From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <pbs-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
by lore.proxmox.com (Postfix) with ESMTPS id 16DF31FF16B
for <inbox@lore.proxmox.com>; Thu, 6 Feb 2025 15:29:21 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
by firstgate.proxmox.com (Proxmox) with ESMTP id 37B4E28CE6;
Thu, 6 Feb 2025 15:29:20 +0100 (CET)
Date: Thu, 6 Feb 2025 15:28:46 +0100
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
To: Filip Schauer <f.schauer@proxmox.com>
Message-ID: <ywnhstg7hkvvufxget6dgm2y23t46w7jpyi67le3vm2syevzlk@mbzyqn3zpeeu>
References: <20241202123255.89147-1-f.schauer@proxmox.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <20241202123255.89147-1-f.schauer@proxmox.com>
X-SPAM-LEVEL: Spam detection results: 0
AWL 0.083 Adjusted score from AWL reputation of From: address
BAYES_00 -1.9 Bayes spam probability is 0 to 1%
DMARC_MISSING 0.1 Missing DMARC policy
KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record
SPF_PASS -0.001 SPF: sender matches SPF record
Subject: [pbs-devel] applied: [PATCH v2 vma-to-pbs] read args from
environment variables as fallback
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
<pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>,
<mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>,
<mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox Backup Server development discussion
<pbs-devel@lists.proxmox.com>
Cc: pbs-devel@lists.proxmox.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pbs-devel-bounces@lists.proxmox.com
Sender: "pbs-devel" <pbs-devel-bounces@lists.proxmox.com>
applied, thanks
On Mon, Dec 02, 2024 at 01:32:55PM +0100, Filip Schauer wrote:
> Use the same environment variables that are used by
> proxmox-backup-client:
> * PBS_REPOSITORY
> * PBS_PASSWORD(|_FD|_FILE|_CMD)
> * PBS_ENCRYPTION_PASSWORD(|_FD|_FILE|_CMD)
>
> Signed-off-by: Filip Schauer <f.schauer@proxmox.com>
> ---
> Changed since v1:
> * combine nested `if` into `else if` for clarity
>
> src/main.rs | 66 ++++++++++++++++++++++++++++++++---------------------
> 1 file changed, 40 insertions(+), 26 deletions(-)
>
> diff --git a/src/main.rs b/src/main.rs
> index f942a73..c8e922b 100644
> --- a/src/main.rs
> +++ b/src/main.rs
> @@ -1,4 +1,5 @@
> use std::collections::HashMap;
> +use std::env::VarError::{NotPresent, NotUnicode};
> use std::ffi::OsString;
> use std::fs::read_dir;
> use std::io::{BufRead, BufReader, Write};
> @@ -7,6 +8,7 @@ use std::path::PathBuf;
> use anyhow::{bail, Context, Error};
> use chrono::NaiveDateTime;
> use env_logger::Target;
> +use pbs_client::tools::get_secret_from_env;
> use proxmox_sys::linux::tty;
> use proxmox_time::epoch_i64;
> use regex::Regex;
> @@ -27,7 +29,7 @@ Arguments:
>
> Options:
> --repository <auth_id@host:port:datastore>
> - Repository URL
> + Repository URL [env: PBS_REPOSITORY]
> [--ns <NAMESPACE>]
> Namespace
> [--vmid <VMID>]
> @@ -38,7 +40,7 @@ Options:
> [--backup-time <EPOCH>]
> Backup timestamp
> --fingerprint <FINGERPRINT>
> - Proxmox Backup Server Fingerprint [env: PBS_FINGERPRINT=]
> + Proxmox Backup Server Fingerprint [env: PBS_FINGERPRINT]
> --keyfile <KEYFILE>
> Key file
> --master-keyfile <MASTER_KEYFILE>
> @@ -48,9 +50,10 @@ Options:
> -e, --encrypt
> Encrypt the Backup
> --password-file <PASSWORD_FILE>
> - Password file
> + Password file [env: PBS_PASSWORD, PBS_PASSWORD_FD, PBS_PASSWORD_FILE, PBS_PASSWORD_CMD]
