Timemachine/cloud-sync
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
49d1cb32801c6c9f84df0d616739f90de26ae0a5
cloud-sync/tests/test_repo_url.py
T
claude-timemachine 49d1cb3280
CI / test (3.10) (push) Successful in 8s
Details
CI / test (3.11) (push) Successful in 8s
Details
CI / test (3.12) (push) Successful in 7s
Details
CI / build-pyz (push) Successful in 4s
Details
CI / release (push) Has been skipped
Details
drop restic repo encryption; rely on TLS + append-only + LUKS 
User credentials now serve HTTP basic auth only. Repos init with
--insecure-no-password. Removes:
  - RESTIC_PASSWORD env in client subprocess
  - Per-repo password coordination story
  - Multi-key restic setup (user key + operator-master key)
  - Two-password recovery edge cases

Operator-side prune now runs over the filesystem path (-r /srv/.../<user>/)
which bypasses rest-server's HTTP-layer append-only enforcement. No
password needed at all.

Protection model stays:
  - TLS in transit (reverse proxy)
  - HTTP basic per-user (htpasswd) for read/write authorization
  - --private-repos for per-user URL isolation
  - --append-only for client-side delete protection
  - LUKS / disk-level for at-rest encryption (operator's responsibility)

Verified end-to-end on john: pull → push → restore round-trip works,
DELETE on bogus snapshot still returns 403 (append-only intact),
operator can read repo via filesystem path (prune-mode access works).

33 pytest still green.
2026-06-04 22:23:40 +02:00

57 lines
1.7 KiB
Python
Raw Blame History

"""restic repo URL builder + env tests."""
from __future__ import annotations
import pytest
from cloud_sync.sync import _restic_env, _restic_repo
def test_basic_http_url():
repo = _restic_repo("http://cloud.tm.center", "12345", "secretpw")
assert repo == "rest:http://12345:secretpw@cloud.tm.center/12345/"
def test_https_url():
repo = _restic_repo("https://cloud.tm.center", "12345", "pw")
assert repo == "rest:https://12345:pw@cloud.tm.center/12345/"
def test_trailing_slash_stripped():
repo = _restic_repo("https://cloud.tm.center/", "12345", "pw")
assert repo == "rest:https://12345:pw@cloud.tm.center/12345/"
def test_url_with_port():
repo = _restic_repo("http://127.0.0.1:8002", "alice", "pw")
assert repo == "rest:http://alice:pw@127.0.0.1:8002/alice/"
def test_rest_prefix_stripped_if_supplied():
repo = _restic_repo("rest:http://x.test", "u", "p")
assert repo == "rest:http://u:p@x.test/u/"
def test_password_with_special_chars_encoded():
repo = _restic_repo("http://x.test", "u", "p@ss/word?!&")
# URL-encoded form of "p@ss/word?!&"
assert "p%40ss%2Fword%3F%21%26@x.test" in repo
def test_user_with_special_chars_encoded():
repo = _restic_repo("http://x.test", "u/with@chars", "pw")
assert "u%2Fwith%40chars" in repo
def test_missing_scheme_rejected():
with pytest.raises(ValueError):
_restic_repo("cloud.tm.center", "u", "p")
def test_env_does_not_contain_password():
"""Repos use --insecure-no-password; RESTIC_PASSWORD must NOT appear in env
or it would silently switch repos into encrypted mode."""
env = _restic_env()
assert "RESTIC_PASSWORD" not in env
assert env["RESTIC_PROGRESS_FPS"] == "0"
Reference in New Issue View Git Blame Copy Permalink