From: Christian Ebner <c.ebner@proxmox.com>
To: "Proxmox Backup Server development discussion"
<pbs-devel@lists.proxmox.com>,
"Fabian Grünbichler" <f.gruenbichler@proxmox.com>
Subject: Re: [pbs-devel] [RFC v2 proxmox-backup 18/21] api: admin: implement endpoints to restore trashed contents
Date: Fri, 9 May 2025 14:59:16 +0200 [thread overview]
Message-ID: <39b85c49-8a09-4702-8a76-2d7bdbc500e5@proxmox.com> (raw)
In-Reply-To: <1746793013.k8qdvp27bh.astroid@yuna.none>
Thanks for feedback, will have a closer look next week.
Allow me two quick questions inline though...
On 5/9/25 14:27, Fabian Grünbichler wrote:
> On May 8, 2025 3:05 pm, Christian Ebner wrote:
>> Implements the api endpoints to restore trashed contents contained
>> within namespaces, backup groups or individual snapshots.
>>
>> Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
>> ---
>> src/api2/admin/datastore.rs | 173 +++++++++++++++++++++++++++++++++++-
>> 1 file changed, 172 insertions(+), 1 deletion(-)
>>
>> diff --git a/src/api2/admin/datastore.rs b/src/api2/admin/datastore.rs
>> index cbd24c729..eb033c3fc 100644
>> --- a/src/api2/admin/datastore.rs
>> +++ b/src/api2/admin/datastore.rs
>> @@ -51,7 +51,7 @@ use pbs_api_types::{
>> };
>> use pbs_client::pxar::{create_tar, create_zip};
>> use pbs_config::CachedUserInfo;
>> -use pbs_datastore::backup_info::{BackupInfo, ListBackupFilter};
>> +use pbs_datastore::backup_info::{BackupInfo, ListBackupFilter, TRASH_MARKER_FILENAME};
>> use pbs_datastore::cached_chunk_reader::CachedChunkReader;
>> use pbs_datastore::catalog::{ArchiveEntry, CatalogReader};
>> use pbs_datastore::data_blob::DataBlob;
>> @@ -2727,6 +2727,165 @@ pub async fn unmount(store: String, rpcenv: &mut dyn RpcEnvironment) -> Result<V
>> Ok(json!(upid))
>> }
>>
>> +#[api(
>> + input: {
>> + properties: {
>> + store: { schema: DATASTORE_SCHEMA },
>> + ns: { type: BackupNamespace, },
>> + },
>> + },
>> + access: {
>> + permission: &Permission::Anybody,
>> + description: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_MODIFY for any \
>> + or DATASTORE_BACKUP and being the owner of the group",
>> + },
>> +)]
>> +/// Recover trashed contents of a namespace.
>> +pub fn recover_namespace(
>> + store: String,
>> + ns: BackupNamespace,
>> + rpcenv: &mut dyn RpcEnvironment,
>> +) -> Result<(), Error> {
>> + let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
>> + let limited = check_ns_privs_full(
>> + &store,
>> + &ns,
>> + &auth_id,
>> + PRIV_DATASTORE_MODIFY,
>> + PRIV_DATASTORE_BACKUP,
>> + )?;
>> +
>> + let datastore = DataStore::lookup_datastore(&store, Some(Operation::Write))?;
>> +
>> + for backup_group in datastore.iter_backup_groups(ns.clone())? {
>> + let backup_group = backup_group?;
>> + if limited {
>> + let owner = datastore.get_owner(&ns, backup_group.group())?;
>> + if check_backup_owner(&owner, &auth_id).is_err() {
>> + continue;
>> + }
>> + }
>> + do_recover_group(&backup_group)?;
>> + }
>> +
>> + Ok(())
>> +}
>> +
>> +#[api(
>> + input: {
>> + properties: {
>> + store: { schema: DATASTORE_SCHEMA },
>> + group: {
>> + type: pbs_api_types::BackupGroup,
>> + flatten: true,
>> + },
>> + ns: {
>> + type: BackupNamespace,
>> + optional: true,
>> + },
>> + },
>> + },
>> + access: {
>> + permission: &Permission::Anybody,
>> + description: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_MODIFY for any \
>> + or DATASTORE_BACKUP and being the owner of the group",
>> + },
>> +)]
>> +/// Recover trashed contents of a backup group.
