github tis24dev/proxsave v0.13.0
on GitHub

latest release: v0.13.1
13 hours ago

ProxSave v0.13.0

🧭 Major restore/category overhaul, staged SAFE-apply expansion, and storage/mount-guard hardening

This is a major release that significantly evolves both backup layout and restore capabilities. It introduces a broader staged-apply model (especially for access control and notifications), adds new transactional and rollback-protected restore paths (firewall/HA), hardens storage safety with mount guards and smarter /etc/fstab handling (including stable device remapping), and makes backup collection more configurable via feature-based and pattern-based exclusions. Diagnostics are also centralized and the overall UX/logging is clearer and safer.

  • Restore categories expanded + staged apply model upgraded:
    • Added new staged categories for PVE/PBS access control and notifications with dedicated restore UI hooks.
    • Added pbs_remotes, maintenance_pbs, and updated pbs_config to export-only (explicitly never writing full /etc/proxmox-backup back to the system; subsets are applied via staged categories).
    • Extended docs to explain handling types (Normal / Staged / Export-only) and introduced a “Pass 3” staged-apply phase in restore documentation.
  • Access control restore reworked with safer semantics:
    • PVE access control now supports 1:1 file apply to pmxcfs for standalone restores, preserving root@pam safety rails and ensuring root@pam keeps Admin on /.
    • PBS access control restored 1:1, while preserving root@pam and its tokens/TFA from the fresh install for safety.
    • Added an access-control rollback workflow (timed rollback + dedicated rollback backup) to reduce risk when applying sensitive identity/ACL changes.
  • Transactional restore additions (rollback-protected):
    • PVE firewall restore with transactional rollback timer, dedicated firewall rollback backup, and glob support for safety backup logic.
    • PVE HA restore via new pve_ha category with staged logic, rollback timer, confirmation workflow, and HA rollback backup integration.
    • Added PVE SDN staged restore handling (pve_sdn) with apply functions wired into the restore workflow.
  • Storage safety: mount guards + cleanup mode + improved ordering:
    • Introduced mount guard logic for PBS and PVE to protect mountpoints when storage is offline during restore (avoid accidental writes).
    • Added --cleanup-guards mode (with validation against conflicting flags) and a testable cleanup implementation that safely handles hidden/overmounted guards.
    • Reordered restore workflow to run fstab merge before PBS datastore config, and added guard application hooks earlier in staging.
  • Smarter /etc/fstab restore with stable device remapping:
    • Enhanced fstab restore to remap unstable /dev/* references to UUID/PARTUUID/LABEL using collected inventory (blkid/lsblk JSON/PBS inventory).
    • Improved SmartMergeFstab logic, user feedback, and added targeted tests for remapping and mount-guard interaction.
  • Backup category/layout reorganization + centralized diagnostics:
    • Centralized all ProxSave-generated diagnostics under var/lib/proxsave-info/ and removed legacy scattered output directories.
    • Fixed home restore mapping by storing /home/* under ./home/<user> (avoids restoring into legacy /users/... paths).
    • Expanded/reshaped category set (e.g. network/ssl/services, storage_stack, user_data, proxsave_info export-only) and added glob support for category path matching (e.g. auto.*).
    • Kept backward compatibility for legacy backups (resolv.conf repair + NIC inventory fallbacks).
  • Config snapshot collection now feature-aware (less noise, more intent):
    • Implemented selective feature-based exclusions for directory snapshots (without affecting other collectors).
    • PBS snapshot now excludes disabled-feature files (e.g. datastore.cfg, user.cfg, remote.cfg, sync.cfg, etc.) and logs per-file collection status.
    • PVE snapshot now respects feature flags for VM configs, firewall, ACL, jobs, cluster DB capture, corosync handling, and SSH key collection.
  • Exclusion patterns applied across archive packing + metadata/report generation:
    • Added exclusion support to tar packing (match against host and archive paths; works with or without leading slashes).
    • Skips excluded files/dirs consistently across copy helpers, command output reports, manifest writing, and backup metadata generation.
    • Added collection outcome tracking via FilesNotFound / FilesSkipped counters and richer status reporting for skipped config paths.
  • PBS coverage expansion (host/integrations, tape, S3, proxy/SSL):
    • Added staged PBS categories like pbs_host and pbs_tape, expanded datastore_pbs to include s3.cfg, and aligned categories/docs.
    • Enabled restore of PBS proxy configuration (proxy.cfg) and SSL assets (proxy.pem, proxy.key, ssl/) with updated tests/docs.
  • Improved restore UX and safety guidance (TFA/WebAuthn and TTY issues):
    • Better guidance and UI logic for restoring TFA/WebAuthn, including recommendations for network + ssl and warnings about hostname/origin changes.
    • Enhanced restore workflow UI to handle unexpected EOF on input, warning about possible TTY loss and suggesting re-running interactively.
  • Cloud backup discovery: clearer failures and timeout clarity:
    • Improved error handling/logging for manifest/metadata read errors during rclone-based discovery, with guidance for slow remotes and rclone failures.
    • Clarified RCLONE_TIMEOUT_CONNECTION as per-command during scanning (timer resets per rclone lsf/cat).
  • Observability and logging improvements:
    • Improved update-check logging in main.go (more visible Info-level messages).
    • Refined log line classification and filtering to ignore DEBUG lines even if they contain error keywords; expanded tests.
  • Collector refactors + storage inventory:
    • Split PBS datastore logic into dedicated modules and added a datastore inventory collector for advanced storage configs (LVM/ZFS/Multipath/iSCSI), critical files (including /etc/crypttab), and referenced keys.
    • Improved test hygiene and resource cleanup to prevent temp-directory leaks.
  • Installer robustness and portability:
    • Added centralized HTTP helpers (fetch/download) using curl/wget and made GitHub release tag fetch more robust (prefer jq with regex fallback).
  • Security and dependency updates:
    • Bumped dependencies including github.com/gdamore/tcell/v2 to 2.13.8, golang.org/x/term to 0.39.0, golang.org/x/crypto to 0.47.0, and golang.org/x/text to 0.33.0.
  • Additional hardening and correctness fixes:
    • Input deadline handling now returns context.DeadlineExceeded (with tests) instead of mapping deadlines to abort errors.
    • Improved /proc/self/mountinfo path unescaping with manual octal decoding, out-of-range preservation, and thorough unit tests.
    • PVE pool apply now handles “already exists” gracefully and ensures comments are set; includes new tests.
    • Notification restore now redacts sensitive fields to prevent secret leakage in command errors; includes tests.

Overall: a big step forward in restore safety and capability—new staged/transactional workflows, safer access control handling, mount-guarded storage restores, smarter fstab recovery, a cleaner backup/category layout, and stronger exclusions, diagnostics, and test coverage.

Changelog

Check out latest releases or
releases around tis24dev/proxsave v0.13.0

Don't miss a new proxsave release

NewReleases is sending notifications on new releases.

Get notifications