pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #125696 from hercules-ci/postgresql-backup-only-replace-if-successful

nixos/postgresqlBackup: only replace if successful

Mario Rodas bb1ff7da 596f8255

options
unified split
Changed files
+32 -4
nixos
modules
services
backup
postgresql-backup.nix
tests
postgresql.nix
+10 -4
nixos/modules/services/backup/postgresql-backup.nix 
···

       
14

       
14

       
 

       



     

       
15

       
15

       
 

       
      requires = [ "postgresql.service" ];


     

       
16

       
16

       
 

       



     

       

       
17

       
+

       
      path = [ pkgs.coreutils pkgs.gzip config.services.postgresql.package ];


     

       

       
18

       
+

       



     

       
17

       
19

       
 

       
      script = ''


     

       

       
20

       
+

       
        set -e -o pipefail


     

       

       
21

       
+

       



     

       
18

       
22

       
 

       
        umask 0077 # ensure backup is only readable by postgres user


     

       
19

       
23

       
 

       



     

       
20

       
24

       
 

       
        if [ -e ${cfg.location}/${db}.sql.gz ]; then


     

       
21

       

       
-

       
          ${pkgs.coreutils}/bin/mv ${cfg.location}/${db}.sql.gz ${cfg.location}/${db}.prev.sql.gz


     

       

       
25

       
+

       
          mv ${cfg.location}/${db}.sql.gz ${cfg.location}/${db}.prev.sql.gz


     

       
22

       
26

       
 

       
        fi


     

       
23

       
27

       
 

       



     

       
24

       
28

       
 

       
        ${dumpCmd} | \


     

       
25

       

       
-

       
          ${pkgs.gzip}/bin/gzip -c > ${cfg.location}/${db}.sql.gz


     

       

       
29

       
+

       
          gzip -c > ${cfg.location}/${db}.in-progress.sql.gz


     

       

       
30

       
+

       



     

       

       
31

       
+

       
        mv ${cfg.location}/${db}.in-progress.sql.gz ${cfg.location}/${db}.sql.gz


     

       
26

       
32

       
 

       
      '';


     

       
27

       
33

       
 

       



     

       
28

       
34

       
 

       
      serviceConfig = {


     
···

       
113

       
119

       
 

       
    })


     

       
114

       
120

       
 

       
    (mkIf (cfg.enable && cfg.backupAll) {


     

       
115

       
121

       
 

       
      systemd.services.postgresqlBackup =


     

       
116

       

       
-

       
        postgresqlBackupService "all" "${config.services.postgresql.package}/bin/pg_dumpall";


     

       

       
122

       
+

       
        postgresqlBackupService "all" "pg_dumpall";


     

       
117

       
123

       
 

       
    })


     

       
118

       
124

       
 

       
    (mkIf (cfg.enable && !cfg.backupAll) {


     

       
119

       
125

       
 

       
      systemd.services = listToAttrs (map (db:


     

       
120

       
126

       
 

       
        let


     

       
121

       

       
-

       
          cmd = "${config.services.postgresql.package}/bin/pg_dump ${cfg.pgdumpOptions} ${db}";


     

       

       
127

       
+

       
          cmd = "pg_dump ${cfg.pgdumpOptions} ${db}";


     

       
122

       
128

       
 

       
        in {


     

       
123

       
129

       
 

       
          name = "postgresqlBackup-${db}";


     

       
124

       
130

       
 

       
          value = postgresqlBackupService db cmd;
+22
nixos/tests/postgresql.nix 
···

       
73

       
73

       
 

       
          machine.succeed(


     

       
74

       
74

       
 

       
              "systemctl start ${backupService}.service",


     

       
75

       
75

       
 

       
              "zcat /var/backup/postgresql/${backupName}.sql.gz | grep '<test>ok</test>'",


     

       

       
76

       
+

       
              "ls -hal /var/backup/postgresql/ >/dev/console",


     

       
76

       
77

       
 

       
              "stat -c '%a' /var/backup/postgresql/${backupName}.sql.gz | grep 600",


     

       
77

       
78

       
 

       
          )


     

       

       
79

       
+

       
      with subtest("Backup service fails gracefully"):


     

       

       
80

       
+

       
          # Sabotage the backup process


     

       

       
81

       
+

       
          machine.succeed("rm /run/postgresql/.s.PGSQL.5432")


     

       

       
82

       
+

       
          machine.fail(


     

       

       
83

       
+

       
              "systemctl start ${backupService}.service",


     

       

       
84

       
+

       
          )


     

       

       
85

       
+

       
          machine.succeed(


     

       

       
86

       
+

       
              "ls -hal /var/backup/postgresql/ >/dev/console",


     

       

       
87

       
+

       
              "zcat /var/backup/postgresql/${backupName}.prev.sql.gz | grep '<test>ok</test>'",


     

       

       
88

       
+

       
              "stat /var/backup/postgresql/${backupName}.in-progress.sql.gz",


     

       

       
89

       
+

       
          )


     

       

       
90

       
+

       
          # In a previous version, the second run would overwrite prev.sql.gz,


     

       

       
91

       
+

       
          # so we test a second run as well.


     

       

       
92

       
+

       
          machine.fail(


     

       

       
93

       
+

       
              "systemctl start ${backupService}.service",


     

       

       
94

       
+

       
          )


     

       

       
95

       
+

       
          machine.succeed(


     

       

       
96

       
+

       
              "stat /var/backup/postgresql/${backupName}.in-progress.sql.gz",


     

       

       
97

       
+

       
              "zcat /var/backup/postgresql/${backupName}.prev.sql.gz | grep '<test>ok</test>'",


     

       

       
98

       
+

       
          )


     

       

       
99

       
+

       



     

       
78

       
100

       
 

       



     

       
79

       
101

       
 

       
      with subtest("Initdb works"):


     

       
80

       
102

       
 

       
          machine.succeed("sudo -u postgres initdb -D /tmp/testpostgres2")