ferrumboll/shoggoth
1
0
Fork 0
Code Issues Pull requests 4 Projects Releases Packages Wiki Activity Actions

Fix Forgejo backup verification wrapper #9

Open
ferrumboll wants to merge 1 commit from ferrumboll/fix-forgejo-backup-verify into master
pull from: ferrumboll/fix-forgejo-backup-verify
merge into: ferrumboll:master
Conversation 0 Commits 1 Files changed 1 +35 -4
ferrumboll commented 2026-06-22 09:19:52 +00:00
Owner
Copy link

Summary

  • Add a restic-forgejo wrapper that sources the Clan-generated restic env file at runtime.
  • Use that wrapper in forgejo-backup-verify and forgejo-backup-recover so verification/recovery commands can access the same repository/password environment as the configured restic backup.

Security impact

  • Criticality: Medium
  • Risk addressed: backup verification/recovery could fail operationally even when backup creation is configured, reducing confidence in Forgejo restore readiness.

Verification

  • nix develop --command nix fmt
  • nix develop --command nix build .#nixosConfigurations.app-server-1.config.system.build.toplevel --no-link

Notes

  • No deploy or secret rotation performed.
## Summary - Add a `restic-forgejo` wrapper that sources the Clan-generated restic env file at runtime. - Use that wrapper in `forgejo-backup-verify` and `forgejo-backup-recover` so verification/recovery commands can access the same repository/password environment as the configured restic backup. ## Security impact - Criticality: Medium - Risk addressed: backup verification/recovery could fail operationally even when backup creation is configured, reducing confidence in Forgejo restore readiness. ## Verification - [x] `nix develop --command nix fmt` - [x] `nix develop --command nix build .#nixosConfigurations.app-server-1.config.system.build.toplevel --no-link` ## Notes - No deploy or secret rotation performed.
This pull request can be merged automatically.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin ferrumboll/fix-forgejo-backup-verify:ferrumboll/fix-forgejo-backup-verify
git switch ferrumboll/fix-forgejo-backup-verify

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch master
git merge --no-ff ferrumboll/fix-forgejo-backup-verify
git switch ferrumboll/fix-forgejo-backup-verify
git rebase master
git switch master
git merge --ff-only ferrumboll/fix-forgejo-backup-verify
git switch ferrumboll/fix-forgejo-backup-verify
git rebase master
git switch master
git merge --no-ff ferrumboll/fix-forgejo-backup-verify
git switch master
git merge --squash ferrumboll/fix-forgejo-backup-verify
git switch master
git merge --ff-only ferrumboll/fix-forgejo-backup-verify
git switch master
git merge ferrumboll/fix-forgejo-backup-verify
git push origin master
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
ferrumboll/shoggoth!9
No description provided.