
Dominik Csapak
d7a122a026 use jobstate mechanism for verify/garbage_collection schedules 
also changes:
* correct comment about reset (replace 'sync' with 'action')
* check schedule change correctly (only when it is actually changed)

with this changes, we can drop the 'lookup_last_worker' method

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-09-24 17:06:12 +02:00
Dominik Csapak
6c25588e63 proxy: fix error handling in prune scheduling 
we rely on the jobstate handling to write the error of the worker
into its state file, but we used '?' here in a block which does not
return the error to the block, but to the function/closure instead

so if a prune job failed because of such an '?', we did not write
into the statefile and got a wrong state there

instead use our try_block! macro that wraps the code in a closure

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-09-24 17:06:09 +02:00
Dietmar Maurer
17a1f579d0 bump version to 0.8.20-1 2020-09-24 13:17:06 +02:00
Dietmar Maurer
998db63933 src/client/pull.rs: decode, verify and write in a separate threads 
To maximize throughput.
 2020-09-24 13:12:04 +02:00
Dietmar Maurer
c0fa14d94a src/backup/data_blob.rs: add is_encrypted helper 2020-09-24 13:00:16 +02:00
Wolfgang Bumiller
6fd129844d remove DummyCatalogWriter 
we're using an `Option` instead now

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
 2020-09-24 09:13:54 +02:00
Dietmar Maurer
baae780c99 benchmark: use compressable data to get more realistic result 
And add a benchmatrk to test chunk verify speed (decompress+sha256).
 2020-09-24 08:58:13 +02:00
Dietmar Maurer
09a1da25ed src/backup/data_blob.rs: improve decompress speed 2020-09-24 08:52:35 +02:00
Oguz Bektas
298c6aaef6 docs: add onlineHelp to some panels 
name sections according to the title or content and add
the respective onlineHelp to the following panels:
- datastore
- user management
- ACL
- backup remote

Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Reviewed-By: Dominik Csapak <d.csapak@proxmox.com>
Tested-By: Dominik Csapak <d.csapak@proxmox.com>
 2020-09-22 19:48:32 +02:00
Dietmar Maurer
a329324139 bump version to 0.8.19-1 2020-09-22 13:30:52 +02:00
Dietmar Maurer
a83e2ffeab src/api2/reader.rs: use std::fs::read instead of tokio::fs::read 
Because it is about 10%& faster this way.
 2020-09-22 13:27:23 +02:00
Dietmar Maurer
5d7449a121 bump version to 0.8.18-1 2020-09-22 12:39:47 +02:00
Dietmar Maurer
ebbe4958c6 src/client/pull.rs: avoid duplicate downloads using in memory HashSet 2020-09-22 12:34:06 +02:00
Dietmar Maurer
73b2cc4977 src/client/pull.rs: allow up to 20 concurrent download streams 2020-09-22 11:39:31 +02:00
Dietmar Maurer
7ecfde8150 remote_chunk_reader.rs: use Arc for cache_hint to make clone faster 2020-09-22 11:39:31 +02:00
Thomas Lamprecht
796480a38b docs: add version and date to HTML index 
Similar to the PDF output or the Proxmox VE docs.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-09-22 09:00:12 +02:00
Dietmar Maurer
4ae6aede60 bump version to 0.8.17-1 2020-09-21 14:09:20 +02:00
Dietmar Maurer
e0085e6612 src/client/pull.rs: remove temporary manifest 2020-09-21 14:03:01 +02:00
Dietmar Maurer
194da6f867 src/client/pull.rs: open temporary manifest with truncate(true) 
To delete any data if the file already exists.
 2020-09-21 13:53:35 +02:00
Dietmar Maurer
3fade35260 bump proxmox version to 0.4.1 2020-09-21 13:51:33 +02:00
Dominik Csapak
5e39918fe1 fix #3017: check array boundaries before using 
else we panic here

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-09-21 09:22:06 +02:00
Dietmar Maurer
f4dc47a805 debian/control: update 2020-09-19 16:22:56 +02:00
Dietmar Maurer
12c65bacf1 src/backup/chunk_store.rs: disable debug output 2020-09-19 15:26:21 +02:00
Dietmar Maurer
ba37f3562d src/backup/datastore.rs - open_with_path: use Path instead of str 2020-09-19 10:01:57 +02:00
Dietmar Maurer
fce4659388 src/backup/datastore.rs: new method open_with_path 
To make testing easier.
 2020-09-19 09:55:21 +02:00
Dietmar Maurer
0a15870a82 depend on proxmox 0.4.0 2020-09-19 06:40:44 +02:00
Dominik Csapak
9866de5e3d datastore/prune schedules: use JobState for tracking of schedules 
like the sync jobs, so that if an admin configures a schedule it
really starts the next time that time is reached not immediately

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-09-19 06:24:37 +02:00
Dylan Whyte
9d3f183ba9 Admin Guide: Add some more detailed info throughout 
- Mention config files for: datastores, users, acl,
  remotes, syncjobs
- Expand a little bit on SMART and smartmontools package
- Explain acl config
- Include line in network stating why a bond would be set up
- Note the use of ifupdown2 for network config, and the potential
  need to install it on other systems
- Add note to PVE integration, specifying where to refer to for VM and
  CT backups

Signed-off-by: Dylan Whyte <d.whyte@proxmox.com>
 2020-09-18 15:51:21 +02:00
Dylan Whyte
fe233f3b3d Small formatting fix up 
- Fix permission image.
- Change alt text for ZFS
- Change note block to match the others

Signed-off-by: Dylan Whyte <d.whyte@proxmox.com>
 2020-09-18 15:50:36 +02:00
Fabian Grünbichler
be3bd0f90b fix #3015: allow user self-service 
listing, updating or deleting a user is now possible for the user
itself, in addition to higher-privileged users that have appropriate
privileges on '/access/users'.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-09-18 15:45:11 +02:00
Fabian Grünbichler
3c053adbb5 role api: fix description 
wrongly copy-pasted at some point

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-09-18 14:55:00 +02:00
Hannes Laimer
c040ec22f7 add verification scheduling to proxmox-backup-proxy 
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
 2020-09-18 12:14:05 +02:00
Hannes Laimer
43f627ba92 ui: add verify-schedule field to edit datastore form 
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
 2020-09-18 12:13:09 +02:00
Hannes Laimer
2b67de2e3f api2: make verify_schedule deletable 
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
 2020-09-18 12:12:29 +02:00
Hannes Laimer
477859662a api2: add optional verify-schdule field to create/update datastore endpoint 
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
 2020-09-18 12:12:16 +02:00
Hannes Laimer
ccd7241e2f add verify_schedule field to DataStoreConfig 
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
 2020-09-18 12:11:55 +02:00
Hannes Laimer
f37ef25bdd api2: add VERIFY_SCHEDULE_SCHEMA 
Signed-off-by: Hannes Laimer <h.laimer@proxmox.com>
 2020-09-18 12:11:39 +02:00
Fabian Grünbichler
b93bbab454 fix #3014: allow DataStoreAdmins to list DS config 
filtered by those they are privileged enough to read individually. this
allows such users to configure prune/GC schedules via the GUI (the API
already allowed it previously).

permission-wise, a user with this privilege can already:
- list all stores they have access to (returns just name/comment)
- read the config of each store they have access to individually
(returns full config of that datastore + digest of whole config)

but combines them to
- read configs of all datastores they have access to (returns full
config of those datastores + digest of whole config)

user that have AUDIT on just /datastore without propagate can now no
longer read all configurations (but this could be added it back, it just
seems to make little sense to me).

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-09-18 12:09:13 +02:00
Dietmar Maurer
9cebc837d5 depend on pxar 0.6.1 2020-09-18 12:02:17 +02:00
Dietmar Maurer
1bc1d81a00 move compute_file_csum to src/tools.rs 2020-09-17 10:27:04 +02:00
Dietmar Maurer
dda72456d7 depend on proxmox 0.3.9 2020-09-17 08:49:50 +02:00
Dominik Csapak
8f2f3dd710 fix #2942: implement lacp bond mode and bond_xmit_hash_policy 
this was not yet implemented, should be compatible with pve and the gui

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-09-17 08:36:25 +02:00
Dominik Csapak
85959a99ea api2/network: add bond-primary parameter 
needed for 'active-backup' bond mode

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-09-17 08:36:14 +02:00
Dominik Csapak
36700a0a87 api2/pull: make pull worker abortable 
by selecting between the pull_future and the abort future

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-09-17 06:11:33 +02:00
Dominik Csapak
dd4b42bac1 fix #2870: renew tickets in HttpClient 
by packing the auth into a RwLock and starting a background
future that renews the ticket every 15 minutes

we still use the BroadcastFuture for the first ticket and only
if that is finished we start the scheduled future

we have to store an abort handle for the renewal future and abort it when
the http client is dropped, so we do not request new tickets forever

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
 2020-09-17 06:09:54 +02:00
Fabian Grünbichler
9626c28619 always allow retrieving (censored) subscription info 
like we do for PVE. this is visible on the dashboard, and caused 403 on
each update which bothers me when looking at the dev console.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-09-17 06:03:25 +02:00
Fabian Grünbichler
463c03462a fix #2957: allow Sys.Audit access to node RRD 
this is the same privilege needed to query the node status.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
 2020-09-17 06:03:25 +02:00
Thomas Lamprecht
a086427a7d docs: fix epilogs fixme comment 
restructured text comment syntax, i.e., everything it cannot parse is
a comment, is a real PITA!

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 2020-09-16 16:36:54 +02:00
Dietmar Maurer
4d431383d3 src/backup/data_blob.rs: expose verify_crc again 2020-09-16 10:43:42 +02:00
Stefan Reiter
d10332a15d SnapshotVerifyState: use enum for state 
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
 2020-09-15 13:06:04 +02:00
Stefan Reiter
43772efc6e backup: check all referenced chunks actually exist 
A client can omit uploading chunks in the "known_chunks" list, those
then also won't be written on the server side. Check all those chunks
mentioned in the index but not uploaded for existance and report an
error if they don't exist instead of marking a potentially broken backup
as "successful".

This is only important if the base snapshot references corrupted chunks,
but has not been negatively verified. Also, it is important to only
verify this at the end, *after* all index writers are closed, since only
then can it be guaranteed that no GC will sweep referenced chunks away.

If a chunk is found missing, also mark the previous backup with a
verification failure, since we know the missing chunk has to referenced
in it (only way it could have been inserted to known_chunks with
checked=false). This has the benefit of automatically doing a
full-upload backup if the user attempts to retry after seeing the new
error, instead of requiring a manual verify or forget.

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
 2020-09-15 10:00:05 +02:00
Stefan Reiter
0af2da0437 backup: check verify state of previous backup before allowing reuse 
Do not allow clients to reuse chunks from the previous backup if it has
a failed validation result. This would result in a new "successful"
backup that potentially references broken chunks.

If the previous backup has not been verified, assume it is fine and
continue on.

Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
 2020-09-15 09:59:29 +02:00
Dietmar Maurer
d09db6c2e9 rename BackupDir::new_with_group to BackupDir::with_group 2020-09-15 09:40:03 +02:00
Dietmar Maurer
bc871bd19d src/backup/backup_info.rs: new BackupDir::with_rfc3339 2020-09-15 09:34:46 +02:00
Dietmar Maurer
b11a6a029d debian/control: update 2020-09-15 09:33:38 +02:00
Dietmar Maurer
6a7be83efe avoid chrono dependency, depend on proxmox 0.3.8 
- remove chrono dependency

- depend on proxmox 0.3.8

- remove epoch_now, epoch_now_u64 and epoch_now_f64

- remove tm_editor (moved to proxmox crate)

- use new helpers from proxmox 0.3.8
  * epoch_i64 and epoch_f64
  * parse_rfc3339
  * epoch_to_rfc3339_utc
  * strftime_local

- BackupDir changes:
  * store epoch and rfc3339 string instead of DateTime
  * backup_time_to_string now return a Result
  * remove unnecessary TryFrom<(BackupGroup, i64)> for BackupDir

- DynamicIndexHeader: change ctime to i64

- FixedIndexHeader: change ctime to i64
 2020-09-15 07:12:57 +02:00
Dietmar Maurer
58169da46a www/OnlineHelpInfo.js: update for syncjobs 2020-09-12 15:10:08 +02:00
Dietmar Maurer
158f49e246 debian/control: update hyper dependency 2020-09-11 16:03:38 +02:00
73 changed files with 1438 additions and 643 deletions
Expand all files Collapse all files

8
Cargo.toml
View File

@ -1,6 +1,6 @@
[package]
name = "proxmox-backup"
version = "0.8.16"
version = "0.8.21"
authors = ["Dietmar Maurer <dietmar@proxmox.com>"]
edition = "2018"
license = "AGPL-3"
@ -18,7 +18,6 @@ apt-pkg-native = "0.3.1" # custom patched version
base64 = "0.12"
bitflags = "1.2.1"
bytes = "0.5"
chrono = "0.4" # Date and time library for Rust
crc32fast = "1"
endian_trait = { version = "0.6", features = ["arrays"] }
anyhow = "1.0"
@ -39,11 +38,11 @@ pam-sys = "0.5"
percent-encoding = "2.1"
pin-utils = "0.1.0"
pathpatterns = "0.1.2"
proxmox = { version = "0.3.5", features = [ "sortable-macro", "api-macro", "websocket" ] }
proxmox = { version = "0.4.1", features = [ "sortable-macro", "api-macro", "websocket" ] }
#proxmox = { git = "ssh://gitolite3@proxdev.maurer-it.com/rust/proxmox", version = "0.1.2", features = [ "sortable-macro", "api-macro" ] }
#proxmox = { path = "../proxmox/proxmox", features = [ "sortable-macro", "api-macro", "websocket" ] }
proxmox-fuse = "0.1.0"
pxar = { version = "0.6.0", features = [ "tokio-io", "futures-io" ] }
pxar = { version = "0.6.1", features = [ "tokio-io", "futures-io" ] }
#pxar = { path = "../pxar", features = [ "tokio-io", "futures-io" ] }
regex = "1.2"
rustyline = "6"
@ -62,6 +61,7 @@ walkdir = "2"
xdg = "2.2"
zstd = { version = "0.4", features = [ "bindgen" ] }
nom = "5.1"
crossbeam-channel = "0.4"
[features]
default = []

76
debian/changelog vendored
View File

@ -1,3 +1,79 @@
rust-proxmox-backup (0.8.21-1) unstable; urgency=medium
* depend on crossbeam-channel
* speedup sync jobs (allow up to 4 worker threads)
* improve docs
* use jobstate mechanism for verify/garbage_collection schedules
* proxy: fix error handling in prune scheduling
-- Proxmox Support Team <support@proxmox.com> Fri, 25 Sep 2020 13:20:19 +0200
rust-proxmox-backup (0.8.20-1) unstable; urgency=medium
* improve sync speed
* benchmark: use compressable data to get more realistic result
* docs: add onlineHelp to some panels
-- Proxmox Support Team <support@proxmox.com> Thu, 24 Sep 2020 13:15:45 +0200
rust-proxmox-backup (0.8.19-1) unstable; urgency=medium
* src/api2/reader.rs: use std::fs::read instead of tokio::fs::read
-- Proxmox Support Team <support@proxmox.com> Tue, 22 Sep 2020 13:30:27 +0200
rust-proxmox-backup (0.8.18-1) unstable; urgency=medium
* src/client/pull.rs: allow up to 20 concurrent download streams
* docs: add version and date to HTML index
-- Proxmox Support Team <support@proxmox.com> Tue, 22 Sep 2020 12:39:26 +0200
rust-proxmox-backup (0.8.17-1) unstable; urgency=medium
* src/client/pull.rs: open temporary manifest with truncate(true)
* depend on proxmox 0.4.1
* fix #3017: check array boundaries before using
* datastore/prune schedules: use JobState for tracking of schedules
* improve docs
* fix #3015: allow user self-service
* add verification scheduling to proxmox-backup-proxy
* fix #3014: allow DataStoreAdmins to list DS config
* depend on pxar 0.6.1
* fix #2942: implement lacp bond mode and bond_xmit_hash_policy
* api2/pull: make pull worker abortable
* fix #2870: renew tickets in HttpClient
* always allow retrieving (censored) subscription info
* fix #2957: allow Sys.Audit access to node RRD
* backup: check all referenced chunks actually exist
* backup: check verify state of previous backup before allowing reuse
* avoid chrono dependency
-- Proxmox Support Team <support@proxmox.com> Mon, 21 Sep 2020 14:08:32 +0200
rust-proxmox-backup (0.8.16-1) unstable; urgency=medium
* BackupDir: make constructor fallible

18
debian/control vendored
View File

@ -11,8 +11,8 @@ Build-Depends: debhelper (>= 11),
librust-base64-0.12+default-dev,
librust-bitflags-1+default-dev (>= 1.2.1-~~),
librust-bytes-0.5+default-dev,
librust-chrono-0.4+default-dev,
librust-crc32fast-1+default-dev,
librust-crossbeam-channel-0.4+default-dev,
librust-endian-trait-0.6+arrays-dev,
librust-endian-trait-0.6+default-dev,
librust-futures-0.3+default-dev,
@ -20,7 +20,7 @@ Build-Depends: debhelper (>= 11),
librust-h2-0.2+stream-dev,
librust-handlebars-3+default-dev,
librust-http-0.2+default-dev,
librust-hyper-0.13+default-dev,
librust-hyper-0.13+default-dev (>= 0.13.6-~~),
librust-lazy-static-1+default-dev (>= 1.4-~~),
librust-libc-0.2+default-dev,
librust-log-0.4+default-dev,
@ -34,14 +34,14 @@ Build-Depends: debhelper (>= 11),
librust-pathpatterns-0.1+default-dev (>= 0.1.2-~~),
librust-percent-encoding-2+default-dev (>= 2.1-~~),
librust-pin-utils-0.1+default-dev,
librust-proxmox-0.3+api-macro-dev (>= 0.3.5-~~),
librust-proxmox-0.3+default-dev (>= 0.3.5-~~),
librust-proxmox-0.3+sortable-macro-dev (>= 0.3.5-~~),
librust-proxmox-0.3+websocket-dev (>= 0.3.5-~~),
librust-proxmox-0.4+api-macro-dev (>= 0.4.1-~~),
librust-proxmox-0.4+default-dev (>= 0.4.1-~~),
librust-proxmox-0.4+sortable-macro-dev (>= 0.4.1-~~),
librust-proxmox-0.4+websocket-dev (>= 0.4.1-~~),
librust-proxmox-fuse-0.1+default-dev,
librust-pxar-0.6+default-dev,
librust-pxar-0.6+futures-io-dev,
librust-pxar-0.6+tokio-io-dev,
librust-pxar-0.6+default-dev (>= 0.6.1-~~),
librust-pxar-0.6+futures-io-dev (>= 0.6.1-~~),
librust-pxar-0.6+tokio-io-dev (>= 0.6.1-~~),
librust-regex-1+default-dev (>= 1.2-~~),
librust-rustyline-6+default-dev,
librust-serde-1+default-dev,

2
docs/Makefile
View File

@ -74,7 +74,7 @@ onlinehelpinfo:
@echo "Build finished. OnlineHelpInfo.js is in $(BUILDDIR)/scanrefs."
.PHONY: html
html: ${GENERATED_SYNOPSIS}
html: ${GENERATED_SYNOPSIS} images/proxmox-logo.svg custom.css conf.py
$(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html
cp images/proxmox-logo.svg $(BUILDDIR)/html/_static/
cp custom.css $(BUILDDIR)/html/_static/

