disabling remote instance by default

Author: ArtificialOwl

README.md

@@ -1,22 +1,31 @@
 # Backup
 
-This App allows admin to create backup images of their Nextcloud
+This App allows admin to create and store backup images of their Nextcloud
 
+## Restoring Points
 
+A restoring point is an image of your Nextcloud at a specific time. A restoring point can be:
 
-## Restoring Points
+- '**Complete**' (or Full) and contains a backup of :
+    * the instance of Nextcloud (core),
+    * the apps of the Nextcloud (from `apps/` and `custom_apps/`),
+    * A dump of the database,
+    * the data of the Nextcloud including users' files.
 
-A restoring point is an image of your Nextcloud at a specific time.
-A restoring point can be:
-- a '**full**' backup that contains all data that are managed by the App,
-- an '**incremental**' backup that only contains modified files since your last 'full' backup.
+- '**Partial**' (or Incremental) that contains a backup of :
+    * the instance of Nextcloud,
+    * the apps of the Nextcloud,
+    * A dump of the database,
+    * data that have been generated or edited since the last **Complete Backup**
 
 ### What data are available in a Restoring Point
 
-Please note that the Backup App will not store ALL data from your Nextcloud. As an example, remote files does not have backup.
+Please note that the Backup App will not store ALL data from your Nextcloud. As an example, remote files
+does not have backup.  
 This is a quick list of what can be restored and what cannot be restored when using the Backup App:
 
 A restoring point will store
+
 - your current Nextcloud,
 - the `apps/` folder,
 - your local data, defined by `'datadirectory'` in `config/config.php`,
@@ -25,14 +34,28 @@ A restoring point will store
 - A full dump of your database.
 
 A restoring point will **NOT** store:
+
 - Remote data, even if the filesystem is available locally.
 
-A Restoring Point also contains a file named `metadata.json` that contains information like:
+A Restoring Point also contains a file named `restoring-point.data` that contains metadata about the
+backup:
+
 - Version of your Nextcloud
-- The ID of the full backup in case of incremental backups,
+- The ID of the parent backup in case of partial backup,
 - The list of compressed file that contains the backup files,
 - Checksum for those files,
-- the date of the restoring point.
+- the date of the restoring point,
+- information related to the health of the files
+
+_Note: the file `restoring-point.data` can confirm the integrity of all files and parts of the backup. If
+the file is lost, it is still possible to restore a restoring point.  
+The normal process is to re-create the `restoring-point.data` a new one, however :
+
+- there is no way to confirm the integrity of content of the backup,
+- the restoring process will require some knowledge from the admin about the infrastructure from the
+  original instance that generated the backup.
+
+
 
 ## Quick documentation:
 
@@ -52,36 +75,31 @@ You can upload your backup files on a remote instance
 
     ./occ backup:remote:remove cloud.example.net
 
-
-**Note**: if you enable the backup on remote instance, it is strongly advice to [keep your current setup somewhere](), or 
-your files won't be available without your identity nor readable without your encryption key
-
+**Note**: if you enable the backup on remote instance, it is strongly advice
+to [keep your current setup somewhere](), or your files won't be available without your identity nor
+readable without your encryption key
 
 ### Manage your restoring point
 
-
 **Create a new Restoring Point**
 
     ./occ backup:point:create [--incremental]
 
 The `--incremental` option will create an incremental backup
 
-
 **Upload a Restoring Point**
 
     ./occ backup:point:upload <pointId>
 
-This will request all configured remote instances to check the sanity of any previous upload for this Restoring 
-Point, and will only upload missing/faulty file.
-
+This will request all configured remote instances to check the sanity of any previous upload for this
+Restoring Point, and will only upload missing/faulty file.
 
 **List restoring points**
 
     ./occ backup:point:list
 
 You can search and compare restoring point available locally and on configured remote instance.
 
-
 **Search for a specific file:**
 
     ./occ backup:file:search [--since|--until|--point] <string>
@@ -90,7 +108,6 @@ Search for a file, based on its name.
 
 example: `./occ backup:file:search test.jpg --since 2021-09-23`
 
-
 **History of specific a file:**
 
     ./occ backup:file:history [--since|--until] <dataPack> <fullPath>
@@ -99,59 +116,55 @@ Display the history of a file.
 
 example: `./occ backup:file:history data cult/files/backup1.md`
 
-
 **Import a Restoring Point**
 
-If you start using the app, you will face at one point a situation where an important Restoring Point is available somewhere but cannot be find in your database.
-As an example, when restoring a Backup, all Restoring Point created after this backup won't be in database anymore. This is normal as restoring the backup fully overwrite your database.
-In that case, you can run this command:
+If you start using the app, you will face at one point a situation where an important Restoring Point is
+available somewhere but cannot be find in your database. As an example, when restoring a Backup, all
+Restoring Point created after this backup won't be in database anymore. This is normal as restoring the
+backup fully overwrite your database. In that case, you can run this command:
 
     ./occ backup:point:scan <pointId>
 
-If it cannot be found, you will need to manually copy the folder that contains the Restoring Point in the appdata folder: data/appdata_qwerty123/backup/
-
+If it cannot be found, you will need to manually copy the folder that contains the Restoring Point in the
+appdata folder: data/appdata_qwerty123/backup/
 
 **Verify integrity of a Restoring Point**
 
     ./occ backup:point:details <pointId>
 
-
-
 ## Restoration
 
 You can restore a single file or the whole instance to a previous state:
 
     ./occ backup:point:restore <pointId> [--file <filename>] [--data <dataPack>] [--chunk chunkName]
 
-Please note that you can go back to a previous backup of your instance from any Nextcloud compatible with the Backup App.
-There is no need to install the exact same version as it will be reverted to the one used when creating the Restoring Point.
-Meaning that you can fully restore your instance of Nextcloud even if you lost your harddrive, as long as you kept a copy of 
-the Restoring Point (upload to another remote instance)
-
+Please note that you can go back to a previous backup of your instance from any Nextcloud compatible with
+the Backup App. There is no need to install the exact same version as it will be reverted to the one used
+when creating the Restoring Point. Meaning that you can fully restore your instance of Nextcloud even if
+you lost your harddrive, as long as you kept a copy of the Restoring Point (upload to another remote
+instance)
 
 ## Exporting configuration
 
-This is an important step of your configuration of the Backup App
-Some information will be needed in case you start storing your backup on remote instances:
+This is an important step of your configuration of the Backup App Some information will be needed in case
+you start storing your backup on remote instances:
 
 - The identity of your Nextcloud,
 - The encryption key used to encrypt your backup.
 
-**While the identity can be changed and your access to the remote files can be restored by 
-executing some command on the remote instance to update your new identity, a missing encryption 
-key means that your remote backup cannot be decrypted and are totally useless.**
+**While the identity can be changed and your access to the remote files can be restored by executing some
+command on the remote instance to update your new identity, a missing encryption key means that your
+remote backup cannot be decrypted and are totally useless.**
 
 **Please note that creating a new identity will disable the sanity check on the metadata file.**
 
     ./occ backup:setup:export [--key] > ~/backup_setup.json
 
-Using the `--key` option will generate a Key, used to encrypt/decrypt the data of your setup. 
-The key generated during the export of your setup needs to be stored somewhere safe!
+Using the `--key` option will generate a Key, used to encrypt/decrypt the data of your setup. The key
+generated during the export of your setup needs to be stored somewhere safe!
 
     ./occ backup:setup:import [--key <key>] < ~/backup_setup.json
 
-
-
 ### Known issues, missing features:
 
 - files are not encrypted when uploading to a remote instance

lib/Command/RemoteAdd.php

@@ -46,6 +46,7 @@
 use OCA\Backup\Exceptions\RemoteInstanceNotFoundException;
 use OCA\Backup\Exceptions\RemoteInstanceUidException;
 use OCA\Backup\Model\RemoteInstance;
+use OCA\Backup\Service\ConfigService;
 use OCA\Backup\Service\RemoteStreamService;
 use Symfony\Component\Console\Input\InputArgument;
 use Symfony\Component\Console\Input\InputInterface;
@@ -68,28 +69,38 @@ class RemoteAdd extends Base {
 	/** @var RemoteStreamService */
 	private $remoteStreamService;
 
+	/** @var ConfigService */
+	private $configService;
+
 
 	/**
 	 * RemoteAdd constructor.
 	 *
 	 * @param RemoteRequest $remoteRequest
 	 * @param RemoteStreamService $remoteStreamService
+	 * @param ConfigService $configService
 	 */
 	public function __construct(
 		RemoteRequest $remoteRequest,
-		RemoteStreamService $remoteStreamService
+		RemoteStreamService $remoteStreamService,
+		ConfigService $configService
 	) {
-		parent::__construct();
-
 		$this->remoteRequest = $remoteRequest;
 		$this->remoteStreamService = $remoteStreamService;
+		$this->configService = $configService;
+
+		parent::__construct();
 	}
 
 
 	/**
 	 *
 	 */
 	protected function configure() {
+		if (!$this->configService->isRemoteEnabled()) {
+			$this->setHidden(true);
+		}
+
 		$this->setName('backup:remote:add')
 			 ->setDescription('Add remote instances to store your backups')
 			 ->addArgument('address', InputArgument::REQUIRED, 'address of the remote instance of Nextcloud');
@@ -110,6 +121,10 @@ protected function configure() {
 	 * @throws RemoteInstanceException
 	 */
 	protected function execute(InputInterface $input, OutputInterface $output): int {
+		if (!$this->configService->isRemoteEnabled()) {
+			throw new RemoteInstanceException('not enabled');
+		}
+
 		$address = $input->getArgument('address');
 		if (strtolower($address) === RemoteInstance::LOCAL || strtolower($address) === RemoteInstance::ALL) {
 			throw new RemoteInstanceException($address . ' is a reserved name');
@@ -314,12 +329,18 @@ private function saveRemoteInstance(
 		$output->writeln('');
 		$output->writeln('<error>Important note</error>: ');
 		$output->writeln('Uploaded backup are encrypted which is good, don\'t you think ?');
-		$output->writeln('However, it also means that <options=bold>if you loose the Encryption Key, your backup will be totally useless</>');
+		$output->writeln(
+			'However, it also means that <options=bold>if you loose the Encryption Key, your backup will be totally useless</>'
+		);
 		$output->writeln('');
 		$output->writeln('It is advised to export the setup of the Backup App in the file of your choice.');
-		$output->writeln('Keep in mind that with this file, any installation of Nextcloud can access your backup,');
+		$output->writeln(
+			'Keep in mind that with this file, any installation of Nextcloud can access your backup,'
+		);
 		$output->writeln('restore them and access the data of your users');
-		$output->writeln('While this is an option, ts is also advised to force the creation of a key to encrypt the content of the file:');
+		$output->writeln(
+			'While this is an option, ts is also advised to force the creation of a key to encrypt the content of the file:'
+		);
 		$output->writeln('');
 		$output->writeln('   ./occ backup:setup:export [--key] > ~/backup_setup.json');
 		$output->writeln('');

lib/Command/RemoteList.php

@@ -36,7 +36,9 @@
 use ArtificialOwl\MySmallPhpTools\Exceptions\SignatureException;
 use OC\Core\Command\Base;
 use OCA\Backup\Db\RemoteRequest;
+use OCA\Backup\Exceptions\RemoteInstanceException;
 use OCA\Backup\Model\RemoteInstance;
+use OCA\Backup\Service\ConfigService;
 use OCA\Backup\Service\RemoteStreamService;
 use Symfony\Component\Console\Helper\Table;
 use Symfony\Component\Console\Input\InputInterface;
@@ -58,16 +60,25 @@ class RemoteList extends Base {
 	/** @var RemoteStreamService */
 	private $remoteStreamService;
 
+	/** @var ConfigService */
+	private $configService;
+
 
 	/**
 	 * RemoteList constructor.
 	 *
 	 * @param RemoteRequest $remoteRequest
 	 * @param RemoteStreamService $remoteStreamService
+	 * @param ConfigService $configService
 	 */
-	public function __construct(RemoteRequest $remoteRequest, RemoteStreamService $remoteStreamService) {
+	public function __construct(
+		RemoteRequest $remoteRequest,
+		RemoteStreamService $remoteStreamService,
+		ConfigService $configService
+	) {
 		$this->remoteRequest = $remoteRequest;
 		$this->remoteStreamService = $remoteStreamService;
+		$this->configService = $configService;
 
 		parent::__construct();
 	}
@@ -77,6 +88,10 @@ public function __construct(RemoteRequest $remoteRequest, RemoteStreamService $r
 	 *
 	 */
 	protected function configure() {
+		if (!$this->configService->isRemoteEnabled()) {
+			$this->setHidden(true);
+		}
+
 		$this->setName('backup:remote:list')
 			 ->setDescription('Listing configured remote instances');
 	}
@@ -87,8 +102,13 @@ protected function configure() {
 	 * @param OutputInterface $output
 	 *
 	 * @return int
+	 * @throws RemoteInstanceException
 	 */
 	protected function execute(InputInterface $input, OutputInterface $output): int {
+		if (!$this->configService->isRemoteEnabled()) {
+			throw new RemoteInstanceException('not enabled');
+		}
+
 		$output = new ConsoleOutput();
 		$output = $output->section();
 		$table = new Table($output);