2022-02-13 10:52:19 +01:00
|
|
|
// Copyright 2022 - Offen Authors <hioffen@posteo.de>
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
|
|
|
package main
|
|
|
|
|
2022-05-08 11:20:38 +02:00
|
|
|
import (
|
2022-12-22 14:37:51 +01:00
|
|
|
"crypto/x509"
|
|
|
|
"encoding/pem"
|
2022-05-08 11:20:38 +02:00
|
|
|
"fmt"
|
2022-12-22 14:37:51 +01:00
|
|
|
"io/ioutil"
|
2022-10-12 21:15:17 +02:00
|
|
|
"os"
|
2022-05-08 11:20:38 +02:00
|
|
|
"regexp"
|
|
|
|
"time"
|
|
|
|
)
|
2022-02-13 10:52:19 +01:00
|
|
|
|
|
|
|
// Config holds all configuration values that are expected to be set
|
|
|
|
// by users.
|
|
|
|
type Config struct {
|
2022-12-23 09:21:26 +01:00
|
|
|
AwsS3BucketName string `split_words:"true"`
|
|
|
|
AwsS3Path string `split_words:"true"`
|
|
|
|
AwsEndpoint string `split_words:"true" default:"s3.amazonaws.com"`
|
|
|
|
AwsEndpointProto string `split_words:"true" default:"https"`
|
|
|
|
AwsEndpointInsecure bool `split_words:"true"`
|
|
|
|
AwsEndpointCACert CertDecoder `envconfig:"AWS_ENDPOINT_CA_CERT"`
|
|
|
|
AwsStorageClass string `split_words:"true"`
|
|
|
|
AwsAccessKeyID string `envconfig:"AWS_ACCESS_KEY_ID"`
|
|
|
|
AwsAccessKeyIDFile string `envconfig:"AWS_ACCESS_KEY_ID_FILE"`
|
|
|
|
AwsSecretAccessKey string `split_words:"true"`
|
|
|
|
AwsSecretAccessKeyFile string `split_words:"true"`
|
|
|
|
AwsIamRoleEndpoint string `split_words:"true"`
|
|
|
|
BackupSources string `split_words:"true" default:"/backup"`
|
|
|
|
BackupFilename string `split_words:"true" default:"backup-%Y-%m-%dT%H-%M-%S.tar.gz"`
|
|
|
|
BackupFilenameExpand bool `split_words:"true"`
|
|
|
|
BackupLatestSymlink string `split_words:"true"`
|
|
|
|
BackupArchive string `split_words:"true" default:"/archive"`
|
|
|
|
BackupRetentionDays int32 `split_words:"true" default:"-1"`
|
|
|
|
BackupPruningLeeway time.Duration `split_words:"true" default:"1m"`
|
|
|
|
BackupPruningPrefix string `split_words:"true"`
|
|
|
|
BackupStopContainerLabel string `split_words:"true" default:"true"`
|
|
|
|
BackupFromSnapshot bool `split_words:"true"`
|
|
|
|
BackupExcludeRegexp RegexpDecoder `split_words:"true"`
|
|
|
|
GpgPassphrase string `split_words:"true"`
|
|
|
|
NotificationURLs []string `envconfig:"NOTIFICATION_URLS"`
|
|
|
|
NotificationLevel string `split_words:"true" default:"error"`
|
|
|
|
EmailNotificationRecipient string `split_words:"true"`
|
|
|
|
EmailNotificationSender string `split_words:"true" default:"noreply@nohost"`
|
|
|
|
EmailSMTPHost string `envconfig:"EMAIL_SMTP_HOST"`
|
|
|
|
EmailSMTPPort int `envconfig:"EMAIL_SMTP_PORT" default:"587"`
|
|
|
|
EmailSMTPUsername string `envconfig:"EMAIL_SMTP_USERNAME"`
|
|
|
|
EmailSMTPPassword string `envconfig:"EMAIL_SMTP_PASSWORD"`
|
|
|
|
WebdavUrl string `split_words:"true"`
|
|
|
|
WebdavUrlInsecure bool `split_words:"true"`
|
|
|
|
WebdavPath string `split_words:"true" default:"/"`
|
|
|
|
WebdavUsername string `split_words:"true"`
|
|
|
|
WebdavPassword string `split_words:"true"`
|
|
|
|
SSHHostName string `split_words:"true"`
|
|
|
|
SSHPort string `split_words:"true" default:"22"`
|
|
|
|
SSHUser string `split_words:"true"`
|
|
|
|
SSHPassword string `split_words:"true"`
|
|
|
|
SSHIdentityFile string `split_words:"true" default:"/root/.ssh/id_rsa"`
|
|
|
|
SSHIdentityPassphrase string `split_words:"true"`
|
|
|
|
SSHRemotePath string `split_words:"true"`
|
|
|
|
ExecLabel string `split_words:"true"`
|
|
|
|
ExecForwardOutput bool `split_words:"true"`
|
|
|
|
LockTimeout time.Duration `split_words:"true" default:"60m"`
|
|
|
|
AzureStorageAccountName string `split_words:"true"`
|
|
|
|
AzureStoragePrimaryAccountKey string `split_words:"true"`
|
|
|
|
AzureStorageContainerName string `split_words:"true"`
|
2022-12-24 10:30:12 +01:00
|
|
|
AzureStoragePath string `split_words:"true"`
|
2022-12-24 09:06:51 +01:00
|
|
|
AzureStorageEndpoint string `split_words:"true" default:"https://{{ .AccountName }}.blob.core.windows.net/"`
|
2022-02-13 10:52:19 +01:00
|
|
|
}
|
2022-05-08 11:20:38 +02:00
|
|
|
|
2022-10-12 19:14:57 +02:00
|
|
|
func (c *Config) resolveSecret(envVar string, secretPath string) (string, error) {
|
2022-10-12 21:15:17 +02:00
|
|
|
if secretPath == "" {
|
|
|
|
return envVar, nil
|
|
|
|
}
|
|
|
|
data, err := os.ReadFile(secretPath)
|
|
|
|
if err != nil {
|
|
|
|
return "", fmt.Errorf("resolveSecret: error reading secret path: %w", err)
|
2022-10-12 19:14:57 +02:00
|
|
|
}
|
2022-10-12 21:15:17 +02:00
|
|
|
return string(data), nil
|
2022-10-12 19:14:57 +02:00
|
|
|
}
|
|
|
|
|
2022-12-22 14:37:51 +01:00
|
|
|
type CertDecoder struct {
|
|
|
|
Cert *x509.Certificate
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *CertDecoder) Decode(v string) error {
|
|
|
|
if v == "" {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
content, err := ioutil.ReadFile(v)
|
|
|
|
if err != nil {
|
|
|
|
content = []byte(v)
|
|
|
|
}
|
|
|
|
block, _ := pem.Decode(content)
|
|
|
|
cert, err := x509.ParseCertificate(block.Bytes)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("config: error parsing certificate: %w", err)
|
|
|
|
}
|
|
|
|
*c = CertDecoder{Cert: cert}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2022-05-08 11:20:38 +02:00
|
|
|
type RegexpDecoder struct {
|
|
|
|
Re *regexp.Regexp
|
|
|
|
}
|
|
|
|
|
|
|
|
func (r *RegexpDecoder) Decode(v string) error {
|
|
|
|
if v == "" {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
re, err := regexp.Compile(v)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("config: error compiling given regexp `%s`: %w", v, err)
|
|
|
|
}
|
|
|
|
*r = RegexpDecoder{Re: re}
|
|
|
|
return nil
|
|
|
|
}
|