11
docs/_templates/index-sidebar.html vendored Normal file
View File

@ -0,0 +1,11 @@
<h3>Navigation</h3>
{{ toctree(includehidden=theme_sidebar_includehidden, collapse=True, titles_only=True) }}
{% if theme_extra_nav_links %}
<hr />
<h3>Links</h3>
<ul>
{% for text, uri in theme_extra_nav_links.items() %}
<li class="toctree-l1"><a href="{{ uri }}">{{ text }}</a></li>
{% endfor %}
</ul>
{% endif %}

7
docs/_templates/sidebar-header.html vendored Normal file
View File

@ -0,0 +1,7 @@
<p class="logo">
<a href="index.html">
<img class="logo" src="_static/proxmox-logo.svg" alt="Logo">
</a>
</p>
<h1 class="logo logo-name"><a href="index.html">Proxmox Backup</a></h1>
<hr style="width:100%;">

89
docs/administration-guide.rst
View File

@ -127,17 +127,18 @@ Backup Server Management
The command line tool to configure and manage the backup server is called
:command:`proxmox-backup-manager`.
.. _datastore_intro:
:term:`DataStore`
~~~~~~~~~~~~~~~~~
A datastore is a place where backups are stored. The current implementation
uses a directory inside a standard unix file system (``ext4``, ``xfs``
or ``zfs``) to store the backup data.
A datastore refers to a location at which backups are stored. The current
implementation uses a directory inside a standard unix file system (``ext4``,
``xfs`` or ``zfs``) to store the backup data.
Datastores are identified by a simple *ID*. You can configure it
when setting up the backup server.
Datastores are identified by a simple *ID*. You can configure this
when setting up the datastore. The configuration information for datastores
is stored in the file ``/etc/proxmox-backup/datastore.cfg``.
.. note:: The `File Layout`_ requires the file system to support at least *65538*
subdirectories per directory. That number comes from the 2\ :sup:`16`
@ -197,7 +198,7 @@ create a datastore at the location ``/mnt/datastore/store1``:
.. image:: images/screenshots/pbs-gui-disks-zfs-create.png
:align: right
:alt: Create a directory
:alt: Create ZFS
You can also create a ``zpool`` with various raid levels from **Administration
-> Disks -> Zpool** in the web interface, or by using ``zpool create``. The command
@ -208,20 +209,25 @@ mounts it on the root directory (default):
# proxmox-backup-manager disk zpool create zpool1 --devices sdb,sdc --raidlevel mirror
.. note::
You can also pass the ``--add-datastore`` parameter here, to automatically
.. note:: You can also pass the ``--add-datastore`` parameter here, to automatically
create a datastore from the disk.
You can use ``disk fs list`` and ``disk zpool list`` to keep track of your
filesystems and zpools respectively.
If a disk supports S.M.A.R.T. capability, and you have this enabled, you can
Proxmox Backup Server uses the package smartmontools. This is a set of tools
used to monitor and control the S.M.A.R.T. system for local hard disks. If a
disk supports S.M.A.R.T. capability, and you have this enabled, you can
display S.M.A.R.T. attributes from the web interface or by using the command:
.. code-block:: console
# proxmox-backup-manager disk smart-attributes sdX
.. note:: This functionality may also be accessed directly through the use of
the ``smartctl`` command, which comes as part of the smartmontools package
(see ``man smartctl`` for more details).
Datastore Configuration
~~~~~~~~~~~~~~~~~~~~~~~
@ -358,7 +364,7 @@ directories will store the chunked data after a backup operation has been execut
276489 drwxr-xr-x 3 backup backup 4.0K Jul 8 12:35 ..
276490 drwxr-x--- 1 backup backup 1.1M Jul 8 12:35 .
.. _user_mgmt:
User Management
~~~~~~~~~~~~~~~
@ -378,7 +384,8 @@ choose the realm when you add a new user. Possible realms are:
``/etc/proxmox-backup/shadow.json``.
After installation, there is a single user ``root@pam``, which
corresponds to the Unix superuser. You can use the
corresponds to the Unix superuser. User configuration information is stored in the file
``/etc/proxmox-backup/user.cfg``. You can use the
``proxmox-backup-manager`` command line tool to list or manipulate
users:
@ -441,6 +448,8 @@ Or completely remove the user with:
# proxmox-backup-manager user remove john@pbs
.. _user_acl:
Access Control
~~~~~~~~~~~~~~
@ -483,11 +492,29 @@ following roles exist:
**RemoteSyncOperator**
Is allowed to read data from a remote.
.. image:: images/screenshots/pbs-gui-permissions-add.png
:align: right
:alt: Add permissions for user
You can manage datastore permissions from **Configuration -> Permissions** in
the web interface. Likewise, you can use the ``acl`` subcommand to manage and
Access permission information is stored in ``/etc/proxmox-backup/acl.cfg``. The
file contains 5 fields, separated using a colon (':') as a delimiter. A typical
entry takes the form:
``acl:1:/datastore:john@pbs:DatastoreBackup``
The data represented in each field is as follows:
#. ``acl`` identifier
#. A ``1`` or ``0``, representing whether propagation is enabled or disabled,
respectively
#. The object on which the permission is set. This can be a specific object
(single datastore, remote, etc.) or a top level object, which with
propagation enabled, represents all children of the object also.
#. The user for which the permission is set
#. The role being set
You can manage datastore permissions from **Configuration -> Permissions** in the
web interface. Likewise, you can use the ``acl`` subcommand to manage and
monitor user permissions from the command line. For example, the command below
will add the user ``john@pbs`` as a **DatastoreAdmin** for the datastore
``store1``, located at ``/backup/disk1/store1``:
@ -554,7 +581,8 @@ To get a list of available interfaces, use the following command:
:alt: Add a network interface
To add a new network interface, use the ``create`` subcommand with the relevant
parameters. The following command shows a template for creating the bond shown
parameters. For example, you may want to set up a bond, for the purpose of
network redundancy. The following command shows a template for creating the bond shown
in the list above:
.. code-block:: console
@ -596,20 +624,28 @@ is:
# proxmox-backup-manager network reload
.. note:: This command and corresponding GUI button rely on the ``ifreload``
command, from the package ``ifupdown2``. This package is included within the
Proxmox Backup Server installation, however, you may have to install it yourself,
if you have installed Proxmox Backup Server on top of Debian or Proxmox VE.
You can also configure DNS settings, from the **DNS** section
of **Configuration** or by using the ``dns`` subcommand of
``proxmox-backup-manager``.
.. _backup_remote:
:term:`Remote`
~~~~~~~~~~~~~~
A remote refers to a separate Proxmox Backup Server installation and a user on that
installation, from which you can `sync` datastores to a local datastore with a
`Sync Job`. You can configure remotes in the web interface, under **Configuration
-> Remotes**. Alternatively, you can use the ``remote`` subcommand.
-> Remotes**. Alternatively, you can use the ``remote`` subcommand. The
configuration information for remotes is stored in the file
``/etc/proxmox-backup/remote.cfg``.
.. image:: images/screenshots/pbs-gui-remote-add.png
.. image:: images/screenshots/pbs-gui-permissions-add.png
:align: right
:alt: Add a remote
@ -651,13 +687,16 @@ Sync Jobs
.. image:: images/screenshots/pbs-gui-syncjob-add.png
:align: right
:alt: Add a remote
:alt: Add a Sync Job
Sync jobs are configured to pull the contents of a datastore on a **Remote** to a
local datastore. You can either start a sync job manually on the GUI or
provide it with a schedule (see :ref:`calendar-events`) to run regularly. You can manage sync jobs
under **Configuration -> Sync Jobs** in the web interface, or using the
``proxmox-backup-manager sync-job`` command:
Sync jobs are configured to pull the contents of a datastore on a **Remote** to
a local datastore. You can manage sync jobs under **Configuration -> Sync Jobs**
in the web interface, or using the ``proxmox-backup-manager sync-job`` command.
The configuration information for sync jobs is stored at
``/etc/proxmox-backup/sync.cfg``. To create a new sync job, click the add button
in the GUI, or use the ``create`` subcommand. After creating a sync job, you can
either start it manually on the GUI or provide it with a schedule (see
:ref:`calendar-events`) to run regularly.
.. code-block:: console
@ -1412,6 +1451,10 @@ After that you should be able to see storage status with:
Name Type Status Total Used Available %
store2 pbs active 3905109820 1336687816 2568422004 34.23%
Having added the PBS datastore to `Proxmox VE`_, you can backup VMs and
containers in the same way you would for any other storage device within the
environment (see `PVE Admin Guide: Backup and Restore
<https://pve.proxmox.com/pve-docs/pve-admin-guide.html#chapter_vzdump>`_.
.. include:: command-line-tools.rst

45
docs/conf.py
View File

@ -97,12 +97,10 @@ language = None
# There are two options for replacing |today|: either, you set today to some
# non-false value, then it is used:
#
# today = ''
#
# Else, today_fmt is used as the format for a strftime call.
#
# today_fmt = '%B %d, %Y'
today_fmt = '%A, %d %B %Y'
# List of patterns, relative to source directory, that match files and
# directories to ignore when looking for source files.
@ -164,18 +162,19 @@ html_theme = 'alabaster'
#
html_theme_options = {
'fixed_sidebar': True,
#'sidebar_includehidden': False,
'sidebar_collapse': False, # FIXME: documented, but does not works?!
'show_relbar_bottom': True, # FIXME: documented, but does not works?!
'sidebar_includehidden': False,
'sidebar_collapse': False,
'globaltoc_collapse': False,
'show_relbar_bottom': True,
'show_powered_by': False,
'logo': 'proxmox-logo.svg',
'logo_name': True, # show project name below logo
#'logo_text_align': 'center',
#'description': 'Fast, Secure & Efficient.',
'extra_nav_links': {
'Proxmox Homepage': 'https://proxmox.com',
'PDF': 'proxmox-backup.pdf',
},
'sidebar_width': '300px',
'page_width': '1280px',
'sidebar_width': '320px',
'page_width': '1320px',
# font styles
'head_font_family': 'Lato, sans-serif',
'caption_font_family': 'Lato, sans-serif',
@ -183,6 +182,24 @@ html_theme_options = {
'font_family': 'Open Sans, sans-serif',
}
# Alabaster theme recommends setting this fixed.
# If you switch theme this needs to removed, probably.
html_sidebars = {
'**': [
'sidebar-header.html',
'searchbox.html',
'navigation.html',
'relations.html',
],
'index': [
'sidebar-header.html',
'searchbox.html',
'index-sidebar.html',
]
}
# Add any paths that contain custom themes here, relative to this directory.
# html_theme_path = []
@ -228,10 +245,6 @@ html_static_path = ['_static']
#
# html_use_smartypants = True
# Custom sidebar templates, maps document names to template names.
#
# html_sidebars = {}
# Additional templates that should be rendered to pages, maps page names to
# template names.
#

37
docs/custom.css
View File

@ -13,3 +13,40 @@ div.body img {
pre {
padding: 5px 10px;
}
li a.current {
font-weight: bold;
border-bottom: 1px solid #000;
}
ul li.toctree-l1 {
margin-top: 0.5em;
}
ul li.toctree-l1 > a {
color: #000;
}
div.sphinxsidebar form.search {
margin-bottom: 5px;
}
div.sphinxsidebar h3 {
width: 100%;
}
div.sphinxsidebar h1.logo-name {
display: none;
}
@media screen and (max-width: 875px) {
div.sphinxsidebar p.logo {
display: initial;
}
div.sphinxsidebar h1.logo-name {
display: block;
}
div.sphinxsidebar span {
color: #AAA;
}
ul li.toctree-l1 > a {
color: #FFF;
}
}

2
docs/epilog.rst
View File

@ -13,7 +13,7 @@
.. _Proxmox: https://www.proxmox.com
.. _Proxmox Community Forum: https://forum.proxmox.com
.. _Proxmox Virtual Environment: https://www.proxmox.com/proxmox-ve
// FIXME
.. FIXME
.. _Proxmox Backup: https://pbs.proxmox.com/wiki/index.php/Main_Page
.. _PBS Development List: https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
.. _reStructuredText: https://www.sphinx-doc.org/en/master/usage/restructuredtext/index.html

7
docs/index.rst
View File

@ -2,8 +2,8 @@
Welcome to the Proxmox Backup documentation!
============================================
Copyright (C) 2019-2020 Proxmox Server Solutions GmbH
| Copyright (C) 2019-2020 Proxmox Server Solutions GmbH
| Version |version| -- |today|
Permission is granted to copy, distribute and/or modify this document under the
terms of the GNU Free Documentation License, Version 1.3 or any later version
@ -45,9 +45,10 @@ in the section entitled "GNU Free Documentation License".
.. toctree::
:maxdepth: 2
:hidden:
:caption: Developer Appendix
todos.rst
* :ref:`genindex`
.. # * :ref:`genindex`

4
examples/download-speed.rs
View File

@ -2,8 +2,6 @@ use std::io::Write;
use anyhow::{Error};
use chrono::{DateTime, Utc};
use proxmox_backup::api2::types::Userid;
use proxmox_backup::client::{HttpClient, HttpClientOptions, BackupReader};
@ -36,7 +34,7 @@ async fn run() -> Result<(), Error> {
let client = HttpClient::new(host, username, options)?;
let backup_time = "2019-06-28T10:49:48Z".parse::<DateTime<Utc>>()?;
let backup_time = proxmox::tools::time::parse_rfc3339("2019-06-28T10:49:48Z")?;
let client = BackupReader::start(client, None, "store2", "host", "elsa", backup_time, true)
.await?;

2
examples/upload-speed.rs
View File

@ -16,7 +16,7 @@ async fn upload_speed() -> Result<f64, Error> {
let client = HttpClient::new(host, username, options)?;
let backup_time = chrono::Utc::now();
let backup_time = proxmox::tools::time::epoch_i64();
let client = BackupWriter::start(client, None, datastore, "host", "speedtest", backup_time, false, true).await?;

2
src/api2/access/role.rs
View File

@ -14,7 +14,7 @@ use crate::config::acl::{Role, ROLE_NAMES, PRIVILEGES};
type: Array,
items: {
type: Object,
description: "User name with description.",
description: "Role with description and privileges.",
properties: {
roleid: {
type: Role,

35
src/api2/access/user.rs
View File

@ -8,6 +8,7 @@ use proxmox::tools::fs::open_file_locked;
use crate::api2::types::*;
use crate::config::user;
use crate::config::acl::{PRIV_SYS_AUDIT, PRIV_PERMISSIONS_MODIFY};
use crate::config::cached_user_info::CachedUserInfo;
pub const PBS_PASSWORD_SCHEMA: Schema = StringSchema::new("User Password.")
.format(&PASSWORD_FORMAT)
@ -25,10 +26,11 @@ pub const PBS_PASSWORD_SCHEMA: Schema = StringSchema::new("User Password.")
items: { type: user::User },
},
access: {
permission: &Permission::Privilege(&["access", "users"], PRIV_SYS_AUDIT, false),
permission: &Permission::Anybody,
description: "Returns all or just the logged-in user, depending on privileges.",
},
)]
/// List all users
/// List users
pub fn list_users(
_param: Value,
_info: &ApiMethod,
@ -37,11 +39,21 @@ pub fn list_users(
let (config, digest) = user::config()?;
let list = config.convert_to_typed_array("user")?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let top_level_privs = user_info.lookup_privs(&userid, &["access", "users"]);
let top_level_allowed = (top_level_privs & PRIV_SYS_AUDIT) != 0;
let filter_by_privs = |user: &user::User| {
top_level_allowed || user.userid == userid
};
let list:Vec<user::User> = config.convert_to_typed_array("user")?;
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
Ok(list)
Ok(list.into_iter().filter(filter_by_privs).collect())
}
#[api(
@ -124,7 +136,10 @@ pub fn create_user(password: Option<String>, param: Value) -> Result<(), Error>
type: user::User,
},
access: {
permission: &Permission::Privilege(&["access", "users"], PRIV_SYS_AUDIT, false),
permission: &Permission::Or(&[
&Permission::Privilege(&["access", "users"], PRIV_SYS_AUDIT, false),
&Permission::UserParam("userid"),
]),
},
)]
/// Read user configuration data.
@ -177,7 +192,10 @@ pub fn read_user(userid: Userid, mut rpcenv: &mut dyn RpcEnvironment) -> Result<
},
},
access: {
permission: &Permission::Privilege(&["access", "users"], PRIV_PERMISSIONS_MODIFY, false),
permission: &Permission::Or(&[
&Permission::Privilege(&["access", "users"], PRIV_PERMISSIONS_MODIFY, false),
&Permission::UserParam("userid"),
]),
},
)]
/// Update user configuration.
@ -258,7 +276,10 @@ pub fn update_user(
},
},
access: {
permission: &Permission::Privilege(&["access", "users"], PRIV_PERMISSIONS_MODIFY, false),
permission: &Permission::Or(&[
&Permission::Privilege(&["access", "users"], PRIV_PERMISSIONS_MODIFY, false),
&Permission::UserParam("userid"),
]),
},
)]
/// Remove a user from the configuration file.

12
src/api2/admin/datastore.rs
View File

@ -172,7 +172,7 @@ fn list_groups(
let result_item = GroupListItem {
backup_type: group.backup_type().to_string(),
backup_id: group.backup_id().to_string(),
