mirror of
https://0xacab.org/liberate/backupninja.git
synced 2024-09-19 23:21:40 +02:00
ed55eaab73
For package installation, the runner $TMPDIR may not be big enough, eg when rebuilding an initramfs it runs out of space, so use a new function that sets it explicitly.
455 lines
15 KiB
Bash
455 lines
15 KiB
Bash
load common
|
|
|
|
begin_dup() {
|
|
install_pkgs debootstrap duplicity trickle
|
|
if [ ! -d /var/cache/bntest ]; then
|
|
debootstrap --variant=minbase testing "$BN_SRCDIR"
|
|
fi
|
|
}
|
|
|
|
setup_dup() {
|
|
cat << EOF > "${BATS_TMPDIR}/backup.d/test.dup"
|
|
when = manual
|
|
options =
|
|
nicelevel = 0
|
|
testconnect = no
|
|
ionicelevel =
|
|
tmpdir = /tmp
|
|
|
|
[gpg]
|
|
password = 123test
|
|
signpassword =
|
|
sign =
|
|
encryptkey =
|
|
signkey =
|
|
|
|
[source]
|
|
include = ${BN_SRCDIR}
|
|
exclude = ${BN_SRCDIR}/var
|
|
|
|
[dest]
|
|
incremental = yes
|
|
increments = 30
|
|
keep = yes
|
|
keepincroffulls = all
|
|
desturl = file:///${BN_BACKUPDIR}/testdup
|
|
sshoptions =
|
|
bandwidthlimit = 0
|
|
desthost =
|
|
destdir = ${BN_BACKUPDIR}/testdup
|
|
destuser =
|
|
EOF
|
|
|
|
chmod 0640 "${BATS_TMPDIR}/backup.d/test.dup"
|
|
|
|
# reset duplicity archive-dir
|
|
# default path set by handler is /var/cache/backupninja
|
|
BN_DUPARCHIVEDIR="/var/cache/backupninja/duplicity"
|
|
export BN_DUPARCHIVEDIR
|
|
[ -d "$BN_DUPARCHIVEDIR" ] && rm -rf "$BN_DUPARCHIVEDIR"
|
|
mkdir -p "$BN_DUPARCHIVEDIR"
|
|
}
|
|
|
|
finish_dup() {
|
|
cleanup_backups local remote
|
|
|
|
# cleanup duplicity cache dir
|
|
rm -rf /var/cache/backupninja
|
|
remote_command "sudo rm -rf /var/cache/backupninja"
|
|
|
|
# cleanup test gpg keys
|
|
gpg --list-secret-keys \*@bntest0 | grep -e '^\s\+[A-Z0-9]\{40\}' | tr -d ' ' | xargs -L1 sudo gpg --delete-secret-keys --batch --no-tty --yes
|
|
gpg --list-keys \*@bntest0 | grep -e '^\s\+[A-Z0-9]\{40\}' | tr -d ' ' | xargs -L1 sudo gpg --delete-keys --batch --no-tty --yes
|
|
}
|
|
|
|
@test "check ssh connection test" {
|
|
setconfig testconnect yes
|
|
setconfig dest destuser $BN_REMOTEUSER
|
|
setconfig dest desthost $BN_REMOTEHOST
|
|
delconfig dest desturl
|
|
testaction
|
|
greplog "Debug: Connected to ${BN_REMOTEHOST} as ${BN_REMOTEUSER} successfully$"
|
|
}
|
|
|
|
@test "check config parameter nicelevel" {
|
|
# nicelevel is 0 by default
|
|
delconfig nicelevel
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' '\bnice -n 0\b'
|
|
|
|
# nicelevel is defined
|
|
setconfig nicelevel -19
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' '\bnice -n -19\b'
|
|
}
|
|
|
|
@test "check config parameter ionicelevel" {
|
|
# no ionice by default
|
|
delconfig ionicelevel
|
|
testaction
|
|
not_greplog 'Debug: executing duplicity$' '\bionice -c2\b'
|
|
|
|
# acceptable value
|
|
setconfig ionicelevel 7
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' '\bionice -c2 -n 7\b'
|
|
|
|
# unacceptable value
|
