Current File : //opt/imunify360/venv/lib64/python3.11/site-packages/defence360agent/subsys/backup_systems.py |
import asyncio
import functools
import logging
from datetime import timezone
from typing import Callable, Dict, List, Optional
from defence360agent.contracts.config import (
ACRONIS,
ANTIVIRUS_MODE,
AcronisBackup as AcronisBackupConfig,
BackupConfig,
BackupRestore,
CLOUDLINUX,
CLOUDLINUX_ON_PREMISE,
CLUSTERLOGICS,
CPANEL,
Core,
DIRECTADMIN,
PLESK,
R1SOFT,
SAMPLE_BACKEND,
)
from defence360agent.contracts.license import LicenseCLN
from defence360agent.internals.cln import BackupNotFound, RestCLN
from defence360agent.subsys.panels.cpanel.panel import cPanel
from defence360agent.subsys.panels.directadmin.panel import DirectAdmin
from defence360agent.subsys.panels.plesk.panel import Plesk
if not ANTIVIRUS_MODE:
from restore_infected import backup_backends
from restore_infected.backup_backends.acronis import BackupFailed
from restore_infected.backup_backends_lib import (
BackendNonApplicableError,
BackendNotAuthorizedError,
)
logger = logging.getLogger(__name__)
def get_backend(name):
try:
return _get_avalible_backends(include_sample=True)[name]()
except (KeyError, BackendNonApplicableError) as e:
raise ValueError("Backup system is not available: {}".format(name))
def get_available_backends_names() -> List[str]:
names = []
# Don't list the CL Backup as available for selection
for name, cls in _get_avalible_backends(include_cl=False).items():
try:
cls()
except BackendNonApplicableError:
pass
else:
names.append(name)
return names
def _get_avalible_backends(
include_sample=False,
include_cl=True,
) -> Dict[str, Callable]:
backends = {
ACRONIS: Acronis,
R1SOFT: R1Soft,
# https://cloudlinux.atlassian.net/browse/DEF-8806
# CLUSTERLOGICS: ClusterLogics,
}
if BackupRestore.CL_BACKUP_ALLOWED and include_cl:
backends[CLOUDLINUX] = CloudLinux
if BackupRestore.CL_ON_PREMISE_BACKUP_ALLOWED:
backends[CLOUDLINUX_ON_PREMISE] = CloudLinuxOnPremise
if cPanel.is_installed():
backends[CPANEL] = cPanelBackup
elif Plesk.is_installed():
backends[PLESK] = PleskBackup
elif DirectAdmin.is_installed():
backends[DIRECTADMIN] = DirectAdminBackup
if include_sample:
backends[SAMPLE_BACKEND] = Sample
return backends
def get_current_backend() -> Optional[str]:
conf = BackupConfig().config_to_dict().get("BACKUP_SYSTEM", {})
return conf.get("enabled") and conf.get("backup_system")
async def get_last_backup_timestamp() -> Optional[int]:
backend = get_current_backend()
if not backend:
return None
backend_instance = get_backend(backend) # type: BackupSystem
return await backend_instance.get_last_backup_timestamp()
def transactional(f):
async def wrapper(cls, *args, **kwargs):
ok = False
try:
rv = await f(cls, *args, **kwargs)
ok = True
finally:
cls._update_backups_config(enabled=ok)
return rv
return wrapper
class BackupException(Exception):
pass
class BackupSystem:
def __init__(self, name, log_path=None):
self.name = name
self.log_path = log_path
def _update_backups_config(self, enabled):
new_conf = {
"BACKUP_SYSTEM": {
"enabled": enabled,
"backup_system": self.name if enabled else None,
}
}
BackupConfig().dict_to_config(new_conf, overwrite=True, validate=True)
async def init(self, *args, **kwargs):
self._update_backups_config(enabled=True)
async def disable(self, delete_backups=False):
self._update_backups_config(enabled=False)
async def check(self):
return {}
async def show(self):
return {}
async def make_backup(self):
pass
async def check_state(self) -> bool:
conf = BackupConfig().config_to_dict().get("BACKUP_SYSTEM", {})
return conf.get("enabled") and conf.get("backup_system") == self.name
async def get_last_backup_timestamp(self) -> Optional[int]:
return None
class PleskBackup(BackupSystem):
def __init__(self):
super().__init__(PLESK)
class cPanelBackup(BackupSystem):
def __init__(self):
super().__init__(CPANEL)
class DirectAdminBackup(BackupSystem):
def __init__(self):
super().__init__(DIRECTADMIN)
class R1Soft(BackupSystem):
def __init__(self):
super().__init__(R1SOFT)
self.backend = backup_backends.backend("r1soft", async_=True)
async def show(self) -> dict:
info_data = await self.backend.info()
return {
k: v
for k, v in info_data.items()
if k in ("username", "timestamp", "ip")
}
@transactional
async def init(self, ip, username, password, encryption_key, **kwargs):
await self.backend.init(ip, username, password, encryption_key)
class ClusterLogics(BackupSystem):
def __init__(self):
super().__init__(CLUSTERLOGICS)
self.backend = backup_backends.backend(CLUSTERLOGICS, async_=True)
async def show(self) -> dict:
info_data = await self.backend.info()
return {
k: v
for k, v in info_data.items()
if k in ("username", "url", "apikey")
