Add option to delete S3 backups from storage on server deletion

When deleting a server, a checkbox now appears in the confirmation modal
if unlocked backups exist, allowing admins to also remove them from
storage via DeleteBackupService. Locked backups are always preserved.

app/Extensions/Filesystem/S3Filesystem.php

@@ -2,18 +2,11 @@
 
 namespace App\Extensions\Filesystem;
 
-use Aws\CommandInterface;
-use Aws\Result;
 use Aws\S3\S3ClientInterface;
-use GuzzleHttp\Client as GuzzleClient;
 use League\Flysystem\AwsS3V3\AwsS3V3Adapter;
-use RuntimeException;
-use SimpleXMLElement;
 
 class S3Filesystem extends AwsS3V3Adapter
 {
-    private ?GuzzleClient $guzzle = null;
-
     /**
      * @param  array<mixed>  $options
      */
@@ -33,18 +26,6 @@ class S3Filesystem extends AwsS3V3Adapter
         );
     }
 
-    private function getGuzzleClient(): GuzzleClient
-    {
-        if ($this->guzzle === null) {
-            $this->guzzle = new GuzzleClient([
-                'timeout' => 30,
-                'connect_timeout' => 10,
-            ]);
-        }
-
-        return $this->guzzle;
-    }
-
     public function getClient(): S3ClientInterface
     {
         return $this->client;
@@ -54,78 +35,4 @@ class S3Filesystem extends AwsS3V3Adapter
     {
         return $this->bucket;
     }
-
-    /**
-     * Execute an S3 command using a presigned URL for maximum compatibility
-     * with S3-compatible providers.
-     *
-     * @return Result<array<string, mixed>>
-     */
-    public function executeS3Command(CommandInterface $command): Result
-    {
-        $presignedRequest = $this->client->createPresignedRequest($command, '+60 minutes');
-
-        $response = $this->getGuzzleClient()->send($presignedRequest);
-
-        $body = (string) $response->getBody();
-        $commandName = $command->getName();
-
-        // S3's CompleteMultipartUpload can return HTTP 200 with an <Error> body
-        if ($body !== '' && str_contains($body, '<Error>')) {
-            throw new RuntimeException("S3 returned an error for $commandName: $body");
-        }
-
-        return new Result($this->parseS3Response($commandName, $body));
-    }
-
-    /**
-     * Parse the XML response body based on the S3 command type.
-     *
-     * @return array<string, mixed>
-     */
-    private function parseS3Response(string $commandName, string $body): array
-    {
-        if ($body === '') {
-            return [];
-        }
-
-        $xml = @simplexml_load_string($body);
-        if ($xml === false) {
-            throw new RuntimeException("Failed to parse S3 XML response for $commandName: $body");
-        }
-
-        return match ($commandName) {
-            'CreateMultipartUpload' => $this->parseCreateMultipartUpload($xml),
-            'ListParts' => $this->parseListParts($xml),
-            'CompleteMultipartUpload' => [],
-            default => [],
-        };
-    }
-
-    /**
-     * @return array{UploadId: string}
-     */
-    private function parseCreateMultipartUpload(SimpleXMLElement $xml): array
-    {
-        return [
-            'UploadId' => (string) $xml->UploadId,
-        ];
-    }
-
-    /**
-     * @return array{Parts: array<int, array{ETag: string, PartNumber: int}>}
-     */
-    private function parseListParts(SimpleXMLElement $xml): array
-    {
-        $parts = [];
-
-        foreach ($xml->Part as $part) {
-            $parts[] = [
-                'ETag' => (string) $part->ETag,
-                'PartNumber' => (int) $part->PartNumber,
-            ];
-        }
-
-        return ['Parts' => $parts];
-    }
 }

app/Filament/Admin/Resources/Servers/Pages/EditServer.php

@@ -30,6 +30,7 @@ use App\Traits\Filament\CanCustomizeTabs;
 use Exception;
 use Filament\Actions\Action;
 use Filament\Actions\ActionGroup;
+use Filament\Forms\Components\Checkbox;
 use Filament\Forms\Components\CheckboxList;
 use Filament\Forms\Components\FileUpload;
 use Filament\Forms\Components\Hidden;
@@ -1106,9 +1107,13 @@ class EditServer extends EditRecord
                 ->modalHeading(trans('filament-actions::delete.single.modal.heading', ['label' => $this->getRecordTitle()]))
                 ->modalSubmitActionLabel(trans('filament-actions::delete.single.label'))
                 ->requiresConfirmation()
-                ->action(function (Server $server, ServerDeletionService $service) {
+                ->form(fn (Server $server) => $server->backups()->where('is_locked', false)->exists() ? [
+                    Checkbox::make('delete_backups')
+                        ->label(trans('admin/server.delete_backups', ['count' => $server->backups()->where('is_locked', false)->count()])),
+                ] : [])
+                ->action(function (array $data, Server $server, ServerDeletionService $service) {
                     try {
-                        $service->handle($server);
+                        $service->withDeleteBackups($data['delete_backups'] ?? false)->handle($server);
 
                         return redirect(ListServers::getUrl(panel: 'admin'));
                     } catch (ConnectionException) {
@@ -1132,9 +1137,13 @@ class EditServer extends EditRecord
                 ->modalHeading(trans('filament-actions::force-delete.single.modal.heading', ['label' => $this->getRecordTitle()]))
                 ->modalSubmitActionLabel(trans('filament-actions::force-delete.single.label'))
                 ->requiresConfirmation()
-                ->action(function (Server $server, ServerDeletionService $service) {
+                ->form(fn (Server $server) => $server->backups()->where('is_locked', false)->exists() ? [
+                    Checkbox::make('delete_backups')
+                        ->label(trans('admin/server.delete_backups', ['count' => $server->backups()->where('is_locked', false)->count()])),
+                ] : [])
+                ->action(function (array $data, Server $server, ServerDeletionService $service) {
                     try {
-                        $service->withForce()->handle($server);
+                        $service->withForce()->withDeleteBackups($data['delete_backups'] ?? false)->handle($server);
 
                         return redirect(ListServers::getUrl(panel: 'admin'));
                     } catch (ConnectionException) {

app/Http/Controllers/Api/Remote/Backups/BackupRemoteUploadController.php

@@ -91,7 +91,7 @@ class BackupRemoteUploadController extends Controller
         }
 
         // Execute the CreateMultipartUpload request
-        $result = $adapter->executeS3Command($client->getCommand('CreateMultipartUpload', $params));
+        $result = $client->execute($client->getCommand('CreateMultipartUpload', $params));
 
         // Get the UploadId from the CreateMultipartUpload request, this is needed to create
         // the other presigned urls.

app/Http/Controllers/Api/Remote/Backups/BackupStatusController.php

@@ -138,7 +138,7 @@ class BackupStatusController extends Controller
 
         $client = $adapter->getClient();
         if (!$successful) {
-            $adapter->executeS3Command($client->getCommand('AbortMultipartUpload', $params));
+            $client->execute($client->getCommand('AbortMultipartUpload', $params));
 
             return;
         }
@@ -149,7 +149,7 @@ class BackupStatusController extends Controller
         ];
 
         if (is_null($parts)) {
-            $params['MultipartUpload']['Parts'] = $adapter->executeS3Command($client->getCommand('ListParts', $params))['Parts'];
+            $params['MultipartUpload']['Parts'] = $client->execute($client->getCommand('ListParts', $params))['Parts'];
         } else {
             foreach ($parts as $part) {
                 $params['MultipartUpload']['Parts'][] = [
@@ -159,6 +159,6 @@ class BackupStatusController extends Controller
             }
         }
 
-        $adapter->executeS3Command($client->getCommand('CompleteMultipartUpload', $params));
+        $client->execute($client->getCommand('CompleteMultipartUpload', $params));
     }
 }

app/Notifications/AccountCreated.php

@@ -23,16 +23,14 @@ class AccountCreated extends Notification implements ShouldQueue
 
     public function toMail(User $notifiable): MailMessage
     {
-        $locale = $notifiable->language ?? 'en';
-
         $message = (new MailMessage())
-            ->greeting(trans('mail.greeting', ['name' => $notifiable->username], $locale))
-            ->line(trans('mail.account_created.body', ['app' => config('app.name')], $locale))
-            ->line(trans('mail.account_created.username', ['username' => $notifiable->username], $locale))
-            ->line(trans('mail.account_created.email', ['email' => $notifiable->email], $locale));
+            ->greeting('Hello ' . $notifiable->username . '!')
+            ->line('You are receiving this email because an account has been created for you on ' . config('app.name') . '.')
+            ->line('Username: ' . $notifiable->username)
+            ->line('Email: ' . $notifiable->email);
 
         if (!is_null($this->token)) {
-            return $message->action(trans('mail.account_created.action', locale: $locale), Filament::getPanel('app')->getResetPasswordUrl($this->token, $notifiable));
+            return $message->action('Setup Your Account', Filament::getPanel('app')->getResetPasswordUrl($this->token, $notifiable));
         }
 
         return $message;

app/Notifications/AddedToServer.php

@@ -24,12 +24,10 @@ class AddedToServer extends Notification implements ShouldQueue
 