last_backup: info.backup_dir.backup_time().timestamp(),
last_backup: info.backup_dir.backup_time(),
backup_count: list.len() as u64,
files: info.files.clone(),
owner: Some(owner),
@ -403,7 +403,7 @@ pub fn list_snapshots (
let result_item = SnapshotListItem {
backup_type: group.backup_type().to_string(),
backup_id: group.backup_id().to_string(),
backup_time: info.backup_dir.backup_time().timestamp(),
backup_time: info.backup_dir.backup_time(),
comment,
verification,
files,
@ -673,7 +673,7 @@ fn prune(
prune_result.push(json!({
"backup-type": group.backup_type(),
"backup-id": group.backup_id(),
"backup-time": backup_time.timestamp(),
"backup-time": backup_time,
"keep": keep,
}));
}
@ -697,7 +697,7 @@ fn prune(
if keep_all { keep = true; }
let backup_time = info.backup_dir.backup_time();
let timestamp = BackupDir::backup_time_to_string(backup_time);
let timestamp = info.backup_dir.backup_time_string();
let group = info.backup_dir.group();
@ -714,7 +714,7 @@ fn prune(
prune_result.push(json!({
"backup-type": group.backup_type(),
"backup-id": group.backup_id(),
"backup-time": backup_time.timestamp(),
"backup-time": backup_time,
"keep": keep,
}));
@ -1097,7 +1097,7 @@ fn upload_backup_log(
}
println!("Upload backup log to {}/{}/{}/{}/{}", store,
backup_type, backup_id, BackupDir::backup_time_to_string(backup_dir.backup_time()), file_name);
backup_type, backup_id, backup_dir.backup_time_string(), file_name);
let data = req_body
.map_err(Error::from)

29
src/api2/backup.rs
View File

@ -113,8 +113,29 @@ async move {
bail!("backup owner check failed ({} != {})", userid, owner);
}
let last_backup = BackupInfo::last_backup(&datastore.base_path(), &backup_group, true).unwrap_or(None);
let backup_dir = BackupDir::new_with_group(backup_group.clone(), backup_time)?;
let last_backup = {
let info = BackupInfo::last_backup(&datastore.base_path(), &backup_group, true).unwrap_or(None);
if let Some(info) = info {
let (manifest, _) = datastore.load_manifest(&info.backup_dir)?;
let verify = manifest.unprotected["verify_state"].clone();
match serde_json::from_value::<SnapshotVerifyState>(verify) {
Ok(verify) => {
match verify.state {
VerifyState::Ok => Some(info),
VerifyState::Failed => None,
}
},
Err(_) => {
// no verify state found, treat as valid
Some(info)
}
}
} else {
None
}
};
let backup_dir = BackupDir::with_group(backup_group.clone(), backup_time)?;
let _last_guard = if let Some(last) = &last_backup {
if backup_dir.backup_time() <= last.backup_dir.backup_time() {
@ -355,7 +376,7 @@ fn create_fixed_index(
let last_backup = match &env.last_backup {
Some(info) => info,
None => {
bail!("cannot reuse index - no previous backup exists");
bail!("cannot reuse index - no valid previous backup exists");
}
};
@ -670,7 +691,7 @@ fn download_previous(
let last_backup = match &env.last_backup {
Some(info) => info,
None => bail!("no previous backup"),
None => bail!("no valid previous backup"),
};
let mut path = env.datastore.snapshot_path(&last_backup.backup_dir);

58
src/api2/backup/environment.rs
View File

@ -9,7 +9,7 @@ use proxmox::tools::digest_to_hex;
use proxmox::tools::fs::{replace_file, CreateOptions};
use proxmox::api::{RpcEnvironment, RpcEnvironmentType};
use crate::api2::types::Userid;
use crate::api2::types::{Userid, SnapshotVerifyState, VerifyState};
use crate::backup::*;
use crate::server::WorkerTask;
use crate::server::formatter::*;
@ -66,13 +66,16 @@ struct FixedWriterState {
incremental: bool,
}
// key=digest, value=(length, existance checked)
type KnownChunksMap = HashMap<[u8;32], (u32, bool)>;
struct SharedBackupState {
finished: bool,
uid_counter: usize,
file_counter: usize, // successfully uploaded files
dynamic_writers: HashMap<usize, DynamicWriterState>,
fixed_writers: HashMap<usize, FixedWriterState>,
known_chunks: HashMap<[u8;32], u32>,
known_chunks: KnownChunksMap,
backup_size: u64, // sums up size of all files
backup_stat: UploadStatistic,
}
@ -153,7 +156,7 @@ impl BackupEnvironment {
state.ensure_unfinished()?;
state.known_chunks.insert(digest, length);
state.known_chunks.insert(digest, (length, false));
Ok(())
}
@ -195,7 +198,7 @@ impl BackupEnvironment {
if is_duplicate { data.upload_stat.duplicates += 1; }
// register chunk
state.known_chunks.insert(digest, size);
state.known_chunks.insert(digest, (size, true));
Ok(())
}
@ -228,7 +231,7 @@ impl BackupEnvironment {
if is_duplicate { data.upload_stat.duplicates += 1; }
// register chunk
state.known_chunks.insert(digest, size);
state.known_chunks.insert(digest, (size, true));
Ok(())
}
@ -237,7 +240,7 @@ impl BackupEnvironment {
let state = self.state.lock().unwrap();
match state.known_chunks.get(digest) {
Some(len) => Some(*len),
Some((len, _)) => Some(*len),
None => None,
}
}
@ -454,6 +457,47 @@ impl BackupEnvironment {
Ok(())
}
/// Ensure all chunks referenced in this backup actually exist.
/// Only call *after* all writers have been closed, to avoid race with GC.
/// In case of error, mark the previous backup as 'verify failed'.
fn verify_chunk_existance(&self, known_chunks: &KnownChunksMap) -> Result<(), Error> {
for (digest, (_, checked)) in known_chunks.iter() {
if !checked && !self.datastore.chunk_path(digest).0.exists() {
let mark_msg = if let Some(ref last_backup) = self.last_backup {
let last_dir = &last_backup.backup_dir;
let verify_state = SnapshotVerifyState {
state: VerifyState::Failed,
upid: self.worker.upid().clone(),
};
let res = proxmox::try_block!{
let (mut manifest, _) = self.datastore.load_manifest(last_dir)?;
manifest.unprotected["verify_state"] = serde_json::to_value(verify_state)?;
self.datastore.store_manifest(last_dir, serde_json::to_value(manifest)?)
};
if let Err(err) = res {
format!("tried marking previous snapshot as bad, \
but got error accessing manifest: {}", err)
} else {
"marked previous snapshot as bad, please use \
'verify' for a detailed check".to_owned()
}
} else {
"internal error: no base backup registered to mark invalid".to_owned()
};
bail!(
"chunk '{}' was attempted to be reused but doesn't exist - {}",
digest_to_hex(digest),
mark_msg
);
}
}
Ok(())
}
/// Mark backup as finished
pub fn finish_backup(&self) -> Result<(), Error> {
let mut state = self.state.lock().unwrap();
@ -490,6 +534,8 @@ impl BackupEnvironment {
}
}
self.verify_chunk_existance(&state.known_chunks)?;
// marks the backup as successful
state.finished = true;

68
src/api2/config/datastore.rs
View File

@ -9,6 +9,7 @@ use proxmox::tools::fs::open_file_locked;
use crate::api2::types::*;
use crate::backup::*;
use crate::config::cached_user_info::CachedUserInfo;
use crate::config::datastore::{self, DataStoreConfig, DIR_NAME_SCHEMA};
use crate::config::acl::{PRIV_DATASTORE_AUDIT, PRIV_DATASTORE_MODIFY};
@ -22,7 +23,7 @@ use crate::config::acl::{PRIV_DATASTORE_AUDIT, PRIV_DATASTORE_MODIFY};
items: { type: datastore::DataStoreConfig },
},
access: {
permission: &Permission::Privilege(&["datastore"], PRIV_DATASTORE_AUDIT, false),
permission: &Permission::Anybody,
},
)]
/// List all datastores
@ -33,11 +34,18 @@ pub fn list_datastores(
let (config, digest) = datastore::config()?;
let list = config.convert_to_typed_array("datastore")?;
let userid: Userid = rpcenv.get_user().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into();
Ok(list)
let list:Vec<DataStoreConfig> = config.convert_to_typed_array("datastore")?;
let filter_by_privs = |store: &DataStoreConfig| {
let user_privs = user_info.lookup_privs(&userid, &["datastore", &store.name]);
(user_privs & PRIV_DATASTORE_AUDIT) != 0
};
Ok(list.into_iter().filter(filter_by_privs).collect())
}
@ -67,6 +75,10 @@ pub fn list_datastores(
optional: true,
schema: PRUNE_SCHEDULE_SCHEMA,
},
"verify-schedule": {
optional: true,
schema: VERIFY_SCHEDULE_SCHEMA,
},
"keep-last": {
optional: true,
schema: PRUNE_SCHEMA_KEEP_LAST,
@ -119,6 +131,10 @@ pub fn create_datastore(param: Value) -> Result<(), Error> {
datastore::save_config(&config)?;
crate::config::jobstate::create_state_file("prune", &datastore.name)?;
crate::config::jobstate::create_state_file("garbage_collection", &datastore.name)?;
crate::config::jobstate::create_state_file("verify", &datastore.name)?;
Ok(())
}
@ -163,6 +179,8 @@ pub enum DeletableProperty {
gc_schedule,
/// Delete the prune job schedule.
prune_schedule,
/// Delete the verify schedule property
verify_schedule,
/// Delete the keep-last property
keep_last,
/// Delete the keep-hourly property
@ -196,6 +214,10 @@ pub enum DeletableProperty {
optional: true,
schema: PRUNE_SCHEDULE_SCHEMA,
},
"verify-schedule": {
optional: true,
schema: VERIFY_SCHEDULE_SCHEMA,
},
"keep-last": {
optional: true,
schema: PRUNE_SCHEMA_KEEP_LAST,
@ -244,6 +266,7 @@ pub fn update_datastore(
comment: Option<String>,
gc_schedule: Option<String>,
prune_schedule: Option<String>,
verify_schedule: Option<String>,
keep_last: Option<u64>,
keep_hourly: Option<u64>,
keep_daily: Option<u64>,
@ -272,6 +295,7 @@ pub fn update_datastore(
DeletableProperty::comment => { data.comment = None; },
DeletableProperty::gc_schedule => { data.gc_schedule = None; },
DeletableProperty::prune_schedule => { data.prune_schedule = None; },
DeletableProperty::verify_schedule => { data.verify_schedule = None; },
DeletableProperty::keep_last => { data.keep_last = None; },
DeletableProperty::keep_hourly => { data.keep_hourly = None; },
DeletableProperty::keep_daily => { data.keep_daily = None; },
@ -291,8 +315,23 @@ pub fn update_datastore(
}
}
if gc_schedule.is_some() { data.gc_schedule = gc_schedule; }
if prune_schedule.is_some() { data.prune_schedule = prune_schedule; }
let mut gc_schedule_changed = false;
if gc_schedule.is_some() {
gc_schedule_changed = data.gc_schedule != gc_schedule;
data.gc_schedule = gc_schedule;
}
let mut prune_schedule_changed = false;
if prune_schedule.is_some() {
prune_schedule_changed = data.prune_schedule != prune_schedule;
data.prune_schedule = prune_schedule;
}
let mut verify_schedule_changed = false;
if verify_schedule.is_some() {
verify_schedule_changed = data.verify_schedule != verify_schedule;
data.verify_schedule = verify_schedule;
}
if keep_last.is_some() { data.keep_last = keep_last; }
if keep_hourly.is_some() { data.keep_hourly = keep_hourly; }
@ -305,6 +344,20 @@ pub fn update_datastore(
datastore::save_config(&config)?;
// we want to reset the statefiles, to avoid an immediate action in some cases
// (e.g. going from monthly to weekly in the second week of the month)
if gc_schedule_changed {
crate::config::jobstate::create_state_file("garbage_collection", &name)?;
}
if prune_schedule_changed {
crate::config::jobstate::create_state_file("prune", &name)?;
}
if verify_schedule_changed {
crate::config::jobstate::create_state_file("verify", &name)?;
}
Ok(())
}
@ -344,6 +397,11 @@ pub fn delete_datastore(name: String, digest: Option<String>) -> Result<(), Erro
datastore::save_config(&config)?;
// ignore errors
let _ = crate::config::jobstate::remove_state_file("prune", &name);
let _ = crate::config::jobstate::remove_state_file("garbage_collection", &name);
let _ = crate::config::jobstate::remove_state_file("verify", &name);
Ok(())
}

63
src/api2/node/network.rs
View File

@ -198,6 +198,14 @@ pub fn read_interface(iface: String) -> Result<Value, Error> {
type: LinuxBondMode,
optional: true,
},
"bond-primary": {
schema: NETWORK_INTERFACE_NAME_SCHEMA,
optional: true,
},
bond_xmit_hash_policy: {
type: BondXmitHashPolicy,
optional: true,
},
slaves: {
schema: NETWORK_INTERFACE_LIST_SCHEMA,
optional: true,
@ -224,6 +232,8 @@ pub fn create_interface(
bridge_ports: Option<String>,
bridge_vlan_aware: Option<bool>,
bond_mode: Option<LinuxBondMode>,
bond_primary: Option<String>,
bond_xmit_hash_policy: Option<BondXmitHashPolicy>,
slaves: Option<String>,
param: Value,
) -> Result<(), Error> {
@ -284,7 +294,23 @@ pub fn create_interface(
if bridge_vlan_aware.is_some() { interface.bridge_vlan_aware = bridge_vlan_aware; }
}
NetworkInterfaceType::Bond => {
if bond_mode.is_some() { interface.bond_mode = bond_mode; }
if let Some(mode) = bond_mode {
interface.bond_mode = bond_mode;
if bond_primary.is_some() {
if mode != LinuxBondMode::active_backup {
bail!("bond-primary is only valid with Active/Backup mode");
}
interface.bond_primary = bond_primary;
}
if bond_xmit_hash_policy.is_some() {
if mode != LinuxBondMode::ieee802_3ad &&
mode != LinuxBondMode::balance_xor
{
bail!("bond_xmit_hash_policy is only valid with LACP(802.3ad) or balance-xor mode");
}
interface.bond_xmit_hash_policy = bond_xmit_hash_policy;
}
}
if let Some(slaves) = slaves {
let slaves = split_interface_list(&slaves)?;
interface.set_bond_slaves(slaves)?;
@ -343,6 +369,11 @@ pub enum DeletableProperty {
bridge_vlan_aware,
/// Delete bond-slaves (set to 'none')
slaves,
/// Delete bond-primary
#[serde(rename = "bond-primary")]
bond_primary,
/// Delete bond transmit hash policy
bond_xmit_hash_policy,
}
@ -420,6 +451,14 @@ pub enum DeletableProperty {
type: LinuxBondMode,
optional: true,
},
"bond-primary": {
schema: NETWORK_INTERFACE_NAME_SCHEMA,
optional: true,
},
bond_xmit_hash_policy: {
type: BondXmitHashPolicy,
optional: true,
},
slaves: {
schema: NETWORK_INTERFACE_LIST_SCHEMA,
optional: true,
@ -458,6 +497,8 @@ pub fn update_interface(
bridge_ports: Option<String>,
bridge_vlan_aware: Option<bool>,
bond_mode: Option<LinuxBondMode>,
bond_primary: Option<String>,
bond_xmit_hash_policy: Option<BondXmitHashPolicy>,
slaves: Option<String>,
delete: Option<Vec<DeletableProperty>>,
digest: Option<String>,
@ -501,6 +542,8 @@ pub fn update_interface(
DeletableProperty::bridge_ports => { interface.set_bridge_ports(Vec::new())?; }
DeletableProperty::bridge_vlan_aware => { interface.bridge_vlan_aware = None; }
DeletableProperty::slaves => { interface.set_bond_slaves(Vec::new())?; }
DeletableProperty::bond_primary => { interface.bond_primary = None; }
DeletableProperty::bond_xmit_hash_policy => { interface.bond_xmit_hash_policy = None }
}
}
}
@ -518,7 +561,23 @@ pub fn update_interface(
let slaves = split_interface_list(&slaves)?;
interface.set_bond_slaves(slaves)?;
}
if bond_mode.is_some() { interface.bond_mode = bond_mode; }
if let Some(mode) = bond_mode {
interface.bond_mode = bond_mode;
if bond_primary.is_some() {
if mode != LinuxBondMode::active_backup {
bail!("bond-primary is only valid with Active/Backup mode");
}
interface.bond_primary = bond_primary;
}
if bond_xmit_hash_policy.is_some() {
if mode != LinuxBondMode::ieee802_3ad &&
mode != LinuxBondMode::balance_xor
{
bail!("bond_xmit_hash_policy is only valid with LACP(802.3ad) or balance-xor mode");
}
interface.bond_xmit_hash_policy = bond_xmit_hash_policy;
}
}
if let Some(cidr) = cidr {
let (_, _, is_v6) = network::parse_cidr(&cidr)?;

9
src/api2/node/rrd.rs
View File

@ -1,10 +1,10 @@
use anyhow::Error;
use serde_json::{Value, json};
use proxmox::api::{api, Router};
use proxmox::api::{api, Permission, Router};
use crate::api2::types::*;
use crate::tools::epoch_now_f64;
use crate::config::acl::PRIV_SYS_AUDIT;
use crate::rrd::{extract_cached_data, RRD_DATA_ENTRIES};
pub fn create_value_from_rrd(
@ -15,7 +15,7 @@ pub fn create_value_from_rrd(
) -> Result<Value, Error> {
let mut result = Vec::new();
let now = epoch_now_f64()?;
let now = proxmox::tools::time::epoch_f64();
for name in list {
let (start, reso, list) = match extract_cached_data(basedir, name, now, timeframe, cf) {
@ -57,6 +57,9 @@ pub fn create_value_from_rrd(
},
},
},
access: {
permission: &Permission::Privilege(&["system", "status"], PRIV_SYS_AUDIT, false),
},
)]
/// Read node stats
fn get_node_stats(

24
src/api2/node/subscription.rs
View File

@ -1,11 +1,12 @@
use anyhow::{Error};
use serde_json::{json, Value};
use proxmox::api::{api, Router, Permission};
use proxmox::api::{api, Router, RpcEnvironment, Permission};
use crate::tools;
use crate::config::acl::PRIV_SYS_AUDIT;
use crate::api2::types::NODE_SCHEMA;
use crate::config::cached_user_info::CachedUserInfo;
use crate::api2::types::{NODE_SCHEMA, Userid};
#[api(
input: {
@ -28,7 +29,7 @@ use crate::api2::types::NODE_SCHEMA;
},
serverid: {
type: String,
description: "The unique server ID.",
description: "The unique server ID, if permitted to access.",
},
url: {
type: String,
@ -37,17 +38,28 @@ use crate::api2::types::NODE_SCHEMA;
},
},
access: {
permission: &Permission::Privilege(&[], PRIV_SYS_AUDIT, false),
permission: &Permission::Anybody,
},
)]
/// Read subscription info.
fn get_subscription(_param: Value) -> Result<Value, Error> {
fn get_subscription(
_param: Value,
rpcenv: &mut dyn RpcEnvironment,
) -> Result<Value, Error> {
let userid: Userid = rpcenv.get_user().unwrap().parse()?;
