more work on backup-storages; add backup cli-command

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>

bin/froxlor-cli

@@ -26,6 +26,7 @@
 
 declare(strict_types=1);
 
+use Froxlor\Cli\BackupCommand;
 use Froxlor\Cli\ConfigDiff;
 use Symfony\Component\Console\Application;
 use Froxlor\Cli\RunApiCommand;
@@ -62,5 +63,6 @@ $application->add(new InstallCommand());
 $application->add(new MasterCron());
 $application->add(new UserCommand());
 $application->add(new ValidateAcmeWebroot());
+$application->add(new BackupCommand());
 $application->add(new ConfigDiff());
 $application->run();

composer.json

@@ -56,7 +56,8 @@
 		"erusev/parsedown": "^1.7",
 		"symfony/console": "^5.4",
 		"pear/net_dns2": "^1.5",
-		"amnuts/opcache-gui": "^3.4"
+		"amnuts/opcache-gui": "^3.4",
+		"aws/aws-sdk-php": "^3.280"
     },
 	"require-dev": {
 		"phpunit/phpunit": "^9",

install/froxlor.sql.php

@@ -564,7 +564,7 @@ opcache.validate_timestamps'),
 	('system', 'mod_fcgid', '0'),
 	('system', 'apacheconf_vhost', '/etc/apache2/sites-enabled/'),
 	('system', 'apacheconf_diroptions', '/etc/apache2/sites-enabled/'),
-	('system', 'apacheconf_htpasswddir', '/etc/apache2/htpasswd/'),
+	('system', 'apacheconf_htpasswddir', '/etc/apache2/froxlor-htpasswd/'),
 	('system', 'webalizer_quiet', '2'),
 	('system', 'last_archive_run', '000000'),
 	('system', 'mod_fcgid_configdir', '/var/www/php-fcgi-scripts'),
@@ -707,6 +707,7 @@ opcache.validate_timestamps'),
 	('backup', 'default_customer_access', '1'),
 	('backup', 'default_pgp_public_key', ''),
 	('backup', 'default_retention', '3'),
+	('backup', 'backup_tmp_dir', '/var/customers/backup/'),
 	('api', 'enabled', '0'),
 	('api', 'customer_default', '1'),
 	('2fa', 'enabled', '1'),

install/updates/froxlor/update_2.0.inc.php

@@ -497,3 +497,18 @@ if (Froxlor::isFroxlorVersion('2.0.19')) {
 	Update::showUpdateStep("Updating from 2.0.19 to 2.0.20", false);
 	Froxlor::updateToVersion('2.0.20');
 }
+
+if (Froxlor::isFroxlorVersion('2.0.20')) {
+	Update::showUpdateStep("Updating from 2.0.20 to 2.0.21", false);
+	Froxlor::updateToVersion('2.0.21');
+}
+
+if (Froxlor::isFroxlorVersion('2.0.21')) {
+	Update::showUpdateStep("Updating from 2.0.21 to 2.0.22", false);
+	Froxlor::updateToVersion('2.0.22');
+}
+
+if (Froxlor::isFroxlorVersion('2.0.22')) {
+	Update::showUpdateStep("Updating from 2.0.22 to 2.0.23", false);
+	Froxlor::updateToVersion('2.0.23');
+}

install/updates/froxlor/update_2.1.inc.php

@@ -63,8 +63,8 @@ if (Froxlor::isDatabaseVersion('202304260')) {
 	}
 
 	Update::showUpdateStep("Creating new tables and fields for backups");
-	Database::query("DROP TABLE IF EXISTS `". TABLE_PANEL_BACKUP_STORAGES ."`;");
-	$sql = "CREATE TABLE `". TABLE_PANEL_BACKUP_STORAGES ."` (
+	Database::query("DROP TABLE IF EXISTS `" . TABLE_PANEL_BACKUP_STORAGES . "`;");
+	$sql = "CREATE TABLE `" . TABLE_PANEL_BACKUP_STORAGES . "` (
 	  `id` int(11) NOT NULL AUTO_INCREMENT,
 	  `description` varchar(255) NOT NULL,
 	  `type` varchar(255) NOT NULL DEFAULT 'local',
@@ -83,8 +83,8 @@ if (Froxlor::isDatabaseVersion('202304260')) {
 		INSERT INTO `panel_backup_storages` (`id`, `description`, `destination_path`) VALUES
 		(1, 'Local backup storage', '/var/customers/backups');
 	");
-	Database::query("DROP TABLE IF EXISTS `". TABLE_PANEL_BACKUPS ."`;");
-	$sql = "CREATE TABLE `". TABLE_PANEL_BACKUPS ."` (
+	Database::query("DROP TABLE IF EXISTS `" . TABLE_PANEL_BACKUPS . "`;");
+	$sql = "CREATE TABLE `" . TABLE_PANEL_BACKUPS . "` (
 	  `id` int(11) NOT NULL AUTO_INCREMENT,
 	  `adminid` int(11) NOT NULL,
 	  `customerid` int(11) NOT NULL,
@@ -107,6 +107,7 @@ if (Froxlor::isDatabaseVersion('202304260')) {
 	Settings::AddNew('backup.default_customer_access', 1);
 	Settings::AddNew('backup.default_pgp_public_key', '');
 	Settings::AddNew('backup.default_retention', 3);
+	Settings::AddNew('backup.backup_tmp_dir', '/var/customers/backup/');
 	Update::lastStepStatus(0);
 
