* [pbs-devel] [PATCH v2 vma-to-pbs] read args from environment variables as fallback
@ 2024-12-02 12:32 Filip Schauer
2025-02-06 14:28 ` [pbs-devel] applied: " Wolfgang Bumiller
0 siblings, 1 reply; 2+ messages in thread
From: Filip Schauer @ 2024-12-02 12:32 UTC (permalink / raw)
To: pbs-devel
Use the same environment variables that are used by
proxmox-backup-client:
* PBS_REPOSITORY
* PBS_PASSWORD(|_FD|_FILE|_CMD)
* PBS_ENCRYPTION_PASSWORD(|_FD|_FILE|_CMD)
Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
---
Changed since v1:
* combine nested `if` into `else if` for clarity
src/main.rs | 66 ++++++++++++++++++++++++++++++++---------------------
1 file changed, 40 insertions(+), 26 deletions(-)
diff --git a/src/main.rs b/src/main.rs
index f942a73..c8e922b 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,4 +1,5 @@
use std::collections::HashMap;
+use std::env::VarError::{NotPresent, NotUnicode};
use std::ffi::OsString;
use std::fs::read_dir;
use std::io::{BufRead, BufReader, Write};
@@ -7,6 +8,7 @@ use std::path::PathBuf;
use anyhow::{bail, Context, Error};
use chrono::NaiveDateTime;
use env_logger::Target;
+use pbs_client::tools::get_secret_from_env;
use proxmox_sys::linux::tty;
use proxmox_time::epoch_i64;
use regex::Regex;
@@ -27,7 +29,7 @@ Arguments:
Options:
--repository <auth_id@host:port:datastore>
- Repository URL
+ Repository URL [env: PBS_REPOSITORY]
[--ns <NAMESPACE>]
Namespace
[--vmid <VMID>]
@@ -38,7 +40,7 @@ Options:
[--backup-time <EPOCH>]
Backup timestamp
--fingerprint <FINGERPRINT>
- Proxmox Backup Server Fingerprint [env: PBS_FINGERPRINT=]
+ Proxmox Backup Server Fingerprint [env: PBS_FINGERPRINT]
--keyfile <KEYFILE>
Key file
--master-keyfile <MASTER_KEYFILE>
@@ -48,9 +50,10 @@ Options:
-e, --encrypt
Encrypt the Backup
--password-file <PASSWORD_FILE>
- Password file
+ Password file [env: PBS_PASSWORD, PBS_PASSWORD_FD, PBS_PASSWORD_FILE, PBS_PASSWORD_CMD]
--key-password-file <KEY_PASSWORD_FILE>
- Key password file
+ Key password file [env: PBS_ENCRYPTION_PASSWORD, PBS_ENCRYPTION_PASSWORD_FD,
+ PBS_ENCRYPTION_PASSWORD_FILE, PBS_ENCRYPTION_PASSWORD_CMD]
[--notes-file <NOTES_FILE>]
File containing a comment/notes
[--log-file <LOG_FILE>]
@@ -114,7 +117,7 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
std::process::exit(0);
}
- let pbs_repository = args.value_from_str("--repository")?;
+ let pbs_repository = args.opt_value_from_str("--repository")?;
let namespace = args.opt_value_from_str("--ns")?;
let vmid: Option<String> = args.opt_value_from_str("--vmid")?;
let backup_time: Option<i64> = args.opt_value_from_str("--backup-time")?;
@@ -143,10 +146,22 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
bail!("unexpected extra arguments, use '-h' for usage");
}
+ let pbs_repository = match pbs_repository {
+ Some(v) => v,
+ None => match std::env::var("PBS_REPOSITORY") {
+ Ok(v) => v,
+ Err(NotPresent) => bail!("Repository not set. Use $PBS_REPOSITORY or --repository"),
+ Err(NotUnicode(_)) => bail!("$PBS_REPOSITORY contains invalid unicode"),
+ },
+ };
+
let fingerprint = match fingerprint {
Some(v) => v,
- None => std::env::var("PBS_FINGERPRINT")
- .context("Fingerprint not set. Use $PBS_FINGERPRINT or --fingerprint")?,
+ None => match std::env::var("PBS_FINGERPRINT") {
+ Ok(v) => v,
+ Err(NotPresent) => bail!("Fingerprint not set. Use $PBS_FINGERPRINT or --fingerprint"),
+ Err(NotUnicode(_)) => bail!("$PBS_FINGERPRINT contains invalid unicode"),
+ },
};
if forwarded_args.len() > 1 {
@@ -155,30 +170,27 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
let vma_file_path = forwarded_args.first();
- let pbs_password = match password_file {
- Some(password_file) => {
- let mut password =
- std::fs::read_to_string(password_file).context("Could not read password file")?;
+ let pbs_password = if let Some(password_file) = password_file {
+ let mut password =
+ std::fs::read_to_string(password_file).context("Could not read password file")?;
- if password.ends_with('\n') || password.ends_with('\r') {
+ if password.ends_with('\n') || password.ends_with('\r') {
+ password.pop();
+ if password.ends_with('\r') {
password.pop();
- if password.ends_with('\r') {
- password.pop();
- }
}
-
- password
}
- None => {
- if vma_file_path.is_none() {
- bail!(
- "Please use --password-file to provide the password \
- when passing the VMA file to stdin"
- );
- }
- String::from_utf8(tty::read_password("Password: ")?)?
- }
+ password
+ } else if let Some(password) = get_secret_from_env("PBS_PASSWORD")? {
+ password
+ } else if vma_file_path.is_none() {
+ bail!(
+ "Please use --password-file, $PBS_PASSWORD, $PBS_PASSWORD_FD, $PBS_PASSWORD_FILE, \
+ or $PBS_PASSWORD_CMD to provide the password when passing the VMA file to stdin"
+ );
+ } else {
+ String::from_utf8(tty::read_password("Password: ")?)?
};
let key_password = if keyfile.is_some() {
@@ -193,6 +205,8 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
}
}
+ Some(key_password)
+ } else if let Some(key_password) = get_secret_from_env("PBS_ENCRYPTION_PASSWORD")? {
Some(key_password)
} else if vma_file_path.is_none() {
log::info!(
--
2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 2+ messages in thread
* [pbs-devel] applied: [PATCH v2 vma-to-pbs] read args from environment variables as fallback
2024-12-02 12:32 [pbs-devel] [PATCH v2 vma-to-pbs] read args from environment variables as fallback Filip Schauer
@ 2025-02-06 14:28 ` Wolfgang Bumiller
0 siblings, 0 replies; 2+ messages in thread
From: Wolfgang Bumiller @ 2025-02-06 14:28 UTC (permalink / raw)
To: Filip Schauer; +Cc: pbs-devel
applied, thanks
On Mon, Dec 02, 2024 at 01:32:55PM +0100, Filip Schauer wrote:
> Use the same environment variables that are used by
> proxmox-backup-client:
> * PBS_REPOSITORY
> * PBS_PASSWORD(|_FD|_FILE|_CMD)
> * PBS_ENCRYPTION_PASSWORD(|_FD|_FILE|_CMD)
>
> Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
> ---
> Changed since v1:
> * combine nested `if` into `else if` for clarity
>
> src/main.rs | 66 ++++++++++++++++++++++++++++++++---------------------
> 1 file changed, 40 insertions(+), 26 deletions(-)
>
> diff --git a/src/main.rs b/src/main.rs
> index f942a73..c8e922b 100644
> --- a/src/main.rs
> +++ b/src/main.rs
> @@ -1,4 +1,5 @@
> use std::collections::HashMap;
> +use std::env::VarError::{NotPresent, NotUnicode};
> use std::ffi::OsString;
> use std::fs::read_dir;
> use std::io::{BufRead, BufReader, Write};
> @@ -7,6 +8,7 @@ use std::path::PathBuf;
> use anyhow::{bail, Context, Error};
> use chrono::NaiveDateTime;
> use env_logger::Target;
> +use pbs_client::tools::get_secret_from_env;
> use proxmox_sys::linux::tty;
> use proxmox_time::epoch_i64;
> use regex::Regex;
> @@ -27,7 +29,7 @@ Arguments:
>
> Options:
> --repository <auth_id@host:port:datastore>
> - Repository URL
> + Repository URL [env: PBS_REPOSITORY]
> [--ns <NAMESPACE>]
> Namespace
> [--vmid <VMID>]
> @@ -38,7 +40,7 @@ Options:
> [--backup-time <EPOCH>]
> Backup timestamp
> --fingerprint <FINGERPRINT>
> - Proxmox Backup Server Fingerprint [env: PBS_FINGERPRINT=]
> + Proxmox Backup Server Fingerprint [env: PBS_FINGERPRINT]
> --keyfile <KEYFILE>
> Key file
> --master-keyfile <MASTER_KEYFILE>
> @@ -48,9 +50,10 @@ Options:
> -e, --encrypt
> Encrypt the Backup
> --password-file <PASSWORD_FILE>
> - Password file
> + Password file [env: PBS_PASSWORD, PBS_PASSWORD_FD, PBS_PASSWORD_FILE, PBS_PASSWORD_CMD]
> --key-password-file <KEY_PASSWORD_FILE>
> - Key password file
> + Key password file [env: PBS_ENCRYPTION_PASSWORD, PBS_ENCRYPTION_PASSWORD_FD,
> + PBS_ENCRYPTION_PASSWORD_FILE, PBS_ENCRYPTION_PASSWORD_CMD]
> [--notes-file <NOTES_FILE>]
> File containing a comment/notes
> [--log-file <LOG_FILE>]
> @@ -114,7 +117,7 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