let user_info = CachedUserInfo::new()?;
let user_privs = user_info.lookup_privs(&userid, &[]);
let server_id = if (user_privs & PRIV_SYS_AUDIT) != 0 {
tools::get_hardware_address()?
} else {
"hidden".to_string()
};
let url = "https://www.proxmox.com/en/proxmox-backup-server/pricing";
Ok(json!({
"status": "NotFound",
"message": "There is no subscription key",
"serverid": tools::get_hardware_address()?,
"serverid": server_id,
"url": url,
}))
}

10
src/api2/node/time.rs
View File

@ -1,4 +1,3 @@
use chrono::prelude::*;
use anyhow::{bail, format_err, Error};
use serde_json::{json, Value};
@ -57,10 +56,11 @@ fn read_etc_localtime() -> Result<String, Error> {
)]
/// Read server time and time zone settings.
fn get_time(_param: Value) -> Result<Value, Error> {
let datetime = Local::now();
let offset = datetime.offset();
let time = datetime.timestamp();
let localtime = time + (offset.fix().local_minus_utc() as i64);
let time = proxmox::tools::time::epoch_i64();
let tm = proxmox::tools::time::localtime(time)?;
let offset = tm.tm_gmtoff;
let localtime = time + offset;
Ok(json!({
"timezone": read_etc_localtime()?,

8
src/api2/pull.rs
View File

@ -176,7 +176,13 @@ async fn pull (
worker.log(format!("sync datastore '{}' start", store));
pull_store(&worker, &client, &src_repo, tgt_store.clone(), delete, userid).await?;
let pull_future = pull_store(&worker, &client, &src_repo, tgt_store.clone(), delete, userid);
let future = select!{
success = pull_future.fuse() => success,
abort = worker.abort_future().map(|_| Err(format_err!("pull aborted"))) => abort,
};
let _ = future?;
worker.log(format!("sync datastore '{}' end", store));

6
src/api2/reader.rs
View File

@ -1,4 +1,3 @@
//use chrono::{Local, TimeZone};
use anyhow::{bail, format_err, Error};
use futures::*;
use hyper::header::{self, HeaderValue, UPGRADE};
@ -88,7 +87,7 @@ fn upgrade_to_backup_reader_protocol(
//let files = BackupInfo::list_files(&path, &backup_dir)?;
let worker_id = format!("{}_{}_{}_{:08X}", store, backup_type, backup_id, backup_dir.backup_time().timestamp());
let worker_id = format!("{}_{}_{}_{:08X}", store, backup_type, backup_id, backup_dir.backup_time());
WorkerTask::spawn("reader", Some(worker_id), userid.clone(), true, move |worker| {
let mut env = ReaderEnvironment::new(
@ -230,8 +229,7 @@ fn download_chunk(
env.debug(format!("download chunk {:?}", path));
let data = tokio::fs::read(path)
.await
let data = tools::runtime::block_in_place(|| std::fs::read(path))
.map_err(move |err| http_err!(BAD_REQUEST, "reading file {:?} failed: {}", path2, err))?;
let body = Body::from(data);

3
src/api2/status.rs
View File

@ -23,7 +23,6 @@ use crate::api2::types::{
use crate::server;
use crate::backup::{DataStore};
use crate::config::datastore;
use crate::tools::epoch_now_f64;
use crate::tools::statistics::{linear_regression};
use crate::config::cached_user_info::CachedUserInfo;
use crate::config::acl::{
@ -110,7 +109,7 @@ fn datastore_status(
});
let rrd_dir = format!("datastore/{}", store);
let now = epoch_now_f64()?;
let now = proxmox::tools::time::epoch_f64();
let rrd_resolution = RRDTimeFrameResolution::Month;
let rrd_mode = RRDMode::Average;

55
src/api2/types/mod.rs
View File

@ -302,6 +302,11 @@ pub const PRUNE_SCHEDULE_SCHEMA: Schema = StringSchema::new(
.format(&ApiStringFormat::VerifyFn(crate::tools::systemd::time::verify_calendar_event))
.schema();
pub const VERIFY_SCHEDULE_SCHEMA: Schema = StringSchema::new(
"Run verify job at specified schedule.")
.format(&ApiStringFormat::VerifyFn(crate::tools::systemd::time::verify_calendar_event))
.schema();
pub const REMOTE_ID_SCHEMA: Schema = StringSchema::new("Remote ID.")
.format(&PROXMOX_SAFE_ID_FORMAT)
.min_length(3)
@ -380,13 +385,24 @@ pub struct GroupListItem {
pub owner: Option<Userid>,
}
#[api()]
#[derive(Debug, Copy, Clone, PartialEq, Serialize, Deserialize)]
#[serde(rename_all = "lowercase")]
/// Result of a verify operation.
pub enum VerifyState {
/// Verification was successful
Ok,
/// Verification reported one or more errors
Failed,
}
#[api(
properties: {
upid: {
schema: UPID_SCHEMA
},
state: {
type: String
type: VerifyState
},
},
)]
@ -395,8 +411,8 @@ pub struct GroupListItem {
pub struct SnapshotVerifyState {
/// UPID of the verify task
pub upid: UPID,
/// State of the verification. "failed" or "ok"
pub state: String,
/// State of the verification. Enum.
pub state: VerifyState,
}
#[api(
@ -688,7 +704,7 @@ pub enum LinuxBondMode {
/// Broadcast policy
broadcast = 3,
/// IEEE 802.3ad Dynamic link aggregation
//#[serde(rename = "802.3ad")]
#[serde(rename = "802.3ad")]
ieee802_3ad = 4,
/// Adaptive transmit load balancing
balance_tlb = 5,
@ -696,6 +712,23 @@ pub enum LinuxBondMode {
balance_alb = 6,
}
#[api()]
#[derive(Debug, Copy, Clone, PartialEq, Serialize, Deserialize)]
#[serde(rename_all = "kebab-case")]
#[allow(non_camel_case_types)]
#[repr(u8)]
/// Bond Transmit Hash Policy for LACP (802.3ad)
pub enum BondXmitHashPolicy {
/// Layer 2
layer2 = 0,
/// Layer 2+3
#[serde(rename = "layer2+3")]
layer2_3 = 1,
/// Layer 3+4
#[serde(rename = "layer3+4")]
layer3_4 = 2,
}
#[api()]
#[derive(Debug, Copy, Clone, PartialEq, Serialize, Deserialize)]
#[serde(rename_all = "lowercase")]
@ -801,7 +834,15 @@ pub const NETWORK_INTERFACE_LIST_SCHEMA: Schema = StringSchema::new(
bond_mode: {
type: LinuxBondMode,
optional: true,
}
},
"bond-primary": {
schema: NETWORK_INTERFACE_NAME_SCHEMA,
optional: true,
},
bond_xmit_hash_policy: {
type: BondXmitHashPolicy,
optional: true,
},
}
)]
#[derive(Debug, Serialize, Deserialize)]
@ -858,6 +899,10 @@ pub struct Interface {
pub slaves: Option<Vec<String>>,
#[serde(skip_serializing_if="Option::is_none")]
pub bond_mode: Option<LinuxBondMode>,
#[serde(skip_serializing_if="Option::is_none")]
#[serde(rename = "bond-primary")]
pub bond_primary: Option<String>,
pub bond_xmit_hash_policy: Option<BondXmitHashPolicy>,
}
// Regression tests

5
src/auth_helpers.rs
View File

@ -11,7 +11,6 @@ use proxmox::tools::fs::{file_get_contents, replace_file, CreateOptions};
use proxmox::try_block;
use crate::api2::types::Userid;
use crate::tools::epoch_now_u64;
fn compute_csrf_secret_digest(
timestamp: i64,
@ -32,7 +31,7 @@ pub fn assemble_csrf_prevention_token(
userid: &Userid,
) -> String {
let epoch = epoch_now_u64().unwrap() as i64;
let epoch = proxmox::tools::time::epoch_i64();
let digest = compute_csrf_secret_digest(epoch, secret, userid);
@ -69,7 +68,7 @@ pub fn verify_csrf_prevention_token(
bail!("invalid signature.");
}
let now = epoch_now_u64()? as i64;
let now = proxmox::tools::time::epoch_i64();
let age = now - ttime;
if age < min_age {

83
src/backup/backup_info.rs
View File

@ -2,11 +2,8 @@ use crate::tools;
use anyhow::{bail, format_err, Error};
use regex::Regex;
use std::convert::TryFrom;
use std::os::unix::io::RawFd;
use chrono::{DateTime, LocalResult, TimeZone, SecondsFormat, Utc};
use std::path::{PathBuf, Path};
use lazy_static::lazy_static;
@ -106,8 +103,7 @@ impl BackupGroup {
tools::scandir(libc::AT_FDCWD, &path, &BACKUP_DATE_REGEX, |l2_fd, backup_time, file_type| {
if file_type != nix::dir::Type::Directory { return Ok(()); }
let dt = backup_time.parse::<DateTime<Utc>>()?;
let backup_dir = BackupDir::new(self.backup_type.clone(), self.backup_id.clone(), dt.timestamp())?;
let backup_dir = BackupDir::with_rfc3339(&self.backup_type, &self.backup_id, backup_time)?;
let files = list_backup_files(l2_fd, backup_time)?;
list.push(BackupInfo { backup_dir, files });
@ -117,7 +113,7 @@ impl BackupGroup {
Ok(list)
}
pub fn last_successful_backup(&self, base_path: &Path) -> Result<Option<DateTime<Utc>>, Error> {
pub fn last_successful_backup(&self, base_path: &Path) -> Result<Option<i64>, Error> {
let mut last = None;
@ -143,11 +139,11 @@ impl BackupGroup {
}
}
let dt = backup_time.parse::<DateTime<Utc>>()?;
if let Some(last_dt) = last {
if dt > last_dt { last = Some(dt); }
let timestamp = proxmox::tools::time::parse_rfc3339(backup_time)?;
if let Some(last_timestamp) = last {
if timestamp > last_timestamp { last = Some(timestamp); }
} else {
last = Some(dt);
last = Some(timestamp);
}
Ok(())
@ -204,48 +200,63 @@ pub struct BackupDir {
/// Backup group
group: BackupGroup,
/// Backup timestamp
backup_time: DateTime<Utc>,
backup_time: i64,
// backup_time as rfc3339
backup_time_string: String
}
impl BackupDir {
pub fn new<T, U>(backup_type: T, backup_id: U, timestamp: i64) -> Result<Self, Error>
pub fn new<T, U>(backup_type: T, backup_id: U, backup_time: i64) -> Result<Self, Error>
where
T: Into<String>,
U: Into<String>,
{
let group = BackupGroup::new(backup_type.into(), backup_id.into());
BackupDir::new_with_group(group, timestamp)
BackupDir::with_group(group, backup_time)
}
pub fn new_with_group(group: BackupGroup, timestamp: i64) -> Result<Self, Error> {
let backup_time = match Utc.timestamp_opt(timestamp, 0) {
LocalResult::Single(time) => time,
_ => bail!("can't create BackupDir with invalid backup time {}", timestamp),
};
pub fn with_rfc3339<T,U,V>(backup_type: T, backup_id: U, backup_time_string: V) -> Result<Self, Error>
where
T: Into<String>,
U: Into<String>,
V: Into<String>,
{
let backup_time_string = backup_time_string.into();
let backup_time = proxmox::tools::time::parse_rfc3339(&backup_time_string)?;
let group = BackupGroup::new(backup_type.into(), backup_id.into());
Ok(Self { group, backup_time, backup_time_string })
}
Ok(Self { group, backup_time })
pub fn with_group(group: BackupGroup, backup_time: i64) -> Result<Self, Error> {
let backup_time_string = Self::backup_time_to_string(backup_time)?;
Ok(Self { group, backup_time, backup_time_string })
}
pub fn group(&self) -> &BackupGroup {
&self.group
}
pub fn backup_time(&self) -> DateTime<Utc> {
pub fn backup_time(&self) -> i64 {
self.backup_time
}
pub fn backup_time_string(&self) -> &str {
&self.backup_time_string
}
pub fn relative_path(&self) -> PathBuf {
let mut relative_path = self.group.group_path();
relative_path.push(Self::backup_time_to_string(self.backup_time));
relative_path.push(self.backup_time_string.clone());
relative_path
}
pub fn backup_time_to_string(backup_time: DateTime<Utc>) -> String {
backup_time.to_rfc3339_opts(SecondsFormat::Secs, true)
pub fn backup_time_to_string(backup_time: i64) -> Result<String, Error> {
// fixme: can this fail? (avoid unwrap)
proxmox::tools::time::epoch_to_rfc3339_utc(backup_time)
}
}
@ -259,9 +270,11 @@ impl std::str::FromStr for BackupDir {
let cap = SNAPSHOT_PATH_REGEX.captures(path)
.ok_or_else(|| format_err!("unable to parse backup snapshot path '{}'", path))?;
let group = BackupGroup::new(cap.get(1).unwrap().as_str(), cap.get(2).unwrap().as_str());
let backup_time = cap.get(3).unwrap().as_str().parse::<DateTime<Utc>>()?;
BackupDir::try_from((group, backup_time.timestamp()))
BackupDir::with_rfc3339(
cap.get(1).unwrap().as_str(),
cap.get(2).unwrap().as_str(),
cap.get(3).unwrap().as_str(),
)
}
}
@ -269,16 +282,7 @@ impl std::fmt::Display for BackupDir {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
let backup_type = self.group.backup_type();
let id = self.group.backup_id();
let time = Self::backup_time_to_string(self.backup_time);
write!(f, "{}/{}/{}", backup_type, id, time)
}
}
impl TryFrom<(BackupGroup, i64)> for BackupDir {
type Error = Error;
fn try_from((group, timestamp): (BackupGroup, i64)) -> Result<Self, Error> {
BackupDir::new_with_group(group, timestamp)
write!(f, "{}/{}/{}", backup_type, id, self.backup_time_string)
}
}
@ -336,13 +340,12 @@ impl BackupInfo {
if file_type != nix::dir::Type::Directory { return Ok(()); }
tools::scandir(l0_fd, backup_type, &BACKUP_ID_REGEX, |l1_fd, backup_id, file_type| {
if file_type != nix::dir::Type::Directory { return Ok(()); }
tools::scandir(l1_fd, backup_id, &BACKUP_DATE_REGEX, |l2_fd, backup_time, file_type| {
tools::scandir(l1_fd, backup_id, &BACKUP_DATE_REGEX, |l2_fd, backup_time_string, file_type| {
if file_type != nix::dir::Type::Directory { return Ok(()); }
let dt = backup_time.parse::<DateTime<Utc>>()?;
let backup_dir = BackupDir::new(backup_type, backup_id, dt.timestamp())?;
let backup_dir = BackupDir::with_rfc3339(backup_type, backup_id, backup_time_string)?;
let files = list_backup_files(l2_fd, backup_time)?;
let files = list_backup_files(l2_fd, backup_time_string)?;
list.push(BackupInfo { backup_dir, files });

9
src/backup/catalog.rs
View File

@ -5,7 +5,6 @@ use std::io::{Read, Write, Seek, SeekFrom};
use std::os::unix::ffi::OsStrExt;
use anyhow::{bail, format_err, Error};
use chrono::offset::{TimeZone, Local, LocalResult};
use pathpatterns::{MatchList, MatchType};
use proxmox::tools::io::ReadExt;
@ -533,10 +532,10 @@ impl <R: Read + Seek> CatalogReader<R> {
self.dump_dir(&path, pos)?;
}
CatalogEntryType::File => {
let mtime_string = match Local.timestamp_opt(mtime as i64, 0) {
LocalResult::Single(time) => time.to_rfc3339_opts(chrono::SecondsFormat::Secs, false),
_ => (mtime as i64).to_string(),
};
let mut mtime_string = mtime.to_string();
if let Ok(s) = proxmox::tools::time::strftime_local("%FT%TZ", mtime as i64) {
mtime_string = s;
}
println!(
"{} {:?} {} {}",

3
src/backup/chunk_store.rs
View File

@ -104,12 +104,11 @@ impl ChunkStore {
}
let percentage = (i*100)/(64*1024);
if percentage != last_percentage {
eprintln!("{}%", percentage);
// eprintln!("ChunkStore::create {}%", percentage);
last_percentage = percentage;
}
}
Self::open(name, base)
}

5
src/backup/crypt_config.rs
View File

@ -10,7 +10,6 @@
use std::io::Write;
use anyhow::{bail, Error};
use chrono::{Local, DateTime};
use openssl::hash::MessageDigest;
use openssl::pkcs5::pbkdf2_hmac;
use openssl::symm::{decrypt_aead, Cipher, Crypter, Mode};
@ -216,10 +215,10 @@ impl CryptConfig {
pub fn generate_rsa_encoded_key(
&self,
rsa: openssl::rsa::Rsa<openssl::pkey::Public>,
created: DateTime<Local>,
created: i64,
) -> Result<Vec<u8>, Error> {
let modified = Local::now();
let modified = proxmox::tools::time::epoch_i64();
let key_config = super::KeyConfig { kdf: None, created, modified, data: self.enc_key.to_vec() };
let data = serde_json::to_string(&key_config)?.as_bytes().to_vec();

13
src/backup/data_blob.rs
View File

@ -72,7 +72,7 @@ impl DataBlob {
}
// verify the CRC32 checksum
fn verify_crc(&self) -> Result<(), Error> {
pub fn verify_crc(&self) -> Result<(), Error> {
let expected_crc = self.compute_crc();
if expected_crc != self.crc() {
bail!("Data blob has wrong CRC checksum.");
@ -198,7 +198,10 @@ impl DataBlob {
Ok(data)
} else if magic == &COMPRESSED_BLOB_MAGIC_1_0 {
let data_start = std::mem::size_of::<DataBlobHeader>();
let data = zstd::block::decompress(&self.raw_data[data_start..], MAX_BLOB_SIZE)?;
let mut reader = &self.raw_data[data_start..];
let data = zstd::stream::decode_all(&mut reader)?;
// zstd::block::decompress is abou 10% slower
// let data = zstd::block::decompress(&self.raw_data[data_start..], MAX_BLOB_SIZE)?;
if let Some(digest) = digest {
Self::verify_digest(&data, None, digest)?;
}
@ -268,6 +271,12 @@ impl DataBlob {
}
}
/// Returns if chunk is encrypted
pub fn is_encrypted(&self) -> bool {
let magic = self.magic();
magic == &ENCR_COMPR_BLOB_MAGIC_1_0 || magic == &ENCRYPTED_BLOB_MAGIC_1_0
}
/// Verify digest and data length for unencrypted chunks.
///
/// To do that, we need to decompress data first. Please note that

7
src/backup/datastore.rs
View File

@ -6,7 +6,6 @@ use std::convert::TryFrom;
use anyhow::{bail, format_err, Error};
use lazy_static::lazy_static;
use chrono::{DateTime, Utc};
use serde_json::Value;
use proxmox::tools::fs::{replace_file, CreateOptions};
@ -71,6 +70,10 @@ impl DataStore {
let path = store_config["path"].as_str().unwrap();
Self::open_with_path(store_name, Path::new(path))
}
pub fn open_with_path(store_name: &str, path: &Path) -> Result<Self, Error> {
let chunk_store = ChunkStore::open(store_name, path)?;
let gc_status = GarbageCollectionStatus::default();
@ -242,7 +245,7 @@ impl DataStore {
/// Returns the time of the last successful backup
///
/// Or None if there is no backup in the group (or the group dir does not exist).
pub fn last_successful_backup(&self, backup_group: &BackupGroup) -> Result<Option<DateTime<Utc>>, Error> {
pub fn last_successful_backup(&self, backup_group: &BackupGroup) -> Result<Option<i64>, Error> {
let base_path = self.base_path();
let mut group_path = base_path.clone();
group_path.push(backup_group.group_path());

14
src/backup/dynamic_index.rs
View File

@ -21,14 +21,14 @@ use super::read_chunk::ReadChunk;
use super::Chunker;
use super::IndexFile;
use super::{DataBlob, DataChunkBuilder};
use crate::tools::{self, epoch_now_u64};
use crate::tools;
