nixos/tests/btrbk.nix at 23.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / tests / btrbk.nix
at 23.11-pre 3.6 kB view raw
  1import ./make-test-python.nix ({ pkgs, ... }:
  2
  3  let
  4    privateKey = ''
  5      -----BEGIN OPENSSH PRIVATE KEY-----
  6      b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
  7      QyNTUxOQAAACBx8UB04Q6Q/fwDFjakHq904PYFzG9pU2TJ9KXpaPMcrwAAAJB+cF5HfnBe
  8      RwAAAAtzc2gtZWQyNTUxOQAAACBx8UB04Q6Q/fwDFjakHq904PYFzG9pU2TJ9KXpaPMcrw
  9      AAAEBN75NsJZSpt63faCuaD75Unko0JjlSDxMhYHAPJk2/xXHxQHThDpD9/AMWNqQer3Tg
 10      9gXMb2lTZMn0pelo8xyvAAAADXJzY2h1ZXR6QGt1cnQ=
 11      -----END OPENSSH PRIVATE KEY-----
 12    '';
 13    publicKey = ''
 14      ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHHxQHThDpD9/AMWNqQer3Tg9gXMb2lTZMn0pelo8xyv
 15    '';
 16  in
 17  {
 18    name = "btrbk";
 19    meta = with pkgs.lib; {
 20      maintainers = with maintainers; [ symphorien ];
 21    };
 22
 23    nodes = {
 24      archive = { ... }: {
 25        environment.systemPackages = with pkgs; [ btrfs-progs ];
 26        # note: this makes the privateKey world readable.
 27        # don't do it with real ssh keys.
 28        environment.etc."btrbk_key".text = privateKey;
 29        services.btrbk = {
 30          extraPackages = [ pkgs.lz4 ];
 31          instances = {
 32            remote = {
 33              onCalendar = "minutely";
 34              settings = {
 35                ssh_identity = "/etc/btrbk_key";
 36                ssh_user = "btrbk";
 37                stream_compress = "lz4";
 38                volume = {
 39                  "ssh://main/mnt" = {
 40                    target = "/mnt";
 41                    snapshot_dir = "btrbk/remote";
 42                    subvolume = "to_backup";
 43                  };
 44                };
 45              };
 46            };
 47          };
 48        };
 49      };
 50
 51      main = { ... }: {
 52        environment.systemPackages = with pkgs; [ btrfs-progs ];
 53        services.openssh = {
 54          enable = true;
 55          settings = {
 56            KbdInteractiveAuthentication = false;
 57            PasswordAuthentication = false;
 58          };
 59        };
 60        services.btrbk = {
 61          extraPackages = [ pkgs.lz4 ];
 62          sshAccess = [
 63            {
 64              key = publicKey;
 65              roles = [ "source" "send" "info" "delete" ];
 66            }
 67          ];
 68          instances = {
 69            local = {
 70              onCalendar = "minutely";
 71              settings = {
 72                volume = {
 73                  "/mnt" = {
 74                    snapshot_dir = "btrbk/local";
 75                    subvolume = "to_backup";
 76                  };
 77                };
 78              };
 79            };
 80          };
 81        };
 82      };
 83    };
 84
 85    testScript = ''
 86      start_all()
 87
 88      # create btrfs partition at /mnt
 89      for machine in (archive, main):
 90        machine.succeed("dd if=/dev/zero of=/data_fs bs=120M count=1")
 91        machine.succeed("mkfs.btrfs /data_fs")
 92        machine.succeed("mkdir /mnt")
 93        machine.succeed("mount /data_fs /mnt")
 94
 95      # what to backup and where
 96      main.succeed("btrfs subvolume create /mnt/to_backup")
 97      main.succeed("mkdir -p /mnt/btrbk/{local,remote}")
 98
 99      # check that local snapshots work
100      with subtest("local"):
101          main.succeed("echo foo > /mnt/to_backup/bar")
102          main.wait_until_succeeds("cat /mnt/btrbk/local/*/bar | grep foo")
103          main.succeed("echo bar > /mnt/to_backup/bar")
104          main.succeed("cat /mnt/btrbk/local/*/bar | grep foo")
105
106      # check that btrfs send/receive works and ssh access works
107      with subtest("remote"):
108          archive.wait_until_succeeds("cat /mnt/*/bar | grep bar")
109          main.succeed("echo baz > /mnt/to_backup/bar")
110          archive.succeed("cat /mnt/*/bar | grep bar")
111    '';
112  })