2015-08-24 11:13:21 -07:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
exports = module.exports = {
|
2017-04-19 13:30:02 +02:00
|
|
|
backup: backup,
|
|
|
|
|
restore: restore,
|
|
|
|
|
copyBackup: copyBackup,
|
2016-10-11 11:36:25 +02:00
|
|
|
removeBackup: removeBackup,
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
getDownloadStream: getDownloadStream,
|
|
|
|
|
|
2017-01-04 16:22:58 -08:00
|
|
|
backupDone: backupDone,
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
testConfig: testConfig,
|
2015-08-24 11:13:21 -07:00
|
|
|
};
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
var archiver = require('archiver'),
|
|
|
|
|
assert = require('assert'),
|
|
|
|
|
async = require('async'),
|
2015-08-25 10:01:04 -07:00
|
|
|
AWS = require('aws-sdk'),
|
2017-04-19 13:30:02 +02:00
|
|
|
BackupsError = require('../backups.js').BackupsError,
|
2015-11-06 18:22:29 -08:00
|
|
|
config = require('../config.js'),
|
2017-04-19 13:30:02 +02:00
|
|
|
crypto = require('crypto'),
|
2017-01-04 16:26:43 -08:00
|
|
|
debug = require('debug')('box:storage/caas'),
|
2017-04-19 13:30:02 +02:00
|
|
|
mkdirp = require('mkdirp'),
|
|
|
|
|
once = require('once'),
|
|
|
|
|
path = require('path'),
|
2016-10-11 11:36:25 +02:00
|
|
|
SettingsError = require('../settings.js').SettingsError,
|
2017-04-19 13:30:02 +02:00
|
|
|
superagent = require('superagent'),
|
|
|
|
|
tar = require('tar-fs'),
|
|
|
|
|
zlib = require('zlib');
|
2015-08-24 11:13:21 -07:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
var FILE_TYPE = '.tar.gz';
|
|
|
|
|
|
|
|
|
|
// internal only
|
2016-03-31 09:48:01 -07:00
|
|
|
function getBackupCredentials(apiConfig, callback) {
|
|
|
|
|
assert.strictEqual(typeof apiConfig, 'object');
|
2015-08-24 11:13:21 -07:00
|
|
|
assert.strictEqual(typeof callback, 'function');
|
2016-03-31 09:48:01 -07:00
|
|
|
assert(apiConfig.token);
|
2015-08-24 11:13:21 -07:00
|
|
|
|
2015-11-06 18:22:29 -08:00
|
|
|
var url = config.apiServerOrigin() + '/api/v1/boxes/' + config.fqdn() + '/awscredentials';
|
2016-09-12 12:53:51 -07:00
|
|
|
superagent.post(url).query({ token: apiConfig.token }).timeout(30 * 1000).end(function (error, result) {
|
2015-12-15 09:12:52 -08:00
|
|
|
if (error && !error.response) return callback(error);
|
2015-11-06 18:22:29 -08:00
|
|
|
if (result.statusCode !== 201) return callback(new Error(result.text));
|
|
|
|
|
if (!result.body || !result.body.credentials) return callback(new Error('Unexpected response'));
|
2015-08-24 12:25:05 -07:00
|
|
|
|
2015-09-09 11:43:50 -07:00
|
|
|
var credentials = {
|
2016-09-16 10:58:34 +02:00
|
|
|
signatureVersion: 'v4',
|
2015-11-06 18:22:29 -08:00
|
|
|
accessKeyId: result.body.credentials.AccessKeyId,
|
|
|
|
|
secretAccessKey: result.body.credentials.SecretAccessKey,
|
2016-04-04 11:23:38 -07:00
|
|
|
sessionToken: result.body.credentials.SessionToken,
|
2016-03-31 09:48:38 -07:00
|
|
|
region: apiConfig.region || 'us-east-1'
|
2015-09-09 11:43:50 -07:00
|
|
|
};
|
|
|
|
|
|
2016-03-31 09:48:01 -07:00
|
|
|
if (apiConfig.endpoint) credentials.endpoint = new AWS.Endpoint(apiConfig.endpoint);
|
2015-09-09 11:43:50 -07:00
|
|
|
|
|
|
|
|
callback(null, credentials);
|
2015-11-06 18:22:29 -08:00
|
|
|
});
|
2015-08-24 11:13:21 -07:00
|
|
|
}
|
2015-08-25 10:01:04 -07:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
function getBackupFilePath(apiConfig, backupId) {
|
2016-09-16 10:58:34 +02:00
|
|
|
assert.strictEqual(typeof apiConfig, 'object');
|
2017-04-19 13:30:02 +02:00
|
|
|
assert.strictEqual(typeof backupId, 'string');
|
|
|
|
|
|
|
|
|
|
return path.join(apiConfig.prefix, backupId.endsWith(FILE_TYPE) ? backupId : backupId+FILE_TYPE);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// storage api
|
|
|
|
|
function backup(apiConfig, backupId, sourceDirectories, callback) {
|
|
|
|
|
assert.strictEqual(typeof apiConfig, 'object');
|
|
|
|
|
assert.strictEqual(typeof backupId, 'string');
|
|
|
|
|
assert(Array.isArray(sourceDirectories));
|
2016-09-16 10:58:34 +02:00
|
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
callback = once(callback);
|
|
|
|
|
|
|
|
|
|
var backupFilePath = getBackupFilePath(apiConfig, backupId);
|
|
|
|
|
|
|
|
|
|
debug('[%s] backup: %j -> %s', backupId, sourceDirectories, backupFilePath);
|
|
|
|
|
|
|
|
|
|
getBackupCredentials(apiConfig, function (error, credentials) {
|
2016-09-16 10:58:34 +02:00
|
|
|
if (error) return callback(error);
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
var archive = archiver('tar', { gzip: true });
|
|
|
|
|
var encrypt = crypto.createCipher('aes-256-cbc', apiConfig.key || '');
|
|
|
|
|
|
|
|
|
|
encrypt.on('error', function (error) {
|
|
|
|
|
console.error('[%s] backup: cipher stream error.', backupId, error);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
archive.on('error', function (error) {
|
|
|
|
|
console.error('[%s] backup: archive stream error.', backupId, error);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
archive.pipe(encrypt);
|
2016-09-16 10:58:34 +02:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
sourceDirectories.forEach(function (directory) {
|
|
|
|
|
// archive does not like destination beginning with a slash
|
|
|
|
|
directory.destination = path.normalize(directory.destination).replace(/^\//, '');
|
|
|
|
|
|
|
|
|
|
archive.directory(directory.source, directory.destination);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
archive.finalize();
|
|
|
|
|
|
|
|
|
|
var params = {
|
|
|
|
|
Bucket: apiConfig.bucket,
|
|
|
|
|
Key: backupFilePath,
|
|
|
|
|
Body: encrypt
|
2016-09-16 10:58:34 +02:00
|
|
|
};
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
var s3 = new AWS.S3(credentials);
|
|
|
|
|
s3.upload(params, function (error) {
|
|
|
|
|
if (error) {
|
|
|
|
|
console.error('[%s] backup: s3 upload error.', backupId, error);
|
|
|
|
|
return callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
callback(null);
|
|
|
|
|
});
|
2016-09-16 10:58:34 +02:00
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
function restore(apiConfig, backupId, destinationDirectories, callback) {
|
2016-09-16 11:21:08 +02:00
|
|
|
assert.strictEqual(typeof apiConfig, 'object');
|
2017-04-19 13:30:02 +02:00
|
|
|
assert.strictEqual(typeof backupId, 'string');
|
|
|
|
|
assert(Array.isArray(destinationDirectories));
|
2016-09-16 11:21:08 +02:00
|
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
var backupFilePath = getBackupFilePath(apiConfig, backupId);
|
|
|
|
|
|
|
|
|
|
debug('[%s] restore: %s -> %j', backupId, backupFilePath, destinationDirectories);
|
|
|
|
|
|
|
|
|
|
getBackupCredentials(apiConfig, function (error, credentials) {
|
2016-09-16 11:21:08 +02:00
|
|
|
if (error) return callback(error);
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
async.eachSeries(destinationDirectories, function (directory, callback) {
|
|
|
|
|
debug('[%s] restore: directory %s -> %s', backupId, directory.source, directory.destination);
|
2016-09-16 11:21:08 +02:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
// tar-fs reports without slash at the beginning
|
|
|
|
|
directory.source = path.normalize(directory.source).replace(/^\//, '');
|
|
|
|
|
|
|
|
|
|
mkdirp(directory.destination, function (error) {
|
|
|
|
|
if (error) return callback(error);
|
|
|
|
|
|
|
|
|
|
var params = {
|
|
|
|
|
Bucket: apiConfig.bucket,
|
|
|
|
|
Key: backupFilePath
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
var s3 = new AWS.S3(credentials);
|
|
|
|
|
|
|
|
|
|
var s3get = s3.getObject(params).createReadStream();
|
|
|
|
|
var decrypt = crypto.createDecipher('aes-256-cbc', apiConfig.key || '');
|
|
|
|
|
var gunzip = zlib.createGunzip({});
|
|
|
|
|
|
|
|
|
|
var IGNORE_PREFIX = '__ignore__';
|
|
|
|
|
var extract = tar.extract(directory.destination, {
|
|
|
|
|
ignore: function (name, header) { return header.name.startsWith(IGNORE_PREFIX); },
|
|
|
|
|
map: function (header) {
|
|
|
|
|
// ignore is called after map, we mark everything we dont want!
|
|
|
|
|
// else slice off the mapping prefix
|
|
|
|
|
if (!header.name.startsWith(directory.source)) header.name = IGNORE_PREFIX + header.name;
|
|
|
|
|
else header.name = header.name.slice(directory.source.length);
|
|
|
|
|
|
|
|
|
|
return header;
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
s3get.on('error', function (error) {
|
|
|
|
|
// TODO ENOENT for the mock, fix upstream!
|
|
|
|
|
if (error.code === 'NoSuchKey' || error.code === 'ENOENT') return callback(new BackupsError(BackupsError.NOT_FOUND));
|
|
|
|
|
|
|
|
|
|
console.error('[%s] restore: s3 stream error.', backupId, error);
|
|
|
|
|
callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error));
|
|
|
|
|
});
|
2016-09-16 11:21:08 +02:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
decrypt.on('error', function (error) {
|
|
|
|
|
console.error('[%s] restore: decipher stream error.', error);
|
|
|
|
|
callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
gunzip.on('error', function (error) {
|
|
|
|
|
console.error('[%s] restore: gunzip stream error.', error);
|
|
|
|
|
callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
extract.on('error', function (error) {
|
|
|
|
|
console.error('[%s] restore: extract stream error.', error);
|
|
|
|
|
callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
extract.on('finish', function () {
|
|
|
|
|
debug('[%s] restore: directory %s done.', backupId, directory.source);
|
|
|
|
|
callback();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
s3get.pipe(decrypt).pipe(gunzip).pipe(extract);
|
|
|
|
|
});
|
|
|
|
|
}, function (error) {
|
|
|
|
|
if (error) return callback(error);
|
|
|
|
|
|
|
|
|
|
debug('[%s] restore: done', backupId);
|
|
|
|
|
|
|
|
|
|
callback(null);
|
|
|
|
|
});
|
2016-09-16 11:21:08 +02:00
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
function copyBackup(apiConfig, oldBackupId, newBackupId, callback) {
|
2016-03-31 09:48:01 -07:00
|
|
|
assert.strictEqual(typeof apiConfig, 'object');
|
2017-04-19 13:30:02 +02:00
|
|
|
assert.strictEqual(typeof oldBackupId, 'string');
|
|
|
|
|
assert.strictEqual(typeof newBackupId, 'string');
|
2015-08-25 10:01:04 -07:00
|
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
|
|
2016-04-04 15:54:16 -07:00
|
|
|
getBackupCredentials(apiConfig, function (error, credentials) {
|
|
|
|
|
if (error) return callback(error);
|
|
|
|
|
|
|
|
|
|
var params = {
|
|
|
|
|
Bucket: apiConfig.bucket,
|
2017-04-19 13:30:02 +02:00
|
|
|
Key: getBackupFilePath(apiConfig, newBackupId),
|
|
|
|
|
CopySource: path.join(apiConfig.bucket, getBackupFilePath(apiConfig, oldBackupId))
|
2016-04-04 15:54:16 -07:00
|
|
|
};
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
var s3 = new AWS.S3(credentials);
|
|
|
|
|
s3.copyObject(params, function (error) {
|
|
|
|
|
if (error && error.code === 'NoSuchKey') return callback(new BackupsError(BackupsError.NOT_FOUND));
|
|
|
|
|
if (error) {
|
|
|
|
|
console.error('copyBackup: s3 copy error.', error);
|
|
|
|
|
return callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
callback(null);
|
|
|
|
|
});
|
2015-08-25 10:01:04 -07:00
|
|
|
});
|
|
|
|
|
}
|
2015-08-26 16:14:51 -07:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
function removeBackup(apiConfig, backupId, appBackupIds, callback) {
|
2016-09-19 15:03:38 +02:00
|
|
|
assert.strictEqual(typeof apiConfig, 'object');
|
|
|
|
|
assert.strictEqual(typeof backupId, 'string');
|
2017-04-19 13:30:02 +02:00
|
|
|
assert(Array.isArray(appBackupIds));
|
2016-09-19 15:03:38 +02:00
|
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
getBackupCredentials(apiConfig, function (error, credentials) {
|
2016-09-19 15:03:38 +02:00
|
|
|
if (error) return callback(error);
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
var params = {
|
|
|
|
|
Bucket: apiConfig.bucket,
|
|
|
|
|
Key: getBackupFilePath(apiConfig, backupId)
|
|
|
|
|
};
|
2016-09-19 15:03:38 +02:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
var s3 = new AWS.S3(credentials);
|
|
|
|
|
s3.deleteObject(params, function (error) {
|
|
|
|
|
if (error) console.error('Unable to remove %s. Not fatal.', params.Key, error);
|
|
|
|
|
callback(null);
|
2016-09-19 15:03:38 +02:00
|
|
|
});
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
function getDownloadStream(apiConfig, backupId, callback) {
|
2016-09-16 18:14:36 +02:00
|
|
|
assert.strictEqual(typeof apiConfig, 'object');
|
2017-04-19 13:30:02 +02:00
|
|
|
assert.strictEqual(typeof backupId, 'string');
|
2016-09-16 18:14:36 +02:00
|
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
callback = once(callback);
|
2016-09-16 18:14:36 +02:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
var backupFilePath = getBackupFilePath(apiConfig, backupId);
|
2015-09-21 14:02:00 -07:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
debug('[%s] getDownloadStream: %s %s', backupId, backupId, backupFilePath);
|
2015-11-09 22:45:07 -08:00
|
|
|
|
2016-03-31 09:48:01 -07:00
|
|
|
getBackupCredentials(apiConfig, function (error, credentials) {
|
2015-09-21 14:02:00 -07:00
|
|
|
if (error) return callback(error);
|
|
|
|
|
|
|
|
|
|
var params = {
|
2017-04-19 13:30:02 +02:00
|
|
|
Bucket: apiConfig.bucket,
|
|
|
|
|
Key: backupFilePath
|
2015-09-21 14:02:00 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
var s3 = new AWS.S3(credentials);
|
2016-10-10 15:04:28 +02:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
s3.headObject(params, function (error) {
|
|
|
|
|
// TODO ENOENT for the mock, fix upstream!
|
|
|
|
|
if (error && (error.code === 'NotFound' || error.code === 'ENOENT')) return callback(new BackupsError(BackupsError.NOT_FOUND));
|
|
|
|
|
if (error) return callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error));
|
|
|
|
|
|
|
|
|
|
var s3get = s3.getObject(params).createReadStream();
|
|
|
|
|
var decrypt = crypto.createDecipher('aes-256-cbc', apiConfig.key || '');
|
2016-10-10 15:04:28 +02:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
s3get.on('error', function (error) {
|
|
|
|
|
if (error.code === 'NoSuchKey') return callback(new BackupsError(BackupsError.NOT_FOUND));
|
2016-10-10 15:04:28 +02:00
|
|
|
|
2017-04-19 13:30:02 +02:00
|
|
|
console.error('[%s] getDownloadStream: s3 stream error.', backupId, error);
|
|
|
|
|
callback(new BackupsError(BackupsError.EXTERNAL_ERROR, error));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
decrypt.on('error', function (error) {
|
|
|
|
|
console.error('[%s] getDownloadStream: decipher stream error.', error);
|
|
|
|
|
callback(new BackupsError(BackupsError.INTERNAL_ERROR, error));
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
s3get.pipe(decrypt);
|
|
|
|
|
|
|
|
|
|
callback(null, decrypt);
|
|
|
|
|
});
|
|
|
|
|
});
|
2016-10-10 15:04:28 +02:00
|
|
|
}
|
2016-10-11 11:36:25 +02:00
|
|
|
|
|
|
|
|
function testConfig(apiConfig, callback) {
|
|
|
|
|
assert.strictEqual(typeof apiConfig, 'object');
|
|
|
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
|
|
|
|
|
|
if (config.provider() !== 'caas') return callback(new SettingsError(SettingsError.BAD_FIELD, 'instance provider must be caas'));
|
|
|
|
|
|
|
|
|
|
callback();
|
|
|
|
|
}
|
2017-01-04 16:22:58 -08:00
|
|
|
|
|
|
|
|
function backupDone(filename, app, appBackupIds, callback) {
|
|
|
|
|
assert.strictEqual(typeof filename, 'string');
|
|
|
|
|
assert(!app || typeof app === 'object');
|
|
|
|
|
assert(!appBackupIds || Array.isArray(appBackupIds));
|
|
|
|
|
assert.strictEqual(typeof callback, 'function');
|
|
|
|
|
|
2017-01-04 16:26:43 -08:00
|
|
|
debug('backupDone %s', filename);
|
2017-01-04 16:22:58 -08:00
|
|
|
|
2017-01-04 16:26:43 -08:00
|
|
|
var url = config.apiServerOrigin() + '/api/v1/boxes/' + config.fqdn() + '/backupDone';
|
|
|
|
|
var data = {
|
|
|
|
|
boxVersion: config.version(),
|
|
|
|
|
restoreKey: filename,
|
|
|
|
|
appId: app ? app.id : null,
|
|
|
|
|
appVersion: app ? app.manifest.version : null,
|
|
|
|
|
appBackupIds: appBackupIds
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
superagent.post(url).send(data).query({ token: config.token() }).timeout(30 * 1000).end(function (error, result) {
|
|
|
|
|
if (error && !error.response) return callback(error);
|
|
|
|
|
if (result.statusCode !== 200) return callback(new Error(result.text));
|
|
|
|
|
if (!result.body) return callback(new Error('Unexpected response'));
|
|
|
|
|
|
|
|
|
|
return callback(null);
|
|
|
|
|
});
|
|
|
|
|
}
|