}
@transactional
async def init(self, **kwargs):
# 'force' argument (for arconis only) has default value
# also, need to use default value for 'url',
# assigned inside backend.init
del kwargs["force"]
await self.backend.init(**kwargs)
class Sample(BackupSystem):
def __init__(self):
super().__init__(SAMPLE_BACKEND)
self.backend = backup_backends.backend(self.name, async_=True)
class Acronis(BackupSystem):
def __init__(self):
super().__init__(
ACRONIS,
"/var/log/%s/%s" % (Core.PRODUCT, AcronisBackupConfig.LOG_NAME),
)
self.backend = backup_backends.backend(self.name, async_=True)
async def show(self) -> dict:
info_data = await self.backend.info()
return {
k: v
for k, v in info_data.items()
if k in ("username", "timestamp")
}
@transactional
async def init(self, username, password, force=False, **kwargs):
provision = not await self.backend.is_agent_installed()
await self.backend.init(
username,
password,
provision=provision,
force=force,
tmp_dir=Core.TMPDIR,
)
async def _list_backups(self, until=None):
return await self.backend.backups(until)
async def get_last_backup_timestamp(self) -> Optional[int]:
backups = await self._list_backups()
if backups:
return int(
max(
backup.created.replace(tzinfo=timezone.utc).timestamp()
for backup in backups
)
)
return None
async def check_state(self) -> bool:
"""if backup exists, than state OK"""
try:
return bool(await self._list_backups())
except (asyncio.CancelledError, BackendNotAuthorizedError):
raise
except Exception:
logger.exception("Error during checking state")
return False
class CloudLinuxBase(Acronis):
async def show(self) -> dict:
info_data = await self.backend.info()
info_data["backup_space_used_bytes"] = info_data.pop("usage")
info_data["login_url"] = await self.backend.login_url()
return info_data
async def make_backup(self):
logger.info("Making backup")
try:
await self.backend.make_initial_backup_strict()
except BackupFailed as e:
logging.exception("CloudLinux backup failed")
raise BackupException(
str(e) if len(e.args) and e.args[0] else "BackupFailed"
)
async def get_backup_progress(self) -> Optional[int]:
return await self.backend.get_backup_progress()
async def init(self, username, password, force=False, **kwargs):
logger.info("Starting %s init" % self.name)
provision = not await self.backend.is_agent_installed()
await self.backend.init(
username,
password,
provision=provision,
force=force,
tmp_dir=Core.TMPDIR,
)
class CloudLinux(CloudLinuxBase):
PAID, UNPAID = "paid", "unpaid"
def __init__(self):
super().__init__()
self.name = CLOUDLINUX
@transactional
async def init(self, force=False, **kwargs):
credentials = await RestCLN.acronis_credentials(
server_id=LicenseCLN.get_server_id()
)
await super().init(
credentials["login"],
credentials["password"],
force=force,
)
class Decorators:
@staticmethod
def update_credentials_on_unauthorized_error(f):
@functools.wraps(f)
async def wrapped(self, *args, **kwargs):
try:
return await f(self, *args, **kwargs)
except BackendNotAuthorizedError:
await self.init(force=True)
return await f(self, *args, **kwargs)
return wrapped
@Decorators.update_credentials_on_unauthorized_error
async def show(self) -> dict:
info_data = await super().show()
# FIXME: raise exception when server_id is None
response = await RestCLN.acronis_check(
server_id=LicenseCLN.get_server_id()
)
purchased_backup_gb = response.get("size", 0)
resize_url = response.get("url", None)
info_data["purchased_backup_gb"] = purchased_backup_gb
info_data["resize_url"] = resize_url
return info_data
@Decorators.update_credentials_on_unauthorized_error
async def make_backup(self):
await super().make_backup()
@Decorators.update_credentials_on_unauthorized_error
async def get_backup_progress(self) -> Optional[int]:
return await super().get_backup_progress()
@Decorators.update_credentials_on_unauthorized_error
async def get_last_backup_timestamp(self) -> Optional[int]:
return await super().get_last_backup_timestamp()
@Decorators.update_credentials_on_unauthorized_error
async def check_state(self) -> bool:
return await super().check_state()
async def check(self) -> dict:
try:
content = await RestCLN.acronis_check(
server_id=LicenseCLN.get_server_id()
)
except BackupNotFound as e:
return {"status": self.UNPAID, "url": e.add_used_space()}
return {"status": self.PAID, "size": content.get("size")}
async def disable(self, delete_backups=False):
await super().disable()
if delete_backups:
await RestCLN.acronis_remove(server_id=LicenseCLN.get_server_id())
class CloudLinuxOnPremise(CloudLinuxBase):
def __init__(self):
super().__init__()
self.name = CLOUDLINUX_ON_PREMISE
@transactional
async def init(self, *args, **kwargs):
await super().init(*args, **kwargs)