all lists on lists.proxmox.com
 help / color / mirror / Atom feed
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
To: Filip Schauer <f.schauer@proxmox.com>
Cc: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] applied: [PATCH v2 vma-to-pbs] read args from environment variables as fallback
Date: Thu, 6 Feb 2025 15:28:46 +0100	[thread overview]
Message-ID: <ywnhstg7hkvvufxget6dgm2y23t46w7jpyi67le3vm2syevzlk@mbzyqn3zpeeu> (raw)
In-Reply-To: <20241202123255.89147-1-f.schauer@proxmox.com>

applied, thanks

On Mon, Dec 02, 2024 at 01:32:55PM +0100, Filip Schauer wrote:
> Use the same environment variables that are used by
> proxmox-backup-client:
> * PBS_REPOSITORY
> * PBS_PASSWORD(|_FD|_FILE|_CMD)
> * PBS_ENCRYPTION_PASSWORD(|_FD|_FILE|_CMD)
> 
> Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
> ---
> Changed since v1:
> * combine nested `if` into `else if` for clarity
> 
>  src/main.rs | 66 ++++++++++++++++++++++++++++++++---------------------
>  1 file changed, 40 insertions(+), 26 deletions(-)
> 
> diff --git a/src/main.rs b/src/main.rs
> index f942a73..c8e922b 100644
> --- a/src/main.rs
> +++ b/src/main.rs
> @@ -1,4 +1,5 @@
>  use std::collections::HashMap;
> +use std::env::VarError::{NotPresent, NotUnicode};
>  use std::ffi::OsString;
>  use std::fs::read_dir;
>  use std::io::{BufRead, BufReader, Write};
> @@ -7,6 +8,7 @@ use std::path::PathBuf;
>  use anyhow::{bail, Context, Error};
>  use chrono::NaiveDateTime;
>  use env_logger::Target;
> +use pbs_client::tools::get_secret_from_env;
>  use proxmox_sys::linux::tty;
>  use proxmox_time::epoch_i64;
>  use regex::Regex;
> @@ -27,7 +29,7 @@ Arguments:
>  
>  Options:
>        --repository <auth_id@host:port:datastore>
> -          Repository URL
> +          Repository URL [env: PBS_REPOSITORY]
>        [--ns <NAMESPACE>]
>            Namespace
>        [--vmid <VMID>]
> @@ -38,7 +40,7 @@ Options:
>        [--backup-time <EPOCH>]
>            Backup timestamp
>        --fingerprint <FINGERPRINT>
> -          Proxmox Backup Server Fingerprint [env: PBS_FINGERPRINT=]
> +          Proxmox Backup Server Fingerprint [env: PBS_FINGERPRINT]
>        --keyfile <KEYFILE>
>            Key file
>        --master-keyfile <MASTER_KEYFILE>
> @@ -48,9 +50,10 @@ Options:
>    -e, --encrypt
>            Encrypt the Backup
>        --password-file <PASSWORD_FILE>
> -          Password file
> +          Password file [env: PBS_PASSWORD, PBS_PASSWORD_FD, PBS_PASSWORD_FILE, PBS_PASSWORD_CMD]
>        --key-password-file <KEY_PASSWORD_FILE>
> -          Key password file
> +          Key password file [env: PBS_ENCRYPTION_PASSWORD, PBS_ENCRYPTION_PASSWORD_FD,
> +                             PBS_ENCRYPTION_PASSWORD_FILE, PBS_ENCRYPTION_PASSWORD_CMD]
>        [--notes-file <NOTES_FILE>]
>            File containing a comment/notes
>        [--log-file <LOG_FILE>]
> @@ -114,7 +117,7 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
>          std::process::exit(0);
>      }
>  
> -    let pbs_repository = args.value_from_str("--repository")?;
> +    let pbs_repository = args.opt_value_from_str("--repository")?;
>      let namespace = args.opt_value_from_str("--ns")?;
>      let vmid: Option<String> = args.opt_value_from_str("--vmid")?;
>      let backup_time: Option<i64> = args.opt_value_from_str("--backup-time")?;
> @@ -143,10 +146,22 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
>          bail!("unexpected extra arguments, use '-h' for usage");
>      }
>  
> +    let pbs_repository = match pbs_repository {
> +        Some(v) => v,
> +        None => match std::env::var("PBS_REPOSITORY") {
> +            Ok(v) => v,
> +            Err(NotPresent) => bail!("Repository not set. Use $PBS_REPOSITORY or --repository"),
> +            Err(NotUnicode(_)) => bail!("$PBS_REPOSITORY contains invalid unicode"),
> +        },
> +    };
> +
>      let fingerprint = match fingerprint {
>          Some(v) => v,
> -        None => std::env::var("PBS_FINGERPRINT")
> -            .context("Fingerprint not set. Use $PBS_FINGERPRINT or --fingerprint")?,
> +        None => match std::env::var("PBS_FINGERPRINT") {
> +            Ok(v) => v,
> +            Err(NotPresent) => bail!("Fingerprint not set. Use $PBS_FINGERPRINT or --fingerprint"),
> +            Err(NotUnicode(_)) => bail!("$PBS_FINGERPRINT contains invalid unicode"),
> +        },
>      };
>  
>      if forwarded_args.len() > 1 {
> @@ -155,30 +170,27 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
>  
>      let vma_file_path = forwarded_args.first();
>  
> -    let pbs_password = match password_file {
> -        Some(password_file) => {
> -            let mut password =
> -                std::fs::read_to_string(password_file).context("Could not read password file")?;
> +    let pbs_password = if let Some(password_file) = password_file {
> +        let mut password =
> +            std::fs::read_to_string(password_file).context("Could not read password file")?;
>  
> -            if password.ends_with('\n') || password.ends_with('\r') {
> +        if password.ends_with('\n') || password.ends_with('\r') {
> +            password.pop();
> +            if password.ends_with('\r') {
>                  password.pop();
> -                if password.ends_with('\r') {
> -                    password.pop();
> -                }
>              }
> -
> -            password
>          }
> -        None => {
> -            if vma_file_path.is_none() {
> -                bail!(
> -                    "Please use --password-file to provide the password \
> -                    when passing the VMA file to stdin"
> -                );
> -            }
>  
> -            String::from_utf8(tty::read_password("Password: ")?)?
> -        }
> +        password
> +    } else if let Some(password) = get_secret_from_env("PBS_PASSWORD")? {
> +        password
> +    } else if vma_file_path.is_none() {
> +        bail!(
> +            "Please use --password-file, $PBS_PASSWORD, $PBS_PASSWORD_FD, $PBS_PASSWORD_FILE, \
> +            or $PBS_PASSWORD_CMD to provide the password when passing the VMA file to stdin"
> +        );
> +    } else {
> +        String::from_utf8(tty::read_password("Password: ")?)?
>      };
>  
>      let key_password = if keyfile.is_some() {
> @@ -193,6 +205,8 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
>                  }
>              }
>  
> +            Some(key_password)
> +        } else if let Some(key_password) = get_secret_from_env("PBS_ENCRYPTION_PASSWORD")? {
>              Some(key_password)
>          } else if vma_file_path.is_none() {
>              log::info!(
> -- 
> 2.39.5


_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel


      reply	other threads:[~2025-02-06 14:29 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-12-02 12:32 [pbs-devel] " Filip Schauer
2025-02-06 14:28 ` Wolfgang Bumiller [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ywnhstg7hkvvufxget6dgm2y23t46w7jpyi67le3vm2syevzlk@mbzyqn3zpeeu \
    --to=w.bumiller@proxmox.com \
    --cc=f.schauer@proxmox.com \
    --cc=pbs-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal