pyrox.dev / nixpkgs
lol
fork atom

nixos/restic: add test for command option, add release notes

Test checks that we are able to run a backup from a command, and that
the resulting backup has the contents that we passed into it.

rowan amber-jones 73f8c1e6 6434cf0b

options
unified split
Changed files
+23 -1
nixos
doc
manual
release-notes
rl-2511.section.md
tests
restic.nix
+2
nixos/doc/manual/release-notes/rl-2511.section.md 
···

       
204

       
 

       



     

       
205

       
 

       
- Immich now has support for [VectorChord](https://github.com/tensorchord/VectorChord) when using the PostgreSQL configuration provided by `services.immich.database.enable`, which replaces `pgvecto-rs`. VectorChord support can be toggled with the option `services.immich.database.enableVectorChord`. Additionally, `pgvecto-rs` support is now disabled from NixOS 25.11 onwards using the option `services.immich.database.enableVectors`. This option will be removed fully in the future once Immich drops support for `pgvecto-rs` fully. See [Immich migration instructions](#module-services-immich-vectorchord-migration)


     

       
206

       
 

       



     

       

       

       
     

       

       

       
     

       
207

       
 

       
- `services.postsrsd` now automatically integrates with the local Postfix instance, when enabled. This behavior can disabled using the [services.postsrsd.configurePostfix](#opt-services.postsrsd.configurePostfix) option.


     

       
208

       
 

       



     

       
209

       
 

       
- `services.pfix-srsd` now automatically integrates with the local Postfix instance, when enabled. This behavior can disabled using the [services.pfix-srsd.configurePostfix](#opt-services.pfix-srsd.configurePostfix) option.


     
···

       
204

       
 

       



     

       
205

       
 

       
- Immich now has support for [VectorChord](https://github.com/tensorchord/VectorChord) when using the PostgreSQL configuration provided by `services.immich.database.enable`, which replaces `pgvecto-rs`. VectorChord support can be toggled with the option `services.immich.database.enableVectorChord`. Additionally, `pgvecto-rs` support is now disabled from NixOS 25.11 onwards using the option `services.immich.database.enableVectors`. This option will be removed fully in the future once Immich drops support for `pgvecto-rs` fully. See [Immich migration instructions](#module-services-immich-vectorchord-migration)


     

       
206

       
 

       



     

       
207

       
+

       
- `services.restic.backups` now includes a `command` option for passing a command to the [--stdin-from-command](https://github.com/restic/restic/pull/4410) flag.


     

       
208

       
+

       



     

       
209

       
 

       
- `services.postsrsd` now automatically integrates with the local Postfix instance, when enabled. This behavior can disabled using the [services.postsrsd.configurePostfix](#opt-services.postsrsd.configurePostfix) option.


     

       
210

       
 

       



     

       
211

       
 

       
- `services.pfix-srsd` now automatically integrates with the local Postfix instance, when enabled. This behavior can disabled using the [services.pfix-srsd.configurePostfix](#opt-services.pfix-srsd.configurePostfix) option.
+21 -1
nixos/tests/restic.nix 
···

       
1

       
 

       
{ pkgs, ... }:


     

       
2

       
-

       



     

       
3

       
 

       
let


     

       
4

       
 

       
  inherit (import ./ssh-keys.nix pkgs)


     

       
5

       
 

       
    snakeOilEd25519PrivateKey


     
···

       
8

       
 

       



     

       
9

       
 

       
  remoteRepository = "/root/restic-backup";


     

       
10

       
 

       
  remoteFromFileRepository = "/root/restic-backup-from-file";


     

       

       

       
     

       
11

       
 

       
  remoteInhibitTestRepository = "/root/restic-backup-inhibit-test";


     

       
12

       
 

       
  remoteNoInitRepository = "/root/restic-backup-no-init";


     

       
13

       
 

       
  rcloneRepository = "rclone:local:/root/restic-rclone-backup";


     
···

       
44

       
 

       
    "--keep-weekly 1"


     

       
45

       
 

       
    "--keep-monthly 1"


     

       
46

       
 

       
    "--keep-yearly 99"


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
47

       
 

       
  ];


     

       
48

       
 

       
in


     

       
49

       
 

       
{


     
···

       
127

       
 

       
              find /opt -mindepth 1 -maxdepth 1 ! -name a_dir # all files in /opt except for a_dir


     

       
128

       
 

       
            '';


     

       
129

       
 

       
          };


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
130

       
 

       
          inhibit-test = {


     

       
131

       
 

       
            inherit


     

       
132

       
 

       
              passwordFile


     
···

       
266

       
 

       
        "mkdir /tmp/restore-3",


     

       
267

       
 

       
        "${pkgs.restic}/bin/restic -r ${remoteRepository} -p ${passwordFile} restore latest -t /tmp/restore-3",


     

       
268

       
 

       
        "diff -ru ${testDir} /tmp/restore-3/opt",


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
269

       
 

       



     

       
270

       
 

       
        # test that rclonebackup produces a snapshot


     

       
271

       
 

       
        "systemctl start restic-backups-rclonebackup.service",


     
···

       
1

       
 

       
{ pkgs, ... }:


     

       

       

       
     

       
2

       
 

       
let


     

       
3

       
 

       
  inherit (import ./ssh-keys.nix pkgs)


     

       
4

       
 

       
    snakeOilEd25519PrivateKey


     
···

       
7

       
 

       



     

       
8

       
 

       
  remoteRepository = "/root/restic-backup";


     

       
9

       
 

       
  remoteFromFileRepository = "/root/restic-backup-from-file";


     

       
10

       
+

       
  remoteFromCommandRepository = "/root/restic-backup-from-command";


     

       
11

       
 

       
  remoteInhibitTestRepository = "/root/restic-backup-inhibit-test";


     

       
12

       
 

       
  remoteNoInitRepository = "/root/restic-backup-no-init";


     

       
13

       
 

       
  rcloneRepository = "rclone:local:/root/restic-rclone-backup";


     
···

       
44

       
 

       
    "--keep-weekly 1"


     

       
45

       
 

       
    "--keep-monthly 1"


     

       
46

       
 

       
    "--keep-yearly 99"


     

       
47

       
+

       
  ];


     

       
48

       
+

       
  commandString = "testing";


     

       
49

       
+

       
  command = [


     

       
50

       
+

       
    "echo"


     

       
51

       
+

       
    "-n"


     

       
52

       
+

       
    commandString


     

       
53

       
 

       
  ];


     

       
54

       
 

       
in


     

       
55

       
 

       
{


     
···

       
133

       
 

       
              find /opt -mindepth 1 -maxdepth 1 ! -name a_dir # all files in /opt except for a_dir


     

       
134

       
 

       
            '';


     

       
135

       
 

       
          };


     

       
136

       
+

       
          remote-from-command-backup = {


     

       
137

       
+

       
            inherit


     

       
138

       
+

       
              passwordFile


     

       
139

       
+

       
              pruneOpts


     

       
140

       
+

       
              command


     

       
141

       
+

       
              ;


     

       
142

       
+

       
            initialize = true;


     

       
143

       
+

       
            repository = remoteFromCommandRepository;


     

       
144

       
+

       
          };


     

       
145

       
 

       
          inhibit-test = {


     

       
146

       
 

       
            inherit


     

       
147

       
 

       
              passwordFile


     
···

       
281

       
 

       
        "mkdir /tmp/restore-3",


     

       
282

       
 

       
        "${pkgs.restic}/bin/restic -r ${remoteRepository} -p ${passwordFile} restore latest -t /tmp/restore-3",


     

       
283

       
 

       
        "diff -ru ${testDir} /tmp/restore-3/opt",


     

       
284

       
+

       



     

       
285

       
+

       
        # test that remote-from-command-backup produces a snapshot, with the expected contents


     

       
286

       
+

       
        "systemctl start restic-backups-remote-from-command-backup.service",


     

       
287

       
+

       
        'restic-remote-from-command-backup snapshots --json | ${pkgs.jq}/bin/jq "length | . == 1"',


     

       
288

       
+

       
        '[[ $(restic-remote-from-command-backup dump --path /stdin latest stdin) == ${commandString} ]]',


     

       
289

       
 

       



     

       
290

       
 

       
        # test that rclonebackup produces a snapshot


     

       
291

       
 

       
        "systemctl start restic-backups-rclonebackup.service",