From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <pbs-devel-bounces@lists.proxmox.com> Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) by lore.proxmox.com (Postfix) with ESMTPS id 16DF31FF16B for <inbox@lore.proxmox.com>; Thu, 6 Feb 2025 15:29:21 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 37B4E28CE6; Thu, 6 Feb 2025 15:29:20 +0100 (CET) Date: Thu, 6 Feb 2025 15:28:46 +0100 From: Wolfgang Bumiller <w.bumiller@proxmox.com> To: Filip Schauer <f.schauer@proxmox.com> Message-ID: <ywnhstg7hkvvufxget6dgm2y23t46w7jpyi67le3vm2syevzlk@mbzyqn3zpeeu> References: <20241202123255.89147-1-f.schauer@proxmox.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20241202123255.89147-1-f.schauer@proxmox.com> X-SPAM-LEVEL: Spam detection results: 0 AWL 0.083 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pbs-devel] applied: [PATCH v2 vma-to-pbs] read args from environment variables as fallback X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion <pbs-devel.lists.proxmox.com> List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>, <mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe> List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/> List-Post: <mailto:pbs-devel@lists.proxmox.com> List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help> List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>, <mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe> Reply-To: Proxmox Backup Server development discussion <pbs-devel@lists.proxmox.com> Cc: pbs-devel@lists.proxmox.com Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pbs-devel-bounces@lists.proxmox.com Sender: "pbs-devel" <pbs-devel-bounces@lists.proxmox.com> applied, thanks On Mon, Dec 02, 2024 at 01:32:55PM +0100, Filip Schauer wrote: > Use the same environment variables that are used by > proxmox-backup-client: > * PBS_REPOSITORY > * PBS_PASSWORD(|_FD|_FILE|_CMD) > * PBS_ENCRYPTION_PASSWORD(|_FD|_FILE|_CMD) > > Signed-off-by: Filip Schauer <f.schauer@proxmox.com> > --- > Changed since v1: > * combine nested `if` into `else if` for clarity > > src/main.rs | 66 ++++++++++++++++++++++++++++++++--------------------- > 1 file changed, 40 insertions(+), 26 deletions(-) > > diff --git a/src/main.rs b/src/main.rs > index f942a73..c8e922b 100644 > --- a/src/main.rs > +++ b/src/main.rs > @@ -1,4 +1,5 @@ > use std::collections::HashMap; > +use std::env::VarError::{NotPresent, NotUnicode}; > use std::ffi::OsString; > use std::fs::read_dir; > use std::io::{BufRead, BufReader, Write}; > @@ -7,6 +8,7 @@ use std::path::PathBuf; > use anyhow::{bail, Context, Error}; > use chrono::NaiveDateTime; > use env_logger::Target; > +use pbs_client::tools::get_secret_from_env; > use proxmox_sys::linux::tty; > use proxmox_time::epoch_i64; > use regex::Regex; > @@ -27,7 +29,7 @@ Arguments: > > Options: > --repository <auth_id@host:port:datastore> > - Repository URL > + Repository URL [env: PBS_REPOSITORY] > [--ns <NAMESPACE>] > Namespace > [--vmid <VMID>] > @@ -38,7 +40,7 @@ Options: > [--backup-time <EPOCH>] > Backup timestamp > --fingerprint <FINGERPRINT> > - Proxmox Backup Server Fingerprint [env: PBS_FINGERPRINT=] > + Proxmox Backup Server Fingerprint [env: PBS_FINGERPRINT] > --keyfile <KEYFILE> > Key file > --master-keyfile <MASTER_KEYFILE> > @@ -48,9 +50,10 @@ Options: > -e, --encrypt > Encrypt the Backup > --password-file <PASSWORD_FILE> > - Password file > + Password file [env: PBS_PASSWORD, PBS_PASSWORD_FD, PBS_PASSWORD_FILE, PBS_PASSWORD_CMD] > --key-password-file <KEY_PASSWORD_FILE> > - Key password file > + Key password file [env: PBS_ENCRYPTION_PASSWORD, PBS_ENCRYPTION_PASSWORD_FD, > + PBS_ENCRYPTION_PASSWORD_FILE, PBS_ENCRYPTION_PASSWORD_CMD] > [--notes-file <NOTES_FILE>] > File containing a comment/notes > [--log-file <LOG_FILE>] > @@ -114,7 +117,7 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> { > std::process::exit(0); > } > > - let pbs_repository = args.value_from_str("--repository")?; > + let pbs_repository = args.opt_value_from_str("--repository")?; > let namespace = args.opt_value_from_str("--ns")?; > let vmid: Option<String> = args.opt_value_from_str("--vmid")?; > let backup_time: Option<i64> = args.opt_value_from_str("--backup-time")?; > @@ -143,10 +146,22 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> { > bail!("unexpected extra arguments, use '-h' for usage"); > } > > + let pbs_repository = match pbs_repository { > + Some(v) => v, > + None => match std::env::var("PBS_REPOSITORY") { > + Ok(v) => v, > + Err(NotPresent) => bail!("Repository not set. Use $PBS_REPOSITORY or --repository"), > + Err(NotUnicode(_)) => bail!("$PBS_REPOSITORY contains invalid unicode"), > + }, > + }; > + > let fingerprint = match fingerprint { > Some(v) => v, > - None => std::env::var("PBS_FINGERPRINT") > - .context("Fingerprint not set. Use $PBS_FINGERPRINT or --fingerprint")?, > + None => match std::env::var("PBS_FINGERPRINT") { > + Ok(v) => v, > + Err(NotPresent) => bail!("Fingerprint not set. Use $PBS_FINGERPRINT or --fingerprint"), > + Err(NotUnicode(_)) => bail!("$PBS_FINGERPRINT contains invalid unicode"), > + }, > }; > > if forwarded_args.len() > 1 { > @@ -155,30 +170,27 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> { > > let vma_file_path = forwarded_args.first(); > > - let pbs_password = match password_file { > - Some(password_file) => { > - let mut password = > - std::fs::read_to_string(password_file).context("Could not read password file")?; > + let pbs_password = if let Some(password_file) = password_file { > + let mut password = > + std::fs::read_to_string(password_file).context("Could not read password file")?; > > - if password.ends_with('\n') || password.ends_with('\r') { > + if password.ends_with('\n') || password.ends_with('\r') { > + password.pop(); > + if password.ends_with('\r') { > password.pop(); > - if password.ends_with('\r') { > - password.pop(); > - } > } > - > - password > } > - None => { > - if vma_file_path.is_none() { > - bail!( > - "Please use --password-file to provide the password \ > - when passing the VMA file to stdin" > - ); > - } > > - String::from_utf8(tty::read_password("Password: ")?)? > - } > + password > + } else if let Some(password) = get_secret_from_env("PBS_PASSWORD")? { > + password > + } else if vma_file_path.is_none() { > + bail!( > + "Please use --password-file, $PBS_PASSWORD, $PBS_PASSWORD_FD, $PBS_PASSWORD_FILE, \ > + or $PBS_PASSWORD_CMD to provide the password when passing the VMA file to stdin" > + ); > + } else { > + String::from_utf8(tty::read_password("Password: ")?)? > }; > > let key_password = if keyfile.is_some() { > @@ -193,6 +205,8 @@ fn parse_args() -> Result<BackupVmaToPbsArgs, Error> { > } > } > > + Some(key_password) > + } else if let Some(key_password) = get_secret_from_env("PBS_ENCRYPTION_PASSWORD")? { > Some(key_password) > } else if vma_file_path.is_none() { > log::info!( > -- > 2.39.5 _______________________________________________ pbs-devel mailing list pbs-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel