Add remote backup user support for non root user. This is experimental patch to hopefully solve https://github.com/usmannasir/cyberpanel/issues/165

2025-11-12 16:26:12 +01:00 · 2020-04-24 13:25:49 -04:00
parent e7e3f2b863
commit 39ee501fda
3 changed files with 117 additions and 108 deletions
--- a/backup/templates/backup/backupDestinations.html
+++ b/backup/templates/backup/backupDestinations.html
@@ -48,6 +48,12 @@
                    </div>
                </div>

+                <div class="form-group">
+                    <label class="col-sm-3 control-label">{% trans "User" %}</label>
+                    <div class="col-sm-6">
+                        <input placeholder="{% trans "Backup server SSH User, leave empty for root." %}" type="text" class="form-control" ng-model="backupSSHPort" required>
+                    </div>
+                </div>

                <div class="form-group">
                    <label class="col-sm-3 control-label"></label>
--- a/plogical/backupSchedule.py
+++ b/plogical/backupSchedule.py
@@ -135,7 +135,7 @@ class backupSchedule:
            return 0, str(msg)

    @staticmethod
-    def createBackup(virtualHost, ipAddress, backupLogPath , port):
+    def createBackup(virtualHost, ipAddress, backupLogPath , port='22', user='root'):
        try:

            backupSchedule.remoteBackupLogging(backupLogPath, "Preparing to create backup for: " + virtualHost)
@@ -152,7 +152,7 @@ class backupSchedule:

                backupSchedule.remoteBackupLogging(backupLogPath, "Preparing to send backup for: " + virtualHost +" to " + ipAddress)

-                backupSchedule.sendBackup(backupPath+".tar.gz", ipAddress, backupLogPath, port)
+                backupSchedule.sendBackup(backupPath+".tar.gz", ipAddress, backupLogPath, port, user)

                backupSchedule.remoteBackupLogging(backupLogPath, "Backup for: " + virtualHost + " is sent to " + ipAddress)

@@ -180,7 +180,7 @@ class backupSchedule:
            logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [backupSchedule.createBackup]")

    @staticmethod
-    def sendBackup(backupPath, IPAddress, backupLogPath , port):
+    def sendBackup(backupPath, IPAddress, backupLogPath , port='22', user='root'):
        try:

            ## IPAddress of local server
@@ -193,7 +193,7 @@ class backupSchedule:
            ##

            writeToFile = open(backupLogPath, "a")
-            command = "sudo scp -o StrictHostKeyChecking=no -P "+port+" -i /root/.ssh/cyberpanel " + backupPath + " root@"+IPAddress+":/home/backup/" + ipAddressLocal + "/" + time.strftime("%a-%b") + "/"
+            command = "sudo scp -o StrictHostKeyChecking=no -P "+port+" -i /root/.ssh/cyberpanel " + backupPath + " " + user + "@" + IPAddress+":~/backup/" + ipAddressLocal + "/" + time.strftime("%a-%b") + "/"
            subprocess.call(shlex.split(command), stdout=writeToFile)

            ## Remove backups already sent to remote destinations
@@ -222,6 +222,10 @@ class backupSchedule:
            data = open(destinations,'r').readlines()
            ipAddress = data[0].strip("\n")
            port = data[1].strip("\n")
+            user = data[2].strip("\n")
+
+            # Set the user to root if not specified aka empty
+            user = user if bool(user) is not False else 'root'

            ## IPAddress of local server

@@ -241,16 +245,16 @@ class backupSchedule:
                                                   "Connection to: " + ipAddress + " Failed, please resetup this destination from CyberPanel, aborting.")
                return 0
            else:
-                ## Create backup dir on remote server
+                ## Create backup dir on remote server in ~/backup

-                command = "sudo ssh -o StrictHostKeyChecking=no -p " + port + " -i /root/.ssh/cyberpanel root@" + ipAddress + " mkdir -p /home/backup/" + ipAddressLocal + "/" + time.strftime(
+                command = "sudo ssh -o StrictHostKeyChecking=no -p " + port + " -i /root/.ssh/cyberpanel " + user + "@" + ipAddress + " mkdir -p ~/backup/" + ipAddressLocal + "/" + time.strftime(
                    "%a-%b")
                subprocess.call(shlex.split(command))
                pass

            for virtualHost in os.listdir("/home"):
                if match(r'^[a-zA-Z0-9-]*[a-zA-Z0-9-]{0,61}[a-zA-Z0-9-](?:\.[a-zA-Z0-9-]{2,})+$', virtualHost, M | I):
-                    backupSchedule.createBackup(virtualHost, ipAddress, backupLogPath, port)
+                    backupSchedule.createBackup(virtualHost, ipAddress, backupLogPath, port, user)


            backupSchedule.remoteBackupLogging(backupLogPath, "Remote backup job completed.\n")
--- a/plogical/backupUtilities.py
+++ b/plogical/backupUtilities.py
@@ -1,6 +1,8 @@
 import os, sys
+
 sys.path.append('/usr/local/CyberCP')
 import django
+
 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "CyberCP.settings")
 try:
    django.setup()
@@ -17,6 +19,7 @@ from multiprocessing import Process
 import signal
 from plogical.installUtilities import installUtilities
 import argparse
+
 try:
    from plogical.virtualHostUtilities import virtualHostUtilities
    from plogical.sslUtilities import sslUtilities
@@ -32,6 +35,7 @@ from shutil import copy
 from distutils.dir_util import copy_tree
 from random import randint
 from plogical.processUtilities import ProcessUtilities
+
 try:
    from websiteFunctions.models import Websites, ChildDomains, Backups
    from databases.models import Databases
@@ -45,6 +49,7 @@ except:
 VERSION = '2.0'
 BUILD = 1

+
 ## I am not the monster that you think I am..

 class backupUtilities:
@@ -193,8 +198,6 @@ class backupUtilities:
                                backupDomain, items.dbName, str(msg)))
                        continue

-
-
                databaseXML = Element('database')

                child = SubElement(databaseXML, 'dbName')
@@ -276,7 +279,6 @@ class backupUtilities:

            ## Email meta generated!

-
            def prettify(elem):
                """Return a pretty-printed XML string for the Element.
                """
@@ -284,8 +286,6 @@ class backupUtilities:
                reparsed = minidom.parseString(rough_string)
                return reparsed.toprettyxml(indent="  ")

-
-
            ## /home/example.com/backup/backup-example.com-02.13.2018_10-24-52/meta.xml -- metaPath

            metaPath = '/tmp/%s' % (str(randint(1000, 9999)))
@@ -298,7 +298,6 @@ class backupUtilities:

            ## meta generated

-
            newBackup = Backups(website=website, fileName=backupName, date=time.strftime("%m.%d.%Y_%H-%M-%S"),
                                size=0, status=1)
            newBackup.save()
@@ -349,7 +348,6 @@ class backupUtilities:

            backupMetaData = ElementTree.parse(metaPathInBackup)

-
            ##### Making archive of home directory

            domainName = backupMetaData.find('masterDomain').text
@@ -366,7 +364,6 @@ class backupUtilities:

            ## Stop making archive of document_root and copy instead

-
            copy_tree('/home/%s/public_html' % domainName, '%s/%s' % (tempStoragePath, 'public_html'))

            # make_archive(os.path.join(tempStoragePath,"public_html"), 'gztar', os.path.join("/home",domainName,"public_html"))
@@ -462,7 +459,8 @@ class backupUtilities:

        domainName = backupMetaData.find('masterDomain').text

-        if os.path.islink(status) or os.path.islink(tempStoragePath or os.path.islink(backupPath)) or os.path.islink(metaPath):
+        if os.path.islink(status) or os.path.islink(tempStoragePath or os.path.islink(backupPath)) or os.path.islink(
+                metaPath):
            logging.CyberCPLogFileWriter.writeToFile('symlinked.')
            logging.CyberCPLogFileWriter.statusWriter(status, 'Symlink attack. [365][5009]')
            return 0
@@ -581,14 +579,11 @@ class backupUtilities:
            if Websites.objects.filter(domain=domain).count() > 0:
                raise BaseException('This website already exists.')

-
            if ChildDomains.objects.filter(domain=domain).count() > 0:
                raise BaseException("This website already exists as child domain.")

-
            ####### Pre-creation checks ends

-
            ## Create Configurations

            result = virtualHostUtilities.createVirtualHost(domain, siteUser.email, phpSelection, externalApp, 0, 1, 0,
@@ -623,7 +618,6 @@ class backupUtilities:
            zone = DNS.getZoneObject(domain)

            for dnsrecord in dnsrecords:
-
                recordType = dnsrecord.find('type').text
                value = dnsrecord.find('name').text
                content = dnsrecord.find('content').text
@@ -631,7 +625,6 @@ class backupUtilities:

                DNS.createDNSRecord(zone, value, recordType, content, prio, 3600)

-
            return 1, 'None'

        except BaseException as msg:
@@ -681,7 +674,6 @@ class backupUtilities:
            backupMetaData = ElementTree.parse(os.path.join(completPath, "meta.xml"))
            masterDomain = backupMetaData.find('masterDomain').text

-
            twoPointO = 0
            try:
                version = backupMetaData.find('VERSION').text
@@ -713,10 +705,10 @@ class backupUtilities:
                        logging.CyberCPLogFileWriter.writeToFile('%s. [555:startRestore]' % (str(msg)))

            else:
-                logging.CyberCPLogFileWriter.statusWriter(status, "Error Message: " + result[1] + ". Not able to create Account, Databases and DNS Records, aborting. [575][5009]")
+                logging.CyberCPLogFileWriter.statusWriter(status, "Error Message: " + result[
+                    1] + ". Not able to create Account, Databases and DNS Records, aborting. [575][5009]")
                return 0

-
            ########### Creating child/sub/addon/parked domains

            logging.CyberCPLogFileWriter.statusWriter(status, "Creating Child Domains!")
@@ -747,7 +739,8 @@ class backupUtilities:
                    phpSelection = childDomain.find('phpSelection').text
                    path = childDomain.find('path').text

-                    retValues = virtualHostUtilities.createDomain(masterDomain, domain, phpSelection, path, 0, 0, 0, 'admin', 0)
+                    retValues = virtualHostUtilities.createDomain(masterDomain, domain, phpSelection, path, 0, 0, 0,
+                                                                  'admin', 0)

                    if retValues[0] == 1:
                        if os.path.exists(websiteHome):
@@ -780,7 +773,8 @@ class backupUtilities:
                                except:
                                    pass
                        except:
-                            logging.CyberCPLogFileWriter.writeToFile('While restoring backup we had minor issues for rebuilding vhost conf for: ' + domain + '. However this will be auto healed.')
+                            logging.CyberCPLogFileWriter.writeToFile(
+                                'While restoring backup we had minor issues for rebuilding vhost conf for: ' + domain + '. However this will be auto healed.')

                        if float(version) > 2.0 or float(build) > 0:
                            if path.find('/home/%s/public_html' % masterDomain) == -1:
@@ -789,7 +783,8 @@ class backupUtilities:
                        continue
                    else:
                        logging.CyberCPLogFileWriter.writeToFile('Error domain %s' % (domain))
-                        logging.CyberCPLogFileWriter.statusWriter(status, "Error Message: " + retValues[1] + ". Not able to create child domains, aborting. [635][5009]")
+                        logging.CyberCPLogFileWriter.statusWriter(status, "Error Message: " + retValues[
+                            1] + ". Not able to create child domains, aborting. [635][5009]")
                        return 0
            except BaseException as msg:
                status = open(os.path.join(completPath, 'status'), "w")
@@ -824,7 +819,8 @@ class backupUtilities:
                    if result[0] == 0:
                        raise BaseException(result[1])
            except BaseException as msg:
-                logging.CyberCPLogFileWriter.statusWriter(status, "Error Message: " + str(msg) +". Not able to create email accounts, aborting. [671][5009]")
+                logging.CyberCPLogFileWriter.statusWriter(status, "Error Message: " + str(
+                    msg) + ". Not able to create email accounts, aborting. [671][5009]")
                logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [startRestore]")
                return 0

@@ -920,7 +916,7 @@ class backupUtilities:
            logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [initiateRestore]")

    @staticmethod
-    def sendKey(IPAddress, password,port):
+    def sendKey(IPAddress, password, port='22', user='root'):
        try:

            expectation = []
@@ -929,7 +925,7 @@ class backupUtilities:
            expectation.append("Permission denied")
            expectation.append("100%")

-            command = "scp -o StrictHostKeyChecking=no -P "+ port +" /root/.ssh/cyberpanel.pub root@" + IPAddress + ":/root/.ssh/authorized_keys"
+            command = "scp -o StrictHostKeyChecking=no -P " + port + " /root/.ssh/cyberpanel.pub " + user + "@" + IPAddress + ":~/.ssh/authorized_keys"
            setupKeys = pexpect.spawn(command, timeout=3)

            index = setupKeys.expect(expectation)
@@ -964,7 +960,7 @@ class backupUtilities:
            return [0, str(msg) + " [sendKey]"]

