alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3c9727162a15aa2af0da8e1087e7e816a4ce147d
tiny-forge/internal/api/backups.go
T
alexei.dolgolyov 3c9727162a fix: address review findings for backup management 
- HIGH: Add sync.Mutex to backup Engine to prevent concurrent
  backup/restore operations
- HIGH: Restore uses io.Copy instead of ReadFile to avoid OOM on
  large databases
- HIGH: Send HTTP response before closing DB during restore, then
  perform destructive operations in a goroutine
- HIGH: Create pre-restore safety backup before overwriting database
- HIGH: Autobackup cron reschedules dynamically when settings change
  via callback pattern (same as DNS provider changes)
2026-04-02 15:39:54 +03:00

172 lines
4.7 KiB
Go
Raw Blame History

package api
import (
"io"
"log/slog"
"net/http"
"os"
"path/filepath"
"time"
"github.com/alexei/docker-watcher/internal/store"
"github.com/go-chi/chi/v5"
)
// listBackups handles GET /api/backups.
func (s *Server) listBackups(w http.ResponseWriter, r *http.Request) {
if s.backupEngine == nil {
respondError(w, http.StatusServiceUnavailable, "backup engine not initialized")
return
}
backups, err := s.backupEngine.ListBackups()
if err != nil {
respondError(w, http.StatusInternalServerError, "failed to list backups: "+err.Error())
return
}
if backups == nil {
backups = []store.Backup{}
}
respondJSON(w, http.StatusOK, backups)
}
// triggerBackup handles POST /api/backups.
func (s *Server) triggerBackup(w http.ResponseWriter, r *http.Request) {
if s.backupEngine == nil {
respondError(w, http.StatusServiceUnavailable, "backup engine not initialized")
return
}
backup, err := s.backupEngine.CreateBackup("manual")
if err != nil {
respondError(w, http.StatusInternalServerError, "failed to create backup: "+err.Error())
return
}
// Prune after manual backup too.
settings, err := s.store.GetSettings()
if err == nil && settings.BackupRetentionCount > 0 {
s.backupEngine.Prune(settings.BackupRetentionCount)
}
respondJSON(w, http.StatusCreated, backup)
}
// downloadBackup handles GET /api/backups/{id}/download.
func (s *Server) downloadBackup(w http.ResponseWriter, r *http.Request) {
if s.backupEngine == nil {
respondError(w, http.StatusServiceUnavailable, "backup engine not initialized")
return
}
id := chi.URLParam(r, "id")
backup, err := s.backupEngine.GetBackup(id)
if err != nil {
respondError(w, http.StatusNotFound, "backup not found")
return
}
filePath := s.backupEngine.FilePath(backup)
if _, err := os.Stat(filePath); err != nil {
respondError(w, http.StatusNotFound, "backup file not found on disk")
return
}
w.Header().Set("Content-Type", "application/octet-stream")
w.Header().Set("Content-Disposition", "attachment; filename=\""+filepath.Base(backup.Filename)+"\"")
http.ServeFile(w, r, filePath)
}
// deleteBackup handles DELETE /api/backups/{id}.
func (s *Server) deleteBackup(w http.ResponseWriter, r *http.Request) {
if s.backupEngine == nil {
respondError(w, http.StatusServiceUnavailable, "backup engine not initialized")
return
}
id := chi.URLParam(r, "id")
if err := s.backupEngine.DeleteBackup(id); err != nil {
respondError(w, http.StatusInternalServerError, "failed to delete backup: "+err.Error())
return
}
respondJSON(w, http.StatusOK, map[string]string{"status": "deleted"})
}
// restoreBackup handles POST /api/backups/{id}/restore.
// This replaces the current database with the backup and triggers a graceful shutdown.
func (s *Server) restoreBackup(w http.ResponseWriter, r *http.Request) {
if s.backupEngine == nil {
respondError(w, http.StatusServiceUnavailable, "backup engine not initialized")
return
}
id := chi.URLParam(r, "id")
restorePath, err := s.backupEngine.RestorePath(id)
if err != nil {
respondError(w, http.StatusNotFound, "backup not found: "+err.Error())
return
}
// Create a safety backup before restore so the user can undo if needed.
if _, err := s.backupEngine.CreateBackup("pre-restore"); err != nil {
slog.Warn("failed to create pre-restore backup", "error", err)
}
// Send the response BEFORE closing the DB so the client gets confirmation.
respondJSON(w, http.StatusOK, map[string]any{
"status": "restoring",
"message": "Database restore initiated. The server will restart shortly.",
})
// Flush the response.
if f, ok := w.(http.Flusher); ok {
f.Flush()
}
// Perform the destructive restore in a goroutine with a brief delay
// to allow the HTTP response to be fully sent.
go func() {
time.Sleep(500 * time.Millisecond)
// Close the current database to release locks.
if err := s.store.Close(); err != nil {
slog.Error("restore: failed to close database", "error", err)
return
}
// Copy the backup file over the main database using streaming (no full read into memory).
src, err := os.Open(restorePath)
if err != nil {
slog.Error("restore: failed to open backup file", "error", err)
return
}
defer src.Close()
dst, err := os.Create(s.dbPath)
if err != nil {
slog.Error("restore: failed to create database file", "error", err)
return
}
defer dst.Close()
if _, err := io.Copy(dst, src); err != nil {
slog.Error("restore: failed to copy backup to database", "error", err)
return
}
// Remove WAL and SHM files to ensure clean state.
os.Remove(s.dbPath + "-wal")
os.Remove(s.dbPath + "-shm")
slog.Info("restore: database replaced, triggering shutdown")
// Signal the server to shut down gracefully so it can be restarted.
if s.shutdownFunc != nil {
s.shutdownFunc()
}
}()
}
Reference in New Issue View Git Blame Copy Permalink