forked from clan/clan-core
refactor backup test to be just a single machine
This commit is contained in:
parent
5ff36a2cd8
commit
65b6ae8bb7
@ -1,34 +1,18 @@
|
|||||||
{ self, ... }:
|
{ self, ... }:
|
||||||
let
|
{
|
||||||
clan = self.lib.buildClan {
|
flake.clanInternals =
|
||||||
clanName = "testclan";
|
(self.lib.buildClan {
|
||||||
directory = ../..;
|
clanName = "testclan";
|
||||||
machines = {
|
directory = ../..;
|
||||||
test_backup_client = {
|
machines.test-backup = {
|
||||||
clan.networking.targetHost = "client";
|
imports = [ self.nixosModules.test-backup ];
|
||||||
imports = [ self.nixosModules.test_backup_client ];
|
|
||||||
fileSystems."/".device = "/dev/null";
|
fileSystems."/".device = "/dev/null";
|
||||||
boot.loader.grub.device = "/dev/null";
|
boot.loader.grub.device = "/dev/null";
|
||||||
};
|
};
|
||||||
};
|
}).clanInternals;
|
||||||
};
|
|
||||||
in
|
|
||||||
{
|
|
||||||
flake.nixosConfigurations = {
|
|
||||||
inherit (clan.nixosConfigurations) test_backup_client;
|
|
||||||
};
|
|
||||||
flake.clanInternals = clan.clanInternals;
|
|
||||||
flake.nixosModules = {
|
flake.nixosModules = {
|
||||||
test_backup_server =
|
|
||||||
{ ... }:
|
test-backup =
|
||||||
{
|
|
||||||
imports = [ self.clanModules.borgbackup ];
|
|
||||||
services.sshd.enable = true;
|
|
||||||
services.borgbackup.repos.testrepo = {
|
|
||||||
authorizedKeys = [ (builtins.readFile ../lib/ssh/pubkey) ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
test_backup_client =
|
|
||||||
{
|
{
|
||||||
pkgs,
|
pkgs,
|
||||||
lib,
|
lib,
|
||||||
@ -39,17 +23,41 @@ in
|
|||||||
dependencies = [
|
dependencies = [
|
||||||
self
|
self
|
||||||
pkgs.stdenv.drvPath
|
pkgs.stdenv.drvPath
|
||||||
clan.clanInternals.machines.x86_64-linux.test_backup_client.config.system.clan.deployment.file
|
self.clanInternals.machines.${pkgs.hostPlatform.system}.test-backup.config.system.clan.deployment.file
|
||||||
] ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs);
|
] ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs);
|
||||||
closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
|
closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [ self.clanModules.borgbackup ];
|
imports = [
|
||||||
networking.hostName = "client";
|
self.clanModules.borgbackup
|
||||||
services.sshd.enable = true;
|
self.clanModules.sshd
|
||||||
|
];
|
||||||
|
clan.networking.targetHost = "machine";
|
||||||
|
networking.hostName = "machine";
|
||||||
|
services.openssh.settings.UseDns = false;
|
||||||
|
|
||||||
|
programs.ssh.knownHosts = {
|
||||||
|
machine.hostNames = [ "machine" ];
|
||||||
|
machine.publicKey = builtins.readFile ../lib/ssh/pubkey;
|
||||||
|
};
|
||||||
|
|
||||||
users.users.root.openssh.authorizedKeys.keyFiles = [ ../lib/ssh/pubkey ];
|
users.users.root.openssh.authorizedKeys.keyFiles = [ ../lib/ssh/pubkey ];
|
||||||
|
|
||||||
systemd.tmpfiles.settings."vmsecrets" = {
|
systemd.tmpfiles.settings."vmsecrets" = {
|
||||||
|
"/root/.ssh/id_ed25519" = {
|
||||||
|
C.argument = "${../lib/ssh/privkey}";
|
||||||
|
z = {
|
||||||
|
mode = "0400";
|
||||||
|
user = "root";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
"/etc/secrets/ssh.id_ed25519" = {
|
||||||
|
C.argument = "${../lib/ssh/privkey}";
|
||||||
|
z = {
|
||||||
|
mode = "0400";
|
||||||
|
user = "root";
|
||||||
|
};
|
||||||
|
};
|
||||||
"/etc/secrets/borgbackup.ssh" = {
|
"/etc/secrets/borgbackup.ssh" = {
|
||||||
C.argument = "${../lib/ssh/privkey}";
|
C.argument = "${../lib/ssh/privkey}";
|
||||||
z = {
|
z = {
|
||||||
@ -66,9 +74,10 @@ in
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
clanCore.secretStore = "vm";
|
clanCore.secretStore = "vm";
|
||||||
|
clanCore.clanDir = ../..;
|
||||||
|
|
||||||
environment.systemPackages = [ self.packages.${pkgs.system}.clan-cli ];
|
environment.systemPackages = [ self.packages.${pkgs.system}.clan-cli ];
|
||||||
environment.etc."install-closure".source = "${closureInfo}/store-paths";
|
environment.etc.install-closure.source = "${closureInfo}/store-paths";
|
||||||
nix.settings = {
|
nix.settings = {
|
||||||
substituters = lib.mkForce [ ];
|
substituters = lib.mkForce [ ];
|
||||||
hashed-mirrors = null;
|
hashed-mirrors = null;
|
||||||
@ -77,7 +86,12 @@ in
|
|||||||
};
|
};
|
||||||
system.extraDependencies = dependencies;
|
system.extraDependencies = dependencies;
|
||||||
clanCore.state.test-backups.folders = [ "/var/test-backups" ];
|
clanCore.state.test-backups.folders = [ "/var/test-backups" ];
|
||||||
clan.borgbackup.destinations.test_backup_server.repo = "borg@server:.";
|
clan.borgbackup.destinations.test-backup.repo = "borg@machine:.";
|
||||||
|
|
||||||
|
services.borgbackup.repos.test-backups = {
|
||||||
|
path = "/var/lib/borgbackup/test-backups";
|
||||||
|
authorizedKeys = [ (builtins.readFile ../lib/ssh/pubkey) ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
perSystem =
|
perSystem =
|
||||||
@ -86,56 +100,35 @@ in
|
|||||||
checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux) {
|
checks = pkgs.lib.mkIf (pkgs.stdenv.isLinux) {
|
||||||
test-backups = (import ../lib/test-base.nix) {
|
test-backups = (import ../lib/test-base.nix) {
|
||||||
name = "test-backups";
|
name = "test-backups";
|
||||||
nodes.server = {
|
nodes.machine.imports = [
|
||||||
imports = [
|
self.nixosModules.clanCore
|
||||||
self.nixosModules.test_backup_server
|
self.nixosModules.test-backup
|
||||||
self.nixosModules.clanCore
|
];
|
||||||
{
|
|
||||||
clanCore.machineName = "server";
|
|
||||||
clanCore.clanDir = ../..;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
nodes.client = {
|
|
||||||
imports = [
|
|
||||||
self.nixosModules.test_backup_client
|
|
||||||
self.nixosModules.clanCore
|
|
||||||
{
|
|
||||||
clanCore.machineName = "client";
|
|
||||||
clanCore.clanDir = ../..;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
testScript = ''
|
testScript = ''
|
||||||
import json
|
import json
|
||||||
start_all()
|
start_all()
|
||||||
|
|
||||||
# setup
|
|
||||||
client.succeed("mkdir -m 700 /root/.ssh")
|
|
||||||
client.succeed(
|
|
||||||
"cat ${../lib/ssh/privkey} > /root/.ssh/id_ed25519"
|
|
||||||
)
|
|
||||||
client.succeed("chmod 600 /root/.ssh/id_ed25519")
|
|
||||||
client.wait_for_unit("sshd", timeout=30)
|
|
||||||
client.succeed("ssh -o StrictHostKeyChecking=accept-new root@client hostname")
|
|
||||||
|
|
||||||
# dummy data
|
# dummy data
|
||||||
client.succeed("mkdir /var/test-backups")
|
machine.succeed("mkdir -p /var/test-backups")
|
||||||
client.succeed("echo testing > /var/test-backups/somefile")
|
machine.succeed("echo testing > /var/test-backups/somefile")
|
||||||
|
|
||||||
# create
|
# create
|
||||||
client.succeed("clan --debug --flake ${../..} backups create test_backup_client")
|
machine.succeed("ping -c1 machine >&2")
|
||||||
client.wait_until_succeeds("! systemctl is-active borgbackup-job-test_backup_server")
|
machine.succeed("ssh -i /etc/secrets/borgbackup.ssh -v machine hostname >&2")
|
||||||
|
machine.succeed("systemctl status >&2")
|
||||||
|
machine.succeed("systemctl start borgbackup-job-test-backup")
|
||||||
|
machine.succeed("clan --debug --flake ${self} backups create test-backup")
|
||||||
|
machine.wait_until_succeeds("! systemctl is-active borgbackup-job-test-backup >&2")
|
||||||
|
|
||||||
# list
|
# list
|
||||||
backup_id = json.loads(client.succeed("borg-job-test_backup_server list --json"))["archives"][0]["archive"]
|
backup_id = json.loads(machine.succeed("borg-job-test-backup list --json"))["archives"][0]["archive"]
|
||||||
assert(backup_id in client.succeed("clan --debug --flake ${../..} backups list test_backup_client"))
|
assert backup_id in machine.succeed("clan --debug --flake ${self} backups list test-backup"), "backup not listed"
|
||||||
|
|
||||||
# restore
|
# restore
|
||||||
client.succeed("rm -f /var/test-backups/somefile")
|
machine.succeed("rm -f /var/test-backups/somefile")
|
||||||
client.succeed(f"clan --debug --flake ${../..} backups restore test_backup_client borgbackup {backup_id}")
|
machine.succeed(f"clan --debug --flake ${self} backups restore test-backup borgbackup {backup_id}")
|
||||||
assert(client.succeed("cat /var/test-backups/somefile").strip() == "testing")
|
assert machine.succeed("cat /var/test-backups/somefile").strip() == "testing", "restore failed"
|
||||||
'';
|
'';
|
||||||
} { inherit pkgs self; };
|
} { inherit pkgs self; };
|
||||||
};
|
};
|
||||||
|
1
machines/test-backup/facts/borgbackup.ssh.pub
Normal file
1
machines/test-backup/facts/borgbackup.ssh.pub
Normal file
@ -0,0 +1 @@
|
|||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIbwIVnLy+uoDZ6uK/OCc1QK46SIGeC3mVc85dqLYQw lass@ignavia
|
1
machines/test-backup/facts/ssh.id_ed25519.pub
Normal file
1
machines/test-backup/facts/ssh.id_ed25519.pub
Normal file
@ -0,0 +1 @@
|
|||||||
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIbwIVnLy+uoDZ6uK/OCc1QK46SIGeC3mVc85dqLYQw lass@ignavia
|
Loading…
Reference in New Issue
Block a user