|
setconfig ionicelevel 10
|
|
testaction
|
|
greplog 'Fatal: The value of ionicelevel is expected to be either empty or an integer from 0 to 7. Got: 10$'
|
|
}
|
|
|
|
@test "check config parameter options" {
|
|
setconfig options "--verbosity 8"
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' '\s--verbosity 8\b'
|
|
}
|
|
|
|
@test "check config parameter tmpdir" {
|
|
# tmpdir undefined
|
|
delconfig tmpdir
|
|
testaction
|
|
not_greplog 'Debug: executing duplicity$' '\s--tmpdir\b'
|
|
|
|
# tmpdir defined
|
|
setconfig tmpdir /tmp
|
|
testaction
|
|
not_greplog 'Debug: executing duplicity$' '\s--tmpdir /tmp\b'
|
|
}
|
|
|
|
@test "check config parameter source/include" {
|
|
# missing path
|
|
delconfig source include
|
|
testaction
|
|
greplog 'Fatal: No source includes specified.$'
|
|
|
|
# single path
|
|
setconfig source include "$BN_SRCDIR"
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' "\s--include '${BN_SRCDIR}'"
|
|
|
|
# multiple paths
|
|
setconfig_repeat source include "$BN_SRCDIR" /foo /bar
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' "\s--include '${BN_SRCDIR}' --include '/foo' --include '/bar'\s"
|
|
}
|
|
|
|
@test "check config parameter source/exclude" {
|
|
# absent path
|
|
delconfig source exclude
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' "\s--include '${BN_SRCDIR}' --exclude '\*\*' /\s"
|
|
|
|
# single path
|
|
setconfig source exclude "${BN_SRCDIR}/var"
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' "\s--exclude '${BN_SRCDIR}/var'\s"
|
|
|
|
# multiple paths
|
|
setconfig_repeat source exclude "$BN_SRCDIR/var" "$BN_SRCDIR/foo" "$BN_SRCDIR/bar"
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' "\s--exclude '${BN_SRCDIR}/var' --exclude '${BN_SRCDIR}/foo' --exclude '${BN_SRCDIR}/bar'\s"
|
|
}
|
|
|
|
@test "check config parameter dest/incremental" {
|
|
# absent parameter, defaults to yes
|
|
delconfig dest incremental
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' 'Debug: nice -n 0 LC_ALL=C duplicity --no-print-statistics'
|
|
|
|
# defined, set to yes
|
|
setconfig dest incremental yes
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' 'Debug: nice -n 0 LC_ALL=C duplicity --no-print-statistics'
|
|
|
|
# defined, set to no
|
|
setconfig dest incremental no
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' 'Debug: nice -n 0 LC_ALL=C duplicity full --no-print-statistics'
|
|
}
|
|
|
|
@test "check config parameter dest/increments" {
|
|
# absent parameter, defaults to 30
|
|
delconfig dest increments
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' '\s--full-if-older-than 30D\b'
|
|
|
|
# defined, set to 60
|
|
setconfig dest increments 60
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' '\s--full-if-older-than 60D\b'
|
|
|
|
# defined, set to keep
|
|
setconfig dest increments keep
|
|
testaction
|
|
not_greplog 'Debug: executing duplicity$' '\s--full-if-older-than\s'