/// Header format definition for dynamic index files (`.dixd`)
#[repr(C)]
pub struct DynamicIndexHeader {
pub magic: [u8; 8],
pub uuid: [u8; 16],
pub ctime: u64,
pub ctime: i64,
/// Sha256 over the index ``SHA256(offset1||digest1||offset2||digest2||...)``
pub index_csum: [u8; 32],
reserved: [u8; 4032], // overall size is one page (4096 bytes)
@ -77,7 +77,7 @@ pub struct DynamicIndexReader {
pub size: usize,
index: Mmap<DynamicEntry>,
pub uuid: [u8; 16],
pub ctime: u64,
pub ctime: i64,
pub index_csum: [u8; 32],
}
@ -107,7 +107,7 @@ impl DynamicIndexReader {
bail!("got unknown magic number");
}
let ctime = u64::from_le(header.ctime);
let ctime = proxmox::tools::time::epoch_i64();
let rawfd = file.as_raw_fd();
@ -480,7 +480,7 @@ pub struct DynamicIndexWriter {
tmp_filename: PathBuf,
csum: Option<openssl::sha::Sha256>,
pub uuid: [u8; 16],
pub ctime: u64,
pub ctime: i64,
}
impl Drop for DynamicIndexWriter {
@ -506,13 +506,13 @@ impl DynamicIndexWriter {
let mut writer = BufWriter::with_capacity(1024 * 1024, file);
let ctime = epoch_now_u64()?;
let ctime = proxmox::tools::time::epoch_i64();
let uuid = Uuid::generate();
let mut header = DynamicIndexHeader::zeroed();
header.magic = super::DYNAMIC_SIZED_CHUNK_INDEX_1_0;
header.ctime = u64::to_le(ctime);
header.ctime = i64::to_le(ctime);
header.uuid = *uuid.as_bytes();
// header.index_csum = [0u8; 32];
writer.write_all(header.as_bytes())?;

27
src/backup/fixed_index.rs
View File

@ -4,9 +4,8 @@ use std::io::{Seek, SeekFrom};
use super::chunk_stat::*;
use super::chunk_store::*;
use super::{IndexFile, ChunkReadInfo};
use crate::tools::{self, epoch_now_u64};
use crate::tools;
use chrono::{Local, LocalResult, TimeZone};
use std::fs::File;
use std::io::Write;
use std::os::unix::io::AsRawFd;
@ -23,7 +22,7 @@ use proxmox::tools::Uuid;
pub struct FixedIndexHeader {
pub magic: [u8; 8],
pub uuid: [u8; 16],
pub ctime: u64,
pub ctime: i64,
/// Sha256 over the index ``SHA256(digest1||digest2||...)``
pub index_csum: [u8; 32],
pub size: u64,
@ -41,7 +40,7 @@ pub struct FixedIndexReader {
index_length: usize,
index: *mut u8,
pub uuid: [u8; 16],
pub ctime: u64,
pub ctime: i64,
pub index_csum: [u8; 32],
}
@ -82,7 +81,7 @@ impl FixedIndexReader {
}
let size = u64::from_le(header.size);
let ctime = u64::from_le(header.ctime);
let ctime = i64::from_le(header.ctime);
let chunk_size = u64::from_le(header.chunk_size);
let index_length = ((size + chunk_size - 1) / chunk_size) as usize;
@ -148,13 +147,13 @@ impl FixedIndexReader {
pub fn print_info(&self) {
println!("Size: {}", self.size);
println!("ChunkSize: {}", self.chunk_size);
println!(
"CTime: {}",
match Local.timestamp_opt(self.ctime as i64, 0) {
LocalResult::Single(ctime) => ctime.format("%c").to_string(),
_ => (self.ctime as i64).to_string(),
let mut ctime_str = self.ctime.to_string();
if let Ok(s) = proxmox::tools::time::strftime_local("%c",self.ctime) {
ctime_str = s;
}
);
println!("CTime: {}", ctime_str);
println!("UUID: {:?}", self.uuid);
}
}
@ -231,7 +230,7 @@ pub struct FixedIndexWriter {
index_length: usize,
index: *mut u8,
pub uuid: [u8; 16],
pub ctime: u64,
pub ctime: i64,
}
// `index` is mmap()ed which cannot be thread-local so should be sendable
@ -274,7 +273,7 @@ impl FixedIndexWriter {
panic!("got unexpected header size");
}
let ctime = epoch_now_u64()?;
let ctime = proxmox::tools::time::epoch_i64();
let uuid = Uuid::generate();
@ -282,7 +281,7 @@ impl FixedIndexWriter {
let header = unsafe { &mut *(buffer.as_ptr() as *mut FixedIndexHeader) };
header.magic = super::FIXED_SIZED_CHUNK_INDEX_1_0;
header.ctime = u64::to_le(ctime);
header.ctime = i64::to_le(ctime);
header.size = u64::to_le(size as u64);
header.chunk_size = u64::to_le(chunk_size as u64);
header.uuid = *uuid.as_bytes();

17
src/backup/key_derivation.rs
View File

@ -1,7 +1,6 @@
use anyhow::{bail, format_err, Context, Error};
use serde::{Deserialize, Serialize};
use chrono::{Local, DateTime};
use proxmox::tools::fs::{file_get_contents, replace_file, CreateOptions};
use proxmox::try_block;
@ -61,10 +60,10 @@ impl KeyDerivationConfig {
#[derive(Deserialize, Serialize, Debug)]
pub struct KeyConfig {
pub kdf: Option<KeyDerivationConfig>,
#[serde(with = "proxmox::tools::serde::date_time_as_rfc3339")]
pub created: DateTime<Local>,
#[serde(with = "proxmox::tools::serde::date_time_as_rfc3339")]
pub modified: DateTime<Local>,
#[serde(with = "proxmox::tools::serde::epoch_as_rfc3339")]
pub created: i64,
#[serde(with = "proxmox::tools::serde::epoch_as_rfc3339")]
pub modified: i64,
#[serde(with = "proxmox::tools::serde::bytes_as_base64")]
pub data: Vec<u8>,
}
@ -136,7 +135,7 @@ pub fn encrypt_key_with_passphrase(
enc_data.extend_from_slice(&tag);
enc_data.extend_from_slice(&encrypted_key);
let created = Local::now();
let created = proxmox::tools::time::epoch_i64();
Ok(KeyConfig {
kdf: Some(kdf),
@ -149,7 +148,7 @@ pub fn encrypt_key_with_passphrase(
pub fn load_and_decrypt_key(
path: &std::path::Path,
passphrase: &dyn Fn() -> Result<Vec<u8>, Error>,
) -> Result<([u8;32], DateTime<Local>), Error> {
) -> Result<([u8;32], i64), Error> {
do_load_and_decrypt_key(path, passphrase)
.with_context(|| format!("failed to load decryption key from {:?}", path))
}
@ -157,14 +156,14 @@ pub fn load_and_decrypt_key(
fn do_load_and_decrypt_key(
path: &std::path::Path,
passphrase: &dyn Fn() -> Result<Vec<u8>, Error>,
) -> Result<([u8;32], DateTime<Local>), Error> {
) -> Result<([u8;32], i64), Error> {
decrypt_key(&file_get_contents(&path)?, passphrase)
}
pub fn decrypt_key(
mut keydata: &[u8],
passphrase: &dyn Fn() -> Result<Vec<u8>, Error>,
) -> Result<([u8;32], DateTime<Local>), Error> {
) -> Result<([u8;32], i64), Error> {
let key_config: KeyConfig = serde_json::from_reader(&mut keydata)?;
let raw_data = key_config.data;

2
src/backup/manifest.rs
View File

@ -103,7 +103,7 @@ impl BackupManifest {
Self {
backup_type: snapshot.group().backup_type().into(),
backup_id: snapshot.group().backup_id().into(),
backup_time: snapshot.backup_time().timestamp(),
backup_time: snapshot.backup_time(),
files: Vec::new(),
unprotected: json!({}),
signature: None,

61
src/backup/prune.rs
View File

@ -2,18 +2,16 @@ use anyhow::{Error};
use std::collections::{HashMap, HashSet};
use std::path::PathBuf;
use chrono::{DateTime, Timelike, Datelike, Local};
use super::{BackupDir, BackupInfo};
use super::BackupInfo;
enum PruneMark { Keep, KeepPartial, Remove }
fn mark_selections<F: Fn(DateTime<Local>, &BackupInfo) -> String> (
fn mark_selections<F: Fn(&BackupInfo) -> Result<String, Error>> (
mark: &mut HashMap<PathBuf, PruneMark>,
list: &Vec<BackupInfo>,
keep: usize,
select_id: F,
) {
) -> Result<(), Error> {
let mut include_hash = HashSet::new();
@ -21,8 +19,7 @@ fn mark_selections<F: Fn(DateTime<Local>, &BackupInfo) -> String> (
for info in list {
let backup_id = info.backup_dir.relative_path();
if let Some(PruneMark::Keep) = mark.get(&backup_id) {
let local_time = info.backup_dir.backup_time().with_timezone(&Local);
let sel_id: String = select_id(local_time, &info);
let sel_id: String = select_id(&info)?;
already_included.insert(sel_id);
}
}
@ -30,8 +27,7 @@ fn mark_selections<F: Fn(DateTime<Local>, &BackupInfo) -> String> (
for info in list {
let backup_id = info.backup_dir.relative_path();
if let Some(_) = mark.get(&backup_id) { continue; }
let local_time = info.backup_dir.backup_time().with_timezone(&Local);
let sel_id: String = select_id(local_time, &info);
let sel_id: String = select_id(&info)?;
if already_included.contains(&sel_id) { continue; }
@ -43,6 +39,8 @@ fn mark_selections<F: Fn(DateTime<Local>, &BackupInfo) -> String> (
mark.insert(backup_id, PruneMark::Remove);
}
}
Ok(())
}
fn remove_incomplete_snapshots(
@ -182,44 +180,43 @@ pub fn compute_prune_info(
remove_incomplete_snapshots(&mut mark, &list);
if let Some(keep_last) = options.keep_last {
mark_selections(&mut mark, &list, keep_last as usize, |_local_time, info| {
BackupDir::backup_time_to_string(info.backup_dir.backup_time())
});
mark_selections(&mut mark, &list, keep_last as usize, |info| {
Ok(info.backup_dir.backup_time_string().to_owned())
})?;
}
use proxmox::tools::time::strftime_local;
if let Some(keep_hourly) = options.keep_hourly {
mark_selections(&mut mark, &list, keep_hourly as usize, |local_time, _info| {
format!("{}/{}/{}/{}", local_time.year(), local_time.month(),
local_time.day(), local_time.hour())
});
mark_selections(&mut mark, &list, keep_hourly as usize, |info| {
strftime_local("%Y/%m/%d/%H", info.backup_dir.backup_time())
})?;
}
if let Some(keep_daily) = options.keep_daily {
mark_selections(&mut mark, &list, keep_daily as usize, |local_time, _info| {
format!("{}/{}/{}", local_time.year(), local_time.month(), local_time.day())
});
mark_selections(&mut mark, &list, keep_daily as usize, |info| {
strftime_local("%Y/%m/%d", info.backup_dir.backup_time())
})?;
}
if let Some(keep_weekly) = options.keep_weekly {
mark_selections(&mut mark, &list, keep_weekly as usize, |local_time, _info| {
let iso_week = local_time.iso_week();
let week = iso_week.week();
// Note: This year number might not match the calendar year number.
let iso_week_year = iso_week.year();
format!("{}/{}", iso_week_year, week)
});
mark_selections(&mut mark, &list, keep_weekly as usize, |info| {
// Note: Use iso-week year/week here. This year number
// might not match the calendar year number.
strftime_local("%G/%V", info.backup_dir.backup_time())
})?;
}
if let Some(keep_monthly) = options.keep_monthly {
mark_selections(&mut mark, &list, keep_monthly as usize, |local_time, _info| {
format!("{}/{}", local_time.year(), local_time.month())
});
mark_selections(&mut mark, &list, keep_monthly as usize, |info| {
strftime_local("%Y/%m", info.backup_dir.backup_time())
})?;
}
if let Some(keep_yearly) = options.keep_yearly {
mark_selections(&mut mark, &list, keep_yearly as usize, |local_time, _info| {
format!("{}/{}", local_time.year(), local_time.year())
});
mark_selections(&mut mark, &list, keep_yearly as usize, |info| {
strftime_local("%Y", info.backup_dir.backup_time())
})?;
}
let prune_info: Vec<(BackupInfo, bool)> = list.into_iter()

7
src/backup/verify.rs
View File

@ -283,7 +283,7 @@ pub fn verify_backup_dir(
let mut error_count = 0;
let mut verify_result = "ok";
let mut verify_result = VerifyState::Ok;
for info in manifest.files() {
let result = proxmox::try_block!({
worker.log(format!(" check {}", info.filename));
@ -316,20 +316,19 @@ pub fn verify_backup_dir(
if let Err(err) = result {
worker.log(format!("verify {}:{}/{} failed: {}", datastore.name(), backup_dir, info.filename, err));
error_count += 1;
verify_result = "failed";
verify_result = VerifyState::Failed;
}
}
let verify_state = SnapshotVerifyState {
state: verify_result.to_string(),
state: verify_result,
upid: worker.upid().clone(),
};
manifest.unprotected["verify_state"] = serde_json::to_value(verify_state)?;
datastore.store_manifest(&backup_dir, serde_json::to_value(manifest)?)
.map_err(|err| format_err!("unable to store manifest blob - {}", err))?;
Ok(error_count == 0)
}

62
src/bin/proxmox-backup-client.rs
View File

@ -8,7 +8,6 @@ use std::sync::{Arc, Mutex};
use std::task::Context;
use anyhow::{bail, format_err, Error};
use chrono::{Local, LocalResult, DateTime, Utc, TimeZone};
use futures::future::FutureExt;
use futures::stream::{StreamExt, TryStreamExt};
use serde_json::{json, Value};
@ -16,11 +15,20 @@ use tokio::sync::mpsc;
use xdg::BaseDirectories;
use pathpatterns::{MatchEntry, MatchType, PatternFlag};
use proxmox::tools::fs::{file_get_contents, file_get_json, replace_file, CreateOptions, image_size};
use proxmox::api::{ApiHandler, ApiMethod, RpcEnvironment};
use proxmox::api::schema::*;
use proxmox::api::cli::*;
use proxmox::api::api;
use proxmox::{
tools::{
time::{strftime_local, epoch_i64},
fs::{file_get_contents, file_get_json, replace_file, CreateOptions, image_size},
},
api::{
api,
ApiHandler,
ApiMethod,
RpcEnvironment,
schema::*,
cli::*,
},
};
use pxar::accessor::{MaybeReady, ReadAt, ReadAtOperation};
use proxmox_backup::tools;
@ -246,7 +254,7 @@ pub async fn api_datastore_latest_snapshot(
client: &HttpClient,
store: &str,
group: BackupGroup,
) -> Result<(String, String, DateTime<Utc>), Error> {
) -> Result<(String, String, i64), Error> {
let list = api_datastore_list_snapshots(client, store, Some(group.clone())).await?;
let mut list: Vec<SnapshotListItem> = serde_json::from_value(list)?;
@ -257,11 +265,7 @@ pub async fn api_datastore_latest_snapshot(
list.sort_unstable_by(|a, b| b.backup_time.cmp(&a.backup_time));
let backup_time = match Utc.timestamp_opt(list[0].backup_time, 0) {
LocalResult::Single(time) => time,
_ => bail!("last snapshot of backup group {:?} has invalid timestmap {}.",
group.group_path(), list[0].backup_time),
};
let backup_time = list[0].backup_time;
Ok((group.backup_type().to_owned(), group.backup_id().to_owned(), backup_time))
}
@ -506,7 +510,7 @@ async fn forget_snapshots(param: Value) -> Result<Value, Error> {
let result = client.delete(&path, Some(json!({
"backup-type": snapshot.group().backup_type(),
"backup-id": snapshot.group().backup_id(),
"backup-time": snapshot.backup_time().timestamp(),
"backup-time": snapshot.backup_time(),
}))).await?;
record_repository(&repo);
@ -643,7 +647,7 @@ async fn list_snapshot_files(param: Value) -> Result<Value, Error> {
let mut result = client.get(&path, Some(json!({
"backup-type": snapshot.group().backup_type(),
"backup-id": snapshot.group().backup_id(),
"backup-time": snapshot.backup_time().timestamp(),
"backup-time": snapshot.backup_time(),
}))).await?;
record_repository(&repo);
@ -990,26 +994,18 @@ async fn create_backup(
}
}
let backup_time = match backup_time_opt {
Some(timestamp) => {
match Utc.timestamp_opt(timestamp, 0) {
LocalResult::Single(time) => time,
_ => bail!("Invalid backup-time parameter: {}", timestamp),
}
},
_ => Utc::now(),
};
let backup_time = backup_time_opt.unwrap_or_else(|| epoch_i64());
let client = connect(repo.host(), repo.user())?;
record_repository(&repo);
println!("Starting backup: {}/{}/{}", backup_type, backup_id, BackupDir::backup_time_to_string(backup_time));
println!("Starting backup: {}/{}/{}", backup_type, backup_id, BackupDir::backup_time_to_string(backup_time)?);
println!("Client name: {}", proxmox::tools::nodename());
let start_time = Local::now();
let start_time = std::time::Instant::now();
println!("Starting protocol: {}", start_time.to_rfc3339_opts(chrono::SecondsFormat::Secs, false));
println!("Starting backup protocol: {}", strftime_local("%c", epoch_i64())?);
let (crypt_config, rsa_encrypted_key) = match keydata {
None => (None, None),
@ -1047,7 +1043,7 @@ async fn create_backup(
None
};
let snapshot = BackupDir::new(backup_type, backup_id, backup_time.timestamp())?;
let snapshot = BackupDir::new(backup_type, backup_id, backup_time)?;
let mut manifest = BackupManifest::new(snapshot);
let mut catalog = None;
@ -1162,11 +1158,11 @@ async fn create_backup(
client.finish().await?;
let end_time = Local::now();
let elapsed = end_time.signed_duration_since(start_time);
println!("Duration: {}", elapsed);
let end_time = std::time::Instant::now();
let elapsed = end_time.duration_since(start_time);
println!("Duration: {:.2}s", elapsed.as_secs_f64());
println!("End Time: {}", end_time.to_rfc3339_opts(chrono::SecondsFormat::Secs, false));
println!("End Time: {}", strftime_local("%c", epoch_i64())?);
Ok(Value::Null)
}
@ -1504,7 +1500,7 @@ async fn upload_log(param: Value) -> Result<Value, Error> {
let args = json!({
"backup-type": snapshot.group().backup_type(),
"backup-id": snapshot.group().backup_id(),
"backup-time": snapshot.backup_time().timestamp(),
"backup-time": snapshot.backup_time(),
});
let body = hyper::Body::from(raw_data);
@ -1800,7 +1796,7 @@ async fn complete_server_file_name_do(param: &HashMap<String, String>) -> Vec<St
let query = tools::json_object_to_query(json!({
"backup-type": snapshot.group().backup_type(),
"backup-id": snapshot.group().backup_id(),
"backup-time": snapshot.backup_time().timestamp(),
"backup-time": snapshot.backup_time(),
})).unwrap();
let path = format!("api2/json/admin/datastore/{}/files?{}", repo.store(), query);

252
src/bin/proxmox-backup-proxy.rs
View File

@ -1,4 +1,4 @@
use std::sync::Arc;
use std::sync::{Arc};
use std::path::{Path, PathBuf};
use anyhow::{bail, format_err, Error};
@ -13,7 +13,7 @@ use proxmox_backup::api2::types::Userid;
use proxmox_backup::configdir;
use proxmox_backup::buildcfg;
use proxmox_backup::server;
use proxmox_backup::tools::{daemon, epoch_now, epoch_now_u64};
use proxmox_backup::tools::daemon;
use proxmox_backup::server::{ApiConfig, rest::*};
use proxmox_backup::auth_helpers::*;
use proxmox_backup::tools::disks::{ DiskManage, zfs_pool_stats };
@ -144,10 +144,11 @@ fn start_task_scheduler() {
tokio::spawn(task.map(|_| ()));
}
use std::time:: {Instant, Duration};
use std::time::{SystemTime, Instant, Duration, UNIX_EPOCH};
fn next_minute() -> Result<Instant, Error> {
let epoch_now = epoch_now()?;
let now = SystemTime::now();
let epoch_now = now.duration_since(UNIX_EPOCH)?;
let epoch_next = Duration::from_secs((epoch_now.as_secs()/60 + 1)*60);
Ok(Instant::now() + epoch_next - epoch_now)
}
@ -195,45 +196,20 @@ async fn schedule_tasks() -> Result<(), Error> {
schedule_datastore_garbage_collection().await;
schedule_datastore_prune().await;
schedule_datastore_verification().await;
schedule_datastore_sync_jobs().await;
Ok(())
}
fn lookup_last_worker(worker_type: &str, worker_id: &str) -> Result<Option<server::UPID>, Error> {
let list = proxmox_backup::server::read_task_list()?;
let mut last: Option<&server::UPID> = None;
for entry in list.iter() {
if entry.upid.worker_type == worker_type {
if let Some(ref id) = entry.upid.worker_id {
if id == worker_id {
match last {
Some(ref upid) => {
if upid.starttime < entry.upid.starttime {
last = Some(&entry.upid)
}
}
None => {
last = Some(&entry.upid)
}
}
}
}
}
}
Ok(last.cloned())
}
async fn schedule_datastore_garbage_collection() {
use proxmox_backup::backup::DataStore;
use proxmox_backup::server::{UPID, WorkerTask};
use proxmox_backup::config::datastore::{self, DataStoreConfig};
use proxmox_backup::config::{
jobstate::{self, Job},
datastore::{self, DataStoreConfig}
};
use proxmox_backup::tools::systemd::time::{
parse_calendar_event, compute_next_event};
@ -289,11 +265,10 @@ async fn schedule_datastore_garbage_collection() {
}
}
} else {
match lookup_last_worker(worker_type, &store) {
Ok(Some(upid)) => upid.starttime,
Ok(None) => 0,
match jobstate::last_run_time(worker_type, &store) {
Ok(time) => time,
Err(err) => {
eprintln!("lookup_last_job_start failed: {}", err);
eprintln!("could not get last run time of {} {}: {}", worker_type, store, err);
continue;
}
}
@ -308,15 +283,15 @@ async fn schedule_datastore_garbage_collection() {
}
};
let now = match epoch_now_u64() {
Ok(epoch_now) => epoch_now as i64,
Err(err) => {
eprintln!("query system time failed - {}", err);
continue;
}
};
let now = proxmox::tools::time::epoch_i64();
if next > now { continue; }
let mut job = match Job::new(worker_type, &store) {
Ok(job) => job,
Err(_) => continue, // could not get lock
};
let store2 = store.clone();
if let Err(err) = WorkerTask::new_thread(
@ -325,9 +300,20 @@ async fn schedule_datastore_garbage_collection() {
Userid::backup_userid().clone(),
false,
move |worker| {
job.start(&worker.upid().to_string())?;
worker.log(format!("starting garbage collection on store {}", store));
worker.log(format!("task triggered by schedule '{}'", event_str));
datastore.garbage_collection(&worker)
let result = datastore.garbage_collection(&worker);
let status = worker.create_state(&result);
if let Err(err) = job.finish(status) {
eprintln!("could not finish job state for {}: {}", worker_type, err);
}
result
}
) {
eprintln!("unable to start garbage collection on store {} - {}", store2, err);
@ -338,9 +324,12 @@ async fn schedule_datastore_garbage_collection() {
async fn schedule_datastore_prune() {
use proxmox_backup::backup::{
PruneOptions, DataStore, BackupGroup, BackupDir, compute_prune_info};
PruneOptions, DataStore, BackupGroup, compute_prune_info};
use proxmox_backup::server::{WorkerTask};
use proxmox_backup::config::datastore::{self, DataStoreConfig};
use proxmox_backup::config::{
jobstate::{self, Job},
datastore::{self, DataStoreConfig}
};
use proxmox_backup::tools::systemd::time::{
parse_calendar_event, compute_next_event};
@ -397,16 +386,10 @@ async fn schedule_datastore_prune() {
let worker_type = "prune";
let last = match lookup_last_worker(worker_type, &store) {
Ok(Some(upid)) => {
if proxmox_backup::server::worker_is_active_local(&upid) {
continue;
}
upid.starttime
}
Ok(None) => 0,
let last = match jobstate::last_run_time(worker_type, &store) {
Ok(time) => time,
Err(err) => {
eprintln!("lookup_last_job_start failed: {}", err);
eprintln!("could not get last run time of {} {}: {}", worker_type, store, err);
continue;
}
};
@ -420,15 +403,15 @@ async fn schedule_datastore_prune() {
}
};
let now = match epoch_now_u64() {
Ok(epoch_now) => epoch_now as i64,
Err(err) => {
eprintln!("query system time failed - {}", err);
continue;
}
};
let now = proxmox::tools::time::epoch_i64();
if next > now { continue; }
let mut job = match Job::new(worker_type, &store) {
Ok(job) => job,
Err(_) => continue, // could not get lock
};
let store2 = store.clone();
if let Err(err) = WorkerTask::new_thread(
@ -437,6 +420,11 @@ async fn schedule_datastore_prune() {
Userid::backup_userid().clone(),
false,
move |worker| {
job.start(&worker.upid().to_string())?;
let result = try_block!({
worker.log(format!("Starting datastore prune on store \"{}\"", store));
worker.log(format!("task triggered by schedule '{}'", event_str));
worker.log(format!("retention options: {}", prune_options.cli_options_string()));
@ -457,15 +445,22 @@ async fn schedule_datastore_prune() {
"{} {}/{}/{}",
if keep { "keep" } else { "remove" },
group.backup_type(), group.backup_id(),
BackupDir::backup_time_to_string(info.backup_dir.backup_time())));
info.backup_dir.backup_time_string()));
if !keep {
datastore.remove_backup_dir(&info.backup_dir, true)?;
}
}
}
Ok(())
});
let status = worker.create_state(&result);
if let Err(err) = job.finish(status) {
eprintln!("could not finish job state for {}: {}", worker_type, err);
}
result
}
) {
eprintln!("unable to start datastore prune on store {} - {}", store2, err);
@ -473,6 +468,120 @@ async fn schedule_datastore_prune() {
}
}
async fn schedule_datastore_verification() {
use proxmox_backup::backup::{DataStore, verify_all_backups};
use proxmox_backup::server::{WorkerTask};
use proxmox_backup::config::{
jobstate::{self, Job},
datastore::{self, DataStoreConfig}
};
use proxmox_backup::tools::systemd::time::{
parse_calendar_event, compute_next_event};
let config = match datastore::config() {
Err(err) => {
eprintln!("unable to read datastore config - {}", err);
return;
}
Ok((config, _digest)) => config,
};
for (store, (_, store_config)) in config.sections {
let datastore = match DataStore::lookup_datastore(&store) {
Ok(datastore) => datastore,
Err(err) => {
eprintln!("lookup_datastore failed - {}", err);
continue;
}
};
let store_config: DataStoreConfig = match serde_json::from_value(store_config) {
Ok(c) => c,
Err(err) => {
eprintln!("datastore config from_value failed - {}", err);
continue;
}
};
let event_str = match store_config.verify_schedule {
Some(event_str) => event_str,
None => continue,
};
let event = match parse_calendar_event(&event_str) {
Ok(event) => event,
Err(err) => {
eprintln!("unable to parse schedule '{}' - {}", event_str, err);
continue;
}
};
let worker_type = "verify";
let last = match jobstate::last_run_time(worker_type, &store) {
Ok(time) => time,
Err(err) => {
eprintln!("could not get last run time of {} {}: {}", worker_type, store, err);
continue;
}
};
let next = match compute_next_event(&event, last, false) {
Ok(Some(next)) => next,
Ok(None) => continue,
Err(err) => {
eprintln!("compute_next_event for '{}' failed - {}", event_str, err);
continue;
}
};
let now = proxmox::tools::time::epoch_i64();
if next > now { continue; }
let mut job = match Job::new(worker_type, &store) {
Ok(job) => job,
Err(_) => continue, // could not get lock
};
let worker_id = store.clone();
let store2 = store.clone();
if let Err(err) = WorkerTask::new_thread(
worker_type,
Some(worker_id),
Userid::backup_userid().clone(),
false,
move |worker| {
job.start(&worker.upid().to_string())?;
worker.log(format!("starting verification on store {}", store2));
worker.log(format!("task triggered by schedule '{}'", event_str));
let result = try_block!({
let failed_dirs = verify_all_backups(datastore, worker.clone())?;
if failed_dirs.len() > 0 {
worker.log("Failed to verify following snapshots:");
for dir in failed_dirs {
worker.log(format!("\t{}", dir));
}
Err(format_err!("verification failed - please check the log for details"))
} else {
Ok(())
}
});
let status = worker.create_state(&result);
if let Err(err) = job.finish(status) {
eprintln!("could not finish job state for {}: {}", worker_type, err);
}
result
},
) {
eprintln!("unable to start verification on store {} - {}", store, err);
}
}
}
async fn schedule_datastore_sync_jobs() {
use proxmox_backup::{
@ -529,13 +638,8 @@ async fn schedule_datastore_sync_jobs() {
}
};
let now = match epoch_now_u64() {
Ok(epoch_now) => epoch_now as i64,
Err(err) => {
eprintln!("query system time failed - {}", err);
continue;
}
};
let now = proxmox::tools::time::epoch_i64();
if next > now { continue; }
let job = match Job::new(worker_type, &job_id) {

56
src/bin/proxmox_backup_client/benchmark.rs
View File

@ -3,7 +3,6 @@ use std::sync::Arc;
use anyhow::{Error};
use serde_json::Value;
use chrono::Utc;
use serde::Serialize;
use proxmox::api::{ApiMethod, RpcEnvironment};
@ -22,6 +21,8 @@ use proxmox_backup::backup::{
load_and_decrypt_key,
CryptConfig,
KeyDerivationConfig,
DataBlob,
DataChunkBuilder,
};
use proxmox_backup::client::*;
@ -61,6 +62,9 @@ struct Speed {
"aes256_gcm": {
type: Speed,
},
"verify": {
type: Speed,
},
},
)]
#[derive(Copy, Clone, Serialize)]
@ -76,9 +80,10 @@ struct BenchmarkResult {
decompress: Speed,
/// AES256 GCM encryption speed
aes256_gcm: Speed,
/// Verify speed
verify: Speed,
}
static BENCHMARK_RESULT_2020_TOP: BenchmarkResult = BenchmarkResult {
tls: Speed {
speed: None,
@ -86,19 +91,23 @@ static BENCHMARK_RESULT_2020_TOP: BenchmarkResult = BenchmarkResult {
},
sha256: Speed {
speed: None,
top: 1_000_000.0 * 2120.0, // AMD Ryzen 7 2700X
top: 1_000_000.0 * 2022.0, // AMD Ryzen 7 2700X
},
compress: Speed {
speed: None,
top: 1_000_000.0 * 2158.0, // AMD Ryzen 7 2700X
top: 1_000_000.0 * 752.0, // AMD Ryzen 7 2700X
},
decompress: Speed {
speed: None,
top: 1_000_000.0 * 8062.0, // AMD Ryzen 7 2700X
top: 1_000_000.0 * 1198.0, // AMD Ryzen 7 2700X
},
aes256_gcm: Speed {
speed: None,
top: 1_000_000.0 * 3803.0, // AMD Ryzen 7 2700X
top: 1_000_000.0 * 3645.0, // AMD Ryzen 7 2700X
},
verify: Speed {
speed: None,
top: 1_000_000.0 * 758.0, // AMD Ryzen 7 2700X
},
};
@ -195,6 +204,9 @@ fn render_result(
.column(ColumnConfig::new("decompress")
.header("ZStd level 1 decompression speed")
.right_align(false).renderer(render_speed))
.column(ColumnConfig::new("verify")
.header("Chunk verification speed")
.right_align(false).renderer(render_speed))
.column(ColumnConfig::new("aes256_gcm")
.header("AES256 GCM encryption speed")
.right_align(false).renderer(render_speed));
@ -212,7 +224,7 @@ async fn test_upload_speed(
verbose: bool,
) -> Result<(), Error> {
let backup_time = Utc::now();
let backup_time = proxmox::tools::time::epoch_i64();
let client = connect(repo.host(), repo.user())?;
record_repository(&repo);
@ -258,7 +270,17 @@ fn test_crypt_speed(
let crypt_config = CryptConfig::new(testkey)?;
let random_data = proxmox::sys::linux::random_data(1024*1024)?;
//let random_data = proxmox::sys::linux::random_data(1024*1024)?;
let mut random_data = vec![];
// generate pseudo random byte sequence
for i in 0..256*1024 {
for j in 0..4 {
let byte = ((i >> (j<<3))&0xff) as u8;
random_data.push(byte);
}
}
assert_eq!(random_data.len(), 1024*1024);
let start_time = std::time::Instant::now();
@ -323,5 +345,23 @@ fn test_crypt_speed(
eprintln!("AES256/GCM speed: {:.2} MB/s", speed/1_000_000_.0);
let start_time = std::time::Instant::now();
let (chunk, digest) = DataChunkBuilder::new(&random_data)
.compress(true)
.build()?;
let mut bytes = 0;
loop {
chunk.verify_unencrypted(random_data.len(), &digest)?;
bytes += random_data.len();
if start_time.elapsed().as_micros() > 1_000_000 { break; }
}
let speed = (bytes as f64)/start_time.elapsed().as_secs_f64();
benchmark_result.verify.speed = Some(speed);
eprintln!("Verify speed: {:.2} MB/s", speed/1_000_000_.0);
Ok(())
}

5
src/bin/proxmox_backup_client/key.rs
View File

@ -1,7 +1,6 @@
use std::path::PathBuf;
use anyhow::{bail, format_err, Error};
use chrono::Local;
use serde::{Deserialize, Serialize};
use proxmox::api::api;
@ -112,7 +111,7 @@ fn create(kdf: Option<Kdf>, path: Option<String>) -> Result<(), Error> {
match kdf {
Kdf::None => {
let created = Local::now();
let created = proxmox::tools::time::epoch_i64();
store_key_config(
&path,
@ -180,7 +179,7 @@ fn change_passphrase(kdf: Option<Kdf>, path: Option<String>) -> Result<(), Error
match kdf {
Kdf::None => {
let modified = Local::now();
let modified = proxmox::tools::time::epoch_i64();
store_key_config(
&path,

38
src/client/backup_reader.rs
View File

@ -1,16 +1,18 @@
use anyhow::{format_err, Error};
use std::io::{Read, Write, Seek, SeekFrom};
use std::io::{Write, Seek, SeekFrom};
use std::fs::File;
use std::sync::Arc;
use std::os::unix::fs::OpenOptionsExt;
use chrono::{DateTime, Utc};
use futures::future::AbortHandle;
use serde_json::{json, Value};
use proxmox::tools::digest_to_hex;
use crate::backup::*;
use crate::{
tools::compute_file_csum,
backup::*,
};
use super::{HttpClient, H2Client};
@ -41,14 +43,14 @@ impl BackupReader {
datastore: &str,
backup_type: &str,
backup_id: &str,
backup_time: DateTime<Utc>,
backup_time: i64,
debug: bool,
) -> Result<Arc<BackupReader>, Error> {
let param = json!({
"backup-type": backup_type,
"backup-id": backup_id,
"backup-time": backup_time.timestamp(),
"backup-time": backup_time,
"store": datastore,
"debug": debug,
});
@ -220,29 +222,3 @@ impl BackupReader {
Ok(index)
}
}
pub fn compute_file_csum(file: &mut File) -> Result<([u8; 32], u64), Error> {
file.seek(SeekFrom::Start(0))?;
let mut hasher = openssl::sha::Sha256::new();
let mut buffer = proxmox::tools::vec::undefined(256*1024);
let mut size: u64 = 0;
loop {
let count = match file.read(&mut buffer) {
Ok(count) => count,
Err(ref err) if err.kind() == std::io::ErrorKind::Interrupted => { continue; }
Err(err) => return Err(err.into()),
};
if count == 0 {
break;
}
size += count as u64;
hasher.update(&buffer[..count]);
}
let csum = hasher.finish();
Ok((csum, size))
}

5
src/client/backup_writer.rs
View File

@ -4,7 +4,6 @@ use std::sync::atomic::{AtomicUsize, Ordering};
use std::sync::{Arc, Mutex};
use anyhow::{bail, format_err, Error};
use chrono::{DateTime, Utc};
use futures::*;
use futures::stream::Stream;
use futures::future::AbortHandle;
@ -51,7 +50,7 @@ impl BackupWriter {
datastore: &str,
backup_type: &str,
backup_id: &str,
backup_time: DateTime<Utc>,
backup_time: i64,
debug: bool,
benchmark: bool
) -> Result<Arc<BackupWriter>, Error> {
@ -59,7 +58,7 @@ impl BackupWriter {
let param = json!({
"backup-type": backup_type,
"backup-id": backup_id,
"backup-time": backup_time.timestamp(),
"backup-time": backup_time,
"store": datastore,
"debug": debug,
"benchmark": benchmark

72
src/client/http_client.rs
View File

@ -1,8 +1,8 @@
use std::io::Write;
use std::task::{Context, Poll};
use std::sync::{Arc, Mutex};
use std::sync::{Arc, Mutex, RwLock};
use std::time::Duration;
use chrono::Utc;
use anyhow::{bail, format_err, Error};
use futures::*;
use http::Uri;
@ -30,7 +30,7 @@ use crate::tools::{self, BroadcastFuture, DEFAULT_ENCODE_SET};
#[derive(Clone)]
pub struct AuthInfo {
pub username: String,
pub userid: Userid,
pub ticket: String,
pub token: String,
}
@ -100,7 +100,9 @@ pub struct HttpClient {
client: Client<HttpsConnector>,
server: String,
fingerprint: Arc<Mutex<Option<String>>>,
auth: BroadcastFuture<AuthInfo>,
first_auth: BroadcastFuture<()>,
auth: Arc<RwLock<AuthInfo>>,
ticket_abort: futures::future::AbortHandle,
_options: HttpClientOptions,
}
@ -199,7 +201,7 @@ fn store_ticket_info(prefix: &str, server: &str, username: &str, ticket: &str, t
let mut data = file_get_json(&path, Some(json!({})))?;
let now = Utc::now().timestamp();
let now = proxmox::tools::time::epoch_i64();
data[server][username] = json!({ "timestamp": now, "ticket": ticket, "token": token});
@ -230,7 +232,7 @@ fn load_ticket_info(prefix: &str, server: &str, userid: &Userid) -> Option<(Stri
// usually /run/user/<uid>/...
let path = base.place_runtime_file("tickets").ok()?;
let data = file_get_json(&path, None).ok()?;
let now = Utc::now().timestamp();
let now = proxmox::tools::time::epoch_i64();
let ticket_lifetime = tools::ticket::TICKET_LIFETIME - 60;
let uinfo = data[server][userid.as_str()].as_object()?;
let timestamp = uinfo["timestamp"].as_i64()?;
