RubyGems - ruborg - Versions diffs - 0.4.0 → 0.5.0 - Mend

ruborg 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 263e32d62c24714f299a20218bc96733cf6f13cffa0e0d844ef5b37c5470dbdf
-  data.tar.gz: f020b2b5714fd3c02d9372414de7494e7beb637d5312bcf34f05e2be5bf1ecd1
+  metadata.gz: 1233e04a2f95e8e8aadb9ad97d043b2d9b52c446821ff89495073a6a8762b6cc
+  data.tar.gz: ee3fd1ae2256299120d7f78aac3243c2de44f8f3c072c4c29dd44cb761caf769
 SHA512:
-  metadata.gz: 1ad51dcadf03ca1958ff6ecd10b24846d6e501219dd59637280eaf6d37a2d6b6a505ff0bbb9401d5f7ebfd361c24a3e1c3b09bc71f40bf788c6581da2a98832a
-  data.tar.gz: 5679385c1369eb161235c998dd69526a3bc27dca1cfc13acc22bd0602184f15438c042542495300b1752eb8ce810dfbc467bfe83d10b492641063e84381f3881
+  metadata.gz: 59d6ad7e5797cbbd964390d0425bf1392695c24f938a40978ddea371552da84604bf0a8eb189b207318ed68dba966311d45659f2b6abd3a59711f766465a5b36
+  data.tar.gz: 6c77a312c9b820dd22d7f0396dbb24fac70da4654023c89eebc94c962d367b963a448a923ce23574862276452c441e3ebd723601fd58a2634e3337d402a9c066

data/CHANGELOG.md CHANGED Viewed

@@ -7,6 +7,21 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
+## [0.5.0] - 2025-10-08
+### Added
+- **Hostname Validation**: Optional `hostname` configuration key to restrict backup operations to specific hosts
+  - Can be configured globally or per-repository
+  - Repository-specific hostname overrides global setting
+  - Validates system hostname before backup, list, restore, check operations
+  - Prevents accidental execution of backups on wrong machines
+  - Displayed in `info` command output
+- Comprehensive test coverage for hostname validation (6 new test cases)
+- Documentation for hostname feature in example config and README
+### Changed
+- `info` command now displays hostname when configured (global or per-repository)
 ## [0.4.0] - 2025-10-06
 ### Added

data/README.md CHANGED Viewed

@@ -24,7 +24,8 @@ e- ⏰ **Retention Policies** - Configure backup retention (hourly, daily, weekl
 - 📋 **Repository Descriptions** - Document each repository's purpose
 - 📈 **Summary View** - Quick overview of all repositories and their configurations
 - 🔧 **Custom Borg Path** - Support for custom Borg executable paths per repository
-- ✅ **Well-tested** - Comprehensive test suite with RSpec (147 tests)
+- 🏠 **Hostname Validation** - NEW! Restrict backups to specific hosts (global or per-repository)
+- ✅ **Well-tested** - Comprehensive test suite with RSpec (153 tests)
 - 🔒 **Security-focused** - Path validation, safe YAML loading, command injection protection
 ## Prerequisites
@@ -127,6 +128,7 @@ repositories:
   - name: databases
     description: "MySQL and PostgreSQL database dumps"
     path: /mnt/backup/databases
+    hostname: dbserver.local  # Optional: repository-specific hostname override
     # Repository-specific passbolt (overrides global)
     passbolt:
       resource_id: "db-specific-passbolt-id"
@@ -161,8 +163,9 @@ repositories:
 **Configuration Features:**
 - **Descriptions**: Add `description` field to document each repository's purpose
-- **Global Settings**: Compression, encryption, auto_init, log_file, borg_path, borg_options, and retention apply to all repositories
-- **Per-Repository Overrides**: Any global setting can be overridden at the repository level (including custom borg_path per repository)
+- **Hostname Validation**: Optional `hostname` field to restrict backups to specific hosts (global or per-repository)
+- **Global Settings**: Hostname, compression, encryption, auto_init, log_file, borg_path, borg_options, and retention apply to all repositories
+- **Per-Repository Overrides**: Any global setting can be overridden at the repository level (including hostname and custom borg_path)
 - **Custom Borg Path**: Specify a custom Borg executable path if borg is not in PATH or to use a specific version
 - **Retention Policies**: Define how many backups to keep (hourly, daily, weekly, monthly, yearly)
 - **Multiple Sources**: Each repository can have multiple backup sources with their own exclude patterns
@@ -338,6 +341,70 @@ repositories:
 When enabled, ruborg will automatically run `borg init` if the repository doesn't exist when you run `backup`, `list`, or `info` commands. The passphrase will be retrieved from Passbolt if configured.
+## Hostname Validation
+Restrict backup operations to specific hosts using the optional `hostname` configuration key. This prevents accidental execution of backups on the wrong machine.
+### Global Hostname
+Apply hostname restriction to all repositories:
+```yaml
+# Global hostname - applies to all repositories
+hostname: myserver.local
+repositories:
+  - name: documents
+    path: /mnt/backup/documents
+    sources:
+      - name: main
+        paths:
+          - /home/user/documents
+```
+### Per-Repository Hostname
+Override global hostname for specific repositories:
+```yaml
+# Global hostname for most repositories
+hostname: mainserver.local
+repositories:
+  # Uses global hostname (mainserver.local)
+  - name: documents
+    path: /mnt/backup/documents
+    sources:
+      - name: main
+        paths:
+          - /home/user/documents
+  # Override with repository-specific hostname
+  - name: databases
+    hostname: dbserver.local  # Only runs on dbserver.local
+    path: /mnt/backup/databases
+    sources:
+      - name: mysql
+        paths:
+          - /var/lib/mysql/dumps
+```
+**How it works:**
+- Before backup, list, restore, or check operations, Ruborg validates the system hostname
+- If configured hostname doesn't match the current hostname, the operation fails with an error
+- Repository-specific hostname takes precedence over global hostname
+- If no hostname is configured, validation is skipped
+**Example error:**
+```
+Error: Hostname mismatch: configuration is for 'dbserver.local' but current hostname is 'mainserver.local'
+```
+**Use cases:**
+- **Multi-server environments**: Different servers backup to different repositories
+- **Development vs Production**: Prevent production config from running on dev machines
+- **Safety**: Avoid accidentally running wrong backups on shared configuration files
 ## Security Configuration
 Ruborg provides configurable security options via `borg_options`:

data/lib/ruborg/cli.rb CHANGED Viewed

@@ -54,6 +54,7 @@ module Ruborg
     def backup
       @logger.info("Starting backup operation with config: #{options[:config]}")
       config = Config.new(options[:config])
+      validate_hostname(config.global_settings)
       backup_repositories(config)
     rescue Error => e
       @logger.error("Backup failed: #{e.message}")
@@ -72,6 +73,7 @@ module Ruborg
       global_settings = config.global_settings
       merged_config = global_settings.merge(repo_config)
+      validate_hostname(merged_config)
       passphrase = fetch_passphrase_for_repo(merged_config)
       borg_opts = merged_config["borg_options"] || {}
       borg_path = merged_config["borg_path"]
@@ -108,6 +110,7 @@ module Ruborg
       global_settings = config.global_settings
       merged_config = global_settings.merge(repo_config)
+      validate_hostname(merged_config)
       passphrase = fetch_passphrase_for_repo(merged_config)
       borg_opts = merged_config["borg_options"] || {}
       borg_path = merged_config["borg_path"]
@@ -175,6 +178,7 @@ module Ruborg
       @logger.info("Checking repository compatibility")
       config = Config.new(options[:config])
       global_settings = config.global_settings
+      validate_hostname(global_settings)
       # Show Borg version first
       borg_version = Repository.borg_version
@@ -207,6 +211,7 @@ module Ruborg
       @logger.info("Checking repository: #{repo_name}")
       merged_config = global_settings.merge(repo_config)
+      validate_hostname(merged_config)
       passphrase = fetch_passphrase_for_repo(merged_config)
       borg_opts = merged_config["borg_options"] || {}
       borg_path = merged_config["borg_path"]
@@ -267,6 +272,7 @@ module Ruborg
       # Show global settings
       puts "Global Settings:"
+      puts "  Hostname:       #{global_settings["hostname"]}" if global_settings["hostname"]
       puts "  Compression:    #{global_settings["compression"] || "lz4 (default)"}"
       puts "  Encryption:     #{global_settings["encryption"] || "repokey (default)"}"
       puts "  Auto-init:      #{global_settings["auto_init"] || false}"
@@ -284,6 +290,7 @@ module Ruborg
         puts "   Description: #{repo["description"]}" if repo["description"]
         # Show repo-specific overrides
+        puts "   Hostname:    #{repo["hostname"]}" if repo["hostname"]
         puts "   Compression: #{repo["compression"]}" if repo["compression"]
         puts "   Encryption:  #{repo["encryption"]}" if repo["encryption"]
         puts "   Auto-init:   #{repo["auto_init"]}" unless repo["auto_init"].nil?
@@ -389,6 +396,7 @@ module Ruborg
       # Merge global settings with repo-specific settings (repo-specific takes precedence)
       merged_config = global_settings.merge(repo_config)
+      validate_hostname(merged_config)
       passphrase = fetch_passphrase_for_repo(merged_config)
       borg_opts = merged_config["borg_options"] || {}
@@ -460,6 +468,18 @@ module Ruborg
       name.gsub(/[^a-zA-Z0-9._-]/, "_")
     end
+    def validate_hostname(config)
+      configured_hostname = config["hostname"]
+      return if configured_hostname.nil? || configured_hostname.empty?
+      current_hostname = `hostname`.strip
+      return if current_hostname == configured_hostname
+      raise ConfigError,
+            "Hostname mismatch: configuration is for '#{configured_hostname}' " \
+            "but current hostname is '#{current_hostname}'"
+    end
     # Wrapper class to adapt repository config to existing Backup class
     class BackupConfig
       def initialize(repo_config, merged_settings)

data/lib/ruborg/config.rb CHANGED Viewed

@@ -39,7 +39,7 @@ module Ruborg
     