We need an easy way to backup and restore images, preferably to remote hosts.
Here is the idea. We have a secured host running httpd (*not* the dom0) this host runs a CGI that authenticates as a user, and has ssh keys to login to the dom0. (The workflow would be something like "ssh dom0host 'dd if=/dev/mapper/customer |gzip |curl http://some/place/to/upload'")
So, our file API includes two operations: upload and download. (Stuff like "delete" and "rename" we'll leave till later.)
Users will authenticate via normal HTTP authentication, based on their FreeSide password. Thus, all URLs we're referring to here will begin with a user:password@host declaration. Note that we're relying on HTTPS to encrypt the URLs, and on the fact that HTTP clients parse out the authentication data from the URL and send it properly. Thus passwords never appear in plaintext, either on the wire or in our logs.
Note that we have our machine grab the image from a remote location, rather than forcing the user to upload it over his DSL connection.
Good point. I hadn't tohuhgt about it quite that way. :)
Some way to monitor and interrupt ongoing transfers would be nice.
See also RFC 1867.
Long term, it should ssh into the Dom0 and then put the user's drive (or a snapshot thereof) in a work DomU, then that work DomU should handle stuff like sending the image (or image contents) to the remote host.