@ -318,6 +320,41 @@ impl HttpClient {
}
};
let auth = Arc::new(RwLock::new(AuthInfo {
userid: userid.clone(),
ticket: password.clone(),
token: "".to_string(),
}));
let server2 = server.to_string();
let client2 = client.clone();
let auth2 = auth.clone();
let prefix2 = options.prefix.clone();
let renewal_future = async move {
loop {
tokio::time::delay_for(Duration::new(60*15, 0)).await; // 15 minutes
let (userid, ticket) = {
let authinfo = auth2.read().unwrap().clone();
(authinfo.userid, authinfo.ticket)
};
match Self::credentials(client2.clone(), server2.clone(), userid, ticket).await {
Ok(auth) => {
if use_ticket_cache & &prefix2.is_some() {
let _ = store_ticket_info(prefix2.as_ref().unwrap(), &server2, &auth.userid.to_string(), &auth.ticket, &auth.token);
}
*auth2.write().unwrap() = auth;
},
Err(err) => {
eprintln!("re-authentication failed: {}", err);
return;
}
}
}
};
let (renewal_future, ticket_abort) = futures::future::abortable(renewal_future);
let login_future = Self::credentials(
client.clone(),
server.to_owned(),
@ -326,13 +363,14 @@ impl HttpClient {
).map_ok({
let server = server.to_string();
let prefix = options.prefix.clone();
let authinfo = auth.clone();
move |auth| {
if use_ticket_cache & &prefix.is_some() {
let _ = store_ticket_info(prefix.as_ref().unwrap(), &server, &auth.username, &auth.ticket, &auth.token);
let _ = store_ticket_info(prefix.as_ref().unwrap(), &server, &auth.userid.to_string(), &auth.ticket, &auth.token);
}
auth
*authinfo.write().unwrap() = auth;
tokio::spawn(renewal_future);
}
});
@ -340,7 +378,9 @@ impl HttpClient {
client,
server: String::from(server),
fingerprint: verified_fingerprint,
auth: BroadcastFuture::new(Box::new(login_future)),
auth,
ticket_abort,
first_auth: BroadcastFuture::new(Box::new(login_future)),
_options: options,
})
}
@ -350,7 +390,9 @@ impl HttpClient {
/// Login is done on demand, so this is only required if you need
/// access to authentication data in 'AuthInfo'.
pub async fn login(&self) -> Result<AuthInfo, Error> {
self.auth.listen().await
self.first_auth.listen().await?;
let authinfo = self.auth.read().unwrap();
Ok(authinfo.clone())
}
/// Returns the optional fingerprint passed to the new() constructor.
@ -589,7 +631,7 @@ impl HttpClient {
let req = Self::request_builder(&server, "POST", "/api2/json/access/ticket", Some(data)).unwrap();
let cred = Self::api_request(client, req).await?;
let auth = AuthInfo {
username: cred["data"]["username"].as_str().unwrap().to_owned(),
userid: cred["data"]["username"].as_str().unwrap().parse()?,
ticket: cred["data"]["ticket"].as_str().unwrap().to_owned(),
token: cred["data"]["CSRFPreventionToken"].as_str().unwrap().to_owned(),
};
@ -667,6 +709,12 @@ impl HttpClient {
}
}
impl Drop for HttpClient {
fn drop(&mut self) {
self.ticket_abort.abort();
}
}
#[derive(Clone)]
pub struct H2Client {

113
src/client/pull.rs
View File

@ -3,15 +3,20 @@
use anyhow::{bail, format_err, Error};
use serde_json::json;
use std::convert::TryFrom;
use std::sync::Arc;
use std::collections::HashMap;
use std::sync::{Arc, Mutex};
use std::collections::{HashSet, HashMap};
use std::io::{Seek, SeekFrom};
use std::time::SystemTime;
use std::sync::atomic::{AtomicUsize, Ordering};
use proxmox::api::error::{StatusCode, HttpError};
use crate::server::{WorkerTask};
use crate::backup::*;
use crate::api2::types::*;
use super::*;
use crate::{
tools::{ParallelHandler, compute_file_csum},
server::WorkerTask,
backup::*,
api2::types::*,
client::*,
};
// fixme: implement filters
@ -19,27 +24,86 @@ use super::*;
// Todo: correctly lock backup groups
async fn pull_index_chunks<I: IndexFile>(
_worker: &WorkerTask,
chunk_reader: &mut RemoteChunkReader,
worker: &WorkerTask,
chunk_reader: RemoteChunkReader,
target: Arc<DataStore>,
index: I,
downloaded_chunks: Arc<Mutex<HashSet<[u8;32]>>>,
) -> Result<(), Error> {
use futures::stream::{self, StreamExt, TryStreamExt};
for pos in 0..index.index_count() {
let info = index.chunk_info(pos).unwrap();
let chunk_exists = target.cond_touch_chunk(&info.digest, false)?;
let start_time = SystemTime::now();
let stream = stream::iter(
(0..index.index_count())
.map(|pos| index.chunk_info(pos).unwrap())
.filter(|info| {
let mut guard = downloaded_chunks.lock().unwrap();
let done = guard.contains(&info.digest);
if !done {
// Note: We mark a chunk as downloaded before its actually downloaded
// to avoid duplicate downloads.
guard.insert(info.digest);
}
!done
})
);
let target2 = target.clone();
let verify_pool = ParallelHandler::new(
"sync chunk writer", 4,
move |(chunk, digest, size): (DataBlob, [u8;32], u64)| {
// println!("verify and write {}", proxmox::tools::digest_to_hex(&digest));
chunk.verify_unencrypted(size as usize, &digest)?;
target2.insert_chunk(&chunk, &digest)?;
Ok(())
}
);
let verify_and_write_channel = verify_pool.channel();
let bytes = Arc::new(AtomicUsize::new(0));
stream
.map(|info| {
let target = Arc::clone(&target);
let chunk_reader = chunk_reader.clone();
let bytes = Arc::clone(&bytes);
let verify_and_write_channel = verify_and_write_channel.clone();
Ok::<_, Error>(async move {
let chunk_exists = crate::tools::runtime::block_in_place(|| target.cond_touch_chunk(&info.digest, false))?;
if chunk_exists {
//worker.log(format!("chunk {} exists {}", pos, proxmox::tools::digest_to_hex(digest)));
continue;
return Ok::<_, Error>(());
}
//worker.log(format!("sync {} chunk {}", pos, proxmox::tools::digest_to_hex(digest)));
let chunk = chunk_reader.read_raw_chunk(&info.digest).await?;
let raw_size = chunk.raw_size() as usize;
chunk.verify_unencrypted(info.size() as usize, &info.digest)?;
// decode, verify and write in a separate threads to maximize throughput
crate::tools::runtime::block_in_place(|| verify_and_write_channel.send((chunk, info.digest, info.size())))?;
target.insert_chunk(&chunk, &info.digest)?;
}
bytes.fetch_add(raw_size, Ordering::SeqCst);
Ok(())
})
})
.try_buffer_unordered(20)
.try_for_each(|_res| futures::future::ok(()))
.await?;
drop(verify_and_write_channel);
verify_pool.complete()?;
let elapsed = start_time.elapsed()?.as_secs_f64();
let bytes = bytes.load(Ordering::SeqCst);
worker.log(format!("downloaded {} bytes ({} MiB/s)", bytes, (bytes as f64)/(1024.0*1024.0*elapsed)));
Ok(())
}
@ -52,6 +116,7 @@ async fn download_manifest(
let mut tmp_manifest_file = std::fs::OpenOptions::new()
.write(true)
.create(true)
.truncate(true)
.read(true)
.open(&filename)?;
@ -85,6 +150,7 @@ async fn pull_single_archive(
tgt_store: Arc<DataStore>,
snapshot: &BackupDir,
archive_info: &FileInfo,
downloaded_chunks: Arc<Mutex<HashSet<[u8;32]>>>,
) -> Result<(), Error> {
let archive_name = &archive_info.filename;
@ -111,7 +177,7 @@ async fn pull_single_archive(
let (csum, size) = index.compute_csum();
verify_archive(archive_info, &csum, size)?;
pull_index_chunks(worker, chunk_reader, tgt_store.clone(), index).await?;
pull_index_chunks(worker, chunk_reader.clone(), tgt_store.clone(), index, downloaded_chunks).await?;
}
ArchiveType::FixedIndex => {
let index = FixedIndexReader::new(tmpfile)
@ -119,7 +185,7 @@ async fn pull_single_archive(
let (csum, size) = index.compute_csum();
verify_archive(archive_info, &csum, size)?;
pull_index_chunks(worker, chunk_reader, tgt_store.clone(), index).await?;
pull_index_chunks(worker, chunk_reader.clone(), tgt_store.clone(), index, downloaded_chunks).await?;
}
ArchiveType::Blob => {
let (csum, size) = compute_file_csum(&mut tmpfile)?;
@ -165,6 +231,7 @@ async fn pull_snapshot(
reader: Arc<BackupReader>,
tgt_store: Arc<DataStore>,
snapshot: &BackupDir,
downloaded_chunks: Arc<Mutex<HashSet<[u8;32]>>>,
) -> Result<(), Error> {
let mut manifest_name = tgt_store.base_path();
@ -218,6 +285,7 @@ async fn pull_snapshot(
try_client_log_download(worker, reader, &client_log_name).await?;
}
worker.log("no data changes");
let _ = std::fs::remove_file(&tmp_manifest_name);
return Ok(()); // nothing changed
}
}
@ -273,6 +341,7 @@ async fn pull_snapshot(
tgt_store.clone(),
snapshot,
&item,
downloaded_chunks.clone(),
).await?;
}
@ -295,6 +364,7 @@ pub async fn pull_snapshot_from(
reader: Arc<BackupReader>,
tgt_store: Arc<DataStore>,
snapshot: &BackupDir,
downloaded_chunks: Arc<Mutex<HashSet<[u8;32]>>>,
) -> Result<(), Error> {
let (_path, is_new, _snap_lock) = tgt_store.create_locked_backup_dir(&snapshot)?;
@ -302,7 +372,7 @@ pub async fn pull_snapshot_from(
if is_new {
worker.log(format!("sync snapshot {:?}", snapshot.relative_path()));
if let Err(err) = pull_snapshot(worker, reader, tgt_store.clone(), &snapshot).await {
if let Err(err) = pull_snapshot(worker, reader, tgt_store.clone(), &snapshot, downloaded_chunks).await {
if let Err(cleanup_err) = tgt_store.remove_backup_dir(&snapshot, true) {
worker.log(format!("cleanup error - {}", cleanup_err));
}
@ -311,7 +381,7 @@ pub async fn pull_snapshot_from(
worker.log(format!("sync snapshot {:?} done", snapshot.relative_path()));
} else {
worker.log(format!("re-sync snapshot {:?}", snapshot.relative_path()));
pull_snapshot(worker, reader, tgt_store.clone(), &snapshot).await?;
pull_snapshot(worker, reader, tgt_store.clone(), &snapshot, downloaded_chunks).await?;
worker.log(format!("re-sync snapshot {:?} done", snapshot.relative_path()));
}
@ -346,6 +416,9 @@ pub async fn pull_group(
let mut remote_snapshots = std::collections::HashSet::new();
// start with 16384 chunks (up to 65GB)
let downloaded_chunks = Arc::new(Mutex::new(HashSet::with_capacity(1024*64)));
for item in list {
let snapshot = BackupDir::new(item.backup_type, item.backup_id, item.backup_time)?;
@ -379,7 +452,7 @@ pub async fn pull_group(
true,
).await?;
pull_snapshot_from(worker, reader, tgt_store.clone(), &snapshot).await?;
pull_snapshot_from(worker, reader, tgt_store.clone(), &snapshot, downloaded_chunks.clone()).await?;
}
if delete {

4
src/client/remote_chunk_reader.rs
View File

@ -15,7 +15,7 @@ pub struct RemoteChunkReader {
client: Arc<BackupReader>,
crypt_config: Option<Arc<CryptConfig>>,
crypt_mode: CryptMode,
cache_hint: HashMap<[u8; 32], usize>,
cache_hint: Arc<HashMap<[u8; 32], usize>>,
cache: Arc<Mutex<HashMap<[u8; 32], Vec<u8>>>>,
}
@ -33,7 +33,7 @@ impl RemoteChunkReader {
client,
crypt_config,
crypt_mode,
cache_hint,
cache_hint: Arc::new(cache_hint),
cache: Arc::new(Mutex::new(HashMap::new())),
}
}

6
src/config/datastore.rs
View File

@ -44,6 +44,10 @@ pub const DIR_NAME_SCHEMA: Schema = StringSchema::new("Directory name").schema()
optional: true,
schema: PRUNE_SCHEDULE_SCHEMA,
},
"verify-schedule": {
optional: true,
schema: VERIFY_SCHEDULE_SCHEMA,
},
"keep-last": {
optional: true,
schema: PRUNE_SCHEMA_KEEP_LAST,
@ -83,6 +87,8 @@ pub struct DataStoreConfig {
#[serde(skip_serializing_if="Option::is_none")]
pub prune_schedule: Option<String>,
#[serde(skip_serializing_if="Option::is_none")]
pub verify_schedule: Option<String>,
#[serde(skip_serializing_if="Option::is_none")]
pub keep_last: Option<u64>,
#[serde(skip_serializing_if="Option::is_none")]
pub keep_hourly: Option<u64>,

5
src/config/jobstate.rs
View File

@ -48,7 +48,6 @@ use proxmox::tools::fs::{
use serde::{Deserialize, Serialize};
use crate::server::{upid_read_status, worker_is_active_local, TaskState, UPID};
use crate::tools::epoch_now_u64;
#[serde(rename_all = "kebab-case")]
#[derive(Serialize, Deserialize)]
@ -178,7 +177,7 @@ impl JobState {
}
} else {
Ok(JobState::Created {
time: epoch_now_u64()? as i64 - 30,
time: proxmox::tools::time::epoch_i64() - 30,
})
}
}
@ -199,7 +198,7 @@ impl Job {
jobtype: jobtype.to_string(),
jobname: jobname.to_string(),
state: JobState::Created {
time: epoch_now_u64()? as i64,
time: proxmox::tools::time::epoch_i64(),
},
_lock,
})

30
src/config/network.rs
View File

@ -17,7 +17,7 @@ pub use lexer::*;
mod parser;
pub use parser::*;
use crate::api2::types::{Interface, NetworkConfigMethod, NetworkInterfaceType, LinuxBondMode};
use crate::api2::types::{Interface, NetworkConfigMethod, NetworkInterfaceType, LinuxBondMode, BondXmitHashPolicy};
lazy_static!{
static ref PHYSICAL_NIC_REGEX: Regex = Regex::new(r"^(?:eth\d+|en[^:.]+|ib\d+)$").unwrap();
@ -44,6 +44,19 @@ pub fn bond_mode_to_str(mode: LinuxBondMode) -> &'static str {
}
}
pub fn bond_xmit_hash_policy_from_str(s: &str) -> Result<BondXmitHashPolicy, Error> {
BondXmitHashPolicy::deserialize(s.into_deserializer())
.map_err(|_: value::Error| format_err!("invalid bond_xmit_hash_policy '{}'", s))
}
pub fn bond_xmit_hash_policy_to_str(policy: &BondXmitHashPolicy) -> &'static str {
match policy {
BondXmitHashPolicy::layer2 => "layer2",
BondXmitHashPolicy::layer2_3 => "layer2+3",
BondXmitHashPolicy::layer3_4 => "layer3+4",
}
}
impl Interface {
pub fn new(name: String) -> Self {
@ -67,6 +80,8 @@ impl Interface {
bridge_vlan_aware: None,
slaves: None,
bond_mode: None,
bond_primary: None,
bond_xmit_hash_policy: None,
}
}
@ -169,6 +184,19 @@ impl Interface {
NetworkInterfaceType::Bond => {
let mode = self.bond_mode.unwrap_or(LinuxBondMode::balance_rr);
writeln!(w, "\tbond-mode {}", bond_mode_to_str(mode))?;
if let Some(primary) = &self.bond_primary {
if mode == LinuxBondMode::active_backup {
writeln!(w, "\tbond-primary {}", primary)?;
}
}
if let Some(xmit_policy) = &self.bond_xmit_hash_policy {
if mode == LinuxBondMode::ieee802_3ad ||
mode == LinuxBondMode::balance_xor
{
writeln!(w, "\tbond_xmit_hash_policy {}", bond_xmit_hash_policy_to_str(xmit_policy))?;
}
}
let slaves = self.slaves.as_ref().unwrap_or(&EMPTY_LIST);
if slaves.is_empty() {

7
src/config/network/lexer.rs
View File

@ -26,6 +26,8 @@ pub enum Token {
BridgeVlanAware,
BondSlaves,
BondMode,
BondPrimary,
BondXmitHashPolicy,
EOF,
}
@ -51,7 +53,10 @@ lazy_static! {
map.insert("bond-slaves", Token::BondSlaves);
map.insert("bond_slaves", Token::BondSlaves);
map.insert("bond-mode", Token::BondMode);
map.insert("bond_mode", Token::BondMode);
map.insert("bond-primary", Token::BondPrimary);
map.insert("bond_primary", Token::BondPrimary);
map.insert("bond_xmit_hash_policy", Token::BondXmitHashPolicy);
map.insert("bond-xmit-hash-policy", Token::BondXmitHashPolicy);
map
};
}

14
src/config/network/parser.rs
View File

@ -9,7 +9,7 @@ use regex::Regex;
use super::helper::*;
use super::lexer::*;
use super::{NetworkConfig, NetworkOrderEntry, Interface, NetworkConfigMethod, NetworkInterfaceType, bond_mode_from_str};
use super::{NetworkConfig, NetworkOrderEntry, Interface, NetworkConfigMethod, NetworkInterfaceType, bond_mode_from_str, bond_xmit_hash_policy_from_str};
pub struct NetworkParser<R: BufRead> {
input: Peekable<Lexer<R>>,
@ -243,6 +243,18 @@ impl <R: BufRead> NetworkParser<R> {
interface.bond_mode = Some(bond_mode_from_str(&mode)?);
self.eat(Token::Newline)?;
}
Token::BondPrimary => {
self.eat(Token::BondPrimary)?;
let primary = self.next_text()?;
interface.bond_primary = Some(primary);
self.eat(Token::Newline)?;
}
Token::BondXmitHashPolicy => {
self.eat(Token::BondXmitHashPolicy)?;
let policy = bond_xmit_hash_policy_from_str(&self.next_text()?)?;
interface.bond_xmit_hash_policy = Some(policy);
self.eat(Token::Newline)?;
}
Token::Netmask => bail!("netmask is deprecated and no longer supported"),
_ => { // parse addon attributes

14
src/pxar/catalog.rs
View File

@ -17,17 +17,3 @@ pub trait BackupCatalogWriter {
fn add_fifo(&mut self, name: &CStr) -> Result<(), Error>;
fn add_socket(&mut self, name: &CStr) -> Result<(), Error>;
}
pub struct DummyCatalogWriter();
impl BackupCatalogWriter for DummyCatalogWriter {
fn start_directory(&mut self, _name: &CStr) -> Result<(), Error> { Ok(()) }
fn end_directory(&mut self) -> Result<(), Error> { Ok(()) }
fn add_file(&mut self, _name: &CStr, _size: u64, _mtime: u64) -> Result<(), Error> { Ok(()) }
fn add_symlink(&mut self, _name: &CStr) -> Result<(), Error> { Ok(()) }
fn add_hardlink(&mut self, _name: &CStr) -> Result<(), Error> { Ok(()) }
fn add_block_device(&mut self, _name: &CStr) -> Result<(), Error> { Ok(()) }
fn add_char_device(&mut self, _name: &CStr) -> Result<(), Error> { Ok(()) }
fn add_fifo(&mut self, _name: &CStr) -> Result<(), Error> { Ok(()) }
fn add_socket(&mut self, _name: &CStr) -> Result<(), Error> { Ok(()) }
}

8
src/pxar/tools.rs
View File

@ -115,12 +115,10 @@ fn mode_string(entry: &Entry) -> String {
}
fn format_mtime(mtime: &StatxTimestamp) -> String {
use chrono::offset::TimeZone;
match chrono::Local.timestamp_opt(mtime.secs, mtime.nanos) {
chrono::LocalResult::Single(mtime) => mtime.format("%Y-%m-%d %H:%M:%S").to_string(),
_ => format!("{}.{}", mtime.secs, mtime.nanos),
if let Ok(s) = proxmox::tools::time::strftime_local("%Y-%m-%d %H:%M:%S", mtime.secs) {
return s;
}
format!("{}.{}", mtime.secs, mtime.nanos)