> std::process::exit(0);
> }
>
> - let pbs_repository = args.value_from_str("--repository")?;
> + let pbs_repository = args.opt_value_from_str("--repository")?;
> let namespace = args.opt_value_from_str("--ns")?;
> let vmid: Option<String> = args.opt_value_from_str("--vmid")?;
> let backup_time: Option<i64> = args.opt_value_from_str("--backup-time")?;
> @@ -143,10 +146,22 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
> bail!("unexpected extra arguments, use '-h' for usage");
> }
>
> + let pbs_repository = match pbs_repository {
> + Some(v) => v,
> + None => match std::env::var("PBS_REPOSITORY") {
> + Ok(v) => v,
> + Err(NotPresent) => bail!("Repository not set. Use $PBS_REPOSITORY or --repository"),
> + Err(NotUnicode(_)) => bail!("$PBS_REPOSITORY contains invalid unicode"),
> + },
> + };
> +
> let fingerprint = match fingerprint {
> Some(v) => v,
> - None => std::env::var("PBS_FINGERPRINT")
> - .context("Fingerprint not set. Use $PBS_FINGERPRINT or --fingerprint")?,
> + None => match std::env::var("PBS_FINGERPRINT") {
> + Ok(v) => v,
> + Err(NotPresent) => bail!("Fingerprint not set. Use $PBS_FINGERPRINT or --fingerprint"),
> + Err(NotUnicode(_)) => bail!("$PBS_FINGERPRINT contains invalid unicode"),
> + },
> };
>
> if forwarded_args.len() > 1 {
> @@ -155,30 +170,27 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
>
> let vma_file_path = forwarded_args.first();
>
> - let pbs_password = match password_file {
> - Some(password_file) => {
> - let mut password =
> - std::fs::read_to_string(password_file).context("Could not read password file")?;
> + let pbs_password = if let Some(password_file) = password_file {
> + let mut password =
> + std::fs::read_to_string(password_file).context("Could not read password file")?;
>
> - if password.ends_with('\n') || password.ends_with('\r') {
> + if password.ends_with('\n') || password.ends_with('\r') {
> + password.pop();
> + if password.ends_with('\r') {
> password.pop();
> - if password.ends_with('\r') {
> - password.pop();
> - }
> }
> -
> - password
> }
> - None => {
> - if vma_file_path.is_none() {
> - bail!(
> - "Please use --password-file to provide the password \
> - when passing the VMA file to stdin"
> - );
> - }
>
> - String::from_utf8(tty::read_password("Password: ")?)?
> - }
> + password
> + } else if let Some(password) = get_secret_from_env("PBS_PASSWORD")? {
> + password
> + } else if vma_file_path.is_none() {
> + bail!(
> + "Please use --password-file, $PBS_PASSWORD, $PBS_PASSWORD_FD, $PBS_PASSWORD_FILE, \
> + or $PBS_PASSWORD_CMD to provide the password when passing the VMA file to stdin"
> + );
> + } else {
> + String::from_utf8(tty::read_password("Password: ")?)?
> };
>
> let key_password = if keyfile.is_some() {
> @@ -193,6 +205,8 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
> }
> }
>
> + Some(key_password)
> + } else if let Some(key_password) = get_secret_from_env("PBS_ENCRYPTION_PASSWORD")? {
> Some(key_password)
> } else if vma_file_path.is_none() {
> log::info!(
> --
> 2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-02-06 14:29 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-12-02 12:32 [pbs-devel] [PATCH v2 vma-to-pbs] read args from environment variables as fallback Filip Schauer
2025-02-06 14:28 ` [pbs-devel] applied: " Wolfgang Bumiller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal