feat(ns-plug): dual-send backup to my-new proxy#1608
Merged
Conversation
28 tasks
edospadoni
force-pushed
the
feat/backup-dual-send-proxy
branch
from
b5b223b to
9473670
Compare
This was referenced Apr 23, 2026
20 tasks
gsanchietti
requested changes
May 13, 2026
Member
gsanchietti
left a comment
gsanchietti
left a comment
There was a problem hiding this comment.
The change should be done inside the remote-backup script, under the upload action
edospadoni
force-pushed
the
feat/backup-dual-send-proxy
branch
2 times, most recently
from
cef0034 to
5ae3c78
Compare
gsanchietti
approved these changes
May 19, 2026
gsanchietti
force-pushed
the
feat/backup-dual-send-proxy
branch
from
5ae3c78 to
2852dd5
Compare
Adds a second upload to https://my.nethesis.it/proxy/backup after remote-backup finishes its upload to backupd.nethesis.it. Same transitional pattern already used by send-heartbeat and send-inventory: the proxy accepts the existing system_id:secret Basic Auth pair and translates it into the my-new system_key:system_secret on its way to the new collect endpoint, so no UCI or registration change is needed on the appliance. Gated to enterprise subscriptions via `TYPE = enterprise` to stay in sync with the other dual-send scripts. Best-effort (`|| :`): a proxy outage does not block the primary upload that already completed against backupd, and the md5 marker is still updated so the same backup is not re-uploaded the next night. X-Filename is propagated so the user-facing filename ends up as S3 object metadata on my-new. Refs: NethServer/my#82 NethServer/my#83
edospadoni
force-pushed
the
feat/backup-dual-send-proxy
branch
from
2852dd5 to
3a1c3e9
Compare
Copilot stopped work on behalf of
gsanchietti due to an error
May 19, 2026 08:20
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
During the migration window, mirror every configuration-backup upload to the new my.nethesis.it platform via the translation proxy, in addition to the existing upload to the legacy
backupd.nethesis.it. The mirror lives inremote-backup'suploadaction so it covers every backup path (the nightlysend-backupcron and manual backups triggered from the UI), and so the eventual cutover is a single localized change to the same file.Context
The new my.nethesis.it platform ships a first-class configuration-backup subsystem (ingest on
collect, managed reads onbackend, S3-compatible storage) — see the referenced issues. During the migration window NethSecurity keeps uploading to the legacy backupd and dual-sends to my-new via a translation proxy (nethinfrarole). The proxy accepts the existingsystem_id:secretBasic Auth pair and translates it into the my-newsystem_key:system_secretas it forwards the request tocollect, so nothing changes on the appliance in terms of UCI config or registration.What changes
packages/ns-plug/files/remote-backup,uploadaction only:curl ... --upload-fileto the legacy backupd completes, its exit code is captured (rc=$?).ns-plug.config.type == enterprise, the same encrypted blob isPOSTed tohttps://my.nethesis.it/proxy/backupwith--data-binary "@$file", reusing the existing$curl_args(--silent --location-trusted --user $SYSTEM_ID:$SYSTEM_SECRET— the proxy translates that legacy pair).Content-Type: application/octet-streamandX-Filenameare set so the blob and its user-facing name land as proper S3 object + metadata on my-new.|| :): a proxy outage must not fail the primary upload that already succeeded against backupd.exit $rc— the primary backupd upload's exit status is what propagates to the caller, sosend-backup'sset -estill aborts on a real legacy-upload failure and the md5 dedup marker is not advanced on a failed run (the backup is retried next night). The best-effort mirror never masks a primary failure.packages/ns-plug/files/send-backupis unchanged (identical tomain). Putting the dual-send in the transport layer (remote-backup) instead of the cron wrapper is what the review asked for, and it also means a backup triggered manually from the UI is mirrored too, not just the cron one.Verified end-to-end on a real NethSecurity appliance: script runs under busybox/ash,
$curl_argsreuse works, a failing primary still fires the best-effort mirror,rc/exit $rcpropagates the primary status, and the mirrored blob lands intact on my-new (matching SHA-256,X-Filename→ object metadata,application/octet-streamcontent type).Not included
collectcall, a single-file change toremote-backup).Refs: NethServer/my#82 NethServer/my#83