}
pub fn format_single_line_entry(entry: &Entry) -> String {

3
src/rrd/cache.rs
View File

@ -8,7 +8,6 @@ use lazy_static::lazy_static;
use proxmox::tools::fs::{create_path, CreateOptions};
use crate::api2::types::{RRDMode, RRDTimeFrameResolution};
use crate::tools::epoch_now_f64;
use super::*;
@ -42,7 +41,7 @@ pub fn update_value(rel_path: &str, value: f64, dst: DST, save: bool) -> Result<
std::fs::create_dir_all(path.parent().unwrap())?;
let mut map = RRD_CACHE.write().unwrap();
let now = epoch_now_f64()?;
let now = proxmox::tools::time::epoch_f64();
if let Some(rrd) = map.get_mut(rel_path) {
rrd.update(now, value);

3
src/server/upid.rs
View File

@ -1,7 +1,6 @@
use std::sync::atomic::{AtomicUsize, Ordering};
use anyhow::{bail, Error};
use chrono::Local;
use proxmox::api::schema::{ApiStringFormat, Schema, StringSchema};
use proxmox::const_regex;
@ -89,7 +88,7 @@ impl UPID {
Ok(UPID {
pid,
pstart: procfs::PidStat::read_from_pid(nix::unistd::Pid::from_raw(pid))?.starttime,
starttime: Local::now().timestamp(),
starttime: proxmox::tools::time::epoch_i64(),
task_id,
worker_type: worker_type.to_owned(),
worker_id,

14
src/server/worker_task.rs
View File

@ -5,7 +5,6 @@ use std::panic::UnwindSafe;
use std::sync::atomic::{AtomicBool, Ordering};
use std::sync::{Arc, Mutex};
use chrono::Local;
use anyhow::{bail, format_err, Error};
use futures::*;
use lazy_static::lazy_static;
@ -211,7 +210,7 @@ pub fn upid_read_status(upid: &UPID) -> Result<TaskState, Error> {
file.read_to_end(&mut data)?;
// task logs should end with newline, we do not want it here
if data[data.len()-1] == b'\n' {
if data.len() > 0 && data[data.len()-1] == b'\n' {
data.pop();
}
@ -219,7 +218,7 @@ pub fn upid_read_status(upid: &UPID) -> Result<TaskState, Error> {
let mut start = 0;
for pos in (0..data.len()).rev() {
if data[pos] == b'\n' {
start = pos + 1;
start = data.len().min(pos + 1);
break;
}
}
@ -231,9 +230,7 @@ pub fn upid_read_status(upid: &UPID) -> Result<TaskState, Error> {
let mut iter = last_line.splitn(2, ": ");
if let Some(time_str) = iter.next() {
if let Ok(endtime) = chrono::DateTime::parse_from_rfc3339(time_str) {
let endtime = endtime.timestamp();
if let Ok(endtime) = proxmox::tools::time::parse_rfc3339(time_str) {
if let Some(rest) = iter.next().and_then(|rest| rest.strip_prefix("TASK ")) {
if let Ok(state) = TaskState::from_endtime_and_message(endtime, rest) {
status = state;
@ -364,8 +361,9 @@ fn update_active_workers(new_upid: Option<&UPID>) -> Result<Vec<TaskListInfo>, E
},
None => {
println!("Detected stopped UPID {}", upid_str);
let now = proxmox::tools::time::epoch_i64();
let status = upid_read_status(&upid)
.unwrap_or_else(|_| TaskState::Unknown { endtime: Local::now().timestamp() });
.unwrap_or_else(|_| TaskState::Unknown { endtime: now });
finish_list.push(TaskListInfo {
upid, upid_str, state: Some(status)
});
@ -589,7 +587,7 @@ impl WorkerTask {
pub fn create_state(&self, result: &Result<(), Error>) -> TaskState {
let warn_count = self.data.lock().unwrap().warn_count;
let endtime = Local::now().timestamp();
let endtime = proxmox::tools::time::epoch_i64();
if let Err(err) = result {
TaskState::Error { message: err.to_string(), endtime }

48
src/tools.rs
View File

@ -5,11 +5,9 @@ use std::any::Any;
use std::collections::HashMap;
use std::hash::BuildHasher;
use std::fs::File;
use std::io::{self, BufRead, ErrorKind, Read};
use std::io::{self, BufRead, ErrorKind, Read, Seek, SeekFrom};
use std::os::unix::io::RawFd;
use std::path::Path;
use std::time::Duration;
use std::time::{SystemTime, SystemTimeError, UNIX_EPOCH};
use anyhow::{bail, format_err, Error};
use serde_json::Value;
@ -35,6 +33,9 @@ pub mod statistics;
pub mod systemd;
pub mod nom;
mod parallel_handler;
pub use parallel_handler::*;
mod wrapped_reader_stream;
pub use wrapped_reader_stream::*;
@ -547,18 +548,6 @@ pub fn file_get_non_comment_lines<P: AsRef<Path>>(
}))
}
pub fn epoch_now() -> Result<Duration, SystemTimeError> {
SystemTime::now().duration_since(UNIX_EPOCH)
}
pub fn epoch_now_f64() -> Result<f64, SystemTimeError> {
Ok(epoch_now()?.as_secs_f64())
}
pub fn epoch_now_u64() -> Result<u64, SystemTimeError> {
Ok(epoch_now()?.as_secs())
}
pub fn setup_safe_path_env() {
std::env::set_var("PATH", "/sbin:/bin:/usr/sbin:/usr/bin");
// Make %ENV safer - as suggested by https://perldoc.perl.org/perlsec.html
@ -577,3 +566,32 @@ pub fn strip_ascii_whitespace(line: &[u8]) -> &[u8] {
None => &[],
}
}
/// Seeks to start of file and computes the SHA256 hash
pub fn compute_file_csum(file: &mut File) -> Result<([u8; 32], u64), Error> {
file.seek(SeekFrom::Start(0))?;
let mut hasher = openssl::sha::Sha256::new();
let mut buffer = proxmox::tools::vec::undefined(256*1024);
let mut size: u64 = 0;
loop {
let count = match file.read(&mut buffer) {
Ok(count) => count,
Err(ref err) if err.kind() == std::io::ErrorKind::Interrupted => {
continue;
}
Err(err) => return Err(err.into()),
};
if count == 0 {
break;
}
size += count as u64;
hasher.update(&buffer[..count]);
}
let csum = hasher.finish();
Ok((csum, size))
}

6
src/tools/file_logger.rs
View File

@ -1,5 +1,4 @@
use anyhow::{Error};
use chrono::Local;
use std::io::Write;
/// Log messages with timestamps into files
@ -56,7 +55,10 @@ impl FileLogger {
stdout.write_all(b"\n").unwrap();
}
let line = format!("{}: {}\n", Local::now().to_rfc3339(), msg);
let now = proxmox::tools::time::epoch_i64();
let rfc3339 = proxmox::tools::time::epoch_to_rfc3339(now).unwrap();
let line = format!("{}: {}\n", rfc3339, msg);
self.file.write_all(line.as_bytes()).unwrap();
}
}

8
src/tools/format.rs
View File

@ -1,6 +1,5 @@
use anyhow::{Error};
use serde_json::Value;
use chrono::{Local, TimeZone, LocalResult};
pub fn strip_server_file_expenstion(name: &str) -> String {
@ -25,9 +24,10 @@ pub fn render_epoch(value: &Value, _record: &Value) -> Result<String, Error> {
if value.is_null() { return Ok(String::new()); }
let text = match value.as_i64() {
Some(epoch) => {
match Local.timestamp_opt(epoch, 0) {
LocalResult::Single(epoch) => epoch.format("%c").to_string(),
_ => epoch.to_string(),
if let Ok(epoch_string) = proxmox::tools::time::strftime_local("%c", epoch as i64) {
epoch_string
} else {
epoch.to_string()
}
},
None => {

133
src/tools/parallel_handler.rs Normal file
View File

@ -0,0 +1,133 @@
use std::thread::{JoinHandle};
use std::sync::{Arc, Mutex};
use crossbeam_channel::{bounded, Sender};
use anyhow::{format_err, Error};
/// A handle to send data toö the worker thread (implements clone)
pub struct SendHandle<I> {
input: Sender<I>,
abort: Arc<Mutex<Option<String>>>,
}
/// A thread pool which run the supplied closure
///
/// The send command sends data to the worker threads. If one handler
/// returns an error, we mark the channel as failed and it is no
/// longer possible to send data.
///
/// When done, the 'complete()' method needs to be called to check for
/// outstanding errors.
pub struct ParallelHandler<I> {
handles: Vec<JoinHandle<()>>,
name: String,
input: SendHandle<I>,
}
impl <I: Send + Sync +'static> SendHandle<I> {
/// Returns the first error happened, if any
pub fn check_abort(&self) -> Result<(), Error> {
let guard = self.abort.lock().unwrap();
if let Some(err_msg) = &*guard {
return Err(format_err!("{}", err_msg));
}
Ok(())
}
/// Send data to the worker threads
pub fn send(&self, input: I) -> Result<(), Error> {
self.check_abort()?;
self.input.send(input)?;
Ok(())
}
}
impl <I> Clone for SendHandle<I> {
fn clone(&self) -> Self {
Self { input: self.input.clone(), abort: self.abort.clone() }
}
}
impl <I: Send + Sync + 'static> ParallelHandler<I> {
/// Create a new thread pool, each thread processing incoming data
/// with 'handler_fn'.
pub fn new<F>(
name: &str,
threads: usize,
handler_fn: F,
) -> Self
where F: Fn(I) -> Result<(), Error> + Send + Sync + Clone + 'static,
{
let mut handles = Vec::new();
let (input_tx, input_rx) = bounded::<I>(threads);
let abort = Arc::new(Mutex::new(None));
for i in 0..threads {
let input_rx = input_rx.clone();
let abort = abort.clone();
let handler_fn = handler_fn.clone();
handles.push(
std::thread::Builder::new()
.name(format!("{} ({})", name, i))
.spawn(move || {
loop {
let data = match input_rx.recv() {
Ok(data) => data,
Err(_) => return,
};
match (handler_fn)(data) {
Ok(()) => {},
Err(err) => {
let mut guard = abort.lock().unwrap();
if guard.is_none() {
*guard = Some(err.to_string());
}
}
}
}
})
.unwrap()
);
}
Self {
handles,
name: name.to_string(),
input: SendHandle {
input: input_tx,
abort,
},
}
}
/// Returns a cloneable channel to send data to the worker threads
pub fn channel(&self) -> SendHandle<I> {
self.input.clone()
}
/// Send data to the worker threads
pub fn send(&self, input: I) -> Result<(), Error> {
self.input.send(input)?;
Ok(())
}
/// Wait for worker threads to complete and check for errors
pub fn complete(self) -> Result<(), Error> {
self.input.check_abort()?;
drop(self.input);
let mut msg = Vec::new();
for (i, handle) in self.handles.into_iter().enumerate() {
if let Err(panic) = handle.join() {
match panic.downcast::<&str>() {
Ok(panic_msg) => msg.push(format!("thread {} ({}) paniced: {}", self.name, i, panic_msg)),
Err(_) => msg.push(format!("thread {} ({}) paniced", self.name, i)),
}
}
}
if msg.is_empty() {
return Ok(());
}
Err(format_err!("{}", msg.join("\n")))
}
}

1
src/tools/systemd.rs
View File

@ -2,7 +2,6 @@ pub mod types;
pub mod config;
mod parse_time;
pub mod tm_editor;
pub mod time;
use anyhow::{bail, Error};

5
src/tools/systemd/time.rs
View File

@ -3,8 +3,9 @@ use std::convert::TryInto;
use anyhow::Error;
use bitflags::bitflags;
use proxmox::tools::time::TmEditor;
pub use super::parse_time::*;
use super::tm_editor::*;
bitflags!{
#[derive(Default)]
@ -161,7 +162,7 @@ pub fn compute_next_event(
let all_days = event.days.is_empty() || event.days.is_all();
let mut t = TmEditor::new(last, utc)?;
let mut t = TmEditor::with_epoch(last, utc)?;
let mut count = 0;

119
src/tools/systemd/tm_editor.rs
View File

@ -1,119 +0,0 @@
use anyhow::Error;
use proxmox::tools::time::*;
pub struct TmEditor {
utc: bool,
t: libc::tm,
}
impl TmEditor {
pub fn new(epoch: i64, utc: bool) -> Result<Self, Error> {
let t = if utc { gmtime(epoch)? } else { localtime(epoch)? };
Ok(Self { utc, t })
}
pub fn into_epoch(mut self) -> Result<i64, Error> {
let epoch = if self.utc { timegm(&mut self.t)? } else { timelocal(&mut self.t)? };
Ok(epoch)
}
/// increases the year by 'years' and resets all smaller fields to their minimum
pub fn add_years(&mut self, years: libc::c_int) -> Result<(), Error> {
if years == 0 { return Ok(()); }
self.t.tm_mon = 0;
self.t.tm_mday = 1;
self.t.tm_hour = 0;
self.t.tm_min = 0;
self.t.tm_sec = 0;
self.t.tm_year += years;
self.normalize_time()
}
/// increases the month by 'months' and resets all smaller fields to their minimum
pub fn add_months(&mut self, months: libc::c_int) -> Result<(), Error> {
if months == 0 { return Ok(()); }
self.t.tm_mday = 1;
self.t.tm_hour = 0;
self.t.tm_min = 0;
self.t.tm_sec = 0;
self.t.tm_mon += months;
self.normalize_time()
}
/// increases the day by 'days' and resets all smaller fields to their minimum
pub fn add_days(&mut self, days: libc::c_int) -> Result<(), Error> {
if days == 0 { return Ok(()); }
self.t.tm_hour = 0;
self.t.tm_min = 0;
self.t.tm_sec = 0;
self.t.tm_mday += days;
self.normalize_time()
}
pub fn year(&self) -> libc::c_int { self.t.tm_year + 1900 } // see man mktime
pub fn month(&self) -> libc::c_int { self.t.tm_mon + 1 }
pub fn day(&self) -> libc::c_int { self.t.tm_mday }
pub fn hour(&self) -> libc::c_int { self.t.tm_hour }
pub fn min(&self) -> libc::c_int { self.t.tm_min }
pub fn sec(&self) -> libc::c_int { self.t.tm_sec }
// Note: tm_wday (0-6, Sunday = 0) => convert to Sunday = 6
pub fn day_num(&self) -> libc::c_int {
(self.t.tm_wday + 6) % 7
}
pub fn set_time(&mut self, hour: libc::c_int, min: libc::c_int, sec: libc::c_int) -> Result<(), Error> {
self.t.tm_hour = hour;
self.t.tm_min = min;
self.t.tm_sec = sec;
self.normalize_time()
}
pub fn set_min_sec(&mut self, min: libc::c_int, sec: libc::c_int) -> Result<(), Error> {
self.t.tm_min = min;
self.t.tm_sec = sec;
self.normalize_time()
}
fn normalize_time(&mut self) -> Result<(), Error> {
// libc normalizes it for us
if self.utc {
timegm(&mut self.t)?;
} else {
timelocal(&mut self.t)?;
}
Ok(())
}
pub fn set_sec(&mut self, v: libc::c_int) -> Result<(), Error> {
self.t.tm_sec = v;
self.normalize_time()
}
pub fn set_min(&mut self, v: libc::c_int) -> Result<(), Error> {
self.t.tm_min = v;
self.normalize_time()
}
pub fn set_hour(&mut self, v: libc::c_int) -> Result<(), Error> {
self.t.tm_hour = v;
self.normalize_time()
}
pub fn set_mday(&mut self, v: libc::c_int) -> Result<(), Error> {
self.t.tm_mday = v;
self.normalize_time()
}
pub fn set_mon(&mut self, v: libc::c_int) -> Result<(), Error> {
self.t.tm_mon = v - 1;
self.normalize_time()
}
pub fn set_year(&mut self, v: libc::c_int) -> Result<(), Error> {
self.t.tm_year = v - 1900;
self.normalize_time()
}
}

8
src/tools/ticket.rs
View File

@ -11,7 +11,6 @@ use openssl::sign::{Signer, Verifier};
use percent_encoding::{percent_decode_str, percent_encode, AsciiSet};
use crate::api2::types::Userid;
use crate::tools::epoch_now_u64;
pub const TICKET_LIFETIME: i64 = 3600 * 2; // 2 hours
@ -69,7 +68,7 @@ where
Ok(Self {
prefix: Cow::Borrowed(prefix),
data: data.to_string(),
time: epoch_now_u64()? as i64,
time: proxmox::tools::time::epoch_i64(),
signature: None,
_type_marker: PhantomData,
})
@ -174,7 +173,7 @@ where
None => bail!("invalid ticket without signature"),
};
let age = epoch_now_u64()? as i64 - self.time;
let age = proxmox::tools::time::epoch_i64() - self.time;
if age < time_frame.start {
bail!("invalid ticket - timestamp newer than expected");
}
@ -272,7 +271,6 @@ mod test {
use super::Ticket;
use crate::api2::types::Userid;
use crate::tools::epoch_now_u64;
fn simple_test<F>(key: &PKey<Private>, aad: Option<&str>, modify: F)
where
@ -314,7 +312,7 @@ mod test {
false
});
simple_test(&key, None, |t| {
t.change_time(epoch_now_u64().unwrap() as i64 + 0x1000_0000);
t.change_time(proxmox::tools::time::epoch_i64() + 0x1000_0000);
false
});
}

20
www/OnlineHelpInfo.js
View File

@ -3,6 +3,26 @@ const proxmoxOnlineHelpInfo = {
"link": "/docs/index.html",
"title": "Proxmox Backup Server Documentation Index"
},
"datastore-intro": {
"link": "/docs/administration-guide.html#datastore-intro",
"title": ":term:`DataStore`"
},
"user-mgmt": {
"link": "/docs/administration-guide.html#user-mgmt",
"title": "User Management"
},
"user-acl": {
"link": "/docs/administration-guide.html#user-acl",
"title": "Access Control"
},
"backup-remote": {
"link": "/docs/administration-guide.html#backup-remote",
"title": ":term:`Remote`"
},
"syncjobs": {
"link": "/docs/administration-guide.html#syncjobs",
"title": "Sync Jobs"
},
"chapter-zfs": {
"link": "/docs/sysadmin.html#chapter-zfs",
"title": "ZFS on Linux"

5
www/config/DataStoreConfig.js
View File

@ -11,8 +11,9 @@ Ext.define('pbs-datastore-list', {
Ext.define('pbs-data-store-config', {
extend: 'Ext.data.Model',
fields: [
'name', 'path', 'comment', 'gc-schedule', 'prune-schedule', 'keep-last',
'keep-hourly', 'keep-daily', 'keep-weekly', 'keep-monthly', 'keep-yearly',
'name', 'path', 'comment', 'gc-schedule', 'prune-schedule',
'verify-schedule', 'keep-last', 'keep-hourly', 'keep-daily',
'keep-weekly', 'keep-monthly', 'keep-yearly',
],
proxy: {
type: 'proxmox',

2
www/window/ACLEdit.js
View File

@ -3,6 +3,8 @@ Ext.define('PBS.window.ACLEdit', {
alias: 'widget.pbsACLAdd',
mixins: ['Proxmox.Mixin.CBind'],
onlineHelp: 'user_acl',
url: '/access/acl',
method: 'PUT',
isAdd: true,

12
www/window/DataStoreEdit.js
View File

@ -3,6 +3,9 @@ Ext.define('PBS.DataStoreEdit', {
alias: 'widget.pbsDataStoreEdit',
mixins: ['Proxmox.Mixin.CBind'],
onlineHelp: 'datastore_intro',
subject: gettext('Datastore'),
isAdd: true,
@ -71,6 +74,15 @@ Ext.define('PBS.DataStoreEdit', {
deleteEmpty: '{!isCreate}',
},
},
{
xtype: 'pbsCalendarEvent',
name: 'verify-schedule',
fieldLabel: gettext("Verify Schedule"),
emptyText: gettext('none'),
cbind: {
deleteEmpty: '{!isCreate}',
},
},
],
columnB: [
{

2
www/window/RemoteEdit.js
View File

@ -3,6 +3,8 @@ Ext.define('PBS.window.RemoteEdit', {
alias: 'widget.pbsRemoteEdit',
mixins: ['Proxmox.Mixin.CBind'],
onlineHelp: 'backup_remote',
userid: undefined,
isAdd: true,

2
www/window/UserEdit.js
View File

@ -3,6 +3,8 @@ Ext.define('PBS.window.UserEdit', {
alias: 'widget.pbsUserEdit',
mixins: ['Proxmox.Mixin.CBind'],
onlineHelp: 'user_mgmt',
userid: undefined,
isAdd: true,