> --key-password-file <KEY_PASSWORD_FILE>
> - Key password file
> + Key password file [env: PBS_ENCRYPTION_PASSWORD, PBS_ENCRYPTION_PASSWORD_FD,
> + PBS_ENCRYPTION_PASSWORD_FILE, PBS_ENCRYPTION_PASSWORD_CMD]
> [--notes-file <NOTES_FILE>]
> File containing a comment/notes
> [--log-file <LOG_FILE>]
> @@ -114,7 +117,7 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
> std::process::exit(0);
> }
>
> - let pbs_repository = args.value_from_str("--repository")?;
> + let pbs_repository = args.opt_value_from_str("--repository")?;
> let namespace = args.opt_value_from_str("--ns")?;
> let vmid: Option<String> = args.opt_value_from_str("--vmid")?;
> let backup_time: Option<i64> = args.opt_value_from_str("--backup-time")?;
> @@ -143,10 +146,22 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
> bail!("unexpected extra arguments, use '-h' for usage");
> }
>
> + let pbs_repository = match pbs_repository {
> + Some(v) => v,
> + None => match std::env::var("PBS_REPOSITORY") {
> + Ok(v) => v,
> + Err(NotPresent) => bail!("Repository not set. Use $PBS_REPOSITORY or --repository"),
> + Err(NotUnicode(_)) => bail!("$PBS_REPOSITORY contains invalid unicode"),
> + },
> + };
> +
> let fingerprint = match fingerprint {
> Some(v) => v,
> - None => std::env::var("PBS_FINGERPRINT")
> - .context("Fingerprint not set. Use $PBS_FINGERPRINT or --fingerprint")?,
> + None => match std::env::var("PBS_FINGERPRINT") {
> + Ok(v) => v,
> + Err(NotPresent) => bail!("Fingerprint not set. Use $PBS_FINGERPRINT or --fingerprint"),
> + Err(NotUnicode(_)) => bail!("$PBS_FINGERPRINT contains invalid unicode"),
> + },
> };
>
> if forwarded_args.len() > 1 {
> @@ -155,30 +170,27 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
>
> let vma_file_path = forwarded_args.first();
>
> - let pbs_password = match password_file {
> - Some(password_file) => {
> - let mut password =
> - std::fs::read_to_string(password_file).context("Could not read password file")?;
> + let pbs_password = if let Some(password_file) = password_file {
> + let mut password =
> + std::fs::read_to_string(password_file).context("Could not read password file")?;
>
> - if password.ends_with('\n') || password.ends_with('\r') {
> + if password.ends_with('\n') || password.ends_with('\r') {
> + password.pop();
> + if password.ends_with('\r') {
> password.pop();
> - if password.ends_with('\r') {
> - password.pop();
> - }
> }
> -
> - password
> }
> - None => {
> - if vma_file_path.is_none() {
> - bail!(
> - "Please use --password-file to provide the password \
> - when passing the VMA file to stdin"
> - );
> - }
>
> - String::from_utf8(tty::read_password("Password: ")?)?
> - }
> + password
> + } else if let Some(password) = get_secret_from_env("PBS_PASSWORD")? {
> + password
> + } else if vma_file_path.is_none() {
> + bail!(
> + "Please use --password-file, $PBS_PASSWORD, $PBS_PASSWORD_FD, $PBS_PASSWORD_FILE, \
> + or $PBS_PASSWORD_CMD to provide the password when passing the VMA file to stdin"
> + );
> + } else {
> + String::from_utf8(tty::read_password("Password: ")?)?
> };
>
> let key_password = if keyfile.is_some() {
> @@ -193,6 +205,8 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> {
> }
> }
>
> + Some(key_password)
> + } else if let Some(key_password) = get_secret_from_env("PBS_ENCRYPTION_PASSWORD")? {
> Some(key_password)
> } else if vma_file_path.is_none() {
> log::info!(
> --
> 2.39.5
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel