joomla/Component-Builder
joomla
/
Component-Builder
38
19
Fork 11
Code Issues 53 Pull Requests Projects 3 Releases Wiki Activity

Updated 039 Automated backup system in JCB (markdown)

Amigo 2019-07-31 08:26:19 +02:00
parent 5b17a273d6
commit c8c0e7a773
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
039-Automated-backup-system-in-JCB.md

@ -10,20 +10,24 @@ This is a demonstration of the new automated backup feature that has been added
[00:01:07](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h01m07s)
JCB already has in its component area an export component feature, which we extended to automate. It has been left as a button called 'Backup'. It is the same feature except it can manually be triggered. It can either be triggered by a 'CronJob' or being triggered by Backup button.[00:01:36](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h01m36s) What the backup feature does, it takes all your components and export them, encrypt them and store them on a local folder, and then emails the key to a trusted email address which you have set up. [00:01:58](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h01m58s) The components that are in trash will not be part of this Backup. Only components that are published or unpublished or archived, will be in the Backup, everything else will be ignored. Basically when the Backup runs either manually or automated via a 'CronJob', [00:02:26](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h02m26s) it will take those components, use the specific keys as it would with the exporting of that components, then encrypt and store them in that folder. <<<<<
JCB already has in its component area an export component feature, which we extended to automate. It has been left as a button called 'Backup'. It is the same feature except it can manually be triggered. It can either be triggered by a 'CronJob' or being triggered by Backup button.[00:01:36](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h01m36s) What the backup feature does, it takes all your components and export them, encrypt them and store them on a local folder, and then emails the key to a trusted email address which you have set up. [00:01:58](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h01m58s) The components that are in trash will not be part of this Backup. Only components that are published or unpublished or archived, will be in the Backup, everything else will be ignored. Basically when the Backup runs either manually or automated via a 'CronJob', [00:02:26](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h02m26s) it will take those components, use the specific keys as it would with the exporting of that components, then encrypt and store them in that folder.
### New Features - Mail Configuration, DKIM, Encryption Settings, CronJob Tabs Added
[00:02:40](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h02m40s)
There are some things that need to be set up for all this to function as expected. First of these are in the options area of JCB. There are some new features. Open that. There is a 'Mail Configuration', 'DKIM' and a 'CronJob' tab added and also this field called API user. <<<<<
There are some things that need to be set up for all this to function as expected. First of these are in the options area of JCB. There are some new features. Open that. There is a 'Mail Configuration', 'DKIM' and a 'CronJob' tab added and also this field called API user.
### API User
Let me start with this field. The API user primarily be used for the id that is used [00:03:20](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h03m20s) in the permission structure. When you are in the components area and you trigger this feature manually, it uses this current login user, to determine whether the components being encrypted and backed up, whether he has the permission to do that. [00:03:44](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h03m44s) It is a way as we increase the permission structure of JCB. You might end up having components, that certain individuals who are in certain groups, may not have access to them. There might be components and fields and views that they may have access to or some that may not have access to. We're laying some of the foundation to make sure that there isn't some loophole where either by triggering a batch [00:04:17](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h04m17s) update or an export of components or backup. They can't extrude certain components which they by default don't have access to. I know that's a long explanation, but it's to give you background why we still need an API user. We still need a user, which if it's automated the backup, that this user ID allows him to make the backup. So that means the API user should be a user [00:04:52](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h04m52s) which has the permission to all the components fields and everything in the JCB component. It is secure because like I said the component gets compiled and stored locally. We might [00:05:14](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h05m14s) consider adding the option to push the component back up to an FTP server, but that part is not fully functional yet. We have had the proposals made to do that, that the backup is not even on the same system, but that it is secure on another system, so if this system collapses you are still safe [00:05:41](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h05m41s) and still got your data out. That sounds to me as a good idea and we will be adding FTP option as well. Which will work similar as your components, when you compile a component and it sends it off to a sale server. That is the same features will make use of. That's just talking about selecting an API user, [00:06:13](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h06m13s) and why that is important.
[00:03:09](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h03m09s)
The API user will primarily be used for the ID that is used in the permission structure. When you are in the components area and trigger this feature manually, it uses this current 'Login user', to determine whether the components has been encrypted and backed up, whether he has the permission to do that. [00:03:44](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h03m44s) As the permission structure of JCB is expanded, you might end up having components, that certain individuals who are in certain groups, may not have access to. There might be components and fields and views that they may have access to or some that may not have access to. We are laying some of the foundation to make sure that there is not some loophole where either by triggering a batch update or an export of components or backup. [00:04:17](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h04m17s) They can not extrude certain components which they by default do not have access to. This is just to explain why an API user is still needed. A user is still necessary, which; if it has automated the backup, that this user ID allows him to make the backup. So that means the API user should be a user which has the permission to all the components fields and everything in the JCB component. [00:04:52](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h04m52s) It is secure because the component gets compiled and stored locally. We might consider adding the option to push the component back up to an FTP server, but that part is not fully functional yet.[00:05:14](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h05m14s) Proposals have been made to do that, so that the backup should not be on the same system, but that it is secured on another system in case of a collapse. [00:05:41](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h05m41s) A FTP option will be added as well, which will work similar as your components, when a component is compiled it gets send off to a sale server. That is the same features that we will make use of.
### CronJob Tab
[00:06:17](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h06m17s)<<<<
When we go to the CronJob tab, we will see that there is some basic instructions for those of you who are familiar with CronJobs. I suppose everything is self explanatory. Those who are not I would suggest you Google around, find some tutorials, read up, make sure what you're doing, [00:06:40](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h06m40s) and that you're comfortable by setting up a CronJob. There are various ways for you to trigger this URL. The system currently detects whether your system can run curl request. If it can't it will fall back on the weget option. Assuming that JCB is installed in an environment that allows these two functions to work. If not you can simply take the URL, and run it in a CronJob in a manner that is [00:07:16](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h07m16s) applicable to your system. And know that this URL triggers the backup to start. When the backup is finished, it tells you the same message that you will get if you run the backup by clicking backup here. You will see there is a green message that pops up, saying yes the backup was done, the email was sent. [00:07:42](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h07m42s) Those are the only messages that also gets returned upon this URL. We currently throwing that responds away. But you could add it to a log, depending on how regularly this CronJobs is running. There isn't the date currently. I think [00:08:06](https://www.youtube.com/watch?v=GUWZaODo_IM&list=PLQRGFI8XZ_wtGvPQZWBfDzzlERLQgpMRE&t=00h08m06s) it might make sense for us to add a date. But at this stage there isn't one. If you're running in a firewall, your Joomla website has a firewall installed like RS firewall, then you might need to adapt your curl request to behave like a real browser. Here is a post on https://stackoverflow.com that could help you understand more about that.
### Cronjob Backup Folder Path