|
|
}
|
|
|
|
@test "check config parameter dest/keep" {
|
|
# absent parameter, defaults to 60
|
|
delconfig dest keep
|
|
testaction
|
|
greplog 'Debug: executing duplicity remove-older-than$' '\sduplicity remove-older-than 60D\b'
|
|
|
|
# defined, set to 180
|
|
setconfig dest keep 180
|
|
testaction
|
|
greplog 'Debug: executing duplicity remove-older-than$' '\sduplicity remove-older-than 180D\b'
|
|
|
|
# defined, set to yes
|
|
setconfig dest keep yes
|
|
testaction
|
|
not_greplog 'Debug: executing duplicity remove-older-than$'
|
|
}
|
|
|
|
@test "check config parameter dest/keepincroffulls" {
|
|
# absent parameter, defaults to all
|
|
setconfig dest keep 30
|
|
delconfig dest keepincroffulls
|
|
testaction
|
|
not_greplog 'Debug: executing duplicity remove-all-inc-of-but-n-full$'
|
|
|
|
# defined, set to 1
|
|
setconfig dest keep 30
|
|
setconfig dest keepincroffulls 1
|
|
testaction
|
|
greplog 'Debug: executing duplicity remove-all-inc-of-but-n-full$' '\sduplicity remove-all-inc-of-but-n-full 1\b'
|
|
|
|
# defined, set to all
|
|
setconfig dest keep 30
|
|
setconfig dest keepincroffulls all
|
|
testaction
|
|
not_greplog 'Debug: executing duplicity remove-all-inc-of-but-n-full$'
|
|
}
|
|
|
|
@test "check config parameter dest/awsaccesskeyid" {
|
|
skip "not implemented"
|
|
}
|
|
|
|
@test "check config parameter dest/awssecretaccesskey" {
|
|
skip "not implemented"
|
|
}
|
|
|
|
@test "check config parameter dest/cfusername" {
|
|
skip "not implemented"
|
|
}
|
|
|
|
@test "check config parameter dest/cfapikey" {
|
|
skip "not implemented"
|
|
}
|
|
|
|
@test "check config parameter dest/cfauthurl" {
|
|
skip "not implemented"
|
|
}
|
|
|
|
@test "check config parameter dest/dropboxappkey" {
|
|
skip "not implemented"
|
|
}
|
|
|
|
@test "check config parameter dest/dropboxappsecret" {
|
|
skip "not implemented"
|
|
}
|
|
|
|
@test "check config parameter dest/dropboxaccesstoken" {
|
|
skip "not implemented"
|
|
}
|
|
|
|
@test "check config parameter dest/ftp_password" {
|
|
skip "not implemented"
|
|
}
|
|
|
|
@test "check config parameter dest/sshoptions" {
|
|
# undefined
|
|
delconfig dest sshoptions
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' "\s--ssh-options ''\s"
|
|
|
|
# defined
|
|
setconfig dest sshoptions "-oIdentityFile=/root/.ssh/id_rsa"
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' "\s--ssh-options '-oIdentityFile=/root/.ssh/id_rsa'\s"
|
|
}
|
|
|
|
@test "check config parameter dest/bandwidthlimit" {
|
|
# undefined, disabled by default
|
|
delconfig dest bandwidthlimit
|
|
testaction
|
|
not_greplog "\btrickle -s\b"
|
|
|
|
# defined, set to 250, local file path
|
|
setconfig dest bandwidthlimit 250
|
|
setconfig dest desturl "file://${BN_BACKUPDIR}/testdup"
|
|
testaction
|
|
greplog 'Warning: The bandwidthlimit option is not used with a local file path destination.'
