vuls: init at 0.27.0
[NixPkgs.git] / nixos / tests / btrbk.nix
blob403c9595530d8f3d511acebd709197991f95eeba
1 import ./make-test-python.nix ({ pkgs, ... }:
3   let
4     privateKey = ''
5       -----BEGIN OPENSSH PRIVATE KEY-----
6       b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
7       QyNTUxOQAAACBx8UB04Q6Q/fwDFjakHq904PYFzG9pU2TJ9KXpaPMcrwAAAJB+cF5HfnBe
8       RwAAAAtzc2gtZWQyNTUxOQAAACBx8UB04Q6Q/fwDFjakHq904PYFzG9pU2TJ9KXpaPMcrw
9       AAAEBN75NsJZSpt63faCuaD75Unko0JjlSDxMhYHAPJk2/xXHxQHThDpD9/AMWNqQer3Tg
10       9gXMb2lTZMn0pelo8xyvAAAADXJzY2h1ZXR6QGt1cnQ=
11       -----END OPENSSH PRIVATE KEY-----
12     '';
13     publicKey = ''
14       ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHxQHThDpD9/AMWNqQer3Tg9gXMb2lTZMn0pelo8xyv
15     '';
16   in
17   {
18     name = "btrbk";
19     meta = with pkgs.lib; {
20       maintainers = with maintainers; [ symphorien ];
21     };
23     nodes = {
24       archive = { ... }: {
25         environment.systemPackages = with pkgs; [ btrfs-progs ];
26         # note: this makes the privateKey world readable.
27         # don't do it with real ssh keys.
28         environment.etc."btrbk_key".text = privateKey;
29         services.btrbk = {
30           instances = {
31             remote = {
32               onCalendar = "minutely";
33               settings = {
34                 ssh_identity = "/etc/btrbk_key";
35                 ssh_user = "btrbk";
36                 stream_compress = "lz4";
37                 volume = {
38                   "ssh://main/mnt" = {
39                     target = "/mnt";
40                     snapshot_dir = "btrbk/remote";
41                     subvolume = "to_backup";
42                   };
43                 };
44               };
45             };
46           };
47         };
48       };
50       main = { ... }: {
51         environment.systemPackages = with pkgs; [ btrfs-progs ];
52         services.openssh = {
53           enable = true;
54           settings = {
55             KbdInteractiveAuthentication = false;
56             PasswordAuthentication = false;
57           };
58         };
59         services.btrbk = {
60           extraPackages = [ pkgs.lz4 ];
61           sshAccess = [
62             {
63               key = publicKey;
64               roles = [ "source" "send" "info" "delete" ];
65             }
66           ];
67           instances = {
68             local = {
69               onCalendar = "minutely";
70               settings = {
71                 volume = {
72                   "/mnt" = {
73                     snapshot_dir = "btrbk/local";
74                     subvolume = "to_backup";
75                   };
76                 };
77               };
78             };
79           };
80         };
81       };
82     };
84     testScript = ''
85       start_all()
87       # create btrfs partition at /mnt
88       for machine in (archive, main):
89         machine.succeed("dd if=/dev/zero of=/data_fs bs=120M count=1")
90         machine.succeed("mkfs.btrfs /data_fs")
91         machine.succeed("mkdir /mnt")
92         machine.succeed("mount /data_fs /mnt")
94       # what to backup and where
95       main.succeed("btrfs subvolume create /mnt/to_backup")
96       main.succeed("mkdir -p /mnt/btrbk/{local,remote}")
98       # check that local snapshots work
99       with subtest("local"):
100           main.succeed("echo foo > /mnt/to_backup/bar")
101           main.wait_until_succeeds("cat /mnt/btrbk/local/*/bar | grep foo")
102           main.succeed("echo bar > /mnt/to_backup/bar")
103           main.succeed("cat /mnt/btrbk/local/*/bar | grep foo")
105       # check that btrfs send/receive works and ssh access works
106       with subtest("remote"):
107           archive.wait_until_succeeds("cat /mnt/*/bar | grep bar")
108           main.succeed("echo baz > /mnt/to_backup/bar")
109           archive.succeed("cat /mnt/*/bar | grep bar")
110     '';
111   })