    @staticmethod
-    def setupSSHKeys(IPAddress, password,port):
+    def setupSSHKeys(IPAddress, password, port='22', user='root'):
        try:
            ## Checking for host verification

@@ -982,7 +978,7 @@ class backupUtilities:
            expectation.append("Permission denied")
            expectation.append("File exists")

-            command = "ssh -o StrictHostKeyChecking=no -p "+ port +" root@"+IPAddress+' "mkdir /root/.ssh || rm -f /root/.ssh/temp && rm -f /root/.ssh/authorized_temp && cp /root/.ssh/authorized_keys /root/.ssh/temp"'
+            command = "ssh -o StrictHostKeyChecking=no -p " + port + user + "@" + IPAddress + ' "mkdir ~/.ssh || rm -f ~/.ssh/temp && rm -f ~/.ssh/authorized_temp && cp ~/.ssh/authorized_keys ~/.ssh/temp"'
            setupKeys = pexpect.spawn(command, timeout=3)

            index = setupKeys.expect(expectation)
@@ -1016,7 +1012,7 @@ class backupUtilities:
            elif index == 2:
                setupKeys.wait()

-                sendKey = backupUtilities.sendKey(IPAddress, password, port)
+                sendKey = backupUtilities.sendKey(IPAddress, password, port, user)

                if sendKey[0] == 1:
                    return [1, "None"]
@@ -1040,7 +1036,7 @@ class backupUtilities:
            logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[checkIfHostIsUp]")

    @staticmethod
-    def checkConnection(IPAddress):
+    def checkConnection(IPAddress, password, port='22', user='root'):
        try:

            try:
@@ -1057,12 +1053,15 @@ class backupUtilities:
            expectation.append(pexpect.EOF)
            expectation.append(pexpect.TIMEOUT)

-            checkConn = pexpect.spawn("sudo ssh -i /root/.ssh/cyberpanel -o StrictHostKeyChecking=no -p "+ port+" root@"+IPAddress, timeout=3)
+            checkConn = pexpect.spawn(
+                "sudo ssh -i /root/.ssh/cyberpanel -o StrictHostKeyChecking=no -p " + port + user + "@" + IPAddress,
+                timeout=3)
            index = checkConn.expect(expectation)

            if index == 0:
                subprocess.call(['kill', str(checkConn.pid)])
-                logging.CyberCPLogFileWriter.writeToFile("Remote Server is not able to authenticate for transfer to initiate, IP Address:" + IPAddress)
+                logging.CyberCPLogFileWriter.writeToFile(
+                    "Remote Server is not able to authenticate for transfer to initiate, IP Address:" + IPAddress)
                return [0, "Remote Server is not able to authenticate for transfer to initiate."]
            elif index == 1:
                subprocess.call(['kill', str(checkConn.pid)])
@@ -1116,7 +1115,6 @@ class backupUtilities:
                expectation.append("password:")
                expectation.append(pexpect.EOF)

-
                innerIndex = setupSSHKeys.expect(expectation)

                if innerIndex == 0:
@@ -1157,16 +1155,16 @@ class backupUtilities:
            return [0, str(msg) + " [verifyHostKey]"]

    @staticmethod
-    def createBackupDir(IPAddress,port):
+    def createBackupDir(IPAddress, port='22', user='root'):

        try:
-            command = "sudo ssh -o StrictHostKeyChecking=no -p "+ port +" -i /root/.ssh/cyberpanel root@"+IPAddress+" mkdir /home/backup"
+            command = "sudo ssh -o StrictHostKeyChecking=no -p " + port + " -i /root/.ssh/cyberpanel " + user + "@" + IPAddress + " mkdir /home/backup"
            subprocess.call(shlex.split(command))

-            command = "sudo ssh -o StrictHostKeyChecking=no -p " + port + " -i /root/.ssh/cyberpanel root@" + IPAddress + ' "cat /root/.ssh/authorized_keys /root/.ssh/temp > /root/.ssh/authorized_temp"'
+            command = "sudo ssh -o StrictHostKeyChecking=no -p " + port + " -i /root/.ssh/cyberpanel " + user + "@" + IPAddress + ' "cat ~/.ssh/authorized_keys ~/.ssh/temp > ~/.ssh/authorized_temp"'
            subprocess.call(shlex.split(command))

