working on the backup management parts

2025-12-29 02:44:52 +07:00
parent f1448d512c
commit fc64391cfb
20 changed files with 4897 additions and 249 deletions
--- a/backend/internal/common/database/migrations.go
+++ b/backend/internal/common/database/migrations.go
@@ -59,7 +59,7 @@ func RunMigrations(ctx context.Context, db *DB) error {

 		if _, err := tx.ExecContext(ctx, string(sql)); err != nil {
 			tx.Rollback()
-			return fmt.Errorf("failed to execute migration %s: %w", migration.Version, err)
+			return fmt.Errorf("failed to execute migration %d: %w", migration.Version, err)
 		}

 		// Record migration
@@ -68,11 +68,11 @@ func RunMigrations(ctx context.Context, db *DB) error {
 			migration.Version,
 		); err != nil {
 			tx.Rollback()
-			return fmt.Errorf("failed to record migration %s: %w", migration.Version, err)
+			return fmt.Errorf("failed to record migration %d: %w", migration.Version, err)
 		}

 		if err := tx.Commit(); err != nil {
-			return fmt.Errorf("failed to commit migration %s: %w", migration.Version, err)
+			return fmt.Errorf("failed to commit migration %d: %w", migration.Version, err)
 		}

 		log.Info("Migration applied successfully", "version", migration.Version)
--- a/backend/internal/common/database/migrations/009_backup_jobs_schema.sql
+++ b/backend/internal/common/database/migrations/009_backup_jobs_schema.sql
@@ -0,0 +1,34 @@
+-- AtlasOS - Calypso
+-- Backup Jobs Schema
+-- Version: 9.0
+
+-- Backup jobs table
+CREATE TABLE IF NOT EXISTS backup_jobs (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    job_id INTEGER NOT NULL UNIQUE, -- Bareos job ID
+    job_name VARCHAR(255) NOT NULL,
+    client_name VARCHAR(255) NOT NULL,
+    job_type VARCHAR(50) NOT NULL, -- 'Backup', 'Restore', 'Verify', 'Copy', 'Migrate'
+    job_level VARCHAR(50) NOT NULL, -- 'Full', 'Incremental', 'Differential', 'Since'
+    status VARCHAR(50) NOT NULL, -- 'Running', 'Completed', 'Failed', 'Canceled', 'Waiting'
+    bytes_written BIGINT NOT NULL DEFAULT 0,
+    files_written INTEGER NOT NULL DEFAULT 0,
+    duration_seconds INTEGER,
+    started_at TIMESTAMP,
+    ended_at TIMESTAMP,
+    error_message TEXT,
+    storage_name VARCHAR(255),
+    pool_name VARCHAR(255),
+    volume_name VARCHAR(255),
+    created_at TIMESTAMP NOT NULL DEFAULT NOW(),
+    updated_at TIMESTAMP NOT NULL DEFAULT NOW()
+);
+
+-- Indexes for performance
+CREATE INDEX IF NOT EXISTS idx_backup_jobs_job_id ON backup_jobs(job_id);
+CREATE INDEX IF NOT EXISTS idx_backup_jobs_job_name ON backup_jobs(job_name);
+CREATE INDEX IF NOT EXISTS idx_backup_jobs_client_name ON backup_jobs(client_name);
+CREATE INDEX IF NOT EXISTS idx_backup_jobs_status ON backup_jobs(status);
+CREATE INDEX IF NOT EXISTS idx_backup_jobs_started_at ON backup_jobs(started_at DESC);
+CREATE INDEX IF NOT EXISTS idx_backup_jobs_job_type ON backup_jobs(job_type);
+
--- a/backend/internal/common/database/migrations/010_add_backup_permissions.sql
+++ b/backend/internal/common/database/migrations/010_add_backup_permissions.sql
@@ -0,0 +1,39 @@
+-- AtlasOS - Calypso
+-- Add Backup Permissions
+-- Version: 10.0
+
+-- Insert backup permissions
+INSERT INTO permissions (name, resource, action, description) VALUES
+    ('backup:read', 'backup', 'read', 'View backup jobs and history'),
+    ('backup:write', 'backup', 'write', 'Create and manage backup jobs'),
+    ('backup:manage', 'backup', 'manage', 'Full backup management')
+ON CONFLICT (name) DO NOTHING;
+
+-- Assign backup permissions to roles
+
+-- Admin gets all backup permissions (explicitly assign since admin query in 001 only runs once)
+INSERT INTO role_permissions (role_id, permission_id)
+SELECT r.id, p.id
+FROM roles r, permissions p
+WHERE r.name = 'admin'
+  AND p.resource = 'backup'
+ON CONFLICT DO NOTHING;
+
+-- Operator gets read and write permissions for backup
+INSERT INTO role_permissions (role_id, permission_id)
+SELECT r.id, p.id
+FROM roles r, permissions p
+WHERE r.name = 'operator'
+  AND p.resource = 'backup'
+  AND p.action IN ('read', 'write')
+ON CONFLICT DO NOTHING;
+
+-- ReadOnly gets only read permission for backup
+INSERT INTO role_permissions (role_id, permission_id)
+SELECT r.id, p.id
+FROM roles r, permissions p
+WHERE r.name = 'readonly'
+  AND p.resource = 'backup'
+  AND p.action = 'read'
+ON CONFLICT DO NOTHING;
+
--- a/backend/internal/common/router/router.go
+++ b/backend/internal/common/router/router.go
@@ -6,6 +6,7 @@ import (

