GithubBackup/BackupX
1
0
Fork 0
mirror of https://github.com/Awuqing/BackupX.git synced 2026-06-25 11:33:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: GithubBackup:Awuqing-patch-1
Branches Tags
GithubBackup:main GithubBackup:dependabot/go_modules/server/go_modules-0f93154ceb GithubBackup:dependabot/npm_and_yarn/docs-site/npm_and_yarn-ec11a7fa7b GithubBackup:chore/ci-permissions GithubBackup:feat/complete-mfa-support GithubBackup:feat/one-click-agent-deploy GithubBackup:fix/storage-type-dropdown GithubBackup:feat/docker-auto-update GithubBackup:feat/system-update GithubBackup:fix/comprehensive-improvements GithubBackup:fix/upload-retry GithubBackup:feat/full-rclone-backends GithubBackup:fix/cron-input-redesign GithubBackup:fix/cron-input-ux GithubBackup:fix/audit-and-version GithubBackup:fix/critical-storage-bugs GithubBackup:feat/rclone-advanced-features GithubBackup:refactor/rclone-storage GithubBackup:feat/docker-support GithubBackup:Awuqing-patch-1 GithubBackup:feat/saphana-backup-data GithubBackup:feat/saphana-ftp-support
GithubBackup:v2.3.5 GithubBackup:v2.3.4 GithubBackup:v2.3.3 GithubBackup:v2.3.2 GithubBackup:v2.3.1 GithubBackup:v2.3.0 GithubBackup:v2.2.1 GithubBackup:v2.2.0 GithubBackup:v2.1.0 GithubBackup:v2.0.0 GithubBackup:v1.6.0 GithubBackup:v1.5.0 GithubBackup:v1.4.3 GithubBackup:v1.4.2 GithubBackup:v1.4.1 GithubBackup:v1.4.0 GithubBackup:v1.3.6 GithubBackup:v1.3.5 GithubBackup:v1.3.4 GithubBackup:v1.3.2 GithubBackup:v1.3.1 GithubBackup:v1.3.0 GithubBackup:v1.2.2 GithubBackup:V1.2.1 GithubBackup:V1.2.0 GithubBackup:V1.1.0 GithubBackup:V1.0.0
...
compare: GithubBackup:v1.2.2
Branches Tags
GithubBackup:dependabot/go_modules/server/go_modules-0f93154ceb GithubBackup:dependabot/npm_and_yarn/docs-site/npm_and_yarn-ec11a7fa7b GithubBackup:main GithubBackup:chore/ci-permissions GithubBackup:feat/complete-mfa-support GithubBackup:feat/one-click-agent-deploy GithubBackup:fix/storage-type-dropdown GithubBackup:feat/docker-auto-update GithubBackup:feat/system-update GithubBackup:fix/comprehensive-improvements GithubBackup:fix/upload-retry GithubBackup:feat/full-rclone-backends GithubBackup:fix/cron-input-redesign GithubBackup:fix/cron-input-ux GithubBackup:fix/audit-and-version GithubBackup:fix/critical-storage-bugs GithubBackup:feat/rclone-advanced-features GithubBackup:refactor/rclone-storage GithubBackup:feat/docker-support GithubBackup:Awuqing-patch-1 GithubBackup:feat/saphana-backup-data GithubBackup:feat/saphana-ftp-support
GithubBackup:v2.3.5 GithubBackup:v2.3.4 GithubBackup:v2.3.3 GithubBackup:v2.3.2 GithubBackup:v2.3.1 GithubBackup:v2.3.0 GithubBackup:v2.2.1 GithubBackup:v2.2.0 GithubBackup:v2.1.0 GithubBackup:v2.0.0 GithubBackup:v1.6.0 GithubBackup:v1.5.0 GithubBackup:v1.4.3 GithubBackup:v1.4.2 GithubBackup:v1.4.1 GithubBackup:v1.4.0 GithubBackup:v1.3.6 GithubBackup:v1.3.5 GithubBackup:v1.3.4 GithubBackup:v1.3.2 GithubBackup:v1.3.1 GithubBackup:v1.3.0 GithubBackup:v1.2.2 GithubBackup:V1.2.1 GithubBackup:V1.2.0 GithubBackup:V1.1.0 GithubBackup:V1.0.0

18 Commits
Awuqing-pa ... v1.2.2

Author SHA1 Message Date
Wu Qing
7c81810019 Merge pull request #21 from Awuqing/feat/community-enhancements 
feat: community enhancements, CI/CD pipeline, and backup integrity verification
 2026-03-31 13:23:11 +08:00
Awuqing
deb7cf9a5e fix(test): use test TempDir for backup execution tests 
The test passed an empty tempDir which defaulted to /tmp/backupx —
a directory that does not exist in CI runners. Use t.TempDir() based
path instead so the test is self-contained.
 2026-03-31 13:20:11 +08:00
Awuqing
ad5c25f38e refactor: single-pass hashing during upload via TeeReader 
Previous approach read the file twice (once for SHA-256, once for upload),
doubling disk I/O. Under concurrent multi-target uploads this becomes a
bottleneck.

New design — hashingReader wraps io.TeeReader + sha256.Hash:
  file.Read() → TeeReader → sha256.Write() (hash) + provider (upload)
Single read pass yields both byte count and SHA-256 simultaneously.

Each upload goroutine independently opens the file and computes its own
hash. The first successful target writes checksum to the record via
sync.Once. Zero extra disk I/O, zero extra memory copies, fully
concurrent-safe.
 2026-03-31 13:08:10 +08:00
Awuqing
7568d8a2a2 refactor: use CountingReader for upload integrity instead of List API 
List()-based size check depends on the storage backend returning accurate
file sizes, which is not guaranteed (some WebDAV/Google Drive impls may
return 0 or omit the size field).

New approach: wrap the upload io.Reader with a CountingReader that counts
bytes as they flow through during upload. After upload completes, compare
counter.n against the expected fileSize. This is:
- Zero extra network calls (no List, no Download)
- Zero extra CPU/memory overhead (just an int64 increment per Read)
- Storage-backend agnostic (works with any provider)

If bytes transmitted != expected size → mark failed + auto-delete remote.
 2026-03-31 12:40:12 +08:00
Awuqing
e5a4aaadb2 refactor: replace download-based hash verification with lightweight size check 
The previous approach downloaded the entire backup file after upload to
compute a remote SHA-256, which doubles bandwidth cost for every backup.

New approach:
- Local SHA-256 is still computed before upload (stored in record for audit)
- After upload, use provider.List() to check remote file size (single API call)
- If remote size is 0 or mismatches local size → mark failed + auto-delete
- If List() fails, log a warning but don't block (file may have uploaded fine)

This catches 0KB corrupted uploads with zero download overhead.
 2026-03-31 12:36:29 +08:00
Awuqing
51f1909a73 feat: add SHA-256 checksum verification for backup integrity 
Addresses community feedback about 0KB corrupted backup files going
undetected after upload.

Implementation:
- Compute SHA-256 hash of final artifact (after compress/encrypt) before upload
- After each storage target upload, download the file back and verify
  the hash matches the local checksum
- If verification fails: mark that target as failed, auto-delete the
  corrupted remote file, and log detailed mismatch info
- Store checksum in BackupRecord model (new `checksum` column)
- Display truncated SHA-256 with copy button in backup records UI

Verification flow per storage target:
  local SHA-256 → upload → download → remote SHA-256 → compare
  - match: mark success
  - mismatch: mark failed + delete corrupted remote file
 2026-03-31 07:46:12 +08:00
Wu Qing
f1c7abfcc0 Merge pull request #20 from Awuqing/feat/community-enhancements 
fix: directory picker cannot navigate into subdirectories (#19)
 2026-03-31 00:37:50 +08:00
Awuqing
4407fdf731 fix: directory picker cannot navigate into subdirectories (#19) 
Root cause: ArcoDesign Tree loadMore callback receives NodeInstance where
the key is at node.props.dataRef.key, not node.props.key. The old code
passed node.props directly which resulted in undefined key, causing
child directory loading to silently fail.

Fix:
- Access node key via node.props.dataRef?.key ?? node.props._key
- Add showLine + blockNode + folder icons for better visual hierarchy
- Add path display with copy button in selection modal
- Add unmountOnExit to reset state on close

Closes #19
 2026-03-31 00:32:02 +08:00
Wu Qing
bf799b3bf3 Merge pull request #18 from Awuqing/feat/community-enhancements 
Feat/community enhancements
 2026-03-31 00:22:08 +08:00
Awuqing
7e5542cae3 docs: update Docker deployment to use published image from Docker Hub 
- docker-compose.yml: change from local build to awuqing/backupx:latest
  with clear comments for mounting host volumes
- README: Docker quick start now uses `docker run` / `docker compose`
  directly without cloning the repo first
- Add Docker Hub badge and link to awuqing/backupx
- Keep source build instructions as a separate option
 2026-03-31 00:16:31 +08:00
Awuqing
01fd87f029 docs: restructure README with user-friendly guides and deployment instructions 
Rewrite both README.md and README_EN.md:
- Reorganize around user journey: install → setup → add storage → create task → monitor
- Add step-by-step "Quick Start" guide (5 steps from zero to first backup)
- Add storage target config reference table
- Consolidate duplicate deployment sections into single "Deployment Guide"
- Remove redundant password reset entries (was listed twice)
- Move Project Structure / Architecture to end (dev-facing, not user-facing)
- Compact API reference table (remove verbose endpoint prefixes)
- Add screenshot grid layout for better visual impact
 2026-03-31 00:10:06 +08:00
Wu Qing
00b153b5e1 Merge pull request #17 from Awuqing/feat/community-enhancements 
ci: add automated release pipeline with Docker Hub push and China mir…
 2026-03-30 23:45:13 +08:00
Awuqing
f201b7633a ci: add automated release pipeline with Docker Hub push and China mirror support 
- Fix Go/Node version mismatch in CI (1.21→1.25, 18→20)
- Rewrite release.yml: 3-job pipeline (frontend → binary release + Docker push)
  - Supports both tag push and manual workflow_dispatch trigger
  - Builds linux/amd64 + linux/arm64 binaries → GitHub Release tar.gz
  - Builds multi-arch Docker image → Docker Hub (awuqing/backupx)
- Dockerfile: add ARG USE_CHINA_MIRROR for China network acceleration
  (npm→npmmirror, go→goproxy.cn, apk→aliyun), add ARG VERSION injection
- Makefile: auto version from git tag, add docker/docker-cn targets
- README: add beginner-friendly China build guide and release instructions
 2026-03-30 23:32:14 +08:00
Wu Qing
4bf89ae7e5 Merge pull request #16 from Awuqing/feat/community-enhancements 
feat: community enhancements — password reset, audit logs, multi-source backup
 2026-03-30 23:10:07 +08:00
Awuqing
09698cc767 feat: add community enhancements — password reset, audit logs, multi-source backup 
Three community-requested features:

1. CLI password reset: `backupx reset-password --username admin --password xxx`
   Docker users can run via `docker exec`. No full app init needed.

2. Audit logging: async fire-and-forget audit trail for all key operations
   (login, CRUD on tasks/targets/records, settings changes).
   New UI page at /audit with category filter and pagination.

3. Multi-source path backup: file backup tasks now support multiple source
   directories packed into a single tar archive. Backward compatible with
   existing single sourcePath field.
 2026-03-30 23:04:37 +08:00
Wu Qing
3e476c401a Merge pull request #15 from Awuqing/feat/docker-support 
feat: add Docker deployment support
 2026-03-30 12:33:43 +08:00
Awuqing
b01828e3b4 feat: add Docker deployment support 
- Multi-stage Dockerfile (Node build + Go build + Alpine runtime)
- docker-compose.yml with named volume for data persistence
- In-container Nginx reverse proxy (static files + API)
- Entrypoint script for graceful process management
- .dockerignore for optimized build context
- Updated README (zh/en) with Docker quick start and deployment docs

Closes #14
 2026-03-30 07:56:15 +08:00
Wu Qing
5cc5b067fd Merge pull request #12 from Awuqing/Awuqing-patch-1 
Update SAP HANA tool description in README
 2026-03-24 23:39:20 +08:00
57 changed files with 2731 additions and 1117 deletions
Expand all files Collapse all files

26
.dockerignore Normal file
View File

@@ -0,0 +1,26 @@
# Dependencies
web/node_modules/
# Build artifacts
server/bin/
web/dist/
# Data & logs
data/
*.db
*.log
# IDE & OS
.idea/
.vscode/
*.swp
*.swo
.DS_Store
# Git
.git/
.github/
# Docker
Dockerfile
docker-compose*.yml

4
.github/workflows/ci.yml vendored
View File

@@ -16,7 +16,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: '1.21'
go-version: '1.25'
cache-dependency-path: server/go.sum
- name: Build
@@ -36,7 +36,7 @@ jobs:
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
node-version: '20'
cache: 'npm'
cache-dependency-path: web/package-lock.json

145
.github/workflows/release.yml vendored
View File

@@ -1,63 +1,154 @@
# 自动化发版流水线
#
# 触发方式:
# 1. 推送 taggit tag v1.2.3 && git push --tags
# 2. 手动触发GitHub Actions 页面 → Run workflow → 输入版本号
#
# 产出物:
# - GitHub Releaselinux/amd64 + linux/arm64 预编译 tar.gz
# - Docker Hubawuqing/backupx:latest + awuqing/backupx:v1.2.3(多架构)
#
# 前置配置:
# 在仓库 Settings → Secrets → Actions 添加:
# - DOCKERHUB_USERNAMEDocker Hub 用户名)
# - DOCKERHUB_TOKENDocker Hub Access Token
name: Release
on:
push:
tags:
- 'v*'
workflow_dispatch:
inputs:
version:
description: '版本号(如 v1.2.3'
required: true
type: string
permissions:
contents: write
packages: write
# 统一版本号tag 推送取 ref_name手动触发取 inputs.version
env:
VERSION: ${{ github.event.inputs.version || github.ref_name }}
jobs:
release:
name: Build & Release
# ─── Job 1: 构建前端 ───
build-web:
name: Build Frontend
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
cache-dependency-path: web/package-lock.json
- name: Install & Build
working-directory: web
run: |
npm ci
npm run build
- name: Upload frontend artifact
uses: actions/upload-artifact@v4
with:
name: web-dist
path: web/dist
retention-days: 1
# ─── Job 2: 预编译二进制 → GitHub Release ───
build-release:
name: Build ${{ matrix.goarch }}
needs: build-web
runs-on: ubuntu-latest
strategy:
matrix:
goos: [linux]
goarch: [amd64, arm64]
include:
- goos: linux
goarch: amd64
- goos: linux
goarch: arm64
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: '1.21'
go-version: '1.25'
cache-dependency-path: server/go.sum
- name: Set up Node.js
uses: actions/setup-node@v4
- name: Download frontend artifact
uses: actions/download-artifact@v4
with:
node-version: '18'
cache: 'npm'
cache-dependency-path: web/package-lock.json
name: web-dist
path: web/dist
- name: Build frontend
working-directory: web
run: |
npm ci
npm run build
- name: Build backend
- name: Build binary
working-directory: server
env:
GOOS: ${{ matrix.goos }}
GOARCH: ${{ matrix.goarch }}
CGO_ENABLED: 1
CGO_ENABLED: '0'
run: |
go build -ldflags "-s -w -X main.version=${{ github.ref_name }}" -o ../backupx-${{ matrix.goos }}-${{ matrix.goarch }} ./cmd/backupx
go build \
-trimpath \
-ldflags "-s -w -X main.version=${{ env.VERSION }}" \
-o ../backupx \
./cmd/backupx
- name: Package release
run: |
mkdir -p release
cp backupx-${{ matrix.goos }}-${{ matrix.goarch }} release/
cp -r web/dist release/web
cp server/config.example.yaml release/
cp deploy/install.sh release/ 2>/dev/null || true
cd release && tar czf ../backupx-${{ github.ref_name }}-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz .
ARCHIVE_NAME="backupx-${{ env.VERSION }}-${{ matrix.goos }}-${{ matrix.goarch }}"
mkdir -p "${ARCHIVE_NAME}"
cp backupx "${ARCHIVE_NAME}/"
cp -r web/dist "${ARCHIVE_NAME}/web"
cp server/config.example.yaml "${ARCHIVE_NAME}/"
cp deploy/install.sh "${ARCHIVE_NAME}/" 2>/dev/null || true
tar czf "${ARCHIVE_NAME}.tar.gz" "${ARCHIVE_NAME}"
- name: Upload Release Asset
- name: Upload to GitHub Release
uses: softprops/action-gh-release@v2
with:
files: backupx-${{ github.ref_name }}-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz
tag_name: ${{ env.VERSION }}
files: backupx-${{ env.VERSION }}-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz
generate_release_notes: true
# ─── Job 3: Docker 多架构 → Docker Hub ───
build-docker:
name: Build & Push Docker
needs: build-web
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build & Push
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
build-args: |
VERSION=${{ env.VERSION }}
tags: |
${{ secrets.DOCKERHUB_USERNAME }}/backupx:latest
${{ secrets.DOCKERHUB_USERNAME }}/backupx:${{ env.VERSION }}
cache-from: type=gha
cache-to: type=gha,mode=max

92
Dockerfile Normal file
View File

@@ -0,0 +1,92 @@
# BackupX 多阶段构建
#
# 用法:
# 国际构建默认docker build -t backupx .
# 国内加速构建: docker build --build-arg USE_CHINA_MIRROR=true -t backupx .
# 注入版本号: docker build --build-arg VERSION=v1.2.3 -t backupx .
# 全局构建参数
ARG USE_CHINA_MIRROR=false
# ---- Stage 1: Build frontend ----
FROM node:20-alpine AS web-builder
ARG USE_CHINA_MIRROR
# 国内镜像npm 使用淘宝源
RUN if [ "$USE_CHINA_MIRROR" = "true" ]; then \
npm config set registry https://registry.npmmirror.com; \
fi
WORKDIR /build/web
COPY web/package.json web/package-lock.json ./
RUN npm ci
COPY web/ ./
RUN npm run build
# ---- Stage 2: Build backend ----
FROM golang:1.25-alpine AS server-builder
ARG USE_CHINA_MIRROR
ARG VERSION=dev
# 国内镜像Go 模块使用七牛代理
RUN if [ "$USE_CHINA_MIRROR" = "true" ]; then \
go env -w GOPROXY=https://goproxy.cn,direct; \
fi
WORKDIR /build/server
COPY server/go.mod server/go.sum ./
RUN go mod download
COPY server/ ./
RUN CGO_ENABLED=0 go build -trimpath -ldflags="-s -w -X main.version=${VERSION}" -o backupx ./cmd/backupx
# ---- Stage 3: Production image ----
FROM alpine:3.21
ARG USE_CHINA_MIRROR
# 国内镜像Alpine apk 使用阿里云源
RUN if [ "$USE_CHINA_MIRROR" = "true" ]; then \
sed -i 's|dl-cdn.alpinelinux.org|mirrors.aliyun.com|g' /etc/apk/repositories; \
fi
RUN apk add --no-cache \
nginx \
tzdata \
ca-certificates \
# Required by mysql/postgresql backup tasks
mysql-client \
postgresql16-client \
&& rm -rf /var/cache/apk/*
# Create app user
RUN addgroup -S backupx && adduser -S -G backupx -h /app backupx
# Copy backend binary
COPY --from=server-builder /build/server/backupx /app/bin/backupx
# Copy frontend static files
COPY --from=web-builder /build/web/dist /app/web
# Copy nginx config
COPY deploy/docker/nginx.conf /etc/nginx/http.d/default.conf
# Copy entrypoint
COPY deploy/docker/entrypoint.sh /app/entrypoint.sh
RUN chmod +x /app/entrypoint.sh
# Create data directories
RUN mkdir -p /app/data /tmp/backupx && \
chown -R backupx:backupx /app /tmp/backupx
# Nginx needs to write to these dirs
RUN mkdir -p /var/lib/nginx/tmp /var/log/nginx && \
chown -R backupx:backupx /var/lib/nginx /var/log/nginx /run/nginx
WORKDIR /app
EXPOSE 8340
VOLUME ["/app/data"]
ENTRYPOINT ["/app/entrypoint.sh"]

23
Makefile
View File

@@ -1,22 +1,25 @@
.PHONY: build dev test clean
.PHONY: build dev test clean docker docker-cn
# 一次性构建前后端
# 自动获取版本号(从 git tag 或 commit hash
VERSION ?= $(shell git describe --tags --always --dirty 2>/dev/null || echo dev)
# ── 一键构建 ──
build: build-server build-web
build-server:
cd server && go build -o bin/backupx ./cmd/backupx
cd server && CGO_ENABLED=0 go build -trimpath -ldflags "-s -w -X main.version=$(VERSION)" -o bin/backupx ./cmd/backupx
build-web:
cd web && npm run build
# 开发模式(分别在两个终端运行)
# ── 开发模式(分别在两个终端运行)──
dev-server:
cd server && go run ./cmd/backupx
dev-web:
cd web && npm run dev
# 运行所有测试
# ── 测试 ──
test: test-server test-web
test-server:
@@ -25,6 +28,14 @@ test-server:
test-web:
cd web && npm run test
# 清理构建产物
# ── Docker 构建 ──
docker:
docker build --build-arg VERSION=$(VERSION) -t backupx:$(VERSION) -t backupx:latest .
# 国内加速构建(使用国内镜像源)
docker-cn:
docker build --build-arg VERSION=$(VERSION) --build-arg USE_CHINA_MIRROR=true -t backupx:$(VERSION) -t backupx:latest .
# ── 清理 ──
clean:
rm -rf server/bin web/dist

643
README.md
View File

@@ -2,405 +2,197 @@
<a href="README_EN.md">English</a> | <strong>中文</strong>
</p>
<p align="center">
<h1 align="center">🛡️ BackupX</h1>
<h1 align="center">BackupX</h1>
<p align="center">
<strong>Self-hosted Server Backup Management Platform with Web UI</strong>
</p>
<p align="center">
<a href="#features">Features</a> •
<a href="#quick-start">Quick Start</a> •
<a href="#configuration">Configuration</a> •
<a href="#architecture">Architecture</a> •
<a href="#cluster-mode">Cluster</a> •
<a href="#development">Development</a> •
<a href="#api-reference">API</a>
<strong>自托管服务器备份管理平台</strong><br>
一个二进制,一条命令,管好你所有服务器的备份。
</p>
<p align="center">
<a href="https://github.com/Awuqing/BackupX/stargazers"><img src="https://img.shields.io/github/stars/Awuqing/BackupX?style=flat-square&color=f5c542" alt="Stars"></a>
<a href="https://github.com/Awuqing/BackupX/releases"><img src="https://img.shields.io/github/v/release/Awuqing/BackupX?style=flat-square&color=brightgreen" alt="Release"></a>
<img src="https://img.shields.io/badge/Go-1.21+-00ADD8?style=flat-square&logo=go" alt="Go">
<img src="https://img.shields.io/badge/Go-1.25+-00ADD8?style=flat-square&logo=go" alt="Go">
<img src="https://img.shields.io/badge/React-18-61DAFB?style=flat-square&logo=react" alt="React">
<img src="https://img.shields.io/badge/TypeScript-5-3178C6?style=flat-square&logo=typescript" alt="TypeScript">
<img src="https://img.shields.io/badge/SQLite-embedded-003B57?style=flat-square&logo=sqlite" alt="SQLite">
<a href="LICENSE"><img src="https://img.shields.io/github/license/Awuqing/BackupX?style=flat-square" alt="License"></a>
<a href="https://github.com/Awuqing/BackupX/issues"><img src="https://img.shields.io/github/issues/Awuqing/BackupX?style=flat-square" alt="Issues"></a>
</p>
</p>
---
BackupX 是一个面向 **Linux / macOS 服务器**的自托管备份管理平台。通过企业级 Web 控制台,轻松配置目录备份、数据库备份,并将备份文件安全存储到阿里云 OSS、腾讯云 COS、七牛云 Kodo、Google Drive、S3 兼容存储、WebDAV、FTP/FTPS 或本地磁盘。
<table>
<tr>
<td width="50%"><img src="screenshots/dashboard.png" alt="仪表盘"></td>
<td width="50%"><img src="screenshots/backup-tasks.png" alt="备份任务"></td>
</tr>
<tr>
<td><img src="screenshots/storage-targets.png" alt="存储目标"></td>
<td><img src="screenshots/backup-records.png" alt="备份记录"></td>
</tr>
</table>
支持 **多节点集群管理**,可统一管控分布在不同服务器上的备份任务。
## 功能亮点
> **适用人群**:拥有 Linux 服务器的个人开发者 / 小团队 / 企业运维
| 能力 | 说明 |
|------|------|
| **备份类型** | 文件/目录多源路径、MySQL、PostgreSQL、SQLite、SAP HANA |
| **存储后端** | 阿里云 OSS、腾讯云 COS、七牛云、S3 兼容(AWS/MinIO/R2)、Google Drive、WebDAV、FTP/FTPS、本地磁盘 |
| **自动调度** | Cron 定时 + 可视化编辑器 + 自动保留策略(按天数/份数清理) |
| **多节点** | Master-Agent 集群,统一管理多台服务器的备份 |
| **安全** | JWT + bcrypt + AES-256-GCM 加密配置 + 可选备份文件加密 + 审计日志 |
| **通知** | 邮件 / Webhook / Telegram备份成功或失败时自动推送 |
| **部署** | 单二进制 + 内嵌 SQLiteDocker 一键启动,零外部依赖 |
## Screenshots
---
### 登录页面
![登录页面](screenshots/login.png)
## 快速开始
### 仪表盘
![仪表盘](screenshots/dashboard.png)
### 1. 安装
### 备份任务
![备份任务](screenshots/backup-tasks.png)
### 备份记录
![备份记录](screenshots/backup-records.png)
### 存储目标
![存储目标](screenshots/storage-targets.png)
### 节点管理
![节点管理](screenshots/nodes.png)
### 通知配置
![通知配置](screenshots/notifications.png)
### 系统设置
![系统设置](screenshots/settings.png)
## Features
### 📦 多种备份类型
- **文件/目录** — 支持自定义排除规则(如 `node_modules``*.log`
- **MySQL** — 通过 `mysqldump` 原生工具
- **SQLite** — 安全文件拷贝
- **PostgreSQL** — 通过 `pg_dump` 原生工具
- **SAP HANA** — 通过 `hdbsql+backint` (支持多租户数据库)
### ☁️ 多云存储后端
| 厂商 | 类型 | 说明 |
|------|------|------|
| 🇨🇳 **阿里云 OSS** | `aliyun_oss` | 自动组装 Endpoint支持内网传输 |
| 🇨🇳 **腾讯云 COS** | `tencent_cos` | 自动组装 Endpoint |
| 🇨🇳 **七牛云 Kodo** | `qiniu_kodo` | 6 大区域精确映射 |
| 🌍 **S3 Compatible** | `s3` | AWS S3 / MinIO / Cloudflare R2 等 |
| 🌍 **Google Drive** | `google_drive` | 完整 OAuth 2.0 授权流程 |
| 🌍 **WebDAV** | `webdav` | 坚果云 / Nextcloud 等 |
| 🌍 **FTP / FTPS** | `ftp` | 标准 FTP 协议,支持 Explicit TLS 加密 |
| 💾 **本地磁盘** | `local_disk` | 备份到服务器本地目录 |
> 国内云厂商仅需填写 **Region** 和 **AccessKey**,系统自动完成 Endpoint 组装,底层复用 S3 引擎零额外依赖。
### 🖥️ 集群管理 (Master-Agent)
- **节点管理** — 注册远程服务器节点Token 认证
- **本机节点** — 自动创建,单机用户零感知升级
- **目录浏览** — 可视化文件树选择备份源路径,告别手动输入
- **Agent 心跳** — 节点在线状态实时监控
- **任务标签** — 按标签/节点分类管理备份任务
### ⏰ 自动化与调度
- Cron 表达式定时调度
- 可视化 Cron 编辑器
- 自动保留策略(按天数 / 按份数过期清理)
- 最大并发备份数限制
### 🔐 安全
- JWT 认证 + bcrypt 密码存储
- AES-256-GCM 加密存储敏感配置数据库密码、OAuth Token
- 可选备份文件加密
- 登录限流防暴力破解
- 节点 Token 认证(一次性显示,安全传输)
### 📊 监控与通知
- 仪表盘统计(成功率、存储用量、备份趋势图表)
- 邮件 / Webhook / Telegram 通知
- 实时备份执行日志 (SSE)
### 🌐 其他
- 中英文国际化 (i18n)
- 零外部依赖(内嵌 SQLite单二进制部署
- systemd 服务支持
## Quick Start
### 从源码构建
**Docker推荐无需克隆仓库**
```bash
# 克隆项目
git clone https://github.com/Awuqing/BackupX.git
cd BackupX
# 创建 docker-compose.yml 后一键启动
docker compose up -d
# 一键构建前后端
make build
# 启动后端服务(默认监听 :8340
cd server && ./bin/backupx
# 或直接运行
docker run -d --name backupx -p 8340:8340 -v backupx-data:/app/data awuqing/backupx:latest
```
### 访问 Web UI
> Docker Hub 镜像:[`awuqing/backupx`](https://hub.docker.com/r/awuqing/backupx),支持 linux/amd64 和 linux/arm64。
打开浏览器访问 `http://your-server:8340`,首次使用会引导您创建管理员账户。
## Configuration
配置文件路径默认为 `./config.yaml`,也可通过环境变量 `BACKUPX_` 前缀覆盖。
<details>
<summary>docker-compose.yml 参考</summary>
```yaml
# config.yaml
server:
host: "0.0.0.0"
port: 8340
mode: "release" # debug | release
services:
backupx:
image: awuqing/backupx:latest
container_name: backupx
restart: unless-stopped
ports:
- "8340:8340"
volumes:
- backupx-data:/app/data
# 挂载需要备份的宿主机目录(按需添加):
# - /var/www:/mnt/www:ro
# - /etc/nginx:/mnt/nginx-conf:ro
environment:
- TZ=Asia/Shanghai
database:
path: "./data/backupx.db" # SQLite 数据库路径
security:
jwt_secret: "" # 留空则自动生成
jwt_expire: "24h"
encryption_key: "" # AES 加密密钥,留空自动生成
backup:
temp_dir: "/tmp/backupx" # 备份临时文件目录
max_concurrent: 2 # 最大并发备份数
log:
level: "info" # debug | info | warn | error
file: "./data/backupx.log"
max_size: 100 # 日志文件大小上限 (MB)
max_backups: 3 # 保留旧日志文件数
max_age: 30 # 日志保留天数
volumes:
backupx-data:
```
> 💡 `jwt_secret` 和 `encryption_key` 首次启动时自动生成并持久化到数据库,无需手动配置。
</details>
## Architecture
**预编译包(裸机部署):**
```
┌─────────────────────┐
│ Nginx (反向代理) │
│ / → 前端静态文件 │
│ /api → :8340 │
└─────────┬───────────┘
┌──────────────────────────────────────────────────────┐
│ BackupX Master (Go API Server) │
│ :8340 │
│ │
│ ┌──────┐ ┌────────────┐ ┌───────────────────────┐│
│ │ Auth │ │Backup Engine│ │ Storage Registry ││
│ └──────┘ └──────┬─────┘ │ ┌─────────────────┐ ││
│ │ │ │ Aliyun OSS │ ││
│ ┌──────────┐ │ │ │ Tencent COS │ ││
│ │ Cron │◄───┘ │ │ Qiniu Kodo │ ││
│ │Scheduler │ │ │ S3 Compatible │ ││
│ └──────────┘ │ │ Google Drive │ ││
│ │ │ WebDAV │ ││
│ │ │ FTP / FTPS │ ││
│ ┌──────────┐ │ │ Local Disk │ ││
│ │ Notify │ │ └─────────────────┘ ││
│ │ Module │ └───────────────────────┘│
│ └──────────┘ │
│ │
│ ┌──────────────┐ ┌────────────────────┐ │
│ │ Node Manager │ │ SQLite (backupx.db)│ │
│ └──────┬───────┘ └────────────────────┘ │
└─────────┼────────────────────────────────────────────┘
│ Heartbeat / Task Dispatch
┌──────────────────┐ ┌──────────────────┐
│ Agent Node A │ │ Agent Node B │
│ (远程服务器) │ │ (远程服务器) │
└──────────────────┘ └──────────────────┘
```
### 技术栈
| 组件 | 技术 |
|------|------|
| **后端** | Go · Gin · GORM · SQLite · robfig/cron |
| **前端** | React 18 · TypeScript · ArcoDesign · Vite · Zustand · ECharts |
| **存储** | AWS SDK v2 (S3/OSS/COS/Kodo) · Google Drive API v3 · gowebdav · jlaffaye/ftp |
| **安全** | JWT · bcrypt · AES-256-GCM |
| **日志** | zap + lumberjack (自动轮转) |
## Cluster Mode
BackupX 支持 **Master-Agent** 模式,可管理多台服务器的备份任务。
### 工作原理
1. **Master** 为运行 BackupX Web 控制台的主控服务器
2. **Agent** 部署在需要备份的远程服务器上
3. Agent 启动后通过 Token 向 Master 注册并定期发送心跳
4. Master 将备份任务下发至对应 Agent 执行
### 添加节点
从 [Releases](https://github.com/Awuqing/BackupX/releases) 下载对应平台的压缩包:
```bash
# 在 Web 控制台 → 节点管理 → 添加节点
# 系统将生成一个唯一的 64 位十六进制 Token
# 在远程服务器上配置 Agent 启动参数
./backupx-agent --master http://master-server:8340 --token <your-token>
tar xzf backupx-v*-linux-amd64.tar.gz && cd backupx-*
sudo ./install.sh # 自动配置 systemd + Nginx
```
### 目录探针 API
Master 提供 `GET /api/nodes/:id/fs/list?path=/` 接口,可远程浏览节点的文件系统目录。前端在创建备份任务的"源路径"输入时可使用树形选择器直接浏览目标机器的目录结构。
## Project Structure
```
BackupX/
├── server/ # Go 后端
│ ├── cmd/backupx/ # 程序入口
│ ├── internal/
│ │ ├── app/ # 应用组装 (DI)
│ │ ├── apperror/ # 统一错误类型
│ │ ├── backup/ # 备份引擎 (file/mysql/sqlite/pgsql/saphana)
│ │ │ └── retention/ # 保留策略
│ │ ├── config/ # 配置加载 (viper)
│ │ ├── database/ # 数据库初始化 + 迁移
│ │ ├── http/ # HTTP 处理器 + 路由 + 中间件
│ │ ├── httpapi/ # HTTP API 辅助工具
│ │ ├── logger/ # 日志初始化 (zap + lumberjack)
│ │ ├── model/ # GORM 数据模型
│ │ ├── notify/ # 通知 (email/webhook/telegram)
│ │ ├── repository/ # 数据访问层
│ │ ├── scheduler/ # Cron 调度器
│ │ ├── security/ # JWT + 限流
│ │ ├── service/ # 业务逻辑层
│ │ └── storage/ # 存储后端 (插件化接口)
│ │ ├── aliyun/ # 阿里云 OSS
│ │ ├── tencent/ # 腾讯云 COS
│ │ ├── qiniu/ # 七牛云 Kodo
│ │ ├── s3/ # S3 Compatible 核心
│ │ ├── s3provider/ # S3 Provider 辅助
│ │ ├── googledrive/ # Google Drive
│ │ ├── webdav/ # WebDAV 核心
│ │ ├── webdavprovider/ # WebDAV Provider 辅助
│ │ ├── localdisk/ # 本地磁盘
│ │ ├── ftp/ # FTP / FTPS
│ │ └── codec/ # 配置编解码
│ └── pkg/ # 工具包 (compress/crypto/response)
├── web/ # React 前端
│ └── src/
│ ├── components/ # 通用组件 (CronEditor/FormDrawer/...)
│ ├── hooks/ # 自定义 Hooks
│ ├── layouts/ # 布局组件 (AppLayout)
│ ├── pages/ # 页面模块
│ │ ├── dashboard/ # 仪表盘
│ │ ├── backup-tasks/ # 备份任务
│ │ ├── backup-records/ # 备份记录
│ │ ├── storage-targets/ # 存储目标
│ │ ├── nodes/ # 节点管理
│ │ ├── notifications/ # 通知配置
│ │ ├── settings/ # 系统设置
│ │ └── login/ # 登录页
│ ├── services/ # API 请求封装
│ ├── stores/ # Zustand 状态管理
│ ├── styles/ # 全局样式
│ ├── types/ # TypeScript 类型定义
│ ├── utils/ # 工具函数
│ ├── locales/ # i18n 语言包 (zh-CN / en-US)
│ └── router/ # 路由配置
├── deploy/ # 部署配置
│ ├── nginx.conf # Nginx 参考配置
│ ├── backupx.service # systemd 服务单元
│ └── install.sh # 一键安装脚本
├── .github/ # GitHub 配置
│ ├── workflows/ci.yml # CI 工作流
│ ├── workflows/release.yml # Release 工作流
│ └── ISSUE_TEMPLATE/ # Issue 模板
└── Makefile # 构建命令
```
## Development
### 前置条件
- **Go** ≥ 1.21
- **Node.js** ≥ 18
- **npm**
### 开发模式
**从源码构建:**
```bash
# 终端 1启动后端 (热重载需配合 air)
make dev-server
# 终端 2启动前端 (Vite HMR)
make dev-web
git clone https://github.com/Awuqing/BackupX.git && cd BackupX
make build # 构建前后端
make docker-cn # 或用国内镜像构建 Dockergoproxy.cn / npmmirror / 阿里云 apk
```
### 运行测试
### 2. 打开控制台
浏览器访问 `http://your-server:8340`,首次打开会引导创建管理员账户。
### 3. 添加存储目标
进入 **存储目标** 页面,点击 **添加**,选择存储类型并填写凭证:
| 存储类型 | 需要填写 |
|---------|---------|
| 阿里云 OSS | Region + AccessKey ID/Secret + Bucket |
| 腾讯云 COS | Region + SecretId/SecretKey + Bucket格式 `name-appid` |
| 七牛云 Kodo | Region + AccessKey/SecretKey + Bucket |
| S3 兼容 | Endpoint + AccessKey + Bucket |
| Google Drive | Client ID/Secret → 点击授权完成 OAuth |
| WebDAV | 服务器地址 + 用户名/密码 |
| FTP | 主机 + 端口 + 用户名/密码 |
| 本地磁盘 | 目标目录路径 |
> 国内云厂商只需填 Region 和 AccessKey系统自动组装 Endpoint。
添加后点击 **测试连接** 确认配置正确。
### 4. 创建备份任务
进入 **备份任务** 页面,点击 **新建**,三步完成:
1. **基础信息** — 任务名称、备份类型、Cron 表达式(留空则仅手动执行)
2. **源配置** — 文件备份选择源路径(支持多个)、数据库备份填写连接信息
3. **存储与策略** — 选择存储目标、压缩策略、保留天数、是否加密
保存后可以点击 **立即执行** 测试,在 **备份记录** 页面实时查看执行日志。
### 5. 配置通知(可选)
进入 **通知配置** 页面支持邮件、Webhook、Telegram 三种方式,可分别配置成功/失败时是否推送。
---
## 部署指南
### Docker 部署
```bash
# 运行全部测试
make test
# 仅后端
make test-server # go test ./...
# 仅前端
make test-web # npm run test
docker compose up -d # 使用上方的 docker-compose.yml
```
### 构建
备份宿主机目录时需要挂载路径(在 docker-compose.yml 的 `volumes` 中添加):
```yaml
volumes:
- backupx-data:/app/data
- /var/www:/mnt/www:ro # 挂载需要备份的目录
- /etc/nginx:/mnt/nginx-conf:ro # 可以挂载多个
```
通过环境变量调整配置:
```yaml
environment:
- TZ=Asia/Shanghai
- BACKUPX_LOG_LEVEL=debug
- BACKUPX_BACKUP_MAX_CONCURRENT=4
```
### 裸机部署
```bash
# 构建前后端
# 使用预编译包
tar xzf backupx-v*-linux-amd64.tar.gz && cd backupx-*
sudo ./install.sh
# 或从源码
make build
# 清理构建产物
make clean
```
## Deployment
### 一键安装 (推荐)
```bash
# 先构建
make build
# 以 root 执行安装脚本
sudo ./deploy/install.sh
```
安装脚本自动
1. 创建 `backupx` 系统用户
2. 安装二进制到 `/opt/backupx/bin/`
3. 部署前端到 `/opt/backupx/web/`
4. 生成配置文件 `/etc/backupx/config.yaml`
5. 注册并启动 systemd 服务
6. 配置 Nginx 反向代理(如已安装)
安装脚本自动完成:创建系统用户 → 安装二进制到 `/opt/backupx/` → 配置 systemd → 配置 Nginx 反向代理。
### 手动部署
```bash
# 1. 构建
cd server && go build -o backupx ./cmd/backupx
cd ../web && npm run build
# 2. 部署文件
scp server/backupx your-server:/opt/backupx/bin/
scp -r web/dist/ your-server:/opt/backupx/web/
scp server/config.example.yaml your-server:/etc/backupx/config.yaml
# 3. 启动
ssh your-server '/opt/backupx/bin/backupx -config /etc/backupx/config.yaml'
```
### Nginx 配置示例
### Nginx 反向代理(裸机部署时)
```nginx
server {
listen 80;
server_name backup.example.com;
# 前端静态文件
location / {
root /opt/backupx/web;
try_files $uri $uri/ /index.html;
}
# API 反向代理
location /api/ {
proxy_pass http://127.0.0.1:8340;
proxy_set_header Host $host;
@@ -409,89 +201,122 @@ server {
}
```
## API Reference
### 配置文件
所有 API 均以 `/api` 为前缀,使用 JWT Bearer Token 认证(除特殊标注外)。
配置文件路径 `./config.yaml`,也可通过 `BACKUPX_` 前缀环境变量覆盖:
```yaml
server:
port: 8340
database:
path: "./data/backupx.db"
security:
jwt_secret: "" # 留空自动生成并持久化到数据库
encryption_key: "" # 留空自动生成
backup:
temp_dir: "/tmp/backupx"
max_concurrent: 2
log:
level: "info" # debug | info | warn | error
file: "./data/backupx.log"
```
### 密码重置
忘记管理员密码时通过 CLI 重置:
```bash
# 裸机
./backupx reset-password --username admin --password newpass123
# Docker
docker exec -it backupx /app/bin/backupx reset-password --username admin --password newpass123
```
---
## 多节点集群
BackupX 支持 Master-Agent 模式管理多台服务器:
1. Web 控制台 → **节点管理****添加节点**,系统生成 Token
2. 在远程服务器部署 Agent 并使用 Token 连接 Master
3. 创建备份任务时选择对应节点Master 自动下发任务
创建文件备份任务时,可通过可视化目录浏览器远程选择 Agent 节点上的目录,无需手动输入路径。
---
## 开发指南
**环境要求:** Go >= 1.25 · Node.js >= 20 · npm
```bash
# 开发模式
make dev-server # 终端 1后端默认 :8340
make dev-web # 终端 2前端Vite HMR
# 测试
make test # 运行全部测试
# 构建
make build # 前后端一起构建
make docker # Docker 构建
make docker-cn # 国内 Docker 构建(镜像加速)
```
### 发版
```bash
git tag v1.2.3 && git push --tags
# GitHub Actions 自动:编译双架构二进制 → 发布 GitHub Release → 推送 Docker Hub 镜像
```
也可在 GitHub Actions 页面手动触发 Release workflow。
---
## API 参考
所有接口以 `/api` 为前缀,使用 JWT Bearer Token 认证。
| 模块 | 端点 | 说明 |
|------|------|------|
| **认证** | `POST /api/auth/setup` | 首次初始化管理员 |
| | `POST /api/auth/login` | 登录获取 Token |
| | `POST /api/auth/logout` | 登出 |
| | `GET /api/auth/profile` | 当前用户信息 |
| | `PUT /api/auth/password` | 修改密码 |
| **备份任务** | `GET/POST /api/backup/tasks` | 任务列表 / 创建 |
| | `GET/PUT/DELETE /api/backup/tasks/:id` | 详情 / 更新 / 删除 |
| | `PUT /api/backup/tasks/:id/toggle` | 启用/禁用 |
| | `POST /api/backup/tasks/:id/run` | 手动触发执行 |
| **备份记录** | `GET /api/backup/records` | 记录列表 (支持筛选) |
| | `GET /api/backup/records/:id` | 记录详情 |
| | `GET /api/backup/records/:id/logs/stream` | 实时执行日志 (SSE) |
| | `GET /api/backup/records/:id/download` | 下载备份文件 |
| | `POST /api/backup/records/:id/restore` | 恢复备份 |
| **存储目标** | `GET/POST /api/storage-targets` | 存储列表 / 添加 |
| | `GET/PUT/DELETE /api/storage-targets/:id` | 详情 / 更新 / 删除 |
| | `POST /api/storage-targets/test` | 测试连接 |
| | `POST /api/storage-targets/:id/test` | 测试已保存连接 |
| | `GET /api/storage-targets/:id/usage` | 查询用量 |
| **节点管理** | `GET/POST /api/nodes` | 节点列表 / 添加 |
| | `GET/DELETE /api/nodes/:id` | 详情 / 删除 |
| | `GET /api/nodes/:id/fs/list` | 目录浏览 |
| | `POST /api/agent/heartbeat` | Agent 心跳 ⚡ |
| **通知** | `GET/POST /api/notifications` | 通知列表 / 添加 |
| | `POST /api/notifications/test` | 测试通知 |
| | `POST /api/notifications/:id/test` | 测试已保存通知 |
| **仪表盘** | `GET /api/dashboard/stats` | 概览统计 |
| | `GET /api/dashboard/timeline` | 备份趋势时间线 |
| **系统** | `GET /api/system/info` | 系统信息 (版本/磁盘) |
| | `GET/PUT /api/settings` | 系统设置读写 |
| **认证** | `POST /auth/setup` | 初始化管理员 |
| | `POST /auth/login` | 登录 |
| | `PUT /auth/password` | 修改密码 |
| **备份任务** | `GET\|POST /backup/tasks` | 列表 / 创建 |
| | `GET\|PUT\|DELETE /backup/tasks/:id` | 详情 / 更新 / 删除 |
| | `PUT /backup/tasks/:id/toggle` | 启用/禁用 |
| | `POST /backup/tasks/:id/run` | 手动执行 |
| **备份记录** | `GET /backup/records` | 列表(支持筛选) |
| | `GET /backup/records/:id/logs/stream` | 实时日志 (SSE) |
| | `GET /backup/records/:id/download` | 下载 |
| | `POST /backup/records/:id/restore` | 恢复 |
| **存储目标** | `GET\|POST /storage-targets` | 列表 / 添加 |
| | `POST /storage-targets/test` | 测试连接 |
| **节点** | `GET\|POST /nodes` | 列表 / 添加 |
| | `GET /nodes/:id/fs/list` | 目录浏览 |
| **通知** | `GET\|POST /notifications` | 列表 / 添加 |
| **仪表盘** | `GET /dashboard/stats` | 概览统计 |
| **审计日志** | `GET /audit-logs` | 操作审计 |
| **系统** | `GET /system/info` | 系统信息 |
> ⚡ `POST /api/agent/heartbeat` 为公开端点,使用 Node Token 认证而非 JWT。
---
## 云存储配置指南
## 技术栈
### 阿里云 OSS
1. 登录[阿里云控制台](https://oss.console.aliyun.com/),创建 Bucket
2. 前往 RAM 控制台创建 AccessKey
3. 在 BackupX 添加存储目标时选择"阿里云 OSS"
4. 填写 Region`cn-hangzhou`)和 AccessKey系统自动组装 Endpoint
### 腾讯云 COS
1. 登录[腾讯云控制台](https://console.cloud.tencent.com/cos),创建存储桶
2. 前往 API 密钥管理创建 SecretId/SecretKey
3. Bucket 名称格式为 `BucketName-APPID`(如 `backup-1250000000`
### 七牛云 Kodo
1. 登录[七牛云控制台](https://portal.qiniu.com/),创建存储空间
2. 支持区域:`z0`(华东) / `cn-east-2`(华东-浙江2) / `z1`(华北) / `z2`(华南) / `na0`(北美) / `as0`(东南亚)
### Google Drive
1. 前往 [Google Cloud Console](https://console.cloud.google.com/) 创建项目
2. 启用 **Google Drive API**
3. 创建 **OAuth 2.0 客户端 ID**Web 应用类型)
4. 添加重定向 URI`http://your-server/api/storage-targets/google-drive/callback`
5. 在 BackupX 存储管理页面填入 Client ID / Secret点击授权
| 组件 | 技术 |
|------|------|
| **后端** | Go · Gin · GORM · SQLite · robfig/cron |
| **前端** | React 18 · TypeScript · ArcoDesign · Vite · Zustand · ECharts |
| **存储** | AWS SDK v2 · Google Drive API v3 · gowebdav · jlaffaye/ftp |
| **安全** | JWT · bcrypt · AES-256-GCM |
## Contributing
欢迎提交 Issue 和 Pull Request
1. Fork 本项目
2. 创建功能分支 (`git checkout -b feature/amazing-feature`)
3. 提交更改 (`git commit -m 'Add amazing feature'`)
4. 推送到分支 (`git push origin feature/amazing-feature`)
5. 创建 Pull Request
## License
本项目采用 [Apache License 2.0](LICENSE) 开源协议。
---
<p align="center">
Made with ❤️ for self-hosters
</p>
[Apache License 2.0](LICENSE)

638
README_EN.md
View File

@@ -2,406 +2,195 @@
<strong>English</strong> | <a href="README.md">中文</a>
</p>
<p align="center">
<h1 align="center">🛡️ BackupX</h1>
<h1 align="center">BackupX</h1>
<p align="center">
<strong>Self-hosted Server Backup Management Platform with Web UI</strong>
</p>
<p align="center">
<a href="#features">Features</a> •
<a href="#quick-start">Quick Start</a> •
<a href="#configuration">Configuration</a> •
<a href="#architecture">Architecture</a> •
<a href="#cluster-mode">Cluster</a> •
<a href="#development">Development</a> •
<a href="#api-reference">API</a>
<strong>Self-hosted Server Backup Management Platform</strong><br>
One binary, one command — manage all your server backups.
</p>
<p align="center">
<a href="https://github.com/Awuqing/BackupX/stargazers"><img src="https://img.shields.io/github/stars/Awuqing/BackupX?style=flat-square&color=f5c542" alt="Stars"></a>
<a href="https://github.com/Awuqing/BackupX/releases"><img src="https://img.shields.io/github/v/release/Awuqing/BackupX?style=flat-square&color=brightgreen" alt="Release"></a>
<img src="https://img.shields.io/badge/Go-1.21+-00ADD8?style=flat-square&logo=go" alt="Go">
<img src="https://img.shields.io/badge/Go-1.25+-00ADD8?style=flat-square&logo=go" alt="Go">
<img src="https://img.shields.io/badge/React-18-61DAFB?style=flat-square&logo=react" alt="React">
<img src="https://img.shields.io/badge/TypeScript-5-3178C6?style=flat-square&logo=typescript" alt="TypeScript">
<img src="https://img.shields.io/badge/SQLite-embedded-003B57?style=flat-square&logo=sqlite" alt="SQLite">
<a href="LICENSE"><img src="https://img.shields.io/github/license/Awuqing/BackupX?style=flat-square" alt="License"></a>
<a href="https://github.com/Awuqing/BackupX/issues"><img src="https://img.shields.io/github/issues/Awuqing/BackupX?style=flat-square" alt="Issues"></a>
</p>
</p>
---
BackupX is a self-hosted backup management platform for **Linux / macOS servers**. Through an enterprise-grade Web console, you can easily configure directory backups, database backups, and securely store backup files to Alibaba Cloud OSS, Tencent Cloud COS, Qiniu Cloud Kodo, Google Drive, S3-compatible storage, WebDAV, FTP/FTPS, or local disk.
<table>
<tr>
<td width="50%"><img src="screenshots/dashboard.png" alt="Dashboard"></td>
<td width="50%"><img src="screenshots/backup-tasks.png" alt="Backup Tasks"></td>
</tr>
<tr>
<td><img src="screenshots/storage-targets.png" alt="Storage Targets"></td>
<td><img src="screenshots/backup-records.png" alt="Backup Records"></td>
</tr>
</table>
Supports **multi-node cluster management** for unified control of backup tasks across different servers.
## Highlights
> **For**: Individual developers / small teams / DevOps with Linux servers
| Capability | Details |
|-----------|---------|
| **Backup Types** | Files/Directories (multi-source), MySQL, PostgreSQL, SQLite, SAP HANA |
| **Storage Backends** | Alibaba Cloud OSS, Tencent COS, Qiniu Kodo, S3-compatible (AWS/MinIO/R2), Google Drive, WebDAV, FTP/FTPS, Local Disk |
| **Scheduling** | Cron-based scheduling + visual editor + auto-retention policy (by days/count) |
| **Multi-Node** | Master-Agent cluster for managing backups across multiple servers |
| **Security** | JWT + bcrypt + AES-256-GCM encrypted config + optional backup encryption + audit logs |
| **Notifications** | Email / Webhook / Telegram — push on success or failure |
| **Deployment** | Single binary + embedded SQLite, Docker one-click, zero external dependencies |
## Screenshots
### Login
![Login](screenshots/login.png)
### Dashboard
![Dashboard](screenshots/dashboard.png)
### Backup Tasks
![Backup Tasks](screenshots/backup-tasks.png)
### Backup Records
![Backup Records](screenshots/backup-records.png)
### Storage Targets
![Storage Targets](screenshots/storage-targets.png)
### Node Management
![Node Management](screenshots/nodes.png)
### Notification Settings
![Notification Settings](screenshots/notifications.png)
### System Settings
![System Settings](screenshots/settings.png)
## Features
### 📦 Multiple Backup Types
- **Files / Directories** — Custom exclude rules (e.g. `node_modules`, `*.log`)
- **MySQL** — Via native `mysqldump` tool
- **SQLite** — Safe file copy
- **PostgreSQL** — Via native `pg_dump` tool
- **SAP HANA** — Via native `hdbsql` tool (multi-tenant database support)
### ☁️ Multi-Cloud Storage Backends
| Provider | Type | Description |
|----------|------|-------------|
| 🇨🇳 **Alibaba Cloud OSS** | `aliyun_oss` | Auto endpoint assembly, internal network support |
| 🇨🇳 **Tencent Cloud COS** | `tencent_cos` | Auto endpoint assembly |
| 🇨🇳 **Qiniu Cloud Kodo** | `qiniu_kodo` | 6 region precise mapping |
| 🌍 **S3 Compatible** | `s3` | AWS S3 / MinIO / Cloudflare R2, etc. |
| 🌍 **Google Drive** | `google_drive` | Full OAuth 2.0 flow |
| 🌍 **WebDAV** | `webdav` | Nextcloud / Nutstore, etc. |
| 🌍 **FTP / FTPS** | `ftp` | Standard FTP protocol with Explicit TLS support |
| 💾 **Local Disk** | `local_disk` | Backup to local server directory |
> Chinese cloud providers only require **Region** and **AccessKey** — the system auto-assembles the endpoint. Powered by the S3 engine under the hood with zero extra dependencies.
### 🖥️ Cluster Management (Master-Agent)
- **Node Management** — Register remote server nodes with Token authentication
- **Local Node** — Auto-created, zero-friction upgrade for single-machine users
- **Directory Browser** — Visual file tree selector for backup source paths
- **Agent Heartbeat** — Real-time node online status monitoring
- **Task Tags** — Categorize and manage backup tasks by tags/nodes
### ⏰ Automation & Scheduling
- Cron expression scheduling
- Visual Cron editor
- Auto-retention policy (by days / by count)
- Max concurrent backup limit
### 🔐 Security
- JWT authentication + bcrypt password hashing
- AES-256-GCM encrypted sensitive config storage (DB passwords, OAuth tokens)
- Optional backup file encryption
- Login rate limiting (brute force protection)
- Node Token authentication (one-time display, secure transport)
### 📊 Monitoring & Notifications
- Dashboard stats (success rate, storage usage, backup trend charts)
- Email / Webhook / Telegram notifications
- Real-time backup execution logs (SSE)
### 🌐 Other
- Chinese & English i18n
- Zero external dependencies (embedded SQLite, single binary deployment)
- systemd service support
---
## Quick Start
### Build from Source
### 1. Install
**Docker (recommended, no clone needed):**
```bash
# Clone the project
git clone https://github.com/Awuqing/BackupX.git
cd BackupX
# Create a docker-compose.yml then start
docker compose up -d
# Build frontend and backend
make build
# Start the backend service (default port :8340)
cd server && ./bin/backupx
# Or run directly
docker run -d --name backupx -p 8340:8340 -v backupx-data:/app/data awuqing/backupx:latest
```
### Access Web UI
> Docker Hub: [`awuqing/backupx`](https://hub.docker.com/r/awuqing/backupx) — supports linux/amd64 and linux/arm64.
Open `http://your-server:8340` in your browser. First-time use will guide you through creating an admin account.
## Configuration
The config file defaults to `./config.yaml`. Settings can also be overridden via `BACKUPX_` prefixed environment variables.
<details>
<summary>docker-compose.yml reference</summary>
```yaml
# config.yaml
server:
host: "0.0.0.0"
port: 8340
mode: "release" # debug | release
services:
backupx:
image: awuqing/backupx:latest
container_name: backupx
restart: unless-stopped
ports:
- "8340:8340"
volumes:
- backupx-data:/app/data
# Mount host directories to back up (add as needed):
# - /var/www:/mnt/www:ro
# - /etc/nginx:/mnt/nginx-conf:ro
environment:
- TZ=Asia/Shanghai
database:
path: "./data/backupx.db" # SQLite database path
security:
jwt_secret: "" # Leave empty to auto-generate
jwt_expire: "24h"
encryption_key: "" # AES encryption key, auto-generated if empty
backup:
temp_dir: "/tmp/backupx" # Backup temp directory
max_concurrent: 2 # Max concurrent backups
log:
level: "info" # debug | info | warn | error
file: "./data/backupx.log"
max_size: 100 # Max log file size (MB)
max_backups: 3 # Number of old log files to retain
max_age: 30 # Log retention days
volumes:
backupx-data:
```
> 💡 `jwt_secret` and `encryption_key` are auto-generated on first startup and persisted to the database.
</details>
## Architecture
**Pre-built binaries (bare metal):**
```
┌─────────────────────┐
│ Nginx (Reverse │
│ Proxy) │
│ / → Static Files │
│ /api → :8340 │
└─────────┬───────────┘
┌──────────────────────────────────────────────────────┐
│ BackupX Master (Go API Server) │
│ :8340 │
│ │
│ ┌──────┐ ┌────────────┐ ┌───────────────────────┐│
│ │ Auth │ │Backup Engine│ │ Storage Registry ││
│ └──────┘ └──────┬─────┘ │ ┌─────────────────┐ ││
│ │ │ │ Alibaba Cloud │ ││
│ ┌──────────┐ │ │ │ Tencent Cloud │ ││
│ │ Cron │◄───┘ │ │ Qiniu Cloud │ ││
│ │Scheduler │ │ │ S3 Compatible │ ││
│ └──────────┘ │ │ Google Drive │ ││
│ │ │ WebDAV │ ││
│ │ │ FTP / FTPS │ ││
│ ┌──────────┐ │ │ Local Disk │ ││
│ │ Notify │ │ └─────────────────┘ ││
│ │ Module │ └───────────────────────┘│
│ └──────────┘ │
│ │
│ ┌──────────────┐ ┌────────────────────┐ │
│ │ Node Manager │ │ SQLite (backupx.db)│ │
│ └──────┬───────┘ └────────────────────┘ │
└─────────┼────────────────────────────────────────────┘
│ Heartbeat / Task Dispatch
┌──────────────────┐ ┌──────────────────┐
│ Agent Node A │ │ Agent Node B │
│ (Remote Server)│ │ (Remote Server)│
└──────────────────┘ └──────────────────┘
```
### Tech Stack
| Component | Technology |
|-----------|-----------|
| **Backend** | Go · Gin · GORM · SQLite · robfig/cron |
| **Frontend** | React 18 · TypeScript · ArcoDesign · Vite · Zustand · ECharts |
| **Storage** | AWS SDK v2 (S3/OSS/COS/Kodo) · Google Drive API v3 · gowebdav · jlaffaye/ftp |
| **Security** | JWT · bcrypt · AES-256-GCM |
| **Logging** | zap + lumberjack (auto-rotation) |
## Cluster Mode
BackupX supports **Master-Agent** mode for managing backup tasks across multiple servers.
### How It Works
1. **Master** is the server running the BackupX Web console
2. **Agent** is deployed on remote servers that need to be backed up
3. Agents register with the Master using a Token and send periodic heartbeats
4. Master dispatches backup tasks to the corresponding Agent for execution
### Adding Nodes
Download from [Releases](https://github.com/Awuqing/BackupX/releases):
```bash
# In Web Console → Node Management → Add Node
# The system generates a unique 64-character hex Token
# Configure the Agent on the remote server
./backupx-agent --master http://master-server:8340 --token <your-token>
tar xzf backupx-v*-linux-amd64.tar.gz && cd backupx-*
sudo ./install.sh # Auto-configures systemd + Nginx
```
### Directory Probe API
Master provides `GET /api/nodes/:id/fs/list?path=/` to remotely browse a node's file system. The frontend uses a tree selector to browse the target machine's directory structure when creating backup tasks.
## Project Structure
```
BackupX/
├── server/ # Go backend
│ ├── cmd/backupx/ # Entry point
│ ├── internal/
│ │ ├── app/ # App assembly (DI)
│ │ ├── apperror/ # Unified error types
│ │ ├── backup/ # Backup engine (file/mysql/sqlite/pgsql/saphana)
│ │ │ └── retention/ # Retention policy
│ │ ├── config/ # Config loading (viper)
│ │ ├── database/ # Database init + migrations
│ │ ├── http/ # HTTP handlers + routes + middleware
│ │ ├── httpapi/ # HTTP API helpers
│ │ ├── logger/ # Logger init (zap + lumberjack)
│ │ ├── model/ # GORM data models
│ │ ├── notify/ # Notifications (email/webhook/telegram)
│ │ ├── repository/ # Data access layer
│ │ ├── scheduler/ # Cron scheduler
│ │ ├── security/ # JWT + rate limiting
│ │ ├── service/ # Business logic
│ │ └── storage/ # Storage backends (plugin interface)
│ │ ├── aliyun/ # Alibaba Cloud OSS
│ │ ├── tencent/ # Tencent Cloud COS
│ │ ├── qiniu/ # Qiniu Cloud Kodo
│ │ ├── s3/ # S3 Compatible core
│ │ ├── s3provider/ # S3 Provider helper
│ │ ├── googledrive/ # Google Drive
│ │ ├── webdav/ # WebDAV core
│ │ ├── webdavprovider/ # WebDAV Provider helper
│ │ ├── localdisk/ # Local disk
│ │ ├── ftp/ # FTP / FTPS
│ │ └── codec/ # Config codec
│ └── pkg/ # Utilities (compress/crypto/response)
├── web/ # React frontend
│ └── src/
│ ├── components/ # Shared components (CronEditor/FormDrawer/...)
│ ├── hooks/ # Custom Hooks
│ ├── layouts/ # Layout components (AppLayout)
│ ├── pages/ # Page modules
│ │ ├── dashboard/ # Dashboard
│ │ ├── backup-tasks/ # Backup tasks
│ │ ├── backup-records/ # Backup records
│ │ ├── storage-targets/ # Storage targets
│ │ ├── nodes/ # Node management
│ │ ├── notifications/ # Notification settings
│ │ ├── settings/ # System settings
│ │ └── login/ # Login page
│ ├── services/ # API request wrappers
│ ├── stores/ # Zustand state management
│ ├── styles/ # Global styles
│ ├── types/ # TypeScript type definitions
│ ├── utils/ # Utility functions
│ ├── locales/ # i18n language packs (zh-CN / en-US)
│ └── router/ # Route configuration
├── deploy/ # Deployment configs
│ ├── nginx.conf # Nginx reference config
│ ├── backupx.service # systemd service unit
│ └── install.sh # One-click install script
├── .github/ # GitHub configuration
│ ├── workflows/ci.yml # CI workflow
│ ├── workflows/release.yml # Release workflow
│ └── ISSUE_TEMPLATE/ # Issue templates
└── Makefile # Build commands
```
## Development
### Prerequisites
- **Go** ≥ 1.21
- **Node.js** ≥ 18
- **npm**
### Dev Mode
**Build from source:**
```bash
# Terminal 1: Start backend (use air for hot-reload)
make dev-server
# Terminal 2: Start frontend (Vite HMR)
make dev-web
git clone https://github.com/Awuqing/BackupX.git && cd BackupX
make build # Build frontend + backend
make docker-cn # Or Docker build with China mirrors (goproxy.cn / npmmirror / Aliyun apk)
```
### Run Tests
### 2. Open the Console
Visit `http://your-server:8340` in your browser. First-time access guides you through admin account creation.
### 3. Add a Storage Target
Go to **Storage Targets****Add**, choose a storage type and enter credentials:
| Storage Type | Required Fields |
|-------------|----------------|
| Alibaba Cloud OSS | Region + AccessKey ID/Secret + Bucket |
| Tencent Cloud COS | Region + SecretId/SecretKey + Bucket (`name-appid`) |
| Qiniu Cloud Kodo | Region + AccessKey/SecretKey + Bucket |
| S3 Compatible | Endpoint + AccessKey + Bucket |
| Google Drive | Client ID/Secret → click Authorize for OAuth |
| WebDAV | Server URL + Username/Password |
| FTP | Host + Port + Username/Password |
| Local Disk | Target directory path |
Click **Test Connection** to verify.
### 4. Create a Backup Task
Go to **Backup Tasks****Create**, complete 3 steps:
1. **Basic Info** — Task name, backup type, Cron expression (leave empty for manual-only)
2. **Source Config** — File backup: select source paths (supports multiple); Database: enter connection info
3. **Storage & Policy** — Select storage target(s), compression, retention days, encryption toggle
Save, then click **Run Now** to test. View real-time logs in **Backup Records**.
### 5. Set Up Notifications (Optional)
Go to **Notifications** to configure Email, Webhook, or Telegram alerts for backup success/failure.
---
## Deployment Guide
### Docker
```bash
# Run all tests
make test
# Backend only
make test-server # go test ./...
# Frontend only
make test-web # npm run test
docker compose up -d # Using the docker-compose.yml above
```
### Build
Mount host directories for file backup (add to `volumes` in docker-compose.yml):
```yaml
volumes:
- backupx-data:/app/data
- /var/www:/mnt/www:ro
- /etc/nginx:/mnt/nginx-conf:ro
```
Override config via environment variables:
```yaml
environment:
- TZ=Asia/Shanghai
- BACKUPX_LOG_LEVEL=debug
- BACKUPX_BACKUP_MAX_CONCURRENT=4
```
### Bare Metal
```bash
# Build frontend and backend
# From pre-built package
tar xzf backupx-v*-linux-amd64.tar.gz && cd backupx-*
sudo ./install.sh
# Or from source
make build
# Clean build artifacts
make clean
```
## Deployment
### One-Click Install (Recommended)
```bash
# Build first
make build
# Run install script as root
sudo ./deploy/install.sh
```
The install script will automatically:
1. Create a `backupx` system user
2. Install the binary to `/opt/backupx/bin/`
3. Deploy the frontend to `/opt/backupx/web/`
4. Generate config at `/etc/backupx/config.yaml`
5. Register and start the systemd service
6. Configure Nginx reverse proxy (if installed)
The install script creates a system user, installs to `/opt/backupx/`, configures systemd, and sets up Nginx reverse proxy.
### Manual Deployment
```bash
# 1. Build
cd server && go build -o backupx ./cmd/backupx
cd ../web && npm run build
# 2. Deploy files
scp server/backupx your-server:/opt/backupx/bin/
scp -r web/dist/ your-server:/opt/backupx/web/
scp server/config.example.yaml your-server:/etc/backupx/config.yaml
# 3. Start
ssh your-server '/opt/backupx/bin/backupx -config /etc/backupx/config.yaml'
```
### Nginx Config Example
### Nginx Reverse Proxy (bare metal)
```nginx
server {
listen 80;
server_name backup.example.com;
# Frontend static files
location / {
root /opt/backupx/web;
try_files $uri $uri/ /index.html;
}
# API reverse proxy
location /api/ {
proxy_pass http://127.0.0.1:8340;
proxy_set_header Host $host;
@@ -410,89 +199,120 @@ server {
}
```
### Configuration
Config file: `./config.yaml` (or override with `BACKUPX_` prefixed env vars):
```yaml
server:
port: 8340
database:
path: "./data/backupx.db"
security:
jwt_secret: "" # Auto-generated and persisted to DB
encryption_key: "" # Auto-generated
backup:
temp_dir: "/tmp/backupx"
max_concurrent: 2
log:
level: "info" # debug | info | warn | error
file: "./data/backupx.log"
```
### Password Reset
```bash
# Bare metal
./backupx reset-password --username admin --password newpass123
# Docker
docker exec -it backupx /app/bin/backupx reset-password --username admin --password newpass123
```
---
## Multi-Node Cluster
BackupX supports Master-Agent mode for managing multiple servers:
1. Web Console → **Node Management****Add Node** — system generates a Token
2. Deploy Agent on remote server, connect using the Token
3. Create backup tasks and assign to specific nodes — Master dispatches automatically
The visual directory browser lets you pick directories on remote Agent nodes — no manual path typing.
---
## Development
**Requirements:** Go >= 1.25 · Node.js >= 20 · npm
```bash
# Dev mode
make dev-server # Terminal 1: backend (:8340)
make dev-web # Terminal 2: frontend (Vite HMR)
# Test
make test # Run all tests
# Build
make build # Build frontend + backend
make docker # Docker build
make docker-cn # Docker build with China mirrors
```
### Release
```bash
git tag v1.2.3 && git push --tags
# GitHub Actions: compile dual-arch binaries → publish GitHub Release → push Docker Hub image
```
Or manually trigger the Release workflow from GitHub Actions page.
---
## API Reference
All APIs are prefixed with `/api` and use JWT Bearer Token authentication (unless noted otherwise).
All endpoints prefixed with `/api`, authenticated via JWT Bearer Token.
| Module | Endpoint | Description |
|--------|----------|-------------|
| **Auth** | `POST /api/auth/setup` | Initialize admin (first time) |
| | `POST /api/auth/login` | Login to get Token |
| | `POST /api/auth/logout` | Logout |
| | `GET /api/auth/profile` | Current user info |
| | `PUT /api/auth/password` | Change password |
| **Backup Tasks** | `GET/POST /api/backup/tasks` | List / Create tasks |
| | `GET/PUT/DELETE /api/backup/tasks/:id` | Detail / Update / Delete |
| | `PUT /api/backup/tasks/:id/toggle` | Enable / Disable |
| | `POST /api/backup/tasks/:id/run` | Trigger manual execution |
| **Backup Records** | `GET /api/backup/records` | List records (with filter) |
| | `GET /api/backup/records/:id` | Record detail |
| | `GET /api/backup/records/:id/logs/stream` | Real-time execution logs (SSE) |
| | `GET /api/backup/records/:id/download` | Download backup file |
| | `POST /api/backup/records/:id/restore` | Restore backup |
| **Storage Targets** | `GET/POST /api/storage-targets` | List / Add targets |
| | `GET/PUT/DELETE /api/storage-targets/:id` | Detail / Update / Delete |
| | `POST /api/storage-targets/test` | Test connection |
| | `POST /api/storage-targets/:id/test` | Test saved connection |
| | `GET /api/storage-targets/:id/usage` | Query usage |
| **Nodes** | `GET/POST /api/nodes` | List / Add nodes |
| | `GET/DELETE /api/nodes/:id` | Detail / Delete |
| | `GET /api/nodes/:id/fs/list` | Directory browser |
| | `POST /api/agent/heartbeat` | Agent heartbeat ⚡ |
| **Notifications** | `GET/POST /api/notifications` | List / Add |
| | `POST /api/notifications/test` | Test notification |
| | `POST /api/notifications/:id/test` | Test saved notification |
| **Dashboard** | `GET /api/dashboard/stats` | Overview statistics |
| | `GET /api/dashboard/timeline` | Backup trend timeline |
| **System** | `GET /api/system/info` | System info (version/disk) |
| | `GET/PUT /api/settings` | System settings |
| **Auth** | `POST /auth/setup` | Initialize admin |
| | `POST /auth/login` | Login |
| | `PUT /auth/password` | Change password |
| **Backup Tasks** | `GET\|POST /backup/tasks` | List / Create |
| | `GET\|PUT\|DELETE /backup/tasks/:id` | Detail / Update / Delete |
| | `PUT /backup/tasks/:id/toggle` | Enable / Disable |
| | `POST /backup/tasks/:id/run` | Manual run |
| **Backup Records** | `GET /backup/records` | List (with filter) |
| | `GET /backup/records/:id/logs/stream` | Real-time logs (SSE) |
| | `GET /backup/records/:id/download` | Download |
| | `POST /backup/records/:id/restore` | Restore |
| **Storage Targets** | `GET\|POST /storage-targets` | List / Add |
| | `POST /storage-targets/test` | Test connection |
| **Nodes** | `GET\|POST /nodes` | List / Add |
| | `GET /nodes/:id/fs/list` | Directory browser |
| **Notifications** | `GET\|POST /notifications` | List / Add |
| **Dashboard** | `GET /dashboard/stats` | Overview stats |
| **Audit Logs** | `GET /audit-logs` | Operation audit |
| **System** | `GET /system/info` | System info |
> ⚡ `POST /api/agent/heartbeat` is a public endpoint authenticated via Node Token instead of JWT.
---
## Cloud Storage Setup Guide
## Tech Stack
### Alibaba Cloud OSS
1. Log in to [Alibaba Cloud Console](https://oss.console.aliyun.com/), create a Bucket
2. Go to RAM Console to create an AccessKey
3. Select "Alibaba Cloud OSS" when adding a storage target in BackupX
4. Enter the Region (e.g. `cn-hangzhou`) and AccessKey — the system auto-assembles the endpoint
### Tencent Cloud COS
1. Log in to [Tencent Cloud Console](https://console.cloud.tencent.com/cos), create a bucket
2. Go to API Key Management to create SecretId/SecretKey
3. Bucket name format is `BucketName-APPID` (e.g. `backup-1250000000`)
### Qiniu Cloud Kodo
1. Log in to [Qiniu Cloud Console](https://portal.qiniu.com/), create a storage space
2. Supported regions: `z0` (East China) / `cn-east-2` (East China-Zhejiang 2) / `z1` (North China) / `z2` (South China) / `na0` (North America) / `as0` (Southeast Asia)
### Google Drive
1. Go to [Google Cloud Console](https://console.cloud.google.com/) and create a project
2. Enable the **Google Drive API**
3. Create an **OAuth 2.0 Client ID** (Web application type)
4. Add redirect URI: `http://your-server/api/storage-targets/google-drive/callback`
5. Enter the Client ID / Secret in BackupX storage management and click Authorize
| Component | Technology |
|-----------|-----------|
| **Backend** | Go · Gin · GORM · SQLite · robfig/cron |
| **Frontend** | React 18 · TypeScript · ArcoDesign · Vite · Zustand · ECharts |
| **Storage** | AWS SDK v2 · Google Drive API v3 · gowebdav · jlaffaye/ftp |
| **Security** | JWT · bcrypt · AES-256-GCM |
## Contributing
Issues and Pull Requests are welcome!
1. Fork this repository
2. Create a feature branch (`git checkout -b feature/amazing-feature`)
3. Commit your changes (`git commit -m 'Add amazing feature'`)
4. Push to the branch (`git push origin feature/amazing-feature`)
5. Open a Pull Request
## License
This project is licensed under the [Apache License 2.0](LICENSE).
---
<p align="center">
Made with ❤️ for self-hosters
</p>
[Apache License 2.0](LICENSE)

23
deploy/docker/entrypoint.sh Normal file
View File

@@ -0,0 +1,23 @@
#!/bin/sh
set -e
# Backend listens on internal port 8341, Nginx exposes 8340
export BACKUPX_SERVER_PORT="${BACKUPX_SERVER_PORT_INTERNAL:-8341}"
# Start Nginx in background
nginx -g "daemon off;" &
NGINX_PID=$!
# Start BackupX backend
/app/bin/backupx &
APP_PID=$!
# Trap signals for graceful shutdown
trap 'kill $APP_PID $NGINX_PID 2>/dev/null; wait $APP_PID $NGINX_PID 2>/dev/null' SIGTERM SIGINT
echo "BackupX started — Nginx :8340 -> Backend :8341"
# Wait for either process to exit
wait -n $APP_PID $NGINX_PID 2>/dev/null || true
kill $APP_PID $NGINX_PID 2>/dev/null || true
wait $APP_PID $NGINX_PID 2>/dev/null || true

32
deploy/docker/nginx.conf Normal file
View File

@@ -0,0 +1,32 @@
server {
listen 8340;
server_name _;
root /app/web;
index index.html;
# API reverse proxy to backend
location /api/ {
proxy_pass http://127.0.0.1:8341/api/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection "";
proxy_buffering off;
proxy_cache off;
proxy_read_timeout 3600s;
}
# SPA fallback
location / {
try_files $uri $uri/ /index.html;
}
# Static assets cache
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff2?)$ {
expires 30d;
add_header Cache-Control "public, immutable";
}
}

29
docker-compose.yml Normal file
View File

@@ -0,0 +1,29 @@
# BackupX Docker Compose
#
# 快速启动docker compose up -d
# 访问地址http://localhost:8340
#
# 如需从源码构建镜像(而非拉取线上镜像),取消注释 build 行并注释 image 行。
services:
backupx:
image: awuqing/backupx:latest
# build: . # 从源码构建时取消此行注释
container_name: backupx
restart: unless-stopped
ports:
- "8340:8340"
volumes:
- backupx-data:/app/data
# 挂载需要备份的宿主机目录(按需添加,:ro 表示只读):
# - /var/www:/mnt/www:ro
# - /etc/nginx:/mnt/nginx-conf:ro
# - /home/user/data:/mnt/data:ro
environment:
- TZ=Asia/Shanghai
# 通过 BACKUPX_ 前缀环境变量覆盖配置:
# - BACKUPX_LOG_LEVEL=debug
# - BACKUPX_BACKUP_MAX_CONCURRENT=4
volumes:
backupx-data:

65
server/cmd/backupx/main.go
View File

@@ -10,11 +10,21 @@ import (
"backupx/server/internal/app"
"backupx/server/internal/config"
"backupx/server/internal/security"
"github.com/glebarez/sqlite"
"gorm.io/gorm"
gormlogger "gorm.io/gorm/logger"
)
var version = "dev"
func main() {
// 子命令分发reset-password
if len(os.Args) > 1 && os.Args[1] == "reset-password" {
runResetPassword(os.Args[2:])
return
}
var configPath string
var showVersion bool
@@ -48,3 +58,58 @@ func main() {
os.Exit(1)
}
}
// runResetPassword 通过 CLI 直接操作 SQLite 重置用户密码,无需完整 app 初始化。
// 用法backupx reset-password --username admin --password newpass123 [--config path]
func runResetPassword(args []string) {
fs := flag.NewFlagSet("reset-password", flag.ExitOnError)
username := fs.String("username", "admin", "要重置密码的用户名")
password := fs.String("password", "", "新密码(至少 8 个字符)")
configPath := fs.String("config", "", "配置文件路径")
if err := fs.Parse(args); err != nil {
os.Exit(1)
}
if *password == "" {
fmt.Fprintln(os.Stderr, "错误:--password 参数为必填项")
fs.Usage()
os.Exit(1)
}
if len(*password) < 8 {
fmt.Fprintln(os.Stderr, "错误:密码长度至少 8 个字符")
os.Exit(1)
}
cfg, err := config.Load(*configPath)
if err != nil {
fmt.Fprintf(os.Stderr, "加载配置失败:%v\n", err)
os.Exit(1)
}
db, err := gorm.Open(sqlite.Open(cfg.Database.Path), &gorm.Config{Logger: gormlogger.Default.LogMode(gormlogger.Silent)})
if err != nil {
fmt.Fprintf(os.Stderr, "打开数据库失败:%v\n", err)
os.Exit(1)
}
var count int64
db.Table("users").Where("username = ?", *username).Count(&count)
if count == 0 {
fmt.Fprintf(os.Stderr, "错误:用户 %q 不存在\n", *username)
os.Exit(1)
}
hash, err := security.HashPassword(*password)
if err != nil {
fmt.Fprintf(os.Stderr, "密码哈希失败:%v\n", err)
os.Exit(1)
}
result := db.Table("users").Where("username = ?", *username).Update("password_hash", hash)
if result.Error != nil {
fmt.Fprintf(os.Stderr, "密码更新失败:%v\n", result.Error)
os.Exit(1)
}
fmt.Printf("用户 %q 密码已重置成功\n", *username)
}

14
server/internal/app/app.go
View File

@@ -95,6 +95,14 @@ func New(ctx context.Context, cfg config.Config, version string) (*Application,
dashboardService := service.NewDashboardService(backupTaskRepo, backupRecordRepo, storageTargetRepo)
settingsService := service.NewSettingsService(systemConfigRepo)
// Audit
auditLogRepo := repository.NewAuditLogRepository(db)
auditService := service.NewAuditService(auditLogRepo)
authService.SetAuditService(auditService)
// Database discovery
databaseDiscoveryService := service.NewDatabaseDiscoveryService(backup.NewOSCommandExecutor())
// Cluster: Node management
nodeRepo := repository.NewNodeRepository(db)
nodeService := service.NewNodeService(nodeRepo)
@@ -115,8 +123,10 @@ func New(ctx context.Context, cfg config.Config, version string) (*Application,
NotificationService: notificationService,
DashboardService: dashboardService,
SettingsService: settingsService,
NodeService: nodeService,
JWTManager: jwtManager,
NodeService: nodeService,
DatabaseDiscoveryService: databaseDiscoveryService,
AuditService: auditService,
JWTManager: jwtManager,
UserRepository: userRepo,
SystemConfigRepo: systemConfigRepo,
})

147
server/internal/backup/file_runner.go
View File

@@ -22,14 +22,23 @@ func (r *FileRunner) Type() string {
}
func (r *FileRunner) Run(_ context.Context, task TaskSpec, writer LogWriter) (*RunResult, error) {
sourcePath := filepath.Clean(strings.TrimSpace(task.SourcePath))
if sourcePath == "" {
// 解析源路径列表:优先 SourcePaths回退 SourcePath
sourcePaths := task.SourcePaths
if len(sourcePaths) == 0 && strings.TrimSpace(task.SourcePath) != "" {
sourcePaths = []string{task.SourcePath}
}
if len(sourcePaths) == 0 {
return nil, fmt.Errorf("source path is required")
}
info, err := os.Stat(sourcePath)
if err != nil {
return nil, fmt.Errorf("stat source path: %w", err)
// 验证所有路径存在
for _, sp := range sourcePaths {
cleaned := filepath.Clean(strings.TrimSpace(sp))
if _, err := os.Stat(cleaned); err != nil {
return nil, fmt.Errorf("stat source path %s: %w", cleaned, err)
}
}
tempDir, artifactPath, err := createTempArtifact(task.TempDir, task.Name, "tar")
if err != nil {
return nil, err
@@ -41,69 +50,88 @@ func (r *FileRunner) Run(_ context.Context, task TaskSpec, writer LogWriter) (*R
defer artifactFile.Close()
tw := tar.NewWriter(artifactFile)
defer tw.Close()
baseParent := filepath.Dir(sourcePath)
excludes := normalizeExcludePatterns(task.ExcludePatterns)
writer.WriteLine(fmt.Sprintf("开始打包文件备份:%s", sourcePath))
fileCount := 0
dirCount := 0
walkErr := filepath.Walk(sourcePath, func(currentPath string, currentInfo os.FileInfo, walkErr error) error {
if walkErr != nil {
writer.WriteLine(fmt.Sprintf("⚠ 无法访问 %s: %v", currentPath, walkErr))
return nil
}
relPath, err := filepath.Rel(baseParent, currentPath)
totalFileCount := 0
totalDirCount := 0
for i, sp := range sourcePaths {
sourcePath := filepath.Clean(strings.TrimSpace(sp))
info, err := os.Stat(sourcePath)
if err != nil {
return err
return nil, fmt.Errorf("stat source path: %w", err)
}
archiveName := filepath.ToSlash(relPath)
if shouldExcludeEntry(archiveName, currentInfo.IsDir(), excludes) {
if currentInfo.IsDir() {
writer.WriteLine(fmt.Sprintf("跳过排除目录 %s", archiveName))
return filepath.SkipDir
baseParent := filepath.Dir(sourcePath)
writer.WriteLine(fmt.Sprintf("开始打包源路径 [%d/%d]: %s", i+1, len(sourcePaths), sourcePath))
fileCount := 0
dirCount := 0
walkErr := filepath.Walk(sourcePath, func(currentPath string, currentInfo os.FileInfo, walkErr error) error {
if walkErr != nil {
writer.WriteLine(fmt.Sprintf("⚠ 无法访问 %s: %v", currentPath, walkErr))
return nil
}
return nil
}
if currentPath == sourcePath && currentInfo.IsDir() {
return nil
}
if currentInfo.IsDir() {
dirCount++
writer.WriteLine(fmt.Sprintf("📁 进入目录 %s", archiveName))
}
header, err := tar.FileInfoHeader(currentInfo, "")
if err != nil {
return err
}
header.Name = archiveName
if err := tw.WriteHeader(header); err != nil {
return err
}
if currentInfo.Mode().IsRegular() {
file, err := os.Open(currentPath)
relPath, err := filepath.Rel(baseParent, currentPath)
if err != nil {
return err
}
defer file.Close()
if _, err := io.CopyN(tw, file, currentInfo.Size()); err != nil && err != io.EOF {
archiveName := filepath.ToSlash(relPath)
if shouldExcludeEntry(archiveName, currentInfo.IsDir(), excludes) {
if currentInfo.IsDir() {
writer.WriteLine(fmt.Sprintf("跳过排除目录 %s", archiveName))
return filepath.SkipDir
}
return nil
}
if currentPath == sourcePath && currentInfo.IsDir() {
return nil
}
if currentInfo.IsDir() {
dirCount++
writer.WriteLine(fmt.Sprintf("📁 进入目录 %s", archiveName))
}
header, err := tar.FileInfoHeader(currentInfo, "")
if err != nil {
return err
}
fileCount++
if fileCount%100 == 0 {
writer.WriteLine(fmt.Sprintf("已打包 %d 个文件...", fileCount))
header.Name = archiveName
if err := tw.WriteHeader(header); err != nil {
return err
}
if currentInfo.Mode().IsRegular() {
file, err := os.Open(currentPath)
if err != nil {
return err
}
defer file.Close()
if _, err := io.CopyN(tw, file, currentInfo.Size()); err != nil && err != io.EOF {
return err
}
fileCount++
if fileCount%100 == 0 {
writer.WriteLine(fmt.Sprintf("已打包 %d 个文件...", fileCount))
}
}
return nil
})
if walkErr != nil {
return nil, fmt.Errorf("walk source path %s: %w", sourcePath, walkErr)
}
return nil
})
if walkErr != nil {
return nil, fmt.Errorf("walk source path: %w", walkErr)
if info.IsDir() {
writer.WriteLine(fmt.Sprintf("源路径 [%d/%d] 打包完成(%d 个目录,%d 个文件)", i+1, len(sourcePaths), dirCount, fileCount))
} else {
writer.WriteLine(fmt.Sprintf("源路径 [%d/%d] 文件打包完成", i+1, len(sourcePaths)))
}
totalFileCount += fileCount
totalDirCount += dirCount
}
if info.IsDir() {
writer.WriteLine(fmt.Sprintf("目录打包完成(%d 个目录,%d 个文件)", dirCount, fileCount))
} else {
writer.WriteLine("文件打包完成")
if len(sourcePaths) > 1 {
writer.WriteLine(fmt.Sprintf("全部源路径打包完成(共 %d 个目录,%d 个文件)", totalDirCount, totalFileCount))
}
return &RunResult{ArtifactPath: artifactPath, FileName: filepath.Base(artifactPath), TempDir: tempDir}, nil
}
@@ -114,7 +142,12 @@ func (r *FileRunner) Restore(_ context.Context, task TaskSpec, artifactPath stri
return fmt.Errorf("open tar artifact: %w", err)
}
defer artifactFile.Close()
targetParent := filepath.Dir(filepath.Clean(strings.TrimSpace(task.SourcePath)))
// 恢复目标:优先取 SourcePaths 的第一个路径的父目录,回退 SourcePath
restoreSource := task.SourcePath
if len(task.SourcePaths) > 0 {
restoreSource = task.SourcePaths[0]
}
targetParent := filepath.Dir(filepath.Clean(strings.TrimSpace(restoreSource)))
if err := os.MkdirAll(targetParent, 0o755); err != nil {
return fmt.Errorf("create restore parent: %w", err)
}

1
server/internal/backup/types.go
View File

@@ -19,6 +19,7 @@ type TaskSpec struct {
Name string
Type string
SourcePath string
SourcePaths []string
ExcludePatterns []string
Database DatabaseSpec
StorageTargetID uint

9
server/internal/database/database.go
View File

@@ -23,10 +23,17 @@ func Open(cfg config.DatabaseConfig, logger *zap.Logger) (*gorm.DB, error) {
return nil, fmt.Errorf("open sqlite: %w", err)
}
if err := db.AutoMigrate(&model.User{}, &model.SystemConfig{}, &model.StorageTarget{}, &model.OAuthSession{}, &model.BackupTask{}, &model.BackupRecord{}, &model.Notification{}, &model.Node{}); err != nil {
if err := db.AutoMigrate(&model.User{}, &model.SystemConfig{}, &model.StorageTarget{}, &model.OAuthSession{}, &model.BackupTask{}, &model.BackupRecord{}, &model.Notification{}, &model.Node{}, &model.BackupTaskStorageTarget{}, &model.AuditLog{}); err != nil {
return nil, fmt.Errorf("migrate schema: %w", err)
}
// 一次性数据迁移:从 backup_tasks.storage_target_id 回填到多对多中间表
var count int64
db.Model(&model.BackupTaskStorageTarget{}).Count(&count)
if count == 0 {
db.Exec("INSERT INTO backup_task_storage_targets (backup_task_id, storage_target_id) SELECT id, storage_target_id FROM backup_tasks WHERE storage_target_id > 0")
}
logger.Info("database initialized", zap.String("path", cfg.Path))
return db, nil
}

40
server/internal/http/audit_handler.go Normal file
View File

@@ -0,0 +1,40 @@
package http
import (
"strconv"
"strings"
"backupx/server/internal/service"
"backupx/server/pkg/response"
"github.com/gin-gonic/gin"
)
type AuditHandler struct {
auditService *service.AuditService
}
func NewAuditHandler(auditService *service.AuditService) *AuditHandler {
return &AuditHandler{auditService: auditService}
}
func (h *AuditHandler) List(c *gin.Context) {
category := strings.TrimSpace(c.Query("category"))
limit := 50
offset := 0
if v := strings.TrimSpace(c.Query("limit")); v != "" {
if parsed, err := strconv.Atoi(v); err == nil && parsed > 0 {
limit = parsed
}
}
if v := strings.TrimSpace(c.Query("offset")); v != "" {
if parsed, err := strconv.Atoi(v); err == nil && parsed >= 0 {
offset = parsed
}
}
result, err := h.auditService.List(c.Request.Context(), category, limit, offset)
if err != nil {
response.Error(c, err)
return
}
response.Success(c, result)
}

29
server/internal/http/audit_helpers.go Normal file
View File

@@ -0,0 +1,29 @@
package http
import (
"fmt"
"backupx/server/internal/service"
"github.com/gin-gonic/gin"
)
// recordAudit 从 gin context 中提取用户信息并记录审计日志nil 安全)
func recordAudit(c *gin.Context, auditService *service.AuditService, category, action, targetType, targetID, targetName, detail string) {
if auditService == nil {
return
}
username := ""
if subject, exists := c.Get(contextUserSubjectKey); exists {
username = fmt.Sprintf("%v", subject)
}
auditService.Record(service.AuditEntry{
Username: username,
Category: category,
Action: action,
TargetType: targetType,
TargetID: targetID,
TargetName: targetName,
Detail: detail,
ClientIP: c.ClientIP(),
})
}

9
server/internal/http/backup_record_handler.go
View File

@@ -16,11 +16,12 @@ import (
)
type BackupRecordHandler struct {
service *service.BackupRecordService
service *service.BackupRecordService
auditService *service.AuditService
}
func NewBackupRecordHandler(recordService *service.BackupRecordService) *BackupRecordHandler {
return &BackupRecordHandler{service: recordService}
func NewBackupRecordHandler(recordService *service.BackupRecordService, auditService *service.AuditService) *BackupRecordHandler {
return &BackupRecordHandler{service: recordService, auditService: auditService}
}
func (h *BackupRecordHandler) List(c *gin.Context) {
@@ -129,6 +130,7 @@ func (h *BackupRecordHandler) Restore(c *gin.Context) {
response.Error(c, err)
return
}
recordAudit(c, h.auditService, "backup_record", "restore", "backup_record", fmt.Sprintf("%d", id), "", "")
response.Success(c, gin.H{"restored": true})
}
@@ -141,6 +143,7 @@ func (h *BackupRecordHandler) Delete(c *gin.Context) {
response.Error(c, err)
return
}
recordAudit(c, h.auditService, "backup_record", "delete", "backup_record", fmt.Sprintf("%d", id), "", "")
response.Success(c, gin.H{"deleted": true})
}

10
server/internal/http/backup_run_handler.go
View File

@@ -1,17 +1,20 @@
package http
import (
"fmt"
"backupx/server/internal/service"
"backupx/server/pkg/response"
"github.com/gin-gonic/gin"
)
type BackupRunHandler struct {
service *service.BackupExecutionService
service *service.BackupExecutionService
auditService *service.AuditService
}
func NewBackupRunHandler(executionService *service.BackupExecutionService) *BackupRunHandler {
return &BackupRunHandler{service: executionService}
func NewBackupRunHandler(executionService *service.BackupExecutionService, auditService *service.AuditService) *BackupRunHandler {
return &BackupRunHandler{service: executionService, auditService: auditService}
}
func (h *BackupRunHandler) Run(c *gin.Context) {
@@ -24,5 +27,6 @@ func (h *BackupRunHandler) Run(c *gin.Context) {
response.Error(c, err)
return
}
recordAudit(c, h.auditService, "backup_task", "run", "backup_task", fmt.Sprintf("%d", id), "", "手动触发备份")
response.Success(c, record)
}

17
server/internal/http/backup_task_handler.go
View File

@@ -1,6 +1,8 @@
package http
import (
"fmt"
"backupx/server/internal/apperror"
"backupx/server/internal/service"
"backupx/server/pkg/response"
@@ -8,11 +10,12 @@ import (
)
type BackupTaskHandler struct {
service *service.BackupTaskService
service *service.BackupTaskService
auditService *service.AuditService
}
func NewBackupTaskHandler(taskService *service.BackupTaskService) *BackupTaskHandler {
return &BackupTaskHandler{service: taskService}
func NewBackupTaskHandler(taskService *service.BackupTaskService, auditService *service.AuditService) *BackupTaskHandler {
return &BackupTaskHandler{service: taskService, auditService: auditService}
}
func (h *BackupTaskHandler) List(c *gin.Context) {
@@ -48,6 +51,7 @@ func (h *BackupTaskHandler) Create(c *gin.Context) {
response.Error(c, err)
return
}
recordAudit(c, h.auditService, "backup_task", "create", "backup_task", fmt.Sprintf("%d", item.ID), item.Name, "")
response.Success(c, item)
}
@@ -66,6 +70,7 @@ func (h *BackupTaskHandler) Update(c *gin.Context) {
response.Error(c, err)
return
}
recordAudit(c, h.auditService, "backup_task", "update", "backup_task", fmt.Sprintf("%d", item.ID), item.Name, "")
response.Success(c, item)
}
@@ -78,6 +83,7 @@ func (h *BackupTaskHandler) Delete(c *gin.Context) {
response.Error(c, err)
return
}
recordAudit(c, h.auditService, "backup_task", "delete", "backup_task", fmt.Sprintf("%d", id), "", "")
response.Success(c, gin.H{"deleted": true})
}
@@ -105,5 +111,10 @@ func (h *BackupTaskHandler) Toggle(c *gin.Context) {
response.Error(c, err)
return
}
action := "enable"
if !enabled {
action = "disable"
}
recordAudit(c, h.auditService, "backup_task", action, "backup_task", fmt.Sprintf("%d", id), item.Name, "")
response.Success(c, item)
}

30
server/internal/http/database_handler.go Normal file
View File

@@ -0,0 +1,30 @@
package http
import (
"backupx/server/internal/apperror"
"backupx/server/internal/service"
"backupx/server/pkg/response"
"github.com/gin-gonic/gin"
)
type DatabaseHandler struct {
service *service.DatabaseDiscoveryService
}
func NewDatabaseHandler(service *service.DatabaseDiscoveryService) *DatabaseHandler {
return &DatabaseHandler{service: service}
}
func (h *DatabaseHandler) Discover(c *gin.Context) {
var input service.DatabaseDiscoverInput
if err := c.ShouldBindJSON(&input); err != nil {
response.Error(c, apperror.BadRequest("DATABASE_DISCOVER_INVALID", "数据库发现参数不合法", err))
return
}
result, err := h.service.Discover(c.Request.Context(), input)
if err != nil {
response.Error(c, err)
return
}
response.Success(c, result)
}

57
server/internal/http/router.go
View File

@@ -15,22 +15,24 @@ import (
)
type RouterDependencies struct {
Config config.Config
Version string
Logger *zap.Logger
AuthService *service.AuthService
SystemService *service.SystemService
StorageTargetService *service.StorageTargetService
BackupTaskService *service.BackupTaskService
BackupExecutionService *service.BackupExecutionService
BackupRecordService *service.BackupRecordService
NotificationService *service.NotificationService
DashboardService *service.DashboardService
SettingsService *service.SettingsService
NodeService *service.NodeService
JWTManager *security.JWTManager
UserRepository repository.UserRepository
SystemConfigRepo repository.SystemConfigRepository
Config config.Config
Version string
Logger *zap.Logger
AuthService *service.AuthService
SystemService *service.SystemService
StorageTargetService *service.StorageTargetService
BackupTaskService *service.BackupTaskService
BackupExecutionService *service.BackupExecutionService
BackupRecordService *service.BackupRecordService
NotificationService *service.NotificationService
DashboardService *service.DashboardService
SettingsService *service.SettingsService
NodeService *service.NodeService
DatabaseDiscoveryService *service.DatabaseDiscoveryService
AuditService *service.AuditService
JWTManager *security.JWTManager
UserRepository repository.UserRepository
SystemConfigRepo repository.SystemConfigRepository
}
func NewRouter(deps RouterDependencies) *gin.Engine {
@@ -42,13 +44,14 @@ func NewRouter(deps RouterDependencies) *gin.Engine {
authHandler := NewAuthHandler(deps.AuthService)
systemHandler := NewSystemHandler(deps.SystemService)
storageTargetHandler := NewStorageTargetHandler(deps.StorageTargetService)
backupTaskHandler := NewBackupTaskHandler(deps.BackupTaskService)
backupRunHandler := NewBackupRunHandler(deps.BackupExecutionService)
backupRecordHandler := NewBackupRecordHandler(deps.BackupRecordService)
storageTargetHandler := NewStorageTargetHandler(deps.StorageTargetService, deps.AuditService)
backupTaskHandler := NewBackupTaskHandler(deps.BackupTaskService, deps.AuditService)
backupRunHandler := NewBackupRunHandler(deps.BackupExecutionService, deps.AuditService)
backupRecordHandler := NewBackupRecordHandler(deps.BackupRecordService, deps.AuditService)
notificationHandler := NewNotificationHandler(deps.NotificationService)
dashboardHandler := NewDashboardHandler(deps.DashboardService)
settingsHandler := NewSettingsHandler(deps.SettingsService)
settingsHandler := NewSettingsHandler(deps.SettingsService, deps.AuditService)
auditHandler := NewAuditHandler(deps.AuditService)
api := engine.Group("/api")
{
@@ -73,6 +76,7 @@ func NewRouter(deps RouterDependencies) *gin.Engine {
storageTargets.POST("", storageTargetHandler.Create)
storageTargets.PUT("/:id", storageTargetHandler.Update)
storageTargets.DELETE("/:id", storageTargetHandler.Delete)
storageTargets.PUT("/:id/star", storageTargetHandler.ToggleStar)
storageTargets.POST("/test", storageTargetHandler.TestConnection)
storageTargets.POST("/:id/test", storageTargetHandler.TestSavedConnection)
storageTargets.GET("/:id/usage", storageTargetHandler.GetUsage)
@@ -119,6 +123,17 @@ func NewRouter(deps RouterDependencies) *gin.Engine {
settings.GET("", settingsHandler.Get)
settings.PUT("", settingsHandler.Update)
auditLogs := api.Group("/audit-logs")
auditLogs.Use(AuthMiddleware(deps.JWTManager))
auditLogs.GET("", auditHandler.List)
if deps.DatabaseDiscoveryService != nil {
databaseHandler := NewDatabaseHandler(deps.DatabaseDiscoveryService)
database := api.Group("/database")
database.Use(AuthMiddleware(deps.JWTManager))
database.POST("/discover", databaseHandler.Discover)
}
nodeHandler := NewNodeHandler(deps.NodeService)
nodes := api.Group("/nodes")
nodes.Use(AuthMiddleware(deps.JWTManager))

6
server/internal/http/settings_handler.go
View File

@@ -9,10 +9,11 @@ import (
type SettingsHandler struct {
settingsService *service.SettingsService
auditService *service.AuditService
}
func NewSettingsHandler(settingsService *service.SettingsService) *SettingsHandler {
return &SettingsHandler{settingsService: settingsService}
func NewSettingsHandler(settingsService *service.SettingsService, auditService *service.AuditService) *SettingsHandler {
return &SettingsHandler{settingsService: settingsService, auditService: auditService}
}
func (h *SettingsHandler) Get(c *gin.Context) {
@@ -35,5 +36,6 @@ func (h *SettingsHandler) Update(c *gin.Context) {
response.Error(c, err)
return
}
recordAudit(c, h.auditService, "settings", "update", "settings", "", "", "")
response.Success(c, settings)
}

23
server/internal/http/storage_target_handler.go
View File

@@ -12,7 +12,8 @@ import (
)
type StorageTargetHandler struct {
service *service.StorageTargetService
service *service.StorageTargetService
auditService *service.AuditService
}
type storageTargetGoogleDriveAuthRequest struct {
@@ -27,8 +28,8 @@ type storageTargetGoogleDriveAuthRequest struct {
FolderID string `json:"folderId"`
}
func NewStorageTargetHandler(service *service.StorageTargetService) *StorageTargetHandler {
return &StorageTargetHandler{service: service}
func NewStorageTargetHandler(service *service.StorageTargetService, auditService *service.AuditService) *StorageTargetHandler {
return &StorageTargetHandler{service: service, auditService: auditService}
}
func (h *StorageTargetHandler) List(c *gin.Context) {
@@ -64,6 +65,7 @@ func (h *StorageTargetHandler) Create(c *gin.Context) {
response.Error(c, err)
return
}
recordAudit(c, h.auditService, "storage_target", "create", "storage_target", fmt.Sprintf("%d", item.ID), item.Name, "")
response.Success(c, item)
}
@@ -82,6 +84,7 @@ func (h *StorageTargetHandler) Update(c *gin.Context) {
response.Error(c, err)
return
}
recordAudit(c, h.auditService, "storage_target", "update", "storage_target", fmt.Sprintf("%d", item.ID), item.Name, "")
response.Success(c, item)
}
@@ -94,6 +97,7 @@ func (h *StorageTargetHandler) Delete(c *gin.Context) {
response.Error(c, err)
return
}
recordAudit(c, h.auditService, "storage_target", "delete", "storage_target", fmt.Sprintf("%d", id), "", "")
response.Success(c, gin.H{"deleted": true})
}
@@ -230,6 +234,19 @@ func firstNonEmpty(values ...string) string {
return ""
}
func (h *StorageTargetHandler) ToggleStar(c *gin.Context) {
id, ok := parseUintParam(c, "id")
if !ok {
return
}
item, err := h.service.ToggleStar(c.Request.Context(), id)
if err != nil {
response.Error(c, err)
return
}
response.Success(c, item)
}
func (h *StorageTargetHandler) GetUsage(c *gin.Context) {
id, ok := parseUintParam(c, "id")
if !ok {

21
server/internal/model/audit_log.go Normal file
View File

@@ -0,0 +1,21 @@
package model
import "time"
type AuditLog struct {
ID uint `gorm:"primaryKey" json:"id"`
UserID uint `gorm:"column:user_id;index" json:"userId"`
Username string `gorm:"column:username;size:64;not null" json:"username"`
Category string `gorm:"column:category;size:32;index;not null" json:"category"`
Action string `gorm:"column:action;size:64;not null" json:"action"`
TargetType string `gorm:"column:target_type;size:32" json:"targetType"`
TargetID string `gorm:"column:target_id;size:64" json:"targetId"`
TargetName string `gorm:"column:target_name;size:128" json:"targetName"`
Detail string `gorm:"column:detail;type:text" json:"detail"`
ClientIP string `gorm:"column:client_ip;size:45" json:"clientIp"`
CreatedAt time.Time `gorm:"index" json:"createdAt"`
}
func (AuditLog) TableName() string {
return "audit_logs"
}

34
server/internal/model/backup_record.go
View File

@@ -9,22 +9,24 @@ const (
)
type BackupRecord struct {
ID uint `gorm:"primaryKey" json:"id"`
TaskID uint `gorm:"column:task_id;index;not null" json:"taskId"`
Task BackupTask `json:"task,omitempty"`
StorageTargetID uint `gorm:"column:storage_target_id;index;not null" json:"storageTargetId"`
StorageTarget StorageTarget `json:"storageTarget,omitempty"`
Status string `gorm:"size:20;index;not null" json:"status"`
FileName string `gorm:"column:file_name;size:255" json:"fileName"`
FileSize int64 `gorm:"column:file_size;not null;default:0" json:"fileSize"`
StoragePath string `gorm:"column:storage_path;size:500" json:"storagePath"`
DurationSeconds int `gorm:"column:duration_seconds;not null;default:0" json:"durationSeconds"`
ErrorMessage string `gorm:"column:error_message;size:2000" json:"errorMessage"`
LogContent string `gorm:"column:log_content;type:text" json:"logContent"`
StartedAt time.Time `gorm:"column:started_at;index;not null" json:"startedAt"`
CompletedAt *time.Time `gorm:"column:completed_at;index" json:"completedAt,omitempty"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
ID uint `gorm:"primaryKey" json:"id"`
TaskID uint `gorm:"column:task_id;index;not null" json:"taskId"`
Task BackupTask `json:"task,omitempty"`
StorageTargetID uint `gorm:"column:storage_target_id;index;not null" json:"storageTargetId"`
StorageTarget StorageTarget `json:"storageTarget,omitempty"`
Status string `gorm:"size:20;index;not null" json:"status"`
FileName string `gorm:"column:file_name;size:255" json:"fileName"`
FileSize int64 `gorm:"column:file_size;not null;default:0" json:"fileSize"`
Checksum string `gorm:"column:checksum;size:64" json:"checksum"`
StoragePath string `gorm:"column:storage_path;size:500" json:"storagePath"`
StorageUploadResults string `gorm:"column:storage_upload_results;type:text" json:"-"`
DurationSeconds int `gorm:"column:duration_seconds;not null;default:0" json:"durationSeconds"`
ErrorMessage string `gorm:"column:error_message;size:2000" json:"errorMessage"`
LogContent string `gorm:"column:log_content;type:text" json:"logContent"`
StartedAt time.Time `gorm:"column:started_at;index;not null" json:"startedAt"`
CompletedAt *time.Time `gorm:"column:completed_at;index" json:"completedAt,omitempty"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
}
func (BackupRecord) TableName() string {

64
server/internal/model/backup_task.go
View File

@@ -17,34 +17,46 @@ const (
)
type BackupTask struct {
ID uint `gorm:"primaryKey" json:"id"`
Name string `gorm:"size:100;uniqueIndex;not null" json:"name"`
Type string `gorm:"size:20;index;not null" json:"type"`
Enabled bool `gorm:"not null;default:true" json:"enabled"`
CronExpr string `gorm:"column:cron_expr;size:64" json:"cronExpr"`
SourcePath string `gorm:"column:source_path;size:500" json:"sourcePath"`
ExcludePatterns string `gorm:"column:exclude_patterns;type:text" json:"excludePatterns"`
DBHost string `gorm:"column:db_host;size:255" json:"dbHost"`
DBPort int `gorm:"column:db_port" json:"dbPort"`
DBUser string `gorm:"column:db_user;size:100" json:"dbUser"`
DBPasswordCiphertext string `gorm:"column:db_password_ciphertext;type:text" json:"-"`
DBName string `gorm:"column:db_name;size:255" json:"dbName"`
DBPath string `gorm:"column:db_path;size:500" json:"dbPath"`
StorageTargetID uint `gorm:"column:storage_target_id;index;not null" json:"storageTargetId"`
StorageTarget StorageTarget `json:"storageTarget,omitempty"`
NodeID uint `gorm:"column:node_id;index;default:0" json:"nodeId"`
Node Node `json:"node,omitempty"`
Tags string `gorm:"column:tags;size:500" json:"tags"`
RetentionDays int `gorm:"column:retention_days;not null;default:30" json:"retentionDays"`
Compression string `gorm:"size:10;not null;default:'gzip'" json:"compression"`
Encrypt bool `gorm:"not null;default:false" json:"encrypt"`
MaxBackups int `gorm:"column:max_backups;not null;default:10" json:"maxBackups"`
LastRunAt *time.Time `gorm:"column:last_run_at" json:"lastRunAt,omitempty"`
LastStatus string `gorm:"column:last_status;size:20;not null;default:'idle'" json:"lastStatus"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
ID uint `gorm:"primaryKey" json:"id"`
Name string `gorm:"size:100;uniqueIndex;not null" json:"name"`
Type string `gorm:"size:20;index;not null" json:"type"`
Enabled bool `gorm:"not null;default:true" json:"enabled"`
CronExpr string `gorm:"column:cron_expr;size:64" json:"cronExpr"`
SourcePath string `gorm:"column:source_path;size:500" json:"sourcePath"`
SourcePaths string `gorm:"column:source_paths;type:text" json:"sourcePaths"`
ExcludePatterns string `gorm:"column:exclude_patterns;type:text" json:"excludePatterns"`
DBHost string `gorm:"column:db_host;size:255" json:"dbHost"`
DBPort int `gorm:"column:db_port" json:"dbPort"`
DBUser string `gorm:"column:db_user;size:100" json:"dbUser"`
DBPasswordCiphertext string `gorm:"column:db_password_ciphertext;type:text" json:"-"`
DBName string `gorm:"column:db_name;size:255" json:"dbName"`
DBPath string `gorm:"column:db_path;size:500" json:"dbPath"`
StorageTargetID uint `gorm:"column:storage_target_id;index;not null" json:"storageTargetId"` // deprecated: 保留兼容
StorageTarget StorageTarget `json:"storageTarget,omitempty"` // deprecated: 保留兼容
StorageTargets []StorageTarget `gorm:"many2many:backup_task_storage_targets" json:"storageTargets,omitempty"`
NodeID uint `gorm:"column:node_id;index;default:0" json:"nodeId"`
Node Node `json:"node,omitempty"`
Tags string `gorm:"column:tags;size:500" json:"tags"`
RetentionDays int `gorm:"column:retention_days;not null;default:30" json:"retentionDays"`
Compression string `gorm:"size:10;not null;default:'gzip'" json:"compression"`
Encrypt bool `gorm:"not null;default:false" json:"encrypt"`
MaxBackups int `gorm:"column:max_backups;not null;default:10" json:"maxBackups"`
LastRunAt *time.Time `gorm:"column:last_run_at" json:"lastRunAt,omitempty"`
LastStatus string `gorm:"column:last_status;size:20;not null;default:'idle'" json:"lastStatus"`
CreatedAt time.Time `json:"createdAt"`
UpdatedAt time.Time `json:"updatedAt"`
}
func (BackupTask) TableName() string {
return "backup_tasks"
}
// BackupTaskStorageTarget 多对多中间表
type BackupTaskStorageTarget struct {
BackupTaskID uint `gorm:"primaryKey;column:backup_task_id"`
StorageTargetID uint `gorm:"primaryKey;column:storage_target_id"`
}
func (BackupTaskStorageTarget) TableName() string {
return "backup_task_storage_targets"
}

1
server/internal/model/storage_target.go
View File

@@ -8,6 +8,7 @@ type StorageTarget struct {
Type string `gorm:"size:32;index;not null" json:"type"`
Description string `gorm:"size:255" json:"description"`
Enabled bool `gorm:"not null;default:true" json:"enabled"`
Starred bool `gorm:"not null;default:false" json:"starred"`
ConfigCiphertext string `gorm:"column:config_ciphertext;type:text;not null" json:"-"`
ConfigVersion int `gorm:"not null;default:1" json:"configVersion"`
LastTestedAt *time.Time `gorm:"column:last_tested_at" json:"lastTestedAt,omitempty"`

56
server/internal/repository/audit_log_repository.go Normal file
View File

@@ -0,0 +1,56 @@
package repository
import (
"context"
"backupx/server/internal/model"
"gorm.io/gorm"
)
type AuditLogListOptions struct {
Category string
Limit int
Offset int
}
type AuditLogListResult struct {
Items []model.AuditLog `json:"items"`
Total int64 `json:"total"`
}
type AuditLogRepository interface {
Create(ctx context.Context, log *model.AuditLog) error
List(ctx context.Context, opts AuditLogListOptions) (*AuditLogListResult, error)
}
type gormAuditLogRepository struct {
db *gorm.DB
}
func NewAuditLogRepository(db *gorm.DB) AuditLogRepository {
return &gormAuditLogRepository{db: db}
}
func (r *gormAuditLogRepository) Create(_ context.Context, log *model.AuditLog) error {
return r.db.Create(log).Error
}
func (r *gormAuditLogRepository) List(_ context.Context, opts AuditLogListOptions) (*AuditLogListResult, error) {
query := r.db.Model(&model.AuditLog{})
if opts.Category != "" {
query = query.Where("category = ?", opts.Category)
}
var total int64
if err := query.Count(&total).Error; err != nil {
return nil, err
}
limit := opts.Limit
if limit <= 0 {
limit = 50
}
var items []model.AuditLog
if err := query.Order("created_at DESC").Offset(opts.Offset).Limit(limit).Find(&items).Error; err != nil {
return nil, err
}
return &AuditLogListResult{Items: items, Total: total}, nil
}

33
server/internal/repository/backup_task_repository.go
View File

@@ -35,7 +35,7 @@ func NewBackupTaskRepository(db *gorm.DB) *GormBackupTaskRepository {
}
func (r *GormBackupTaskRepository) List(ctx context.Context, options BackupTaskListOptions) ([]model.BackupTask, error) {
query := r.db.WithContext(ctx).Model(&model.BackupTask{}).Preload("StorageTarget").Order("updated_at desc")
query := r.db.WithContext(ctx).Model(&model.BackupTask{}).Preload("StorageTarget").Preload("StorageTargets").Order("updated_at desc")
if options.Type != "" {
query = query.Where("type = ?", options.Type)
}
@@ -51,7 +51,7 @@ func (r *GormBackupTaskRepository) List(ctx context.Context, options BackupTaskL
func (r *GormBackupTaskRepository) FindByID(ctx context.Context, id uint) (*model.BackupTask, error) {
var item model.BackupTask
if err := r.db.WithContext(ctx).Preload("StorageTarget").First(&item, id).Error; err != nil {
if err := r.db.WithContext(ctx).Preload("StorageTarget").Preload("StorageTargets").First(&item, id).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return nil, nil
}
@@ -73,7 +73,7 @@ func (r *GormBackupTaskRepository) FindByName(ctx context.Context, name string)
func (r *GormBackupTaskRepository) ListSchedulable(ctx context.Context) ([]model.BackupTask, error) {
var items []model.BackupTask
if err := r.db.WithContext(ctx).Preload("StorageTarget").Where("enabled = ? AND cron_expr <> ''", true).Order("id asc").Find(&items).Error; err != nil {
if err := r.db.WithContext(ctx).Preload("StorageTarget").Preload("StorageTargets").Where("enabled = ? AND cron_expr <> ''", true).Order("id asc").Find(&items).Error; err != nil {
return nil, err
}
return items, nil
@@ -97,18 +97,39 @@ func (r *GormBackupTaskRepository) CountEnabled(ctx context.Context) (int64, err
func (r *GormBackupTaskRepository) CountByStorageTargetID(ctx context.Context, storageTargetID uint) (int64, error) {
var count int64
if err := r.db.WithContext(ctx).Model(&model.BackupTask{}).Where("storage_target_id = ?", storageTargetID).Count(&count).Error; err != nil {
if err := r.db.WithContext(ctx).Model(&model.BackupTaskStorageTarget{}).Where("storage_target_id = ?", storageTargetID).Count(&count).Error; err != nil {
return 0, err
}
return count, nil
}
func (r *GormBackupTaskRepository) Create(ctx context.Context, item *model.BackupTask) error {
return r.db.WithContext(ctx).Create(item).Error
if err := r.db.WithContext(ctx).Create(item).Error; err != nil {
return err
}
return r.syncStorageTargets(ctx, item)
}
func (r *GormBackupTaskRepository) Update(ctx context.Context, item *model.BackupTask) error {
return r.db.WithContext(ctx).Save(item).Error
if err := r.db.WithContext(ctx).Save(item).Error; err != nil {
return err
}
if len(item.StorageTargets) > 0 {
return r.db.WithContext(ctx).Model(item).Association("StorageTargets").Replace(item.StorageTargets)
}
return nil
}
// syncStorageTargets 确保中间表数据一致:优先使用 StorageTargets回退到 StorageTargetID
func (r *GormBackupTaskRepository) syncStorageTargets(ctx context.Context, item *model.BackupTask) error {
targets := item.StorageTargets
if len(targets) == 0 && item.StorageTargetID > 0 {
targets = []model.StorageTarget{{ID: item.StorageTargetID}}
}
if len(targets) > 0 {
return r.db.WithContext(ctx).Model(item).Association("StorageTargets").Replace(targets)
}
return nil
}
func (r *GormBackupTaskRepository) Delete(ctx context.Context, id uint) error {

2
server/internal/repository/storage_target_repository.go
View File

@@ -27,7 +27,7 @@ func NewStorageTargetRepository(db *gorm.DB) *GormStorageTargetRepository {
func (r *GormStorageTargetRepository) List(ctx context.Context) ([]model.StorageTarget, error) {
var items []model.StorageTarget
if err := r.db.WithContext(ctx).Order("updated_at desc").Find(&items).Error; err != nil {
if err := r.db.WithContext(ctx).Order("starred desc, updated_at desc").Find(&items).Error; err != nil {
return nil, err
}
return items, nil

68
server/internal/service/audit_service.go Normal file
View File

@@ -0,0 +1,68 @@
package service
import (
"context"
"fmt"
"log"
"backupx/server/internal/apperror"
"backupx/server/internal/model"
"backupx/server/internal/repository"
)
// AuditEntry 是记录审计日志的输入结构
type AuditEntry struct {
UserID uint
Username string
Category string // auth / storage_target / backup_task / backup_record / settings
Action string // create / update / delete / login_success / login_failed / ...
TargetType string
TargetID string
TargetName string
Detail string
ClientIP string
}
type AuditService struct {
repo repository.AuditLogRepository
}
func NewAuditService(repo repository.AuditLogRepository) *AuditService {
return &AuditService{repo: repo}
}
// Record 异步 fire-and-forget 写入审计日志,不阻塞业务逻辑
func (s *AuditService) Record(entry AuditEntry) {
if s == nil || s.repo == nil {
return
}
go func() {
record := &model.AuditLog{
UserID: entry.UserID,
Username: entry.Username,
Category: entry.Category,
Action: entry.Action,
TargetType: entry.TargetType,
TargetID: entry.TargetID,
TargetName: entry.TargetName,
Detail: entry.Detail,
ClientIP: entry.ClientIP,
}
if err := s.repo.Create(context.Background(), record); err != nil {
log.Printf("[audit] failed to write audit log: %v", err)
}
}()
}
// List 分页查询审计日志
func (s *AuditService) List(ctx context.Context, category string, limit, offset int) (*repository.AuditLogListResult, error) {
result, err := s.repo.List(ctx, repository.AuditLogListOptions{
Category: category,
Limit: limit,
Offset: offset,
})
if err != nil {
return nil, apperror.Internal("AUDIT_LOG_LIST_FAILED", fmt.Sprintf("无法获取审计日志列表: %v", err), err)
}
return result, nil
}

54
server/internal/service/auth_service.go
View File

@@ -37,10 +37,11 @@ type UserOutput struct {
}
type AuthService struct {
users repository.UserRepository
configs repository.SystemConfigRepository
jwtManager *security.JWTManager
rateLimiter *security.LoginRateLimiter
users repository.UserRepository
configs repository.SystemConfigRepository
jwtManager *security.JWTManager
rateLimiter *security.LoginRateLimiter
auditService *AuditService
}
func NewAuthService(
@@ -52,6 +53,10 @@ func NewAuthService(
return &AuthService{users: users, configs: configs, jwtManager: jwtManager, rateLimiter: rateLimiter}
}
func (s *AuthService) SetAuditService(auditService *AuditService) {
s.auditService = auditService
}
func (s *AuthService) SetupStatus(ctx context.Context) (bool, error) {
count, err := s.users.Count(ctx)
if err != nil {
@@ -97,6 +102,15 @@ func (s *AuthService) Setup(ctx context.Context, input SetupInput) (*AuthPayload
return nil, apperror.Internal("AUTH_TOKEN_FAILED", "无法生成访问令牌", err)
}
if s.auditService != nil {
s.auditService.Record(AuditEntry{
UserID: user.ID, Username: user.Username,
Category: "auth", Action: "setup",
TargetType: "user", TargetID: fmt.Sprintf("%d", user.ID), TargetName: user.Username,
Detail: "系统初始化,创建管理员账户",
})
}
return &AuthPayload{Token: token, User: ToUserOutput(user)}, nil
}
@@ -113,9 +127,23 @@ func (s *AuthService) Login(ctx context.Context, input LoginInput, clientKey str
return nil, apperror.Internal("AUTH_LOOKUP_FAILED", "无法执行登录校验", err)
}
if user == nil {
if s.auditService != nil {
s.auditService.Record(AuditEntry{
Category: "auth", Action: "login_failed",
Detail: fmt.Sprintf("用户名不存在: %s", strings.TrimSpace(input.Username)),
ClientIP: clientKey,
})
}
return nil, apperror.Unauthorized("AUTH_INVALID_CREDENTIALS", "用户名或密码错误", nil)
}
if err := security.ComparePassword(user.PasswordHash, input.Password); err != nil {
if s.auditService != nil {
s.auditService.Record(AuditEntry{
UserID: user.ID, Username: user.Username,
Category: "auth", Action: "login_failed",
Detail: "密码错误", ClientIP: clientKey,
})
}
return nil, apperror.Unauthorized("AUTH_INVALID_CREDENTIALS", "用户名或密码错误", err)
}
@@ -124,6 +152,15 @@ func (s *AuthService) Login(ctx context.Context, input LoginInput, clientKey str
if err != nil {
return nil, apperror.Internal("AUTH_TOKEN_FAILED", "无法生成访问令牌", err)
}
if s.auditService != nil {
s.auditService.Record(AuditEntry{
UserID: user.ID, Username: user.Username,
Category: "auth", Action: "login_success",
Detail: "登录成功", ClientIP: clientKey,
})
}
return &AuthPayload{Token: token, User: ToUserOutput(user)}, nil
}
@@ -170,6 +207,15 @@ func (s *AuthService) ChangePassword(ctx context.Context, subject string, input
if err := s.users.Update(ctx, user); err != nil {
return apperror.Internal("AUTH_UPDATE_FAILED", "密码修改失败", err)
}
if s.auditService != nil {
s.auditService.Record(AuditEntry{
UserID: user.ID, Username: user.Username,
Category: "auth", Action: "change_password",
Detail: "密码修改成功",
})
}
return nil
}

