ok
Direktori : /opt/imunify360/venv/lib/python3.11/site-packages/defence360agent/subsys/ |
Current File : //opt/imunify360/venv/lib/python3.11/site-packages/defence360agent/subsys/backup_systems.py |
import asyncio import functools import logging from datetime import timezone from typing import Callable, Dict, List, Optional from defence360agent.contracts.config import ( ACRONIS, ANTIVIRUS_MODE, AcronisBackup as AcronisBackupConfig, BackupConfig, BackupRestore, CLOUDLINUX, CLOUDLINUX_ON_PREMISE, CLUSTERLOGICS, CPANEL, Core, DIRECTADMIN, PLESK, R1SOFT, SAMPLE_BACKEND, ) from defence360agent.contracts.license import LicenseCLN from defence360agent.internals.cln import BackupNotFound, RestCLN from defence360agent.subsys.panels.cpanel.panel import cPanel from defence360agent.subsys.panels.directadmin.panel import DirectAdmin from defence360agent.subsys.panels.plesk.panel import Plesk if not ANTIVIRUS_MODE: from restore_infected import backup_backends from restore_infected.backup_backends.acronis import BackupFailed from restore_infected.backup_backends_lib import ( BackendNonApplicableError, BackendNotAuthorizedError, ) logger = logging.getLogger(__name__) def get_backend(name): try: return _get_avalible_backends(include_sample=True)[name]() except (KeyError, BackendNonApplicableError) as e: raise ValueError("Backup system is not available: {}".format(name)) def get_available_backends_names() -> List[str]: names = [] # Don't list the CL Backup as available for selection for name, cls in _get_avalible_backends(include_cl=False).items(): try: cls() except BackendNonApplicableError: pass else: names.append(name) return names def _get_avalible_backends( include_sample=False, include_cl=True, ) -> Dict[str, Callable]: backends = { ACRONIS: Acronis, R1SOFT: R1Soft, # https://cloudlinux.atlassian.net/browse/DEF-8806 # CLUSTERLOGICS: ClusterLogics, } if BackupRestore.CL_BACKUP_ALLOWED and include_cl: backends[CLOUDLINUX] = CloudLinux if BackupRestore.CL_ON_PREMISE_BACKUP_ALLOWED: backends[CLOUDLINUX_ON_PREMISE] = CloudLinuxOnPremise if cPanel.is_installed(): backends[CPANEL] = cPanelBackup elif Plesk.is_installed(): backends[PLESK] = PleskBackup elif DirectAdmin.is_installed(): backends[DIRECTADMIN] = DirectAdminBackup if include_sample: backends[SAMPLE_BACKEND] = Sample return backends def get_current_backend() -> Optional[str]: conf = BackupConfig().config_to_dict().get("BACKUP_SYSTEM", {}) return conf.get("enabled") and conf.get("backup_system") async def get_last_backup_timestamp() -> Optional[int]: backend = get_current_backend() if not backend: return None backend_instance = get_backend(backend) # type: BackupSystem return await backend_instance.get_last_backup_timestamp() def transactional(f): async def wrapper(cls, *args, **kwargs): ok = False try: rv = await f(cls, *args, **kwargs) ok = True finally: cls._update_backups_config(enabled=ok) return rv return wrapper class BackupException(Exception): pass class BackupSystem: def __init__(self, name, log_path=None): self.name = name self.log_path = log_path def _update_backups_config(self, enabled): new_conf = { "BACKUP_SYSTEM": { "enabled": enabled, "backup_system": self.name if enabled else None, } } BackupConfig().dict_to_config(new_conf, overwrite=True, validate=True) async def init(self, *args, **kwargs): self._update_backups_config(enabled=True) async def disable(self, delete_backups=False): self._update_backups_config(enabled=False) async def check(self): return {} async def show(self): return {} async def make_backup(self): pass async def check_state(self) -> bool: conf = BackupConfig().config_to_dict().get("BACKUP_SYSTEM", {}) return conf.get("enabled") and conf.get("backup_system") == self.name async def get_last_backup_timestamp(self) -> Optional[int]: return None class PleskBackup(BackupSystem): def __init__(self): super().__init__(PLESK) class cPanelBackup(BackupSystem): def __init__(self): super().__init__(CPANEL) class DirectAdminBackup(BackupSystem): def __init__(self): super().__init__(DIRECTADMIN) class R1Soft(BackupSystem): def __init__(self): super().__init__(R1SOFT) self.backend = backup_backends.backend("r1soft", async_=True) async def show(self) -> dict: info_data = await self.backend.info() return { k: v for k, v in info_data.items() if k in ("username", "timestamp", "ip") } @transactional async def init(self, ip, username, password, encryption_key, **kwargs): await self.backend.init(ip, username, password, encryption_key) class ClusterLogics(BackupSystem): def __init__(self): super().__init__(CLUSTERLOGICS) self.backend = backup_backends.backend(CLUSTERLOGICS, async_=True) async def show(self) -> dict: info_data = await self.backend.info() return { k: v for k, v in info_data.items() if k in ("username", "url", "apikey") } @transactional async def init(self, **kwargs): # 'force' argument (for arconis only) has default value # also, need to use default value for 'url', # assigned inside backend.init del kwargs["force"] await self.backend.init(**kwargs) class Sample(BackupSystem): def __init__(self): super().__init__(SAMPLE_BACKEND) self.backend = backup_backends.backend(self.name, async_=True) class Acronis(BackupSystem): def __init__(self): super().__init__( ACRONIS, "/var/log/%s/%s" % (Core.PRODUCT, AcronisBackupConfig.LOG_NAME), ) self.backend = backup_backends.backend(self.name, async_=True) async def show(self) -> dict: info_data = await self.backend.info() return { k: v for k, v in info_data.items() if k in ("username", "timestamp") } @transactional async def init(self, username, password, force=False, **kwargs): provision = not await self.backend.is_agent_installed() await self.backend.init( username, password, provision=provision, force=force, tmp_dir=Core.TMPDIR, ) async def _list_backups(self, until=None): return await self.backend.backups(until) async def get_last_backup_timestamp(self) -> Optional[int]: backups = await self._list_backups() if backups: return int( max( backup.created.replace(tzinfo=timezone.utc).timestamp() for backup in backups ) ) return None async def check_state(self) -> bool: """if backup exists, than state OK""" try: return bool(await self._list_backups()) except (asyncio.CancelledError, BackendNotAuthorizedError): raise except Exception: logger.exception("Error during checking state") return False class CloudLinuxBase(Acronis): async def show(self) -> dict: info_data = await self.backend.info() info_data["backup_space_used_bytes"] = info_data.pop("usage") info_data["login_url"] = await self.backend.login_url() return info_data async def make_backup(self): logger.info("Making backup") try: await self.backend.make_initial_backup_strict() except BackupFailed as e: logging.exception("CloudLinux backup failed") raise BackupException( str(e) if len(e.args) and e.args[0] else "BackupFailed" ) async def get_backup_progress(self) -> Optional[int]: return await self.backend.get_backup_progress() async def init(self, username, password, force=False, **kwargs): logger.info("Starting %s init" % self.name) provision = not await self.backend.is_agent_installed() await self.backend.init( username, password, provision=provision, force=force, tmp_dir=Core.TMPDIR, ) class CloudLinux(CloudLinuxBase): PAID, UNPAID = "paid", "unpaid" def __init__(self): super().__init__() self.name = CLOUDLINUX @transactional async def init(self, force=False, **kwargs): credentials = await RestCLN.acronis_credentials( server_id=LicenseCLN.get_server_id() ) await super().init( credentials["login"], credentials["password"], force=force, ) class Decorators: @staticmethod def update_credentials_on_unauthorized_error(f): @functools.wraps(f) async def wrapped(self, *args, **kwargs): try: return await f(self, *args, **kwargs) except BackendNotAuthorizedError: await self.init(force=True) return await f(self, *args, **kwargs) return wrapped @Decorators.update_credentials_on_unauthorized_error async def show(self) -> dict: info_data = await super().show() # FIXME: raise exception when server_id is None response = await RestCLN.acronis_check( server_id=LicenseCLN.get_server_id() ) purchased_backup_gb = response.get("size", 0) resize_url = response.get("url", None) info_data["purchased_backup_gb"] = purchased_backup_gb info_data["resize_url"] = resize_url return info_data @Decorators.update_credentials_on_unauthorized_error async def make_backup(self): await super().make_backup() @Decorators.update_credentials_on_unauthorized_error async def get_backup_progress(self) -> Optional[int]: return await super().get_backup_progress() @Decorators.update_credentials_on_unauthorized_error async def get_last_backup_timestamp(self) -> Optional[int]: return await super().get_last_backup_timestamp() @Decorators.update_credentials_on_unauthorized_error async def check_state(self) -> bool: return await super().check_state() async def check(self) -> dict: try: content = await RestCLN.acronis_check( server_id=LicenseCLN.get_server_id() ) except BackupNotFound as e: return {"status": self.UNPAID, "url": e.add_used_space()} return {"status": self.PAID, "size": content.get("size")} async def disable(self, delete_backups=False): await super().disable() if delete_backups: await RestCLN.acronis_remove(server_id=LicenseCLN.get_server_id()) class CloudLinuxOnPremise(CloudLinuxBase): def __init__(self): super().__init__() self.name = CLOUDLINUX_ON_PREMISE @transactional async def init(self, *args, **kwargs): await super().init(*args, **kwargs)