 	Update::showUpdateStep("Adjusting cronjobs");

lib/Froxlor/Api/Commands/FpmDaemons.php

@@ -202,7 +202,7 @@ class FpmDaemons extends ApiCommand implements ResourceEntity
 
 			// validation
 			$description = Validate::validate($description, 'description', Validate::REGEX_DESC_TEXT, '', [], true);
-			$reload_cmd = Validate::validate($reload_cmd, 'reload_cmd', '/^[a-z0-9\/\._\- ]+$/i', '', [], true);
+			$reload_cmd = Validate::validate($reload_cmd, 'reload_cmd', '/^[a-z0-9\/\._\-@ ]+$/i', '', [], true);
 			$sel_stmt = Database::prepare("SELECT `id` FROM `".TABLE_PANEL_FPMDAEMONS."` WHERE `reload_cmd` = :rc");
 			$dupcheck = Database::pexecute_first($sel_stmt, ['rc' => $reload_cmd]);
 			if ($dupcheck && $dupcheck['id']) {
@@ -327,7 +327,7 @@ class FpmDaemons extends ApiCommand implements ResourceEntity
 
 			// validation
 			$description = Validate::validate($description, 'description', Validate::REGEX_DESC_TEXT, '', [], true);
-			$reload_cmd = Validate::validate($reload_cmd, 'reload_cmd', '/^[a-z0-9\/\._\- ]+$/i', '', [], true);
+			$reload_cmd = Validate::validate($reload_cmd, 'reload_cmd', '/^[a-z0-9\/\._\-@ ]+$/i', '', [], true);
 			$sel_stmt = Database::prepare("SELECT `id` FROM `".TABLE_PANEL_FPMDAEMONS."` WHERE `reload_cmd` = :rc");
 			$dupcheck = Database::pexecute_first($sel_stmt, ['rc' => $reload_cmd]);
 			if ($dupcheck && $dupcheck['id'] != $id) {

lib/Froxlor/Backup/Storages/S3.php

@@ -2,15 +2,30 @@
 
 namespace Froxlor\Backup\Storages;
 
+use Aws\S3\S3Client;
+use Froxlor\FileDir;
+
 class S3 extends Storage
 {
 
+	private S3Client $s3_client;
+
 	/**
 	 * @return bool
 	 */
 	public function init(): bool
 	{
-		// TODO: Implement init() method.
+		$raw_credentials = [
+			'credentials' => [
+				'key' => $this->sData['storage']['username'] ?? '',
+				'secret' => $this->sData['storage']['password'] ?? ''
+			],
+			'endpoint' => $this->sData['storage']['hostname'] ?? '',
+			'region' => $this->sData['storage']['region'] ?? '',
+			'version' => 'latest',
+			'use_path_style_endpoint' => true
+		];
+		$this->s3_client = new S3Client($raw_credentials);
 	}
 
 	/**
@@ -23,7 +38,11 @@ class S3 extends Storage
 	 */
 	protected function putFile(string $filename, string $tmp_source_directory): string
 	{
-		return "";
+		$this->s3_client->putObject([
+			'Bucket' => $this->sData['storage']['bucket'],
+			'Key' => $filename,
+			'SourceFile' => FileDir::makeCorrectFile($tmp_source_directory . '/' . $filename),
+		]);
 	}
 
 	/**
@@ -32,7 +51,15 @@ class S3 extends Storage
 	 */
 	protected function rmFile(string $filename): bool
 	{
-		// TODO: Implement removeOld() method.
+		$result = $this->s3_client->deleteObject([
+			'Bucket' => $this->sData['storage']['bucket'],
+			'Key' => $filename,
+		]);
+
+		if ($result['DeleteMarker']) {
+			return true;
+		}
+		return false;
 	}
 