>> +pub fn recover_group(
>> + store: String,
>> + group: pbs_api_types::BackupGroup,
>> + ns: Option<BackupNamespace>,
>> + rpcenv: &mut dyn RpcEnvironment,
>> +) -> Result<(), Error> {
>> + let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
>> + let ns = ns.unwrap_or_default();
>> + let datastore = check_privs_and_load_store(
>> + &store,
>> + &ns,
>> + &auth_id,
>> + PRIV_DATASTORE_MODIFY,
>> + PRIV_DATASTORE_BACKUP,
>> + Some(Operation::Write),
>> + &group,
>> + )?;
>> +
>> + let backup_group = datastore.backup_group(ns, group);
>> + do_recover_group(&backup_group)?;
>> +
>> + Ok(())
>> +}
>> +
>> +fn do_recover_group(backup_group: &BackupGroup) -> Result<(), Error> {
>
> missing locking for the group?
Not sure about that one. After all the group is trashed at least as long
as all the snapshots are trashed. And GC will only ever clean up the
group folder if the trash marker is not set. So I do not see a reason
why this should be locked.
>
>> + let trashed_snapshots = backup_group.list_backups(ListBackupFilter::Trashed)?;
>> + for snapshot in trashed_snapshots {
>> + do_recover_snapshot(&snapshot.backup_dir)?;
>> + }
>> +
>> + let group_trash_path = backup_group.full_group_path().join(TRASH_MARKER_FILENAME);
>> + if let Err(err) = std::fs::remove_file(&group_trash_path) {
>> + if err.kind() != std::io::ErrorKind::NotFound {
>> + bail!("failed to remove group trash file {group_trash_path:?} - {err}");
>> + }
>> + }
>> + Ok(())
>> +}
>> +
>> +#[api(
>> + input: {
>> + properties: {
>> + store: { schema: DATASTORE_SCHEMA },
>> + backup_dir: {
>> + type: pbs_api_types::BackupDir,
>> + flatten: true,
>> + },
>> + ns: {
>> + type: BackupNamespace,
>> + optional: true,
>> + },
>> + },
>> + },
>> + access: {
>> + permission: &Permission::Anybody,
>> + description: "Requires on /datastore/{store}[/{namespace}] either DATASTORE_MODIFY for any \
>> + or DATASTORE_BACKUP and being the owner of the group",
>> + },
>> +)]
>> +/// Recover trashed contents of a backup snapshot.
>> +pub fn recover_snapshot(
>> + store: String,
>> + backup_dir: pbs_api_types::BackupDir,
>> + ns: Option<BackupNamespace>,
>> + rpcenv: &mut dyn RpcEnvironment,
>> +) -> Result<(), Error> {
>> + let auth_id: Authid = rpcenv.get_auth_id().unwrap().parse()?;
>> + let ns = ns.unwrap_or_default();
>> + let datastore = check_privs_and_load_store(
>> + &store,
>> + &ns,
>> + &auth_id,
>> + PRIV_DATASTORE_MODIFY,
>> + PRIV_DATASTORE_BACKUP,
>> + Some(Operation::Write),
>> + &backup_dir.group,
>> + )?;
>> +
>> + let snapshot = datastore.backup_dir(ns, backup_dir)?;
>> + do_recover_snapshot(&snapshot)?;
>> +
>> + Ok(())
>> +}
>> +
>> +fn do_recover_snapshot(snapshot_dir: &BackupDir) -> Result<(), Error> {
>
> missing locking for the snapshot?
Why? remove_file() should be atomic?
>
>> + let trash_path = snapshot_dir.full_path().join(TRASH_MARKER_FILENAME);
>> + if let Err(err) = std::fs::remove_file(&trash_path) {
>> + if err.kind() != std::io::ErrorKind::NotFound {
>> + bail!("failed to remove trash file {trash_path:?} - {err}");
>> + }
>> + }
>> + Ok(())
>> +}
>> +
>> #[sortable]
>> const DATASTORE_INFO_SUBDIRS: SubdirMap = &[
>> (
>> @@ -2792,6 +2951,18 @@ const DATASTORE_INFO_SUBDIRS: SubdirMap = &[
>> "pxar-file-download",
>> &Router::new().download(&API_METHOD_PXAR_FILE_DOWNLOAD),
>> ),
>> + (
>> + "recover-group",
>> + &Router::new().post(&API_METHOD_RECOVER_GROUP),
>
> I am not sure whether those should be POST or PUT, they are modifying an
> existing (trashed) group/snapshot/.. after all?
