Text only | Text with Images

OPNsense Forum

English Forums => Development and Code Review => Topic started by: linucksrox on February 15, 2025, 08:56:33 PM

Title: Struggling with new backup API endpoint on 25.1
Post by: linucksrox on February 15, 2025, 08:56:33 PM
I have a backup script which was running `curl -s -k -u $KEY:$SECRET https://$HOST/api/backup/backup -o opnsense-config-$(/bin/date +%Y%m%d).xml` and now since I upgraded to 25.1 it returns Endpoint not found. According to the current docs, I see that the API endpoint should now be `https://$HOST/api/core/backup/download` but that still returns Endpoint not found. Digging a bit deeper, it appears that `host` might be a required parameter but it's unclear whether that is true, or what the value should be set to. I just use the IP 192.168.0.1 to access OPNSense. Trying a few guess and check options such as `https://$HOST/api/core/backup/download/192.168.0.1` returns nothing. So does `https://$HOST/api/core/backup/download/nonsense` so I don't know how to determine what the value of host should be if it's even needed.

I tried dev tools and clicked download in the UI to see what the network request looks like, but it appears to be calling diag_backup.php instead of the API, so I'm at a loss. Any suggestions?
Title: Re: Struggling with new backup API endpoint on 25.1
Post by: bigbrother on February 18, 2025, 03:16:13 PM
Hi

I'm using a shell script:
Code Select
#!/bin/bash

OPNKEY="<api-key>"
OPNSECRET="<api-secret>"
OPNHOST="<opnsense-host-ip-dns>"
DEST="/mnt/backup/opnsense/"
MDATE=$(date +%Y%m%d-%H%M%S)

if test -d $DEST; then
curl -s -k -u $OPNKEY:$OPNSECRET https://$OPNHOST:8443/api/backup/backup/download \
-o $DEST/config-$OPNHOST-$MDATE.xml
cd $DEST
tar -czf config-$OPNHOST-$MDATE.xml.tar.gz config-$OPNHOST-$MDATE.xml
rm config-$OPNHOST-$MDATE.xml
find $DEST/ -type f -name '*.xml' -mtime +360 -exec rm {} \;
fi

Works for me even for 25.1.1 and all previous firmware versions.

Hope that helps!
bb
Title: Re: Struggling with new backup API endpoint on 25.1
Post by: linucksrox on February 18, 2025, 04:26:05 PM
Thanks for that! Your script is very similar to my script, which essentially does the curl command with the same options, except I'm using port 443 and not 8443. I tried with a new API key/secret from the root account to rule out permission issues, but still I get "Endpoint not found" when trying that curl command.
Code Select
/usr/bin/curl -s -k -u $KEY:$SECRET https://192.168.0.1:443/api/backup/backup/download                                   
{"errorMessage":"Endpoint not found"}

Is there a configuration somewhere (or a plugin) that is required for this to work? I'm starting to get the impression my instance might be misconfigured, but I'm not sure how.
Title: Re: Struggling with new backup API endpoint on 25.1
Post by: fsackur on April 09, 2025, 02:23:04 PM
That endpoint takes parameters: specifically, path parameters for host and backup.

The relevant endpoints are:
GET /core/backup/backups/{host} - list available backups for selected host
GET /core/backup/download/{host}/{backup} - download specified backup, when left empty the latest is offered

`host` needs to be the magic string `this` for the local host.

If you just want the latest endpoint, your URI should be `https://192.168.0.1:443/api/backup/download/this`
Text only | Text with Images