 	/**

lib/Froxlor/Backup/Storages/Storage.php

@@ -5,6 +5,7 @@ namespace Froxlor\Backup\Storages;
 use Exception;
 use Froxlor\Database\Database;
 use Froxlor\FileDir;
+use Froxlor\Settings;
 
 abstract class Storage
 {
@@ -19,7 +20,8 @@ abstract class Storage
 	public function __construct(array $storage_data)
 	{
 		$this->sData = $storage_data;
-		$this->tmpDirectory = FileDir::makeCorrectDir(sys_get_temp_dir() . '/backup-' . $this->sData['loginname']);
+		$tmpDirectory = Settings::Get('backup.backup_tmp_dir') ?: sys_get_temp_dir();
+		$this->tmpDirectory = FileDir::makeCorrectDir($tmpDirectory . '/backup-' . $this->sData['loginname']);
 	}
 
 	/**

lib/Froxlor/Cli/BackupCommand.php

@@ -0,0 +1,129 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, you can also view it online at
+ * https://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  the authors
+ * @author     Froxlor team <team@froxlor.org>
+ * @license    https://files.froxlor.org/misc/COPYING.txt GPLv2
+ */
+
+namespace Froxlor\Cli;
+
+use Exception;
+use Froxlor\Backup\Storages\StorageFactory;
+use Froxlor\Database\Database;
+use Froxlor\Froxlor;
+use Froxlor\Settings;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Output\OutputInterface;
+
+final class BackupCommand extends CliCommand
+{
+
+	protected function configure()
+	{
+		$this->setName('froxlor:backup');
+		$this->setDescription('Various backup actions');
+		$this->addOption('list', 'L', InputOption::VALUE_OPTIONAL, 'List backups (optionally pass a customer loginname to list backups of a specific user)')
+			->addOption('create', 'c', InputOption::VALUE_REQUIRED, 'Manually run a backup task for given customer (loginname)')
+			->addOption('delete', 'd', InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY, 'Remove given backup by id');
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output)
+	{
+		$result = $this->validateRequirements($input, $output);
+
+		require Froxlor::getInstallDir() . '/lib/functions.php';
+
+		// set error-handler
+		@set_error_handler([
+			'\\Froxlor\\Api\\Api',
+			'phpErrHandler'
+		]);
+
+		if (!Settings::Get('backup.enabled')) {
+			$output->writeln('<error>Backup feature not enabled.</>');
+			$result = self::INVALID;
+		}
+
+		if ($result == self::SUCCESS) {
+
+			try {
+				$loginname = "";
+				$userinfo = [];
+				if ($input->hasArgument('user')) {
+					$loginname = $input->getArgument('user');
+					$userinfo = $this->getUserByName($loginname, false);
+				}
+
+				$do_list = $input->getOption('list');
+				$do_create = $input->getOption('create');
+				$do_delete = $input->getOption('delete');
+
+				if ($do_list === false && $do_create === false && $do_delete === false) {
+					$output->writeln('<error>No option given, nothing to do.</>');
+					return self::INVALID;
+				}
+
+				// list
+				if ($do_list !== false) {
+					if ($do_list === null) {
+						// all customers
+					} elseif ($do_list !== false) {
+						// specific customer
+					}
+				} elseif ($do_create !== false) {
+					$stmt = Database::prepare("SELECT
+						customerid,
+						loginname,
+						adminid,
+						backup,
+						guid,
+						documentroot
+						FROM `" . TABLE_PANEL_CUSTOMERS . "`
+						WHERE `backup` > 0 AND `loginname` = :loginname
+					");
+					$customer = Database::pexecute_first($stmt, ['loginname' => $do_create]);
+
+					if (empty($customer)) {
+						$output->writeln('<error>Given customer not found or customer has backup=off</>');
+						return self::INVALID;
+					}
+
+					$backupStorage = StorageFactory::fromStorageId($customer['backup'], $customer);
+					$output->writeln("Initializing storage");
+					$backupStorage->init();
+					$output->writeln("Preparing files and folders");
+					$backupStorage->prepareFiles();
+					$output->writeln("Creating backup file");
+					$backupStorage->createFromFiles();
+					$output->writeln("Removing older backups by retention");
+					$backupStorage->removeOld();
+					$output->writeln('<info>Backup created successfully</>');
+				}
+			} catch (Exception $e) {
+				$output->writeln('<error>' . $e->getMessage() . '</>');
+				$result = self::FAILURE;
+			}
+		}
+
+		return $result;
+	}
+}