-            command = "sudo ssh -o StrictHostKeyChecking=no -p " + port + " -i /root/.ssh/cyberpanel root@" + IPAddress + ' "cat /root/.ssh/authorized_temp > /root/.ssh/authorized_keys"'
+            command = "sudo ssh -o StrictHostKeyChecking=no -p " + port + " -i /root/.ssh/cyberpanel " + user + "@" + IPAddress + ' "cat ~/.ssh/authorized_temp > ~/.ssh/authorized_keys"'
            subprocess.call(shlex.split(command))

        except BaseException as msg:
@@ -1271,10 +1269,8 @@ def submitBackupCreation(tempStoragePath, backupName, backupPath, backupDomain):
            writeToFile.close()
            return 0

-
        result = backupUtilities.prepareBackupMeta(backupDomain, backupName, tempStoragePath, backupPath)

-
        if result[0] == 0:
            writeToFile = open(schedulerPath, 'w')
            writeToFile.writelines('error')
@@ -1287,7 +1283,8 @@ def submitBackupCreation(tempStoragePath, backupName, backupPath, backupDomain):

        execPath = "sudo nice -n 10 /usr/local/CyberCP/bin/python " + virtualHostUtilities.cyberPanel + "/plogical/backupUtilities.py"
        execPath = execPath + " startBackup --tempStoragePath " + tempStoragePath + " --backupName " \
-                   + backupName + " --backupPath " + backupPath + ' --backupDomain ' + backupDomain + ' --metaPath %s' % (result[2])
+                   + backupName + " --backupPath " + backupPath + ' --backupDomain ' + backupDomain + ' --metaPath %s' % (
+                       result[2])

        output = ProcessUtilities.outputExecutioner(execPath, website.externalApp)
        if output.find('[5009') > -1:
@@ -1340,6 +1337,7 @@ def submitBackupCreation(tempStoragePath, backupName, backupPath, backupDomain):
        logging.CyberCPLogFileWriter.writeToFile(
            str(msg) + "  [submitBackupCreation]")

+
 def cancelBackupCreation(backupCancellationDomain, fileName):
    try:

@@ -1374,6 +1372,7 @@ def cancelBackupCreation(backupCancellationDomain,fileName):
            str(msg) + "  [cancelBackupCreation]")
        print("0," + str(msg))

+
 def submitRestore(backupFile, dir):
    try:

@@ -1387,11 +1386,12 @@ def submitRestore(backupFile,dir):
            str(msg) + "  [cancelBackupCreation]")
        print("0," + str(msg))

-def submitDestinationCreation(ipAddress, password, port):
-    setupKeys = backupUtilities.setupSSHKeys(ipAddress, password, port)
+
+def submitDestinationCreation(ipAddress, password, port='22', user='root'):
+    setupKeys = backupUtilities.setupSSHKeys(ipAddress, password, port, user)

    if setupKeys[0] == 1:
-        backupUtilities.createBackupDir(ipAddress, port)
+        backupUtilities.createBackupDir(ipAddress, port, user)
        print("1,None")
    else:
        print(setupKeys[1])
@@ -1409,8 +1409,8 @@ def getConnectionStatus(ipAddress):
    except BaseException as msg:
        print(str(msg))

-def main():

+def main():
    parser = argparse.ArgumentParser(description='CyberPanel Installer')
    parser.add_argument('function', help='Specific a function to call!')
    parser.add_argument('--tempStoragePath', help='')
@@ -1424,6 +1424,7 @@ def main():
    parser.add_argument('--ipAddress', help='')
    parser.add_argument('--password', help='')
    parser.add_argument('--port', help='')
+    parser.add_argument('--user', help='')

    ## backup cancellation arguments

@@ -1435,9 +1436,6 @@ def main():
    parser.add_argument('--backupFile', help='')
    parser.add_argument('--dir', help='')

-
-
-
    args = parser.parse_args()

    if args.function == "submitBackupCreation":
@@ -1447,7 +1445,7 @@ def main():
    elif args.function == "submitRestore":
        submitRestore(args.backupFile, args.dir)
    elif args.function == "submitDestinationCreation":
-        submitDestinationCreation(args.ipAddress, args.password, args.port)
+        submitDestinationCreation(args.ipAddress, args.password, args.port, args.user)
    elif args.function == "getConnectionStatus":
        getConnectionStatus(args.ipAddress)
    elif args.function == "startBackup":
@@ -1455,5 +1453,6 @@ def main():
    elif args.function == "BackupRoot":
        backupUtilities.BackupRoot(args.tempStoragePath, args.backupName, args.backupPath, args.metaPath)

+
 if __name__ == "__main__":
    main()