 	"github.com/atlasos/calypso/internal/audit"
 	"github.com/atlasos/calypso/internal/auth"
+	"github.com/atlasos/calypso/internal/backup"
 	"github.com/atlasos/calypso/internal/common/cache"
 	"github.com/atlasos/calypso/internal/common/config"
 	"github.com/atlasos/calypso/internal/common/database"
@@ -207,8 +208,21 @@ func NewRouter(cfg *config.Config, db *database.DB, log *logger.Logger) *gin.Eng
 				scstGroup.POST("/targets", scstHandler.CreateTarget)
 				scstGroup.POST("/targets/:id/luns", scstHandler.AddLUN)
 				scstGroup.POST("/targets/:id/initiators", scstHandler.AddInitiator)
+				scstGroup.POST("/targets/:id/enable", scstHandler.EnableTarget)
+				scstGroup.POST("/targets/:id/disable", scstHandler.DisableTarget)
+				scstGroup.GET("/initiators", scstHandler.ListAllInitiators)
+				scstGroup.GET("/initiators/:id", scstHandler.GetInitiator)
+				scstGroup.DELETE("/initiators/:id", scstHandler.RemoveInitiator)
+				scstGroup.GET("/extents", scstHandler.ListExtents)
+				scstGroup.POST("/extents", scstHandler.CreateExtent)
+				scstGroup.DELETE("/extents/:device", scstHandler.DeleteExtent)
 				scstGroup.POST("/config/apply", scstHandler.ApplyConfig)
 				scstGroup.GET("/handlers", scstHandler.ListHandlers)
+				scstGroup.GET("/portals", scstHandler.ListPortals)
+				scstGroup.GET("/portals/:id", scstHandler.GetPortal)
+				scstGroup.POST("/portals", scstHandler.CreatePortal)
+				scstGroup.PUT("/portals/:id", scstHandler.UpdatePortal)
+				scstGroup.DELETE("/portals/:id", scstHandler.DeletePortal)
 			}

 			// Physical Tape Libraries
@@ -299,6 +313,19 @@ func NewRouter(cfg *config.Config, db *database.DB, log *logger.Logger) *gin.Eng
 				iamGroup.DELETE("/groups/:id/users/:user_id", iamHandler.RemoveUserFromGroup)
 			}

+			// Backup Jobs
+			backupService := backup.NewService(db, log)
+			// Set database password for dblink connections
+			backupService.SetDatabasePassword(cfg.Database.Password)
+			backupHandler := backup.NewHandler(backupService, log)
+			backupGroup := protected.Group("/backup")
+			backupGroup.Use(requirePermission("backup", "read"))
+			{
+				backupGroup.GET("/jobs", backupHandler.ListJobs)
+				backupGroup.GET("/jobs/:id", backupHandler.GetJob)
+				backupGroup.POST("/jobs", requirePermission("backup", "write"), backupHandler.CreateJob)
+			}
+
 			// Monitoring
 			monitoringHandler := monitoring.NewHandler(db, log, alertService, metricsService, eventHub)
 			monitoringGroup := protected.Group("/monitoring")