|
|
not_greplog 'Debug: executing duplicity$' "\strickle -s -d 250 -u 250 duplicity\s"
|
|
|
|
# defined, set to 250, remote path
|
|
setconfig dest bandwidthlimit 250
|
|
setconfig dest desturl "sftp://${BN_REMOTEUSER}@${BN_REMOTEHOST}:22${BN_BACKUPDIR}/testdup"
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' "\strickle -s -d 250 -u 250 duplicity\s"
|
|
}
|
|
|
|
@test "check config parameter dest/desturl" {
|
|
# undefined desturl
|
|
delconfig dest desturl
|
|
delconfig dest desthost
|
|
testaction
|
|
greplog 'Fatal: The destination host (desthost) must be set when desturl is not used.$'
|
|
|
|
# desturl, file protocol
|
|
setconfig dest desturl "file://${BN_BACKUPDIR}/testdup"
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' "\sfile://${BN_BACKUPDIR}/testdup$"
|
|
|
|
# desturl, sftp protocol
|
|
setconfig dest desturl "sftp://${BN_REMOTEUSER}@${BN_REMOTEHOST}:22${BN_BACKUPDIR}/testdup"
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' "\ssftp://${BN_REMOTEUSER}@${BN_REMOTEHOST}:22${BN_BACKUPDIR}/testdup$"
|
|
}
|
|
|
|
@test "check config parameters dest/desthost, dest/destuser, dest/destdir" {
|
|
delconfig dest desturl
|
|
setconfig dest desthost "$BN_REMOTEHOST"
|
|
setconfig dest destuser "$BN_REMOTEUSER"
|
|
setconfig dest destdir "$BN_BACKUPDIR/testdup"
|
|
testaction
|
|
greplog 'Debug: executing duplicity$' "\sscp://${BN_REMOTEUSER}@${BN_REMOTEHOST}/${BN_BACKUPDIR}/testdup$"
|
|
}
|
|
|
|
@test "create local backup with symmetric encryption" {
|
|
cleanup_backups local
|
|
mkdir -p /var/backups/testdup
|
|
setconfig gpg password 123test
|
|
setconfig dest desturl "file://${BN_BACKUPDIR}/testdup"
|
|
delconfig dest destdir
|
|
runaction
|
|
greplog "Debug: Data will be encrypted using symmetric encryption."
|
|
greplog "Info: Duplicity finished successfully."
|
|
}
|
|
|
|
@test "verify local backup with symmetric encryption" {
|
|
export PASSPHRASE="123foo"
|
|
run duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "file://${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
[ "$status" -eq 31 ]
|
|
export PASSPHRASE="123test"
|
|
duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "file://${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
}
|
|
|
|
@test "create local backup with public key encryption, unsigned" {
|
|
makegpgkeys
|
|
cleanup_backups local
|
|
mkdir -p /var/backups/testdup
|
|
setconfig gpg encryptkey "$BN_ENCRYPTKEY"
|
|
setconfig gpg password 123test
|
|
setconfig dest desturl "file://${BN_BACKUPDIR}/testdup"
|
|
delconfig dest destdir
|
|
runaction
|
|
greplog "Debug: Data will be encrypted with the GnuPG key $BN_ENCRYPTKEY.$"
|
|
greplog "Debug: Data won't be signed."
|
|
greplog "Info: Duplicity finished successfully."
|
|
}
|
|
|
|
@test "verify local backup with public key encryption, unsigned" {
|
|
gpgconf --reload gpg-agent && export PASSPHRASE="123foo"
|
|
run duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "file://${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
[ "$status" -eq 31 ]
|
|
echo "$output" | grep -q "gpg: public key decryption failed: Bad passphrase"
|
|
gpgconf --reload gpg-agent && export PASSPHRASE="123encrypt"
|
|
duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "file://${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
}
|
|
|
|
@test "create local backup with public key encryption, signed with same key" {
|
|
makegpgkeys
|
|
cleanup_backups local
|
|
mkdir -p /var/backups/testdup
|
|
setconfig gpg encryptkey "$BN_ENCRYPTKEY"
|
|
setconfig gpg password 123encrypt
|
|
setconfig gpg sign yes
|
|
setconfig dest desturl "file://${BN_BACKUPDIR}/testdup"
|
|
delconfig dest destdir
|
|
runaction
|
|
greplog "Debug: Data will be encrypted ang signed with the GnuPG key ${BN_ENCRYPTKEY}.$"
|
|
greplog "Info: Duplicity finished successfully."