194
server/internal/service/backup_execution_service.go
View File

@@ -2,12 +2,16 @@ package service
import (
"context"
"crypto/sha256"
"encoding/hex"
"encoding/json"
"fmt"
"hash"
"io"
"os"
"path/filepath"
"strings"
"sync"
"time"
"backupx/server/internal/apperror"
@@ -37,11 +41,35 @@ func (noopBackupNotifier) NotifyBackupResult(context.Context, BackupExecutionNot
return nil
}
type StorageUploadResultItem struct {
StorageTargetID uint `json:"storageTargetId"`
StorageTargetName string `json:"storageTargetName"`
Status string `json:"status"`
StoragePath string `json:"storagePath,omitempty"`
FileSize int64 `json:"fileSize,omitempty"`
Error string `json:"error,omitempty"`
}
type DownloadedArtifact struct {
FileName string
Reader io.ReadCloser
}
// collectTargetIDs 获取任务关联的所有存储目标 ID
func collectTargetIDs(task *model.BackupTask) []uint {
if len(task.StorageTargets) > 0 {
ids := make([]uint, len(task.StorageTargets))
for i, t := range task.StorageTargets {
ids[i] = t.ID
}
return ids
}
if task.StorageTargetID > 0 {
return []uint{task.StorageTargetID}
}
return nil
}
type BackupExecutionService struct {
tasks repository.BackupTaskRepository
records repository.BackupRecordRepository
@@ -194,7 +222,12 @@ func (s *BackupExecutionService) startTask(ctx context.Context, id uint, async b
return nil, apperror.New(404, "BACKUP_TASK_NOT_FOUND", "备份任务不存在", fmt.Errorf("backup task %d not found", id))
}
startedAt := s.now()
record := &model.BackupRecord{TaskID: task.ID, StorageTargetID: task.StorageTargetID, Status: "running", StartedAt: startedAt}
// 取第一个存储目标 ID 做兼容
primaryTargetID := task.StorageTargetID
if tids := collectTargetIDs(task); len(tids) > 0 {
primaryTargetID = tids[0]
}
record := &model.BackupRecord{TaskID: task.ID, StorageTargetID: primaryTargetID, Status: "running", StartedAt: startedAt}
if err := s.records.Create(ctx, record); err != nil {
return nil, apperror.Internal("BACKUP_RECORD_CREATE_FAILED", "无法创建备份记录", err)
}
@@ -223,11 +256,22 @@ func (s *BackupExecutionService) executeTask(ctx context.Context, task *model.Ba
errMessage := ""
var fileName string
var fileSize int64
var checksum string
var storagePath string
var uploadResults []StorageUploadResultItem
completeRecord := func() {
if finalizeErr := s.finalizeRecord(ctx, task, recordID, startedAt, status, errMessage, logger.String(), fileName, fileSize, storagePath); finalizeErr != nil {
if finalizeErr := s.finalizeRecord(ctx, task, recordID, startedAt, status, errMessage, logger.String(), fileName, fileSize, checksum, storagePath); finalizeErr != nil {
logger.Errorf("写回备份记录失败:%v", finalizeErr)
}
// 写入多目标上传结果
if len(uploadResults) > 0 {
if resultsJSON, marshalErr := json.Marshal(uploadResults); marshalErr == nil {
if record, findErr := s.records.FindByID(ctx, recordID); findErr == nil && record != nil {
record.StorageUploadResults = string(resultsJSON)
_ = s.records.Update(ctx, record)
}
}
}
if err := s.notifier.NotifyBackupResult(ctx, BackupExecutionNotification{Task: task, Record: &model.BackupRecord{ID: recordID, TaskID: task.ID, Status: status, FileName: fileName, FileSize: fileSize, StoragePath: storagePath, ErrorMessage: errMessage, StartedAt: startedAt}, Error: buildOptionalError(errMessage)}); err != nil {
logger.Warnf("发送备份通知失败:%v", err)
}
@@ -241,12 +285,6 @@ func (s *BackupExecutionService) executeTask(ctx context.Context, task *model.Ba
logger.Errorf("构建任务运行时配置失败:%v", err)
return
}
provider, err := s.resolveProvider(ctx, task.StorageTargetID)
if err != nil {
errMessage = err.Error()
logger.Errorf("创建存储客户端失败:%v", err)
return
}
runner, err := s.runnerRegistry.Runner(spec.Type)
if err != nil {
errMessage = err.Error()
@@ -290,34 +328,99 @@ func (s *BackupExecutionService) executeTask(ctx context.Context, task *model.Ba
fileSize = info.Size()
fileName = filepath.Base(finalPath)
storagePath = backup.BuildStorageKey(task.Type, startedAt, fileName)
artifact, err := os.Open(finalPath)
if err != nil {
errMessage = err.Error()
logger.Errorf("打开备份文件失败:%v", err)
// 收集所有存储目标
targetIDs := collectTargetIDs(task)
if len(targetIDs) == 0 {
errMessage = "没有关联的存储目标"
logger.Errorf("没有关联的存储目标")
return
}
defer artifact.Close()
logger.Infof("开始上传备份到存储目标")
if err := provider.Upload(ctx, storagePath, artifact, fileSize, map[string]string{"taskId": fmt.Sprintf("%d", task.ID), "recordId": fmt.Sprintf("%d", recordID)}); err != nil {
errMessage = err.Error()
logger.Errorf("上传备份文件失败:%v", err)
return
}
if s.retention != nil {
cleanupResult, cleanupErr := s.retention.Cleanup(ctx, task, provider)
if cleanupErr != nil {
logger.Warnf("执行保留策略失败:%v", cleanupErr)
} else {
for _, warning := range cleanupResult.Warnings {
logger.Warnf("保留策略警告:%s", warning)
// 并行上传到所有目标
uploadResults = make([]StorageUploadResultItem, len(targetIDs))
var checksumOnce sync.Once
var wg sync.WaitGroup
for i, tid := range targetIDs {
wg.Add(1)
go func(index int, targetID uint) {
defer wg.Done()
target, findErr := s.targets.FindByID(ctx, targetID)
targetName := fmt.Sprintf("target-%d", targetID)
if findErr == nil && target != nil {
targetName = target.Name
}
provider, resolveErr := s.resolveProvider(ctx, targetID)
if resolveErr != nil {
uploadResults[index] = StorageUploadResultItem{StorageTargetID: targetID, StorageTargetName: targetName, Status: "failed", Error: resolveErr.Error()}
logger.Warnf("存储目标 %s 创建客户端失败:%v", targetName, resolveErr)
return
}
artifact, openErr := os.Open(finalPath)
if openErr != nil {
uploadResults[index] = StorageUploadResultItem{StorageTargetID: targetID, StorageTargetName: targetName, Status: "failed", Error: openErr.Error()}
logger.Warnf("存储目标 %s 打开备份文件失败:%v", targetName, openErr)
return
}
defer artifact.Close()
logger.Infof("开始上传备份到存储目标:%s", targetName)
// hashingReader: 上传过程中同步计算字节数 + SHA-256单次读取零额外 I/O
hr := newHashingReader(artifact)
if uploadErr := provider.Upload(ctx, storagePath, hr, fileSize, map[string]string{"taskId": fmt.Sprintf("%d", task.ID), "recordId": fmt.Sprintf("%d", recordID)}); uploadErr != nil {
uploadResults[index] = StorageUploadResultItem{StorageTargetID: targetID, StorageTargetName: targetName, Status: "failed", Error: uploadErr.Error()}
logger.Warnf("存储目标 %s 上传失败:%v", targetName, uploadErr)
return
}
// 完整性校验:对比实际传输字节数
if hr.n != fileSize {
uploadResults[index] = StorageUploadResultItem{StorageTargetID: targetID, StorageTargetName: targetName, Status: "failed", Error: fmt.Sprintf("完整性校验失败: 预期 %d bytes, 实际传输 %d bytes", fileSize, hr.n)}
logger.Errorf("存储目标 %s 完整性校验失败:预期 %d bytes, 实际传输 %d bytes", targetName, fileSize, hr.n)
_ = provider.Delete(ctx, storagePath)
return
}
// 取第一个成功目标的哈希写入 record所有目标读同一文件哈希一定相同
targetChecksum := hr.Sum()
checksumOnce.Do(func() { checksum = targetChecksum })
uploadResults[index] = StorageUploadResultItem{StorageTargetID: targetID, StorageTargetName: targetName, Status: "success", StoragePath: storagePath, FileSize: fileSize}
logger.Infof("存储目标 %s 上传成功 (%d bytes, SHA-256=%s)", targetName, fileSize, targetChecksum)
// 每个成功目标独立执行保留策略
if s.retention != nil {
cleanupResult, cleanupErr := s.retention.Cleanup(ctx, task, provider)
if cleanupErr != nil {
logger.Warnf("存储目标 %s 执行保留策略失败:%v", targetName, cleanupErr)
} else {
for _, warning := range cleanupResult.Warnings {
logger.Warnf("存储目标 %s 保留策略警告:%s", targetName, warning)
}
}
}
}(i, tid)
}
wg.Wait()
// 汇总结果:任意一个 success → 整体 success
anySuccess := false
var failedMessages []string
for _, r := range uploadResults {
if r.Status == "success" {
anySuccess = true
} else if r.Error != "" {
failedMessages = append(failedMessages, fmt.Sprintf("%s: %s", r.StorageTargetName, r.Error))
}
}
status = "success"
logger.Infof("备份执行完成")
if anySuccess {
status = "success"
if len(failedMessages) > 0 {
logger.Warnf("部分存储目标上传失败:%s", strings.Join(failedMessages, "; "))
}
logger.Infof("备份执行完成")
} else {
errMessage = strings.Join(failedMessages, "; ")
logger.Errorf("所有存储目标上传均失败")
}
}
func (s *BackupExecutionService) finalizeRecord(ctx context.Context, task *model.BackupTask, recordID uint, startedAt time.Time, status string, errorMessage string, logContent string, fileName string, fileSize int64, storagePath string) error {
func (s *BackupExecutionService) finalizeRecord(ctx context.Context, task *model.BackupTask, recordID uint, startedAt time.Time, status string, errorMessage string, logContent string, fileName string, fileSize int64, checksum string, storagePath string) error {
record, err := s.records.FindByID(ctx, recordID)
if err != nil {
return err
@@ -329,6 +432,7 @@ func (s *BackupExecutionService) finalizeRecord(ctx context.Context, task *model
record.Status = status
record.FileName = fileName
record.FileSize = fileSize
record.Checksum = checksum
record.StoragePath = storagePath
record.DurationSeconds = int(completedAt.Sub(startedAt).Seconds())
record.ErrorMessage = strings.TrimSpace(errorMessage)
@@ -376,11 +480,18 @@ func (s *BackupExecutionService) buildTaskSpec(task *model.BackupTask, startedAt
}
password = string(plain)
}
sourcePaths := []string{}
if strings.TrimSpace(task.SourcePaths) != "" {
if err := json.Unmarshal([]byte(task.SourcePaths), &sourcePaths); err != nil {
return backup.TaskSpec{}, apperror.Internal("BACKUP_TASK_DECODE_FAILED", "无法解析源路径配置", err)
}
}
return backup.TaskSpec{
ID: task.ID,
Name: task.Name,
Type: task.Type,
SourcePath: task.SourcePath,
SourcePaths: sourcePaths,
ExcludePatterns: excludePatterns,
StorageTargetID: task.StorageTargetID,
StorageTargetType: "",
@@ -485,3 +596,28 @@ func buildStorageProviderFromRepos(ctx context.Context, storageTargetID uint, st
}
return provider, target, nil
}
// hashingReader 在上传过程中同步计算字节数和 SHA-256零额外 I/O
type hashingReader struct {
reader io.Reader
hash hash.Hash
n int64
}
func newHashingReader(reader io.Reader) *hashingReader {
h := sha256.New()
return &hashingReader{
reader: io.TeeReader(reader, h),
hash: h,
}
}
func (r *hashingReader) Read(p []byte) (int, error) {
n, err := r.reader.Read(p)
r.n += int64(n)
return n, err
}
func (r *hashingReader) Sum() string {
return hex.EncodeToString(r.hash.Sum(nil))
}

6
server/internal/service/backup_execution_service_test.go
View File

@@ -55,7 +55,11 @@ func newExecutionTestServices(t *testing.T) (*BackupExecutionService, *BackupRec
runnerRegistry := backup.NewRegistry(backup.NewFileRunner(), backup.NewMySQLRunner(nil), backup.NewSQLiteRunner(), backup.NewPostgreSQLRunner(nil))
storageRegistry := storage.NewRegistry(localdisk.NewFactory())
retentionService := backupretention.NewService(records)
executionService := NewBackupExecutionService(tasks, records, targets, storageRegistry, runnerRegistry, logHub, retentionService, cipher, nil, "", 2)
tempDir := filepath.Join(baseDir, "tmp")
if err := os.MkdirAll(tempDir, 0o755); err != nil {
t.Fatalf("MkdirAll tempDir returned error: %v", err)
}
executionService := NewBackupExecutionService(tasks, records, targets, storageRegistry, runnerRegistry, logHub, retentionService, cipher, nil, tempDir, 2)
recordService := NewBackupRecordService(records, executionService, logHub)
return executionService, recordService, tasks, targets, records, sourceDir, storageDir
}

15
server/internal/service/backup_record_service.go
View File

@@ -2,6 +2,7 @@ package service
import (
"context"
"encoding/json"
"strings"
"time"
@@ -29,6 +30,7 @@ type BackupRecordSummary struct {
Status string `json:"status"`
FileName string `json:"fileName"`
FileSize int64 `json:"fileSize"`
Checksum string `json:"checksum"`
StoragePath string `json:"storagePath"`
DurationSeconds int `json:"durationSeconds"`
ErrorMessage string `json:"errorMessage"`
@@ -38,8 +40,9 @@ type BackupRecordSummary struct {
type BackupRecordDetail struct {
BackupRecordSummary
LogContent string `json:"logContent"`
LogEvents []backup.LogEvent `json:"logEvents,omitempty"`
LogContent string `json:"logContent"`
LogEvents []backup.LogEvent `json:"logEvents,omitempty"`
StorageUploadResults []StorageUploadResultItem `json:"storageUploadResults,omitempty"`
}
type BackupRecordService struct {
@@ -109,6 +112,7 @@ func toBackupRecordSummary(item *model.BackupRecord) BackupRecordSummary {
Status: item.Status,
FileName: item.FileName,
FileSize: item.FileSize,
Checksum: item.Checksum,
StoragePath: item.StoragePath,
DurationSeconds: item.DurationSeconds,
ErrorMessage: item.ErrorMessage,
@@ -130,5 +134,12 @@ func toBackupRecordDetail(item *model.BackupRecord, logHub *backup.LogHub) *Back
detail.LogContent = strings.Join(lines, "\n")
}
}
// 解析多目标上传结果
if strings.TrimSpace(item.StorageUploadResults) != "" {
var uploadResults []StorageUploadResultItem
if err := json.Unmarshal([]byte(item.StorageUploadResults), &uploadResults); err == nil {
detail.StorageUploadResults = uploadResults
}
}
return detail
}

227
server/internal/service/backup_task_service.go
View File

@@ -17,23 +17,25 @@ import (
const backupTaskMaskedValue = "********"
type BackupTaskUpsertInput struct {
Name string `json:"name" binding:"required,min=1,max=100"`
Type string `json:"type" binding:"required,oneof=file mysql sqlite postgresql pgsql"`
Enabled bool `json:"enabled"`
CronExpr string `json:"cronExpr" binding:"max=64"`
SourcePath string `json:"sourcePath" binding:"max=500"`
ExcludePatterns []string `json:"excludePatterns"`
DBHost string `json:"dbHost" binding:"max=255"`
DBPort int `json:"dbPort"`
DBUser string `json:"dbUser" binding:"max=100"`
DBPassword string `json:"dbPassword" binding:"max=255"`
DBName string `json:"dbName" binding:"max=255"`
DBPath string `json:"dbPath" binding:"max=500"`
StorageTargetID uint `json:"storageTargetId" binding:"required"`
RetentionDays int `json:"retentionDays"`
Compression string `json:"compression" binding:"omitempty,oneof=gzip none"`
Encrypt bool `json:"encrypt"`
MaxBackups int `json:"maxBackups"`
Name string `json:"name" binding:"required,min=1,max=100"`
Type string `json:"type" binding:"required,oneof=file mysql sqlite postgresql pgsql"`
Enabled bool `json:"enabled"`
CronExpr string `json:"cronExpr" binding:"max=64"`
SourcePath string `json:"sourcePath" binding:"max=500"`
SourcePaths []string `json:"sourcePaths"`
ExcludePatterns []string `json:"excludePatterns"`
DBHost string `json:"dbHost" binding:"max=255"`
DBPort int `json:"dbPort"`
DBUser string `json:"dbUser" binding:"max=100"`
DBPassword string `json:"dbPassword" binding:"max=255"`
DBName string `json:"dbName" binding:"max=255"`
DBPath string `json:"dbPath" binding:"max=500"`
StorageTargetID uint `json:"storageTargetId"` // deprecated: 向后兼容
StorageTargetIDs []uint `json:"storageTargetIds"` // 新增:多存储目标
RetentionDays int `json:"retentionDays"`
Compression string `json:"compression" binding:"omitempty,oneof=gzip none"`
Encrypt bool `json:"encrypt"`
MaxBackups int `json:"maxBackups"`
}
type BackupTaskToggleInput struct {
@@ -41,25 +43,28 @@ type BackupTaskToggleInput struct {
}
type BackupTaskSummary struct {
ID uint `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Enabled bool `json:"enabled"`
CronExpr string `json:"cronExpr"`
StorageTargetID uint `json:"storageTargetId"`
StorageTargetName string `json:"storageTargetName"`
RetentionDays int `json:"retentionDays"`
Compression string `json:"compression"`
Encrypt bool `json:"encrypt"`
MaxBackups int `json:"maxBackups"`
LastRunAt *time.Time `json:"lastRunAt,omitempty"`
LastStatus string `json:"lastStatus"`
UpdatedAt time.Time `json:"updatedAt"`
ID uint `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
Enabled bool `json:"enabled"`
CronExpr string `json:"cronExpr"`
StorageTargetID uint `json:"storageTargetId"` // deprecated: 取第一个
StorageTargetName string `json:"storageTargetName"` // deprecated: 取第一个
StorageTargetIDs []uint `json:"storageTargetIds"`
StorageTargetNames []string `json:"storageTargetNames"`
RetentionDays int `json:"retentionDays"`
Compression string `json:"compression"`
Encrypt bool `json:"encrypt"`
MaxBackups int `json:"maxBackups"`
LastRunAt *time.Time `json:"lastRunAt,omitempty"`
LastStatus string `json:"lastStatus"`
UpdatedAt time.Time `json:"updatedAt"`
}
type BackupTaskDetail struct {
BackupTaskSummary
SourcePath string `json:"sourcePath"`
SourcePaths []string `json:"sourcePaths"`
ExcludePatterns []string `json:"excludePatterns"`
DBHost string `json:"dbHost"`
DBPort int `json:"dbPort"`
@@ -227,19 +232,33 @@ func (s *BackupTaskService) Toggle(ctx context.Context, id uint, enabled bool) (
return &returnValue, nil
}
// resolveStorageTargetIDs 统一处理新旧字段,返回有效的存储目标 ID 列表
func resolveStorageTargetIDs(input BackupTaskUpsertInput) []uint {
if len(input.StorageTargetIDs) > 0 {
return input.StorageTargetIDs
}
if input.StorageTargetID > 0 {
return []uint{input.StorageTargetID}
}
return nil
}
func (s *BackupTaskService) validateInput(ctx context.Context, existing *model.BackupTask, input BackupTaskUpsertInput) error {
if strings.TrimSpace(input.Name) == "" {
return apperror.BadRequest("BACKUP_TASK_INVALID", "任务名称不能为空", nil)
}
if input.StorageTargetID == 0 {
return apperror.BadRequest("BACKUP_TASK_INVALID", "请选择存储目标", nil)
targetIDs := resolveStorageTargetIDs(input)
if len(targetIDs) == 0 {
return apperror.BadRequest("BACKUP_TASK_INVALID", "请选择至少一个存储目标", nil)
}
target, err := s.targets.FindByID(ctx, input.StorageTargetID)
if err != nil {
return apperror.Internal("BACKUP_TASK_STORAGE_LOOKUP_FAILED", "无法检查存储目标", err)
}
if target == nil {
return apperror.BadRequest("BACKUP_STORAGE_TARGET_INVALID", "关联的存储目标不存在", nil)
for _, tid := range targetIDs {
target, err := s.targets.FindByID(ctx, tid)
if err != nil {
return apperror.Internal("BACKUP_TASK_STORAGE_LOOKUP_FAILED", "无法检查存储目标", err)
}
if target == nil {
return apperror.BadRequest("BACKUP_STORAGE_TARGET_INVALID", fmt.Sprintf("关联的存储目标 %d 不存在", tid), nil)
}
}
if input.RetentionDays < 0 {
return apperror.BadRequest("BACKUP_TASK_INVALID", "保留天数不能小于 0", nil)
@@ -260,7 +279,8 @@ func (s *BackupTaskService) validateInput(ctx context.Context, existing *model.B
func validateTaskTypeSpecificFields(input BackupTaskUpsertInput, passwordRequired bool) error {
switch normalizeBackupTaskType(input.Type) {
case "file":
if strings.TrimSpace(input.SourcePath) == "" {
hasSourcePaths := len(resolveSourcePaths(input)) > 0
if !hasSourcePaths {
return apperror.BadRequest("BACKUP_TASK_INVALID", "文件备份必须填写源路径", nil)
}
case "mysql", "postgresql":
@@ -294,6 +314,10 @@ func (s *BackupTaskService) buildTask(existing *model.BackupTask, input BackupTa
if err != nil {
return nil, apperror.BadRequest("BACKUP_TASK_INVALID", "排除规则格式不合法", err)
}
sourcePathsJSON, err := encodeSourcePaths(resolveSourcePaths(input))
if err != nil {
return nil, apperror.BadRequest("BACKUP_TASK_INVALID", "源路径格式不合法", err)
}
passwordCiphertext := ""
if existing != nil {
passwordCiphertext = existing.DBPasswordCiphertext
@@ -313,12 +337,30 @@ func (s *BackupTaskService) buildTask(existing *model.BackupTask, input BackupTa
if maxBackups == 0 {
maxBackups = 10
}
targetIDs := resolveStorageTargetIDs(input)
// 保持旧字段兼容:取第一个
primaryTargetID := uint(0)
if len(targetIDs) > 0 {
primaryTargetID = targetIDs[0]
}
// 构建多对多关联
storageTargets := make([]model.StorageTarget, len(targetIDs))
for i, tid := range targetIDs {
storageTargets[i] = model.StorageTarget{ID: tid}
}
// 向后兼容SourcePath 取第一个
resolvedPaths := resolveSourcePaths(input)
primarySourcePath := strings.TrimSpace(input.SourcePath)
if len(resolvedPaths) > 0 {
primarySourcePath = resolvedPaths[0]
}
item := &model.BackupTask{
Name: strings.TrimSpace(input.Name),
Type: normalizeBackupTaskType(input.Type),
Enabled: input.Enabled,
CronExpr: strings.TrimSpace(input.CronExpr),
SourcePath: strings.TrimSpace(input.SourcePath),
SourcePath: primarySourcePath,
SourcePaths: sourcePathsJSON,
ExcludePatterns: excludePatterns,
DBHost: strings.TrimSpace(input.DBHost),
DBPort: input.DBPort,
@@ -326,7 +368,8 @@ func (s *BackupTaskService) buildTask(existing *model.BackupTask, input BackupTa
DBPasswordCiphertext: passwordCiphertext,
DBName: strings.TrimSpace(input.DBName),
DBPath: strings.TrimSpace(input.DBPath),
StorageTargetID: input.StorageTargetID,
StorageTargetID: primaryTargetID,
StorageTargets: storageTargets,
RetentionDays: input.RetentionDays,
Compression: compression,
Encrypt: input.Encrypt,
@@ -346,9 +389,14 @@ func (s *BackupTaskService) toDetail(item *model.BackupTask) (*BackupTaskDetail,
if err != nil {
return nil, apperror.Internal("BACKUP_TASK_DECODE_FAILED", "无法解析备份任务配置", err)
}
sourcePaths, err := decodeSourcePaths(item.SourcePaths)
if err != nil {
return nil, apperror.Internal("BACKUP_TASK_DECODE_FAILED", "无法解析源路径配置", err)
}
detail := &BackupTaskDetail{
BackupTaskSummary: toBackupTaskSummary(item),
SourcePath: item.SourcePath,
SourcePaths: sourcePaths,
ExcludePatterns: excludePatterns,
DBHost: item.DBHost,
DBPort: item.DBPort,
@@ -364,25 +412,45 @@ func (s *BackupTaskService) toDetail(item *model.BackupTask) (*BackupTaskDetail,
}
func toBackupTaskSummary(item *model.BackupTask) BackupTaskSummary {
storageTargetName := ""
if item != nil {
storageTargetName = item.StorageTarget.Name
// 从多对多关联提取 IDs 和 Names
var targetIDs []uint
var targetNames []string
if len(item.StorageTargets) > 0 {
for _, t := range item.StorageTargets {
targetIDs = append(targetIDs, t.ID)
targetNames = append(targetNames, t.Name)
}
} else if item.StorageTargetID > 0 {
// 回退到旧字段
targetIDs = []uint{item.StorageTargetID}
targetNames = []string{item.StorageTarget.Name}
}
// 向后兼容:取第一个
primaryID := uint(0)
primaryName := ""
if len(targetIDs) > 0 {
primaryID = targetIDs[0]
}
if len(targetNames) > 0 {
primaryName = targetNames[0]
}
return BackupTaskSummary{
ID: item.ID,
Name: item.Name,
Type: normalizeBackupTaskType(item.Type),
Enabled: item.Enabled,
CronExpr: item.CronExpr,
StorageTargetID: item.StorageTargetID,
StorageTargetName: storageTargetName,
RetentionDays: item.RetentionDays,
Compression: item.Compression,
Encrypt: item.Encrypt,
MaxBackups: item.MaxBackups,
LastRunAt: item.LastRunAt,
LastStatus: item.LastStatus,
UpdatedAt: item.UpdatedAt,
ID: item.ID,
Name: item.Name,
Type: normalizeBackupTaskType(item.Type),
Enabled: item.Enabled,
CronExpr: item.CronExpr,
StorageTargetID: primaryID,
StorageTargetName: primaryName,
StorageTargetIDs: targetIDs,
StorageTargetNames: targetNames,
RetentionDays: item.RetentionDays,
Compression: item.Compression,
Encrypt: item.Encrypt,
MaxBackups: item.MaxBackups,
LastRunAt: item.LastRunAt,
LastStatus: item.LastStatus,
UpdatedAt: item.UpdatedAt,
}
}
@@ -408,6 +476,47 @@ func decodeExcludePatterns(value string) ([]string, error) {
return items, nil
}
// resolveSourcePaths 统一处理 sourcePaths / sourcePath返回有效路径列表
func resolveSourcePaths(input BackupTaskUpsertInput) []string {
if len(input.SourcePaths) > 0 {
var cleaned []string
for _, p := range input.SourcePaths {
if trimmed := strings.TrimSpace(p); trimmed != "" {
cleaned = append(cleaned, trimmed)
}
}
if len(cleaned) > 0 {
return cleaned
}
}
if sp := strings.TrimSpace(input.SourcePath); sp != "" {
return []string{sp}
}
return nil
}
func encodeSourcePaths(paths []string) (string, error) {
if len(paths) == 0 {
return "[]", nil
}
encoded, err := json.Marshal(paths)
if err != nil {
return "", err
}
return string(encoded), nil
}
func decodeSourcePaths(value string) ([]string, error) {
if strings.TrimSpace(value) == "" || strings.TrimSpace(value) == "[]" {
return []string{}, nil
}
var items []string
if err := json.Unmarshal([]byte(value), &items); err != nil {
return nil, err
}
return items, nil
}
func normalizeBackupTaskType(value string) string {
normalized := strings.TrimSpace(strings.ToLower(value))
if normalized == "pgsql" {

141
server/internal/service/database_discovery_service.go Normal file
View File

@@ -0,0 +1,141 @@
package service
import (
"bytes"
"context"
"fmt"
"strings"
"time"
"backupx/server/internal/apperror"
"backupx/server/internal/backup"
)
type DatabaseDiscoverInput struct {
Type string `json:"type" binding:"required,oneof=mysql postgresql"`
Host string `json:"host" binding:"required"`
Port int `json:"port" binding:"required,min=1"`
User string `json:"user" binding:"required"`
Password string `json:"password" binding:"required"`
}
type DatabaseDiscoverResult struct {
Databases []string `json:"databases"`
}
type DatabaseDiscoveryService struct {
executor backup.CommandExecutor
}
func NewDatabaseDiscoveryService(executor backup.CommandExecutor) *DatabaseDiscoveryService {
return &DatabaseDiscoveryService{executor: executor}
}
func (s *DatabaseDiscoveryService) Discover(ctx context.Context, input DatabaseDiscoverInput) (*DatabaseDiscoverResult, error) {
switch strings.TrimSpace(strings.ToLower(input.Type)) {
case "mysql":
return s.discoverMySQL(ctx, input)
case "postgresql":
return s.discoverPostgreSQL(ctx, input)
default:
return nil, apperror.BadRequest("DATABASE_DISCOVER_INVALID_TYPE", "不支持的数据库类型", nil)
}
}
func (s *DatabaseDiscoveryService) discoverMySQL(ctx context.Context, input DatabaseDiscoverInput) (*DatabaseDiscoverResult, error) {
mysqlPath, err := s.executor.LookPath("mysql")
if err != nil {
return nil, apperror.BadRequest("DATABASE_DISCOVER_MYSQL_NOT_FOUND", "系统未安装 mysql 客户端", err)
}
timeout, cancel := context.WithTimeout(ctx, 5*time.Second)
defer cancel()
var stdout, stderr bytes.Buffer
args := []string{
fmt.Sprintf("--host=%s", input.Host),
fmt.Sprintf("--port=%d", input.Port),
fmt.Sprintf("--user=%s", input.User),
"-e", "SHOW DATABASES",
"--skip-column-names",
}
env := []string{fmt.Sprintf("MYSQL_PWD=%s", input.Password)}
if err := s.executor.Run(timeout, mysqlPath, args, backup.CommandOptions{
Stdout: &stdout,
Stderr: &stderr,
Env: env,
}); err != nil {
errMsg := strings.TrimSpace(stderr.String())
if errMsg == "" {
errMsg = err.Error()
}
return nil, apperror.BadRequest("DATABASE_DISCOVER_MYSQL_FAILED", fmt.Sprintf("连接 MySQL 失败:%s", sanitizeMessage(errMsg)), err)
}
systemDBs := map[string]bool{
"information_schema": true,
"performance_schema": true,
"mysql": true,
"sys": true,
}
var databases []string
for _, line := range strings.Split(stdout.String(), "\n") {
db := strings.TrimSpace(line)
if db == "" || systemDBs[db] {
continue
}
databases = append(databases, db)
}
return &DatabaseDiscoverResult{Databases: databases}, nil
}
func (s *DatabaseDiscoveryService) discoverPostgreSQL(ctx context.Context, input DatabaseDiscoverInput) (*DatabaseDiscoverResult, error) {
psqlPath, err := s.executor.LookPath("psql")
if err != nil {
return nil, apperror.BadRequest("DATABASE_DISCOVER_PSQL_NOT_FOUND", "系统未安装 psql 客户端", err)
}
timeout, cancel := context.WithTimeout(ctx, 5*time.Second)
defer cancel()
var stdout, stderr bytes.Buffer
args := []string{
"-h", input.Host,
"-p", fmt.Sprintf("%d", input.Port),
"-U", input.User,
"-d", "postgres",
"-t", "-A",
"-c", "SELECT datname FROM pg_database WHERE datistemplate = false ORDER BY datname",
}
env := []string{fmt.Sprintf("PGPASSWORD=%s", input.Password)}
if err := s.executor.Run(timeout, psqlPath, args, backup.CommandOptions{
Stdout: &stdout,
Stderr: &stderr,
Env: env,
}); err != nil {
errMsg := strings.TrimSpace(stderr.String())
if errMsg == "" {
errMsg = err.Error()
}
return nil, apperror.BadRequest("DATABASE_DISCOVER_PSQL_FAILED", fmt.Sprintf("连接 PostgreSQL 失败:%s", sanitizeMessage(errMsg)), err)
}
skipDBs := map[string]bool{
"postgres": true,
}
var databases []string
for _, line := range strings.Split(stdout.String(), "\n") {
db := strings.TrimSpace(line)
if db == "" || skipDBs[db] || strings.HasPrefix(db, "template") {
continue
}
databases = append(databases, db)
}
return &DatabaseDiscoverResult{Databases: databases}, nil
}

18
server/internal/service/storage_target_service.go
View File

@@ -53,6 +53,7 @@ type StorageTargetSummary struct {
Type string `json:"type"`
Description string `json:"description"`
Enabled bool `json:"enabled"`
Starred bool `json:"starred"`
ConfigVersion int `json:"configVersion"`
LastTestedAt *time.Time `json:"lastTestedAt"`
LastTestStatus string `json:"lastTestStatus"`
@@ -209,6 +210,22 @@ func (s *StorageTargetService) Delete(ctx context.Context, id uint) error {
return nil
}
func (s *StorageTargetService) ToggleStar(ctx context.Context, id uint) (*StorageTargetSummary, error) {
item, err := s.targets.FindByID(ctx, id)
if err != nil {
return nil, apperror.Internal("STORAGE_TARGET_GET_FAILED", "无法获取存储目标详情", err)
}
if item == nil {
return nil, apperror.New(http.StatusNotFound, "STORAGE_TARGET_NOT_FOUND", "存储目标不存在", fmt.Errorf("storage target %d not found", id))
}
item.Starred = !item.Starred
if err := s.targets.Update(ctx, item); err != nil {
return nil, apperror.Internal("STORAGE_TARGET_UPDATE_FAILED", "无法更新存储目标收藏状态", err)
}
summary := toStorageTargetSummary(item)
return &summary, nil
}
func (s *StorageTargetService) TestConnection(ctx context.Context, input StorageTargetTestInput) error {
item, err := s.buildStorageTargetForTest(ctx, input)
if err != nil {
@@ -493,6 +510,7 @@ func toStorageTargetSummary(item *model.StorageTarget) StorageTargetSummary {
Type: item.Type,
Description: item.Description,
Enabled: item.Enabled,
Starred: item.Starred,
ConfigVersion: item.ConfigVersion,
LastTestedAt: item.LastTestedAt,
LastTestStatus: item.LastTestStatus,

15
web/src/components/backup-records/BackupRecordLogDrawer.tsx
View File

@@ -1,7 +1,7 @@
import { Alert, Button, Descriptions, Drawer, Space, Spin, Tag, Typography } from '@arco-design/web-react'
import { useEffect, useMemo, useState } from 'react'
import { deleteBackupRecord, downloadBackupRecord, getBackupRecord, restoreBackupRecord, streamBackupRecordLogs } from '../../services/backup-records'
import type { BackupLogEvent, BackupRecordDetail, BackupRecordStatus } from '../../types/backup-records'
import type { BackupLogEvent, BackupRecordDetail, BackupRecordStatus, StorageUploadResultItem } from '../../types/backup-records'
import { resolveErrorMessage } from '../../utils/error'
import { formatBytes, formatDateTime, formatDuration } from '../../utils/format'
@@ -221,6 +221,19 @@ export function BackupRecordLogDrawer({ visible, recordId, onCancel, onChanged }
</Button>
</Space>
{record.storageUploadResults && record.storageUploadResults.length > 1 && (
<div>
<Typography.Title heading={6}></Typography.Title>
<Descriptions
column={1}
data={record.storageUploadResults.map((r: StorageUploadResultItem) => ({
label: r.storageTargetName,
value: r.status === 'success' ? '上传成功' : `上传失败: ${r.error || '未知错误'}`,
}))}
/>
</div>
)}
<div>
<Typography.Title heading={6}></Typography.Title>
<div className="log-viewer">{logText || '暂无日志输出'}</div>

12
web/src/components/backup-tasks/BackupTaskDetailDrawer.tsx
View File

@@ -29,7 +29,7 @@ export function BackupTaskDetailDrawer({ visible, task, onCancel }: BackupTaskDe
border
data={[
{ label: 'Cron', value: task.cronExpr || '仅手动执行' },
{ label: '存储目标', value: task.storageTargetName || task.storageTargetId },
{ label: '存储目标', value: task.storageTargetNames?.length > 0 ? task.storageTargetNames.join('、') : (task.storageTargetName || task.storageTargetId) },
{ label: '保留天数', value: task.retentionDays },
{ label: '最大保留份数', value: task.maxBackups },
{ label: '压缩', value: task.compression },
@@ -40,7 +40,15 @@ export function BackupTaskDetailDrawer({ visible, task, onCancel }: BackupTaskDe
]}
/>
{task.type === 'file' ? (
<Descriptions border column={1} data={[{ label: '源路径', value: task.sourcePath || '-' }, { label: '排除规则', value: task.excludePatterns.join(', ') || '-' }]} />
<Descriptions border column={1} data={[
{
label: '源路径',
value: task.sourcePaths?.length > 0
? task.sourcePaths.join('\n')
: (task.sourcePath || '-'),
},
{ label: '排除规则', value: task.excludePatterns.join(', ') || '-' },
]} />
) : null}
{task.type === 'sqlite' ? <Descriptions border column={1} data={[{ label: 'SQLite 路径', value: task.dbPath || '-' }]} /> : null}
{task.type === 'mysql' || task.type === 'postgresql' ? (

201
web/src/components/backup-tasks/BackupTaskFormDrawer.tsx
View File

@@ -1,8 +1,13 @@
import { Alert, Button, Divider, Drawer, Input, InputNumber, Select, Space, Steps, Switch, Typography } from '@arco-design/web-react'
import { Alert, Button, Divider, Drawer, Input, InputNumber, Select, Space, Steps, Switch, Typography, Grid } from '@arco-design/web-react'
import { IconDelete, IconPlus } from '@arco-design/web-react/icon'
import { useEffect, useMemo, useState } from 'react'
import { CronInput } from '../CronInput'
import type { StorageTargetSummary } from '../../types/storage-targets'
import type { StorageTargetDetail, StorageTargetPayload, StorageTargetSummary } from '../../types/storage-targets'
import type { StorageConnectionTestResult } from '../../types/storage-targets'
import type { BackupTaskDetail, BackupTaskPayload, BackupTaskType } from '../../types/backup-tasks'
import { DatabasePicker } from '../common/DatabasePicker'
import { DirectoryPicker } from '../common/DirectoryPicker'
import { StorageTargetFormDrawer } from '../storage-targets/StorageTargetFormDrawer'
import {
backupCompressionOptions,
backupTaskTypeOptions,
@@ -17,17 +22,24 @@ interface BackupTaskFormDrawerProps {
loading: boolean
initialValue: BackupTaskDetail | null
storageTargets: StorageTargetSummary[]
localNodeId?: number
onCancel: () => void
onSubmit: (value: BackupTaskPayload, taskId?: number) => Promise<void>
onCreateStorageTarget?: (value: StorageTargetPayload) => Promise<StorageTargetDetail>
onTestStorageTarget?: (value: StorageTargetPayload, targetId?: number) => Promise<StorageConnectionTestResult>
onGoogleDriveAuth?: (value: StorageTargetPayload, targetId?: number) => Promise<void>
onStorageTargetCreated?: () => Promise<void>
}
function createEmptyDraft(storageTargetId?: number): BackupTaskPayload {
function createEmptyDraft(storageTargets?: StorageTargetSummary[]): BackupTaskPayload {
const defaultIds = storageTargets && storageTargets.length > 0 ? [storageTargets[0].id] : []
return {
name: '',
type: 'file',
enabled: true,
cronExpr: '',
sourcePath: '',
sourcePaths: [''],
excludePatterns: [],
dbHost: '',
dbPort: 0,
@@ -35,7 +47,8 @@ function createEmptyDraft(storageTargetId?: number): BackupTaskPayload {
dbPassword: '',
dbName: '',
dbPath: '',
storageTargetId: storageTargetId ?? 0,
storageTargetId: defaultIds[0] ?? 0,
storageTargetIds: defaultIds,
nodeId: 0,
tags: '',
retentionDays: 30,
@@ -45,11 +58,14 @@ function createEmptyDraft(storageTargetId?: number): BackupTaskPayload {
}
}
export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTargets, onCancel, onSubmit }: BackupTaskFormDrawerProps) {
export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTargets, localNodeId, onCancel, onSubmit, onCreateStorageTarget, onTestStorageTarget, onGoogleDriveAuth, onStorageTargetCreated }: BackupTaskFormDrawerProps) {
const [draft, setDraft] = useState<BackupTaskPayload>(createEmptyDraft())
const [excludePatternsText, setExcludePatternsText] = useState('')
const [currentStep, setCurrentStep] = useState(0)
const [error, setError] = useState('')
const [quickCreateVisible, setQuickCreateVisible] = useState(false)
const [quickCreateLoading, setQuickCreateLoading] = useState(false)
const [quickCreateTesting, setQuickCreateTesting] = useState(false)
useEffect(() => {
if (!visible) {
@@ -57,7 +73,7 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
}
if (!initialValue) {
const nextDraft = createEmptyDraft(storageTargets[0]?.id)
const nextDraft = createEmptyDraft(storageTargets)
setDraft(nextDraft)
setExcludePatternsText('')
setCurrentStep(0)
@@ -65,12 +81,24 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
return
}
const editTargetIds = initialValue.storageTargetIds?.length > 0
? initialValue.storageTargetIds
: initialValue.storageTargetId > 0
? [initialValue.storageTargetId]
: []
// 编辑时sourcePaths 优先,为空回退 sourcePath
const editSourcePaths = initialValue.sourcePaths?.length > 0
? initialValue.sourcePaths
: initialValue.sourcePath
? [initialValue.sourcePath]
: ['']
setDraft({
name: initialValue.name,
type: initialValue.type,
enabled: initialValue.enabled,
cronExpr: initialValue.cronExpr,
sourcePath: initialValue.sourcePath,
sourcePaths: editSourcePaths,
excludePatterns: initialValue.excludePatterns,
dbHost: initialValue.dbHost,
dbPort: initialValue.dbPort,
@@ -78,7 +106,8 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
dbPassword: '',
dbName: initialValue.dbName,
dbPath: initialValue.dbPath,
storageTargetId: initialValue.storageTargetId,
storageTargetId: editTargetIds[0] ?? 0,
storageTargetIds: editTargetIds,
nodeId: (initialValue as any).nodeId ?? 0,
tags: (initialValue as any).tags ?? '',
retentionDays: initialValue.retentionDays,
@@ -92,7 +121,17 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
}, [initialValue, storageTargets, visible])
const storageTargetOptions = useMemo(
() => storageTargets.map((item) => ({ label: item.name, value: item.id, disabled: !item.enabled })),
() => {
const sorted = [...storageTargets].sort((a, b) => {
if (a.starred !== b.starred) return a.starred ? -1 : 1
return 0
})
return sorted.map((item) => ({
label: item.starred ? `${item.name}` : item.name,
value: item.id,
disabled: !item.enabled,
}))
},
[storageTargets],
)
@@ -105,6 +144,7 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
...current,
type: value,
sourcePath: value === 'file' ? current.sourcePath : '',
sourcePaths: value === 'file' ? current.sourcePaths : [''],
excludePatterns: value === 'file' ? current.excludePatterns : [],
dbHost: value === 'mysql' || value === 'postgresql' || value === 'saphana' ? current.dbHost : '',
dbPort: value === 'mysql' || value === 'postgresql' || value === 'saphana' ? current.dbPort || getDefaultPort(value) : 0,
@@ -122,8 +162,8 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
if (!value.name.trim()) {
return '请输入任务名称'
}
if (!value.storageTargetId) {
return '请选择存储目标'
if (!value.storageTargetIds || value.storageTargetIds.length === 0) {
return '请选择至少一个存储目标'
}
if (value.cronExpr.trim() && value.cronExpr.trim().split(/\s+/).length < 5) {
return 'Cron 表达式至少需要 5 段'
@@ -134,8 +174,11 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
if (value.maxBackups < 0) {
return '最大保留份数不能小于 0'
}
if (isFileBackupTask(value.type) && !value.sourcePath.trim()) {
return '请输入源路径'
if (isFileBackupTask(value.type)) {
const validPaths = (value.sourcePaths ?? []).filter((p) => p.trim())
if (validPaths.length === 0 && !value.sourcePath.trim()) {
return '请输入至少一个源路径'
}
}
if (isSQLiteBackupTask(value.type) && !value.dbPath.trim()) {
return '请输入 SQLite 数据库路径'
@@ -161,8 +204,11 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
}
async function handleSubmit() {
const validSourcePaths = (draft.sourcePaths ?? []).filter((p) => p.trim())
const nextValue: BackupTaskPayload = {
...draft,
sourcePaths: validSourcePaths,
sourcePath: validSourcePaths[0] ?? draft.sourcePath,
excludePatterns: excludePatternsText
.split('\n')
.map((item) => item.trim())
@@ -203,14 +249,65 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
)
}
function updateSourcePath(index: number, value: string) {
setDraft((current) => {
const next = [...(current.sourcePaths ?? [''])]
next[index] = value
return { ...current, sourcePaths: next, sourcePath: next[0] ?? '' }
})
}
function addSourcePath() {
setDraft((current) => ({
...current,
sourcePaths: [...(current.sourcePaths ?? ['']), ''],
}))
}
function removeSourcePath(index: number) {
setDraft((current) => {
const next = [...(current.sourcePaths ?? [''])]
next.splice(index, 1)
if (next.length === 0) next.push('')
return { ...current, sourcePaths: next, sourcePath: next[0] ?? '' }
})
}
function renderSourceStep() {
const paths = draft.sourcePaths?.length > 0 ? draft.sourcePaths : ['']
return (
<Space direction="vertical" size="large" style={{ width: '100%' }}>
{isFileBackupTask(draft.type) ? (
<>
<div>
<Typography.Text></Typography.Text>
<Input value={draft.sourcePath} placeholder="例如:/var/www/html" onChange={(value) => updateDraft({ sourcePath: value })} />
<Space direction="vertical" size="medium" style={{ width: '100%' }}>
{paths.map((p, index) => (
<Grid.Row key={index} gutter={8} align="center">
<Grid.Col flex="auto">
<DirectoryPicker
value={p}
placeholder={`源路径 ${index + 1},例如:/var/www/html`}
mode="directory"
nodeId={localNodeId}
onChange={(value) => updateSourcePath(index, value)}
/>
</Grid.Col>
<Grid.Col flex="none">
<Button
type="text"
icon={<IconDelete />}
status="danger"
disabled={paths.length <= 1}
onClick={() => removeSourcePath(index)}
/>
</Grid.Col>
</Grid.Row>
))}
<Button type="dashed" long icon={<IconPlus />} onClick={addSourcePath}>
</Button>
</Space>
</div>
<div>
<Typography.Text></Typography.Text>
@@ -227,7 +324,13 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
{isSQLiteBackupTask(draft.type) ? (
<div>
<Typography.Text>SQLite </Typography.Text>
<Input value={draft.dbPath} placeholder="例如:/data/app.db" onChange={(value) => updateDraft({ dbPath: value })} />
<DirectoryPicker
value={draft.dbPath}
placeholder="例如:/data/app.db"
mode="file"
nodeId={localNodeId}
onChange={(value) => updateDraft({ dbPath: value })}
/>
</div>
) : null}
@@ -251,7 +354,19 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
</div>
<div>
<Typography.Text></Typography.Text>
<Input value={draft.dbName} placeholder="例如app_prod" onChange={(value) => updateDraft({ dbName: value })} />
{(draft.type === 'mysql' || draft.type === 'postgresql') ? (
<DatabasePicker
dbType={draft.type}
dbHost={draft.dbHost}
dbPort={draft.dbPort}
dbUser={draft.dbUser}
dbPassword={draft.dbPassword}
value={draft.dbName}
onChange={(value) => updateDraft({ dbName: value })}
/>
) : (
<Input value={draft.dbName} placeholder="例如app_prod" onChange={(value) => updateDraft({ dbName: value })} />
)}
</div>
</>
) : null}
@@ -259,12 +374,53 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
)
}
async function handleQuickCreateSubmit(value: StorageTargetPayload) {
if (!onCreateStorageTarget) return
setQuickCreateLoading(true)
try {
const created = await onCreateStorageTarget(value)
setQuickCreateVisible(false)
if (onStorageTargetCreated) {
await onStorageTargetCreated()
}
const currentIds = draft.storageTargetIds ?? []
const nextIds = [...currentIds, created.id]
updateDraft({ storageTargetIds: nextIds, storageTargetId: nextIds[0] ?? 0 })
} finally {
setQuickCreateLoading(false)
}
}
async function handleQuickCreateTest(value: StorageTargetPayload, targetId?: number): Promise<StorageConnectionTestResult> {
if (!onTestStorageTarget) return { success: false, message: '测试不可用' }
setQuickCreateTesting(true)
try {
return await onTestStorageTarget(value, targetId)
} finally {
setQuickCreateTesting(false)
}
}
function renderPolicyStep() {
return (
<Space direction="vertical" size="large" style={{ width: '100%' }}>
<div>
<Typography.Text></Typography.Text>
<Select value={draft.storageTargetId || undefined} placeholder="请选择存储目标" options={storageTargetOptions} onChange={(value) => updateDraft({ storageTargetId: Number(value) })} />
<Space style={{ width: '100%' }} align="start">
<Select
style={{ flex: 1 }}
mode="multiple"
value={draft.storageTargetIds?.length > 0 ? draft.storageTargetIds : undefined}
placeholder="请选择存储目标(可多选)"
options={storageTargetOptions}
onChange={(values: number[]) => updateDraft({ storageTargetIds: values, storageTargetId: values[0] ?? 0 })}
/>
{onCreateStorageTarget && (
<Button type="outline" size="small" onClick={() => setQuickCreateVisible(true)}>
+
</Button>
)}
</Space>
</div>
<div>
<Typography.Text></Typography.Text>
@@ -320,6 +476,19 @@ export function BackupTaskFormDrawer({ visible, loading, initialValue, storageTa
)}
</Space>
</Space>
{onCreateStorageTarget && (
<StorageTargetFormDrawer
visible={quickCreateVisible}
loading={quickCreateLoading}
testing={quickCreateTesting}
initialValue={null}
onCancel={() => setQuickCreateVisible(false)}
onSubmit={handleQuickCreateSubmit}
onTest={handleQuickCreateTest}
onGoogleDriveAuth={onGoogleDriveAuth ?? (async () => {})}
/>
)}
</Drawer>
)
}

120
web/src/components/common/DatabasePicker.tsx Normal file
View File

@@ -0,0 +1,120 @@
import { Button, Checkbox, Input, Message, Space, Spin, Typography } from '@arco-design/web-react'
import { useState } from 'react'
import { discoverDatabases } from '../../services/database'
interface DatabasePickerProps {
dbType: 'mysql' | 'postgresql'
dbHost: string
dbPort: number
dbUser: string
dbPassword: string
value: string
onChange: (value: string) => void
}
export function DatabasePicker({ dbType, dbHost, dbPort, dbUser, dbPassword, value, onChange }: DatabasePickerProps) {
const [databases, setDatabases] = useState<string[]>([])
const [loading, setLoading] = useState(false)
const [discovered, setDiscovered] = useState(false)
const [error, setError] = useState('')
const selectedDbs = value
.split(',')
.map((s) => s.trim())
.filter(Boolean)
const canDiscover = dbHost.trim() && dbPort > 0 && dbUser.trim() && dbPassword.trim()
async function handleDiscover() {
setLoading(true)
setError('')
try {
const result = await discoverDatabases({
type: dbType,
host: dbHost.trim(),
port: dbPort,
user: dbUser.trim(),
password: dbPassword.trim(),
})
setDatabases(result)
setDiscovered(true)
if (result.length === 0) {
setError('未发现用户数据库')
}
} catch (discoverError: any) {
const msg = discoverError?.response?.data?.message ?? discoverError?.message ?? '发现数据库失败'
setError(msg)
Message.error(msg)
} finally {
setLoading(false)
}
}
function handleToggle(db: string, checked: boolean) {
let next: string[]
if (checked) {
next = [...selectedDbs, db]
} else {
next = selectedDbs.filter((d) => d !== db)
}
onChange(next.join(','))
}
function handleSelectAll() {
onChange(databases.join(','))
}
function handleDeselectAll() {
onChange('')
}
return (
<Space direction="vertical" size="medium" style={{ width: '100%' }}>
<Space style={{ width: '100%' }}>
<Input
style={{ flex: 1 }}
value={value}
placeholder="数据库名称(多个以逗号分隔)"
onChange={onChange}
/>
<Button
type="outline"
size="small"
loading={loading}
disabled={!canDiscover}
onClick={handleDiscover}
>
</Button>
</Space>
{error && <Typography.Text type="error">{error}</Typography.Text>}
{loading && <Spin size={16} />}
{discovered && databases.length > 0 && (
<div style={{ border: '1px solid var(--color-border-2)', borderRadius: 4, padding: '8px 12px', maxHeight: 200, overflow: 'auto' }}>
<Space size="mini" style={{ marginBottom: 8 }}>
<Button type="text" size="mini" onClick={handleSelectAll}>
</Button>
<Button type="text" size="mini" onClick={handleDeselectAll}>
</Button>
</Space>
<Space direction="vertical" size={4}>
{databases.map((db) => (
<Checkbox
key={db}
checked={selectedDbs.includes(db)}
onChange={(checked) => handleToggle(db, checked)}
>
{db}
</Checkbox>
))}
</Space>
</div>
)}
</Space>
)
}

155
web/src/components/common/DirectoryPicker.tsx Normal file
View File

@@ -0,0 +1,155 @@
import { Button, Input, Message, Modal, Space, Spin, Tree, Typography } from '@arco-design/web-react'
import { IconFolder, IconFile } from '@arco-design/web-react/icon'
import { useCallback, useState } from 'react'
import { listNodeDirectory } from '../../services/nodes'
import type { DirEntry } from '../../types/nodes'
interface DirectoryPickerProps {
value: string
onChange: (path: string) => void
placeholder?: string
mode?: 'directory' | 'file'
nodeId?: number
}
interface TreeNodeData {
key: string
title: string
icon?: React.ReactNode
isLeaf: boolean
children?: TreeNodeData[]
loaded?: boolean
}
function entriesToTreeNodes(entries: DirEntry[], mode: 'directory' | 'file'): TreeNodeData[] {
return entries
.filter((entry) => mode === 'file' || entry.isDir)
.map((entry) => ({
key: entry.path,
title: entry.name,
icon: entry.isDir ? <IconFolder /> : <IconFile />,
isLeaf: !entry.isDir,
}))
}
export function DirectoryPicker({ value, onChange, placeholder, mode = 'directory', nodeId }: DirectoryPickerProps) {
const [modalVisible, setModalVisible] = useState(false)
const [treeData, setTreeData] = useState<TreeNodeData[]>([])
const [loading, setLoading] = useState(false)
const [selectedPath, setSelectedPath] = useState('')
const loadDirectory = useCallback(
async (path: string): Promise<TreeNodeData[]> => {
if (nodeId === undefined) return []
try {
const entries = await listNodeDirectory(nodeId, path)
return entriesToTreeNodes(entries, mode)
} catch {
Message.error(`加载目录失败: ${path}`)
return []
}
},
[nodeId, mode],
)
async function handleOpen() {
setModalVisible(true)
setSelectedPath(value || '')
setLoading(true)
try {
const rootNodes = await loadDirectory('/')
setTreeData(rootNodes)
} finally {
setLoading(false)
}
}
// ArcoDesign Tree loadMore: node.props.dataRef 指向 treeData 中的原始对象
async function handleLoadMore(treeNode: any): Promise<void> {
const nodeKey = treeNode.props.dataRef?.key ?? treeNode.props._key
if (!nodeKey) return
const children = await loadDirectory(nodeKey)
setTreeData((prev) => {
function insertChildren(nodes: TreeNodeData[]): TreeNodeData[] {
return nodes.map((n) => {
if (n.key === nodeKey) {
return { ...n, children, loaded: true }
}
if (n.children && n.children.length > 0) {
return { ...n, children: insertChildren(n.children) }
}
return n
})
}
return insertChildren(prev)
})
}
function handleConfirm() {
if (selectedPath) {
onChange(selectedPath)
}
setModalVisible(false)
}
// 没有 nodeId 时退化为普通输入框
if (nodeId === undefined) {
return <Input value={value} placeholder={placeholder} onChange={onChange} />
}
return (
<>
<Space style={{ width: '100%' }}>
<Input style={{ flex: 1 }} value={value} placeholder={placeholder} onChange={onChange} />
<Button type="outline" size="small" onClick={handleOpen}>
</Button>
</Space>
<Modal
title={mode === 'directory' ? '选择目录' : '选择文件'}
visible={modalVisible}
onCancel={() => setModalVisible(false)}
onOk={handleConfirm}
okText="选择"
cancelText="取消"
style={{ width: 560 }}
okButtonProps={{ disabled: !selectedPath }}
unmountOnExit
>
{selectedPath && (
<div style={{ padding: '8px 12px', marginBottom: 12, background: 'var(--color-fill-2)', borderRadius: 4 }}>
<Typography.Text copyable style={{ fontSize: 13 }}>
{selectedPath}
</Typography.Text>
</div>
)}
{loading ? (
<Spin style={{ display: 'block', textAlign: 'center', padding: 40 }} />
) : treeData.length === 0 ? (
<Typography.Text type="secondary" style={{ display: 'block', textAlign: 'center', padding: 40 }}>
</Typography.Text>
) : (
<div style={{ maxHeight: 420, overflow: 'auto', border: '1px solid var(--color-border)', borderRadius: 4, padding: '4px 0' }}>
<Tree
blockNode
showLine
treeData={treeData as any}
selectedKeys={selectedPath ? [selectedPath] : []}
onSelect={(keys) => {
if (keys.length > 0) {
setSelectedPath(keys[0] as string)
}
}}
loadMore={handleLoadMore}
icons={{ switcherIcon: <IconFolder style={{ fontSize: 14 }} /> }}
/>
</div>
)}
</Modal>
</>
)
}

5
web/src/layouts/AppLayout.tsx
View File

@@ -13,6 +13,7 @@ import {
IconDown,
IconCloud,
IconDesktop,
IconList,
} from '@arco-design/web-react/icon'
import { useState } from 'react'
import { Outlet, useLocation, useNavigate } from 'react-router-dom'
@@ -37,6 +38,9 @@ function resolveSelectedKey(pathname: string) {
if (pathname.startsWith('/settings/notifications')) {
return '/settings/notifications'
}
if (pathname.startsWith('/audit')) {
return '/audit'
}
if (pathname.startsWith('/nodes')) {
return '/nodes'
}
@@ -53,6 +57,7 @@ const menuItems = [
{ key: '/storage-targets', label: '存储目标', icon: <IconStorage /> },
{ key: '/nodes', label: '节点管理', icon: <IconDesktop /> },
{ key: '/settings/notifications', label: '通知配置', icon: <IconNotification /> },
{ key: '/audit', label: '审计日志', icon: <IconList /> },
{ key: '/settings', label: '系统设置', icon: <IconSettings /> },
]

154
web/src/pages/audit/AuditLogsPage.tsx Normal file
View File

@@ -0,0 +1,154 @@
import { PageHeader, Select, Space, Table, Tag, Typography } from '@arco-design/web-react'
import type { ColumnProps } from '@arco-design/web-react/es/Table'
import { useCallback, useEffect, useState } from 'react'
import { listAuditLogs } from '../../services/audit'
import type { AuditLog } from '../../types/audit'
import { formatDateTime } from '../../utils/format'
import { resolveErrorMessage } from '../../utils/error'
const categoryOptions = [
{ label: '全部', value: '' },
{ label: '认证', value: 'auth' },
{ label: '存储目标', value: 'storage_target' },
{ label: '备份任务', value: 'backup_task' },
{ label: '备份记录', value: 'backup_record' },
{ label: '系统设置', value: 'settings' },
]
const categoryLabels: Record<string, string> = {
auth: '认证',
storage_target: '存储目标',
backup_task: '备份任务',
backup_record: '备份记录',
settings: '系统设置',
}
const actionLabels: Record<string, string> = {
login_success: '登录成功',
login_failed: '登录失败',
setup: '系统初始化',
change_password: '修改密码',
create: '创建',
update: '更新',
delete: '删除',
enable: '启用',
disable: '停用',
run: '执行',
restore: '恢复',
}
const PAGE_SIZE = 20
const columns: ColumnProps<AuditLog>[] = [
{
title: '时间',
dataIndex: 'createdAt',
width: 180,
render: (_, record) => formatDateTime(record.createdAt),
},
{
title: '分类',
dataIndex: 'category',
width: 100,
render: (_, record) => (
<Tag bordered>{categoryLabels[record.category] ?? record.category}</Tag>
),
},
{
title: '操作',
dataIndex: 'action',
width: 100,
render: (_, record) => actionLabels[record.action] ?? record.action,
},
{
title: '用户',
dataIndex: 'username',
width: 100,
},
{
title: '目标',
dataIndex: 'targetName',
width: 160,
render: (_, record) => record.targetName || record.targetId || '-',
},
{
title: '详情',
dataIndex: 'detail',
render: (_, record) => record.detail || '-',
},
{
title: 'IP',
dataIndex: 'clientIp',
width: 130,
render: (_, record) => record.clientIp || '-',
},
]
export function AuditLogsPage() {
const [logs, setLogs] = useState<AuditLog[]>([])
const [total, setTotal] = useState(0)
const [loading, setLoading] = useState(true)
const [error, setError] = useState('')
const [category, setCategory] = useState('')
const [page, setPage] = useState(1)
const fetchData = useCallback(async (cat: string, currentPage: number) => {
setLoading(true)
try {
const result = await listAuditLogs({
category: cat || undefined,
limit: PAGE_SIZE,
offset: (currentPage - 1) * PAGE_SIZE,
})
setLogs(result.items ?? [])
setTotal(result.total ?? 0)
setError('')
} catch (loadError) {
setError(resolveErrorMessage(loadError, '加载审计日志失败'))
} finally {
setLoading(false)
}
}, [])
useEffect(() => {
void fetchData(category, page)
}, [category, page, fetchData])
function handleCategoryChange(value: string) {
setCategory(value)
setPage(1)
}
return (
<Space direction="vertical" size="large" style={{ width: '100%' }}>
<PageHeader
style={{ paddingBottom: 0 }}
title="审计日志"
subTitle="记录系统中所有关键操作,保障数据操作链可溯源"
/>
{error ? <Typography.Text type="error">{error}</Typography.Text> : null}
<Space>
<Select
style={{ width: 160 }}
value={category}
options={categoryOptions}
onChange={handleCategoryChange}
placeholder="筛选分类"
/>
</Space>
<Table
columns={columns}
data={logs}
rowKey="id"
loading={loading}
pagination={{
total,
current: page,
pageSize: PAGE_SIZE,
onChange: setPage,
showTotal: true,
}}
/>
</Space>
)
}

5
web/src/pages/backup-records/BackupRecordsPage.tsx
View File

@@ -98,6 +98,11 @@ export function BackupRecordsPage() {
<Space direction="vertical" size={2}>
<Typography.Text>{record.fileName || '-'}</Typography.Text>
<Typography.Text type="secondary">{formatBytes(record.fileSize)}</Typography.Text>
{record.checksum && (
<Typography.Text type="secondary" copyable style={{ fontSize: 11 }}>
SHA-256: {record.checksum.substring(0, 16)}...
</Typography.Text>
)}
</Space>
),
},

53
web/src/pages/backup-tasks/BackupTasksPage.tsx
View File

@@ -5,9 +5,10 @@ import { BackupTaskDetailDrawer } from '../../components/backup-tasks/BackupTask
import { BackupTaskFormDrawer } from '../../components/backup-tasks/BackupTaskFormDrawer'
import { getBackupTaskStatusColor, getBackupTaskStatusLabel, getBackupTaskTypeLabel } from '../../components/backup-tasks/field-config'
import { createBackupTask, deleteBackupTask, getBackupTask, listBackupTasks, runBackupTask, toggleBackupTask, updateBackupTask } from '../../services/backup-tasks'
import { listStorageTargets } from '../../services/storage-targets'
import { listNodes } from '../../services/nodes'
import { createStorageTarget, listStorageTargets, startGoogleDriveAuth, testStorageTarget } from '../../services/storage-targets'
import type { BackupTaskDetail, BackupTaskPayload, BackupTaskSummary } from '../../types/backup-tasks'
import type { StorageTargetSummary } from '../../types/storage-targets'
import type { StorageTargetPayload, StorageTargetSummary } from '../../types/storage-targets'
import { resolveErrorMessage } from '../../utils/error'
import { formatDateTime } from '../../utils/format'
@@ -22,15 +23,20 @@ export function BackupTasksPage() {
const [editingTask, setEditingTask] = useState<BackupTaskDetail | null>(null)
const [detailTask, setDetailTask] = useState<BackupTaskDetail | null>(null)
const [error, setError] = useState('')
const [localNodeId, setLocalNodeId] = useState<number | undefined>(undefined)
const enabledStorageTargets = useMemo(() => storageTargets.filter((item) => item.enabled), [storageTargets])
const loadData = useCallback(async () => {
setLoading(true)
try {
const [taskList, targetList] = await Promise.all([listBackupTasks(), listStorageTargets()])
const [taskList, targetList, nodeList] = await Promise.all([listBackupTasks(), listStorageTargets(), listNodes()])
setTasks(taskList)
setStorageTargets(targetList)
const localNode = nodeList.find((n) => n.isLocal)
if (localNode) {
setLocalNodeId(localNode.id)
}
setError('')
} catch (loadError) {
setError(resolveErrorMessage(loadError, '加载备份任务失败'))
@@ -123,6 +129,28 @@ export function BackupTasksPage() {
}
}
async function handleCreateStorageTarget(value: StorageTargetPayload) {
const result = await createStorageTarget(value)
Message.success('存储目标已创建')
return result
}
async function handleTestStorageTarget(value: StorageTargetPayload) {
const result = await testStorageTarget(value)
Message.success(result.message)
return result
}
async function handleGoogleDriveAuth(value: StorageTargetPayload, targetId?: number) {
const result = await startGoogleDriveAuth(value, targetId)
window.open(result.authUrl, '_blank')
}
async function reloadStorageTargets() {
const targetList = await listStorageTargets()
setStorageTargets(targetList)
}
const columns = [
{
title: '任务名称',
@@ -146,8 +174,18 @@ export function BackupTasksPage() {
},
{
title: '存储目标',
dataIndex: 'storageTargetName',
render: (value: string) => value || '-',
dataIndex: 'storageTargetNames',
render: (_: unknown, record: BackupTaskSummary) => {
const names = record.storageTargetNames?.length > 0 ? record.storageTargetNames : record.storageTargetName ? [record.storageTargetName] : []
if (names.length === 0) return '-'
return (
<Space size={4} wrap>
{names.map((name, i) => (
<Tag key={i} color="arcoblue" bordered>{name}</Tag>
))}
</Space>
)
},
},
{
title: '策略',
@@ -228,11 +266,16 @@ export function BackupTasksPage() {
loading={submitting}
initialValue={editingTask}
storageTargets={enabledStorageTargets}
localNodeId={localNodeId}
onCancel={() => {
setDrawerVisible(false)
setEditingTask(null)
}}
onSubmit={handleSubmit}
onCreateStorageTarget={handleCreateStorageTarget}
onTestStorageTarget={handleTestStorageTarget}
onGoogleDriveAuth={handleGoogleDriveAuth}
onStorageTargetCreated={reloadStorageTargets}
/>
<BackupTaskDetailDrawer

15
web/src/pages/storage-targets/StorageTargetsPage.tsx
View File

@@ -9,6 +9,7 @@ import {
startGoogleDriveAuth,
testSavedStorageTarget,
testStorageTarget,
toggleStorageTargetStar,
updateStorageTarget,
} from '../../services/storage-targets'
import type { StorageConnectionTestResult, StorageTargetDetail, StorageTargetPayload, StorageTargetSummary } from '../../types/storage-targets'
@@ -148,6 +149,15 @@ export function StorageTargetsPage() {
}
}
async function handleToggleStar(id: number) {
try {
await toggleStorageTargetStar(id)
await loadTargets()
} catch (starError) {
Message.error(resolveErrorMessage(starError))
}
}
async function handleGoogleDriveAuth(value: StorageTargetPayload, targetId?: number) {
try {
const result = await startGoogleDriveAuth(value, targetId)
@@ -194,7 +204,7 @@ export function StorageTargetsPage() {
<Space size="large" align="start" style={{ marginBottom: 16, width: '100%', justifyContent: 'space-between' }}>
<div>
<Typography.Title heading={6} style={{ marginBottom: 4 }}>
{target.name}
{target.starred ? '★ ' : ''}{target.name}
</Typography.Title>
<Space>
{getStorageTargetTypeLabel(target.type) && <Tag color="arcoblue" bordered>{getStorageTargetTypeLabel(target.type)}</Tag>}
@@ -211,6 +221,9 @@ export function StorageTargetsPage() {
<Typography.Text type="secondary">{target.updatedAt}</Typography.Text>
<Space wrap size="mini">
<Button size="small" type="text" onClick={() => void handleToggleStar(target.id)}>
{target.starred ? '取消收藏' : '收藏'}
</Button>
<Button size="small" type="text" onClick={() => void openEdit(target.id)} loading={submitting && editingTarget?.id === target.id}>
</Button>

2
web/src/router/index.tsx
View File

@@ -8,6 +8,7 @@ import { BackupTasksPage } from '../pages/backup-tasks/BackupTasksPage'
import { GoogleDriveCallbackPage } from '../pages/storage-targets/GoogleDriveCallbackPage'
import { StorageTargetsPage } from '../pages/storage-targets/StorageTargetsPage'
import { SettingsPage } from '../pages/settings/SettingsPage'
import { AuditLogsPage } from '../pages/audit/AuditLogsPage'
import NodesPage from '../pages/nodes/NodesPage'
import { ProtectedRoute } from './ProtectedRoute'
@@ -32,6 +33,7 @@ export function RouterView() {
<Route path="settings" element={<SettingsPage />} />
<Route path="settings/notifications" element={<NotificationsPage />} />
<Route path="nodes" element={<NodesPage />} />
<Route path="audit" element={<AuditLogsPage />} />
<Route path="system-info" element={<Navigate to="/settings" replace />} />
</Route>
<Route path="*" element={<Navigate to="/" replace />} />

7
web/src/services/audit.ts Normal file
View File

@@ -0,0 +1,7 @@
import { http } from './http'
import type { AuditLogListResult } from '../types/audit'
export async function listAuditLogs(params: { category?: string; limit?: number; offset?: number }) {
const response = await http.get<{ code: string; message: string; data: AuditLogListResult }>('/audit-logs', { params })
return response.data.data
}

18
web/src/services/database.ts Normal file
View File

@@ -0,0 +1,18 @@
import { http, type ApiEnvelope, unwrapApiEnvelope } from './http'
export interface DatabaseDiscoverPayload {
type: 'mysql' | 'postgresql'
host: string
port: number
user: string
password: string
}
interface DatabaseDiscoverResult {
databases: string[]
}
export async function discoverDatabases(payload: DatabaseDiscoverPayload): Promise<string[]> {
const response = await http.post<ApiEnvelope<DatabaseDiscoverResult>>('/database/discover', payload, { timeout: 10000 })
return unwrapApiEnvelope(response.data).databases ?? []
}

5
web/src/services/storage-targets.ts
View File

@@ -74,6 +74,11 @@ export interface StorageTargetUsage {
totalSize: number
}
export async function toggleStorageTargetStar(id: number) {
const response = await http.put<ApiEnvelope<StorageTargetSummary>>(`/storage-targets/${id}/star`)
return unwrap(response.data)
}
export async function getStorageTargetUsage(id: number) {
const response = await http.get<ApiEnvelope<StorageTargetUsage>>(`/storage-targets/${id}/usage`)
return unwrap(response.data)

18
web/src/types/audit.ts Normal file
View File

@@ -0,0 +1,18 @@
export interface AuditLog {
id: number
userId: number
username: string
category: string
action: string
targetType: string
targetId: string
targetName: string
detail: string
clientIp: string
createdAt: string
}
export interface AuditLogListResult {
items: AuditLog[]
total: number
}

11
web/src/types/backup-records.ts
View File

@@ -19,6 +19,7 @@ export interface BackupRecordSummary {
status: BackupRecordStatus
fileName: string
fileSize: number
checksum: string
storagePath: string
durationSeconds: number
errorMessage: string
@@ -26,9 +27,19 @@ export interface BackupRecordSummary {
completedAt?: string
}
export interface StorageUploadResultItem {
storageTargetId: number
storageTargetName: string
status: 'success' | 'failed'
storagePath?: string
fileSize?: number
error?: string
}
export interface BackupRecordDetail extends BackupRecordSummary {
logContent: string
logEvents?: BackupLogEvent[]
storageUploadResults?: StorageUploadResultItem[]
}
export interface BackupRecordListFilter {

5
web/src/types/backup-tasks.ts
View File

@@ -10,6 +10,8 @@ export interface BackupTaskSummary {
cronExpr: string
storageTargetId: number
storageTargetName: string
storageTargetIds: number[]
storageTargetNames: string[]
nodeId: number
nodeName?: string
tags: string
@@ -24,6 +26,7 @@ export interface BackupTaskSummary {
export interface BackupTaskDetail extends BackupTaskSummary {
sourcePath: string
sourcePaths: string[]
excludePatterns: string[]
dbHost: string
dbPort: number
@@ -40,6 +43,7 @@ export interface BackupTaskPayload {
enabled: boolean
cronExpr: string
sourcePath: string
sourcePaths: string[]
excludePatterns: string[]
dbHost: string
dbPort: number
@@ -48,6 +52,7 @@ export interface BackupTaskPayload {
dbName: string
dbPath: string
storageTargetId: number
storageTargetIds: number[]
nodeId: number
tags: string
retentionDays: number

1
web/src/types/storage-targets.ts
View File

@@ -8,6 +8,7 @@ export interface StorageTargetSummary {
type: StorageTargetType
description: string
enabled: boolean
starred: boolean
updatedAt: string
lastTestedAt?: string
lastTestStatus: StorageTestStatus