     public function toMail(User $notifiable): MailMessage
     {
-        $locale = $notifiable->language ?? 'en';
-
         return (new MailMessage())
-            ->greeting(trans('mail.greeting', ['name' => $notifiable->username], $locale))
-            ->line(trans('mail.added_to_server.body', locale: $locale))
-            ->line(trans('mail.added_to_server.server_name', ['name' => $this->server->name], $locale))
-            ->action(trans('mail.added_to_server.action', locale: $locale), Console::getUrl(panel: 'server', tenant: $this->server));
+            ->greeting('Hello ' . $notifiable->username . '!')
+            ->line('You have been added as a subuser for the following server, allowing you certain control over the server.')
+            ->line('Server Name: ' . $this->server->name)
+            ->action('Visit Server', Console::getUrl(panel: 'server', tenant: $this->server));
     }
 }

app/Notifications/MailTested.php

@@ -20,11 +20,9 @@ class MailTested extends Notification
 
     public function toMail(): MailMessage
     {
-        $locale = $this->user->language ?? 'en';
-
         return (new MailMessage())
-            ->subject(trans('mail.mail_tested.subject', locale: $locale))
-            ->greeting(trans('mail.greeting', ['name' => $this->user->username], $locale))
-            ->line(trans('mail.mail_tested.body', locale: $locale));
+            ->subject('Panel Test Message')
+            ->greeting('Hello ' . $this->user->username . '!')
+            ->line('This is a test of the Panel mail system. You\'re good to go!');
     }
 }

app/Notifications/RemovedFromServer.php

@@ -23,13 +23,11 @@ class RemovedFromServer extends Notification implements ShouldQueue
 
     public function toMail(User $notifiable): MailMessage
     {
-        $locale = $notifiable->language ?? 'en';
-
         return (new MailMessage())
             ->error()
-            ->greeting(trans('mail.greeting', ['name' => $notifiable->username], $locale))
-            ->line(trans('mail.removed_from_server.body', locale: $locale))
-            ->line(trans('mail.removed_from_server.server_name', ['name' => $this->server->name], $locale))
-            ->action(trans('mail.removed_from_server.action', locale: $locale), url(''));
+            ->greeting('Hello ' . $notifiable->username . '.')
+            ->line('You have been removed as a subuser for the following server.')
+            ->line('Server Name: ' . $this->server->name)
+            ->action('Visit Panel', url(''));
     }
 }

app/Notifications/ServerInstalled.php

@@ -24,12 +24,10 @@ class ServerInstalled extends Notification implements ShouldQueue
 
     public function toMail(User $notifiable): MailMessage
     {
-        $locale = $notifiable->language ?? 'en';
-
         return (new MailMessage())
-            ->greeting(trans('mail.greeting', ['name' => $notifiable->username], $locale))
-            ->line(trans('mail.server_installed.body', locale: $locale))
-            ->line(trans('mail.server_installed.server_name', ['name' => $this->server->name], $locale))
-            ->action(trans('mail.server_installed.action', locale: $locale), Console::getUrl(panel: 'server', tenant: $this->server));
+            ->greeting('Hello ' . $notifiable->username . '.')
+            ->line('Your server has finished installing and is now ready for you to use.')
+            ->line('Server Name: ' . $this->server->name)
+            ->action('Login and Begin Using', Console::getUrl(panel: 'server', tenant: $this->server));
     }
 }

app/Services/Activity/ActivityLogService.php

@@ -10,6 +10,7 @@ use Filament\Facades\Filament;
 use Illuminate\Contracts\Auth\Factory as AuthFactory;
 use Illuminate\Database\ConnectionInterface;
 use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Arr;
 use Illuminate\Support\Collection;
 use Illuminate\Support\Facades\Request;
 use Throwable;
@@ -70,7 +71,7 @@ class ActivityLogService
      */
     public function subject(...$subjects): self
     {
-        foreach ($subjects as $subject) {
+        foreach (Arr::wrap($subjects) as $subject) {
             if (is_null($subject)) {
                 continue;
             }

app/Services/Backups/DeleteBackupService.php

@@ -7,6 +7,7 @@ use App\Extensions\Backups\BackupManager;
 use App\Extensions\Filesystem\S3Filesystem;
 use App\Models\Backup;
 use App\Repositories\Daemon\DaemonBackupRepository;
+use Aws\S3\S3Client;
 use Exception;
 use Illuminate\Database\ConnectionInterface;
 use Illuminate\Http\Response;
@@ -71,12 +72,14 @@ class DeleteBackupService
 
             /** @var S3Filesystem $adapter */
             $adapter = $this->manager->adapter(Backup::ADAPTER_AWS_S3);
+
+            /** @var S3Client $client */
             $client = $adapter->getClient();
 
-            $adapter->executeS3Command($client->getCommand('DeleteObject', [
+            $client->deleteObject([
                 'Bucket' => $adapter->getBucket(),
                 'Key' => sprintf('%s/%s.tar.gz', $backup->server->uuid, $backup->uuid),
-            ]));
+            ]);
         });
     }
 }

app/Services/Servers/ServerDeletionService.php

@@ -5,6 +5,7 @@ namespace App\Services\Servers;
 use App\Exceptions\DisplayException;
 use App\Models\Server;
 use App\Repositories\Daemon\DaemonServerRepository;
+use App\Services\Backups\DeleteBackupService;
 use App\Services\Databases\DatabaseManagementService;
 use Exception;
 use Illuminate\Database\ConnectionInterface;
@@ -16,13 +17,16 @@ class ServerDeletionService
 {
     protected bool $force = false;
 
+    protected bool $deleteBackups = false;
+
     /**
      * ServerDeletionService constructor.
      */
     public function __construct(
         private ConnectionInterface $connection,
         private DaemonServerRepository $daemonServerRepository,
-        private DatabaseManagementService $databaseManagementService
+        private DatabaseManagementService $databaseManagementService,
+        private DeleteBackupService $deleteBackupService
     ) {}
 
     /**
@@ -35,6 +39,16 @@ class ServerDeletionService
         return $this;
     }
 
+    /**
+     * Set if unlocked backups should be deleted from storage when the server is deleted.
+     */
+    public function withDeleteBackups(bool $bool = true): self
+    {
+        $this->deleteBackups = $bool;
+
+        return $this;
+    }
+
     /**
      * Delete a server from the panel and remove any associated databases from hosts.
      *
@@ -78,6 +92,22 @@ class ServerDeletionService
                 }
             }
 
+            if ($this->deleteBackups) {
+                foreach ($server->backups()->where('is_locked', false)->get() as $backup) {
+                    try {
+                        $this->deleteBackupService->handle($backup);
+                    } catch (Exception $exception) {
+                        if (!$this->force) {
+                            throw $exception;
+                        }
+
+                        $backup->delete();
+
+                        logger()->warning($exception);
+                    }
+                }
+            }
+
             $server->allocations()->update([
                 'server_id' => null,
                 'notes' => null,

lang/en/admin/server.php

@@ -98,6 +98,7 @@ return [
     'delete_db' => 'Are you sure you want to delete :name ?',
     'delete_db_heading' => 'Delete Database?',
     'backups' => 'Backups',
+    'delete_backups' => 'Also delete :count backup(s) from storage',
     'egg' => 'Egg',
     'mounts' => 'Mounts',
     'no_mounts' => 'No Mounts exist for this Node',

lang/en/mail.php

@@ -1,35 +0,0 @@
-<?php
-
-return [
-    'greeting' => 'Hello :name!',
-
-    'account_created' => [
-        'body' => 'You are receiving this email because an account has been created for you on :app.',
-        'username' => 'Username: :username',
-        'email' => 'Email: :email',
-        'action' => 'Setup Your Account',
-    ],
-
-    'added_to_server' => [
-        'body' => 'You have been added as a subuser for the following server, allowing you certain control over the server.',
-        'server_name' => 'Server Name: :name',
-        'action' => 'Visit Server',
-    ],
-
-    'removed_from_server' => [
-        'body' => 'You have been removed as a subuser for the following server.',
-        'server_name' => 'Server Name: :name',
-        'action' => 'Visit Panel',
-    ],
-
-    'server_installed' => [
-        'body' => 'Your server has finished installing and is now ready for you to use.',
-        'server_name' => 'Server Name: :name',
-        'action' => 'Login and Begin Using',
-    ],
-
-    'mail_tested' => [
-        'subject' => 'Panel Test Message',
-        'body' => 'This is a test of the Panel mail system. You\'re good to go!',
-    ],
-];

tests/Integration/Services/Backups/DeleteBackupServiceTest.php

@@ -9,10 +9,8 @@ use App\Models\Backup;
 use App\Repositories\Daemon\DaemonBackupRepository;
 use App\Services\Backups\DeleteBackupService;
 use App\Tests\Integration\IntegrationTestCase;
-use Aws\CommandInterface;
 use GuzzleHttp\Psr7\Response;
 use Illuminate\Http\Client\ConnectionException;
-use Mockery;
 
 class DeleteBackupServiceTest extends IntegrationTestCase
 {
@@ -94,12 +92,10 @@ class DeleteBackupServiceTest extends IntegrationTestCase
         $manager->expects('adapter')->with(Backup::ADAPTER_AWS_S3)->andReturn($adapter);
 
         $adapter->expects('getBucket')->andReturn('foobar');
-        $mockCommand = Mockery::mock(CommandInterface::class);
-        $adapter->expects('getClient->getCommand')->with('DeleteObject', [
+        $adapter->expects('getClient->deleteObject')->with([
             'Bucket' => 'foobar',
             'Key' => sprintf('%s/%s.tar.gz', $server->uuid, $backup->uuid),
-        ])->andReturn($mockCommand);
-        $adapter->expects('executeS3Command')->with($mockCommand);
+        ]);
 
         $this->app->make(DeleteBackupService::class)->handle($backup);