|
|
}
|
|
|
|
@test "verify local backup with public key encryption, signed with same key" {
|
|
gpgconf --reload gpg-agent && export PASSPHRASE="123foo"
|
|
run duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "file://${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
[ "$status" -eq 31 ]
|
|
echo "$output" | grep -q "gpg: public key decryption failed: Bad passphrase"
|
|
gpgconf --reload gpg-agent && export PASSPHRASE="123encrypt"
|
|
duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "file://${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
}
|
|
|
|
@test "create local backup with public key encryption, signed with different key" {
|
|
makegpgkeys
|
|
cleanup_backups local
|
|
mkdir -p /var/backups/testdup
|
|
setconfig gpg encryptkey "$BN_ENCRYPTKEY"
|
|
setconfig gpg password 123encrypt
|
|
setconfig gpg sign yes
|
|
setconfig gpg signkey "$BN_SIGNKEY"
|
|
setconfig gpg signpassword 123sign
|
|
setconfig dest desturl "file://${BN_BACKUPDIR}/testdup"
|
|
delconfig dest destdir
|
|
runaction
|
|
greplog "Debug: Data will be encrypted with the GnuPG key ${BN_ENCRYPTKEY}.$"
|
|
greplog "Debug: Data will be signed with the GnuPG key ${BN_SIGNKEY}.$"
|
|
greplog "Info: Duplicity finished successfully."
|
|
}
|
|
|
|
@test "verify local backup with public key encryption, signed with different key" {
|
|
gpgconf --reload gpg-agent && export PASSPHRASE="123foo" SIGN_PASSPHRASE="123foo"
|
|
run duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "file://${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
[ "$status" -eq 31 ]
|
|
echo "$output" | grep -q "gpg: public key decryption failed: Bad passphrase"
|
|
gpgconf --reload gpg-agent && export PASSPHRASE="123encrypt" SIGN_PASSPHRASE="123sign"
|
|
duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "file://${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
}
|
|
|
|
@test "create remote backup with symmetric encryption" {
|
|
setconfig gpg password 123test
|
|
delconfig dest desturl
|
|
setconfig dest destuser "$BN_REMOTEUSER"
|
|
setconfig dest desthost "$BN_REMOTEHOST"
|
|
setconfig dest destdir "${BN_BACKUPDIR}/testdup"
|
|
cleanup_backups remote
|
|
runaction
|
|
greplog "Debug: Data will be encrypted using symmetric encryption."
|
|
greplog "Info: Duplicity finished successfully."
|
|
}
|
|
|
|
@test "verify remote backup with symmetric encryption" {
|
|
export PASSPHRASE="123foo"
|
|
run duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "scp://${BN_REMOTEUSER}@$BN_REMOTEHOST/${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
[ "$status" -eq 31 ]
|
|
export PASSPHRASE="123test"
|
|
duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "scp://${BN_REMOTEUSER}@$BN_REMOTEHOST/${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
}
|
|
|
|
@test "create remote backup with public key encryption, signed with same key" {
|
|
makegpgkeys
|
|
setconfig gpg encryptkey "$BN_ENCRYPTKEY"
|
|
setconfig gpg password 123encrypt
|
|
setconfig gpg sign yes
|
|
delconfig dest desturl
|
|
setconfig dest destuser "$BN_REMOTEUSER"
|
|
setconfig dest desthost "$BN_REMOTEHOST"
|
|
setconfig dest destdir "${BN_BACKUPDIR}/testdup"
|
|
cleanup_backups remote
|
|
runaction
|
|
greplog "Debug: Data will be encrypted ang signed with the GnuPG key ${BN_ENCRYPTKEY}.$"
|
|
greplog "Info: Duplicity finished successfully."
|
|
}
|
|
|
|
@test "verify remote backup with public key encryption, signed with same key" {
|
|
gpgconf --reload gpg-agent && export PASSPHRASE="123foo"
|
|
run duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "scp://${BN_REMOTEUSER}@$BN_REMOTEHOST/${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
[ "$status" -eq 31 ]
|
|
echo "$output" | grep -q "gpg: public key decryption failed: Bad passphrase"
|
|
gpgconf --reload gpg-agent && export PASSPHRASE="123encrypt"
|
|
duplicity verify --archive-dir "$BN_DUPARCHIVEDIR" "scp://${BN_REMOTEUSER}@$BN_REMOTEHOST/${BN_BACKUPDIR}/testdup" "$BN_SRCDIR"
|
|
}
|