Add SFTP connection and file management script

- Implemented a Python script using Paramiko to connect to an SFTP server. - Added functionality to list files in the current directory and check for the existence of a '/backups' directory. - Included error handling for directory listing and creation. - Implemented a test upload feature to verify file upload capabilities. - Added cleanup for uploaded test files and ensured proper connection closure.
2026-01-02 12:52:47 +01:00 · 2026-01-02 12:52:47 +01:00 · 1b5085de21
commit 1b5085de21
parent e45b1ed19e
8 changed files with 283 additions and 14 deletions
--- a/.env.bak
+++ b/.env.bak
@ -34,31 +34,37 @@ LOG_FILE=logs/app.log
 # Repository: https://g.bmcnetworks.dk/ct/bmc_hub
 GITHUB_REPO=ct/bmc_hub
 # =====================================================
 # OLLAMA AI INTEGRATION
 # =====================================================
 OLLAMA_ENDPOINT=http://ai_direct.cs.blaahund.dk
 OLLAMA_MODEL=qwen2.5-coder:7b
 # =====================================================
 # e-conomic Integration (Optional)
 # =====================================================
 # Get credentials from e-conomic Settings -> Integrations -> API
 ECONOMIC_API_URL=https://restapi.e-conomic.com
-ECONOMIC_APP_SECRET_TOKEN=your_app_secret_token_here
+ECONOMIC_APP_SECRET_TOKEN=wy8ZhYBLsKhx8McirhvoBR9B6ILuoYJkEaiED5ijsA8
-ECONOMIC_AGREEMENT_GRANT_TOKEN=your_agreement_grant_token_here
+ECONOMIC_AGREEMENT_GRANT_TOKEN=5AhipRpMpoLx3uklPMQZbtZ4Zw4mV9lDuFI264II0lE
 # 🚨 SAFETY SWITCHES - Beskytter mod utilsigtede ændringer
 ECONOMIC_READ_ONLY=true   # Set to false ONLY after testing
 ECONOMIC_DRY_RUN=true     # Set to false ONLY when ready for production writes
-# vTiger CRM Integration (for Time Tracking Module)
+# =====================================================
 # vTiger Cloud Integration (Required for Subscriptions)
 # =====================================================
 VTIGER_URL=https://bmcnetworks.od2.vtiger.com
 VTIGER_USERNAME=ct@bmcnetworks.dk
 VTIGER_API_KEY=bD8cW8zRFuKpPZ2S
 # =====================================================
 # Simply-CRM / Old vTiger On-Premise (Legacy)
 # =====================================================
 # Old vTiger installation - leave empty if not used
 OLD_VTIGER_URL=https://bmcnetworks.simply-crm.dk
 OLD_VTIGER_USERNAME=ct
 OLD_VTIGER_API_KEY=b00ff2b7c08d591
 # =====================================================
 # Time Tracking Module Settings
-TIMETRACKING_DEFAULT_HOURLY_RATE=1200.00  # Standard timepris i DKK
+# =====================================================
 TIMETRACKING_DEFAULT_HOURLY_RATE=1200.00
 TIMETRACKING_AUTO_ROUND=true
 TIMETRACKING_ROUND_INCREMENT=0.5
 TIMETRACKING_ROUND_METHOD=up
@ -66,6 +72,15 @@ TIMETRACKING_ROUND_METHOD=up
 # Time Tracking Safety Switches
 TIMETRACKING_VTIGER_READ_ONLY=true
 TIMETRACKING_VTIGER_DRY_RUN=true
-TIMETRACKING_ECONOMIC_READ_ONLY=true
+TIMETRACKING_ECONOMIC_READ_ONLY=false
-TIMETRACKING_ECONOMIC_DRY_RUN=true
+TIMETRACKING_ECONOMIC_DRY_RUN=false
 # =====================================================
 # Simply-CRM (Separate CRM System)
 # =====================================================
 # Simply-CRM er et separat system fra vTiger Cloud
 # Find credentials i Simply-CRM: Settings → My Preferences → Webservices
 SIMPLYCRM_URL=https://bmcnetworks.simply-crm.dk
 SIMPLYCRM_USERNAME=ct
 SIMPLYCRM_API_KEY=b00ff2b7c08d591
 BACKUP_RESTORE_DRY_RUN=false
--- a/.env.bak2
+++ b/.env.bak2
@ -0,0 +1,96 @@
 # =====================================================
 # POSTGRESQL DATABASE - Local Development
 # =====================================================
 DATABASE_URL=postgresql://bmc_hub:bmc_hub@postgres:5432/bmc_hub
 # Database credentials (bruges af docker-compose)
 POSTGRES_USER=bmc_hub
 POSTGRES_PASSWORD=bmc_hub
 POSTGRES_DB=bmc_hub
 POSTGRES_PORT=5433
 # =====================================================
 # API CONFIGURATION
 # =====================================================
 API_HOST=0.0.0.0
 API_PORT=8001
 API_RELOAD=true
 # =====================================================
 # SECURITY
 # =====================================================
 SECRET_KEY=change-this-in-production-use-random-string
 CORS_ORIGINS=http://localhost:8000,http://localhost:3000
 # =====================================================
 # LOGGING
 # =====================================================
 LOG_LEVEL=INFO
 LOG_FILE=logs/app.log
 # =====================================================
 # GITHUB/GITEA REPOSITORY (Optional - for reference)
 # =====================================================
 # Repository: https://g.bmcnetworks.dk/ct/bmc_hub
 GITHUB_REPO=ct/bmc_hub
 # =====================================================
 # e-conomic Integration (Optional)
 # =====================================================
 # Get credentials from e-conomic Settings -> Integrations -> API
 ECONOMIC_API_URL=https://restapi.e-conomic.com
 ECONOMIC_APP_SECRET_TOKEN=wy8ZhYBLsKhx8McirhvoBR9B6ILuoYJkEaiED5ijsA8
 ECONOMIC_AGREEMENT_GRANT_TOKEN=5AhipRpMpoLx3uklPMQZbtZ4Zw4mV9lDuFI264II0lE
 # 🚨 SAFETY SWITCHES - Beskytter mod utilsigtede ændringer
 ECONOMIC_READ_ONLY=true   # Set to false ONLY after testing
 ECONOMIC_DRY_RUN=true     # Set to false ONLY when ready for production writes
 # =====================================================
 # vTiger Cloud Integration (Required for Subscriptions)
 # =====================================================
 VTIGER_URL=https://bmcnetworks.od2.vtiger.com
 VTIGER_USERNAME=ct@bmcnetworks.dk
 VTIGER_API_KEY=bD8cW8zRFuKpPZ2S
 # =====================================================
 # Simply-CRM / Old vTiger On-Premise (Legacy)
 # =====================================================
 # Old vTiger installation - leave empty if not used
 OLD_VTIGER_URL=https://bmcnetworks.simply-crm.dk
 OLD_VTIGER_USERNAME=ct
 OLD_VTIGER_API_KEY=b00ff2b7c08d591
 # =====================================================
 # Time Tracking Module Settings
 # =====================================================
 TIMETRACKING_DEFAULT_HOURLY_RATE=1200.00
 TIMETRACKING_AUTO_ROUND=true
 TIMETRACKING_ROUND_INCREMENT=0.5
 TIMETRACKING_ROUND_METHOD=up
 # Time Tracking Safety Switches
 TIMETRACKING_VTIGER_READ_ONLY=true
 TIMETRACKING_VTIGER_DRY_RUN=true
 TIMETRACKING_ECONOMIC_READ_ONLY=false
 TIMETRACKING_ECONOMIC_DRY_RUN=false
 # =====================================================
 # Simply-CRM (Separate CRM System)
 # =====================================================
 # Simply-CRM er et separat system fra vTiger Cloud
 # Find credentials i Simply-CRM: Settings → My Preferences → Webservices
 SIMPLYCRM_URL=https://bmcnetworks.simply-crm.dk
 SIMPLYCRM_USERNAME=ct
 SIMPLYCRM_API_KEY=b00ff2b7c08d591
 BACKUP_RESTORE_DRY_RUN=false
 # =====================================================
 # OFFSITE BACKUP - SFTP
 # =====================================================
 OFFSITE_ENABLED=true
 SFTP_HOST=sftp.acdu.dk
 SFTP_PORT=9022
 SFTP_USER=sftp_bmccrm
 SFTP_PASSWORD=9,Bg_U9,Bg_U9,Bg_U
 SFTP_REMOTE_PATH=/backups
--- a/BACKUP_RESTORE_TEST_PLAN.md
+++ b/BACKUP_RESTORE_TEST_PLAN.md
@ -0,0 +1,88 @@
 # Sikker Test Plan for Backup Restore
 ## ✅ SAFETY CHECKLIST
 ### Før test:
 - [x] **Emergency backup oprettet**: `/manual_backup_*/emergency_backup_before_restore_test.dump`
 - [x] **DRY_RUN mode aktiveret**: `BACKUP_RESTORE_DRY_RUN=true` (default)
 - [ ] **Test på ikke-kritisk data**: Slet eller ændr noget test-data først
 ### Test Fase 1: DRY-RUN (Sikker - ingen ændringer)
 ```bash
 # 1. Kør restore i DRY-RUN mode (gør INGENTING - kun logger)
 curl -X POST http://localhost:8001/api/v1/backups/restore/17 \
  -H "Content-Type: application/json" \
  -d '{"confirmation": true}'
 # Forventet: "DRY RUN MODE: Would restore..." i logs
 docker-compose logs api --tail 20 | grep "DRY RUN"
 ```
 ### Test Fase 2: Recovery Test (Valgfri)
 ```bash
 # 2. Lav en lille test-ændring i databasen
 docker-compose exec postgres psql -U bmc_hub -d bmc_hub -c \
  "INSERT INTO backup_jobs (job_type, status, backup_format, started_at) 
   VALUES ('database', 'completed', 'dump', NOW());"
 # 3. Tjek at test-data findes
 docker-compose exec postgres psql -U bmc_hub -d bmc_hub -c \
  "SELECT COUNT(*) FROM backup_jobs;"
 # 4. Restore fra backup (DISABLED indtil du er klar)
 # echo "BACKUP_RESTORE_DRY_RUN=false" >> .env
 # docker-compose restart api
 # curl -X POST http://localhost:8001/api/v1/backups/restore/16 -H "Content-Type: application/json" -d '{"confirmation": true}'
 # 5. Verificer at test-data er væk (restore virkede)
 docker-compose exec postgres psql -U bmc_hub -d bmc_hub -c \
  "SELECT COUNT(*) FROM backup_jobs;"
 ```
 ### Emergency Recovery (hvis noget går galt)
 ```bash
 # Restore fra emergency backup
 docker-compose exec postgres dropdb -U bmc_hub --if-exists bmc_hub
 docker-compose exec postgres createdb -U bmc_hub bmc_hub
 docker-compose exec postgres pg_restore -U bmc_hub -d bmc_hub -Fc < \
  manual_backup_*/emergency_backup_before_restore_test.dump
 # Genstart API
 docker-compose restart api
 ```
 ## 🛡️ SAFETY FEATURES I KODEN
 1. **BACKUP_RESTORE_DRY_RUN=true** (default) - blokerer alle restores
 2. **BACKUP_READ_ONLY=true** - blokerer restores hvis sat
 3. **Checksum verification** - verificerer fil integritet før restore
 4. **File lock** - forhindrer concurrent restores
 5. **Maintenance mode** - sætter system i maintenance under restore
 ## ⚠️ VIGTIG ADVARSEL
 **RESTORE OVERSKRIVER AL DATA I DATABASEN!**
 Før du deaktiverer DRY-RUN mode:
 1. Tag ALTID en emergency backup først (allerede gjort ✅)
 2. Test på en development/staging server først
 3. Sørg for at backup filen er den rigtige
 4. Kommuniker med brugere hvis på produktion
 ## 🚀 Når du er klar til rigtig restore:
 1. Tilføj i `.env`:
   ```
   BACKUP_RESTORE_DRY_RUN=false
   ```
 2. Genstart API:
   ```bash
   docker-compose restart api
   ```
 3. Test restore via UI eller curl
 ---
 **Oprettet**: 2. januar 2026
 **Emergency Backup**: manual_backup_20260102_103605/emergency_backup_before_restore_test.dump (2.8MB)
--- a/main.py
+++ b/main.py
@ -47,7 +47,7 @@ from app.emails.backend import router as emails_api
 from app.emails.frontend import views as emails_views
 from app.settings.backend import router as settings_api
 from app.settings.backend import views as settings_views
-from app.backups.backend import router as backups_api
+from app.backups.backend.router import router as backups_api
 from app.backups.frontend import views as backups_views
 # Configure logging
@ -119,7 +119,7 @@ app.include_router(timetracking_api, prefix="/api/v1", tags=["Time Tracking"])
 app.include_router(tags_api.router, prefix="/api/v1", tags=["Tags"])
 app.include_router(emails_api.router, prefix="/api/v1", tags=["Emails"])
 app.include_router(settings_api.router, prefix="/api/v1", tags=["Settings"])
-app.include_router(backups_api.router, prefix="/api/v1", tags=["Backups"])
+app.include_router(backups_api, prefix="/api/v1", tags=["Backups"])
 # Frontend Routers
 app.include_router(dashboard_views.router, tags=["Frontend"])
--- a/manual_backup_20260102_103605/emergency_backup_before_restore_test.dump
+++ b/manual_backup_20260102_103605/emergency_backup_before_restore_test.dump
--- a/manual_backup_20260102_104430/manual_backup_20260102_104443/safety_backup_20260102_104444.dump
+++ b/manual_backup_20260102_104430/manual_backup_20260102_104443/safety_backup_20260102_104444.dump
--- a/manual_backup_20260102_104430/uploads_backup_20260102_104449.tar.gz
+++ b/manual_backup_20260102_104430/uploads_backup_20260102_104449.tar.gz
--- a/test_sftp.py
+++ b/test_sftp.py
@ -0,0 +1,70 @@
 #!/usr/bin/env python3
 import paramiko
 ssh = paramiko.SSHClient()
 ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
 try:
    print("🔌 Connecting to SFTP...")
    ssh.connect(
        hostname='sftp.acdu.dk',
        port=9022,
        username='sftp_bmccrm',
        password='9,Bg_U9,Bg_U9,Bg_U',
        timeout=10
    )
    sftp = ssh.open_sftp()
    print("✅ Connected to SFTP\n")
    # List current directory
    print(f"📁 Current directory: {sftp.getcwd() or '/'}\n")
    print("📂 Files in root:")
    for item in sftp.listdir():
        try:
            stat = sftp.stat(item)
            is_dir = stat.st_mode & 0o40000
            print(f"  {'📁' if is_dir else '📄'} {item} ({stat.st_size} bytes)")
        except Exception as e:
            print(f"  ❓ {item} (error: {e})")
    # Try to list /backups
    print("\n📂 Checking /backups:")
    try:
        files = sftp.listdir('/backups')
        print(f"  ✅ /backups exists, contains {len(files)} items")
        for f in files[:5]:
            print(f"    - {f}")
    except Exception as e:
        print(f"  ⚠️  /backups: {e}")
        # Try to create it
        print("\n  Trying to create /backups...")
        try:
            sftp.mkdir('/backups')
            print("  ✅ Created /backups")
        except Exception as e2:
            print(f"  ❌ Cannot create: {e2}")
    # Try current directory upload
    print("\n📤 Testing upload to current directory...")
    test_file = "/tmp/test_upload.txt"
    with open(test_file, 'w') as f:
        f.write("Test upload from BMC Hub")
    try:
        sftp.put(test_file, 'test_upload.txt')
        print("  ✅ Upload to root successful!")
        sftp.remove('test_upload.txt')
        print("  ✅ Cleanup successful")
    except Exception as e:
        print(f"  ❌ Upload failed: {e}")
    sftp.close()
    ssh.close()
    print("\n✅ Test complete")
 except Exception as e:
    print(f"❌ Connection failed: {e}")
    import traceback
    traceback.print_exc()