>
>> + ),
>> + (
>> + "recover-namespace",
>> + &Router::new().post(&API_METHOD_RECOVER_NAMESPACE),
>> + ),
>> + (
>> + "recover-snapshot",
>> + &Router::new().post(&API_METHOD_RECOVER_SNAPSHOT),
>> + ),
>> ("rrd", &Router::new().get(&API_METHOD_GET_RRD_STATS)),
>> (
>> "snapshots",
>> --
>> 2.39.5
>>
>>
>>
>> _______________________________________________
>> pbs-devel mailing list
>> pbs-devel@lists.proxmox.com
>> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
>>
>>
>>
>
>
> _______________________________________________
> pbs-devel mailing list
> pbs-devel@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
>
>
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
next prev parent reply other threads:[~2025-05-09 12:59 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-08 13:05 [pbs-devel] [RFC v2 proxmox-backup 00/21] implement trash bin functionality Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 01/21] datastore/api: mark snapshots as trash on destroy Christian Ebner
2025-05-09 12:27 ` Fabian Grünbichler
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 02/21] datastore: mark groups " Christian Ebner
2025-05-09 12:27 ` Fabian Grünbichler
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 03/21] datastore: allow filtering of backups by their trash status Christian Ebner
2025-05-09 12:27 ` Fabian Grünbichler
2025-05-12 9:32 ` Christian Ebner
2025-05-12 10:08 ` Fabian Grünbichler
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 04/21] datastore: ignore trashed snapshots for last successful backup Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 05/21] sync: ignore trashed snapshots when reading from local source Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 06/21] api: tape: check trash marker when trying to write snapshot Christian Ebner
2025-05-09 12:27 ` Fabian Grünbichler
2025-05-12 9:19 ` Christian Ebner
2025-05-12 9:38 ` Fabian Grünbichler
2025-05-12 9:46 ` Christian Ebner
2025-05-12 9:55 ` Christian Ebner
2025-05-12 10:09 ` Fabian Grünbichler
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 07/21] sync: ignore trashed groups in local source reader Christian Ebner
2025-05-09 12:27 ` Fabian Grünbichler
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 08/21] datastore: namespace: add filter for trash status Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 09/21] datastore: refactor recursive namespace removal Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 10/21] datastore: mark namespace as trash instead of deleting it Christian Ebner
2025-05-09 12:27 ` Fabian Grünbichler
2025-05-12 7:47 ` Christian Ebner
2025-05-12 9:46 ` Fabian Grünbichler
2025-05-12 10:35 ` Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 11/21] datastore: check for trash marker in namespace exists check Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 12/21] datastore: clear trashed snapshot dir if re-creation requested Christian Ebner
2025-05-09 12:27 ` Fabian Grünbichler
2025-05-12 8:31 ` Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 13/21] datastore: recreate trashed backup groups if requested Christian Ebner
2025-05-09 12:27 ` Fabian Grünbichler
2025-05-12 8:05 ` Christian Ebner
2025-05-12 10:02 ` Fabian Grünbichler
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 14/21] datastore: GC: clean-up trashed snapshots, groups and namespaces Christian Ebner
2025-05-09 12:27 ` Fabian Grünbichler
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 15/21] client: expose skip trash flags for cli commands Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 16/21] api: datastore: add flag to list trashed snapshots only Christian Ebner
2025-05-09 12:27 ` Fabian Grünbichler
2025-05-12 7:57 ` Christian Ebner
2025-05-12 10:01 ` Fabian Grünbichler
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 17/21] api: namespace: add option to list all namespaces, including trashed Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 18/21] api: admin: implement endpoints to restore trashed contents Christian Ebner
2025-05-09 12:27 ` Fabian Grünbichler
2025-05-09 12:59 ` Christian Ebner [this message]
2025-05-12 10:03 ` Fabian Grünbichler
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 19/21] ui: add recover for trashed items tab to datastore panel Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 20/21] ui: drop 'permanent' in group/snapshot forget, default is to trash Christian Ebner
2025-05-08 13:05 ` [pbs-devel] [RFC v2 proxmox-backup 21/21] ui: allow to skip trash on namespace deletion Christian Ebner
2025-05-13 13:54 ` [pbs-devel] superseded: [RFC v2 proxmox-backup 00/21] implement trash bin functionality Christian Ebner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=39b85c49-8a09-4702-8a76-2d7bdbc500e5@proxmox.com \
--to=c.ebner@proxmox.com \
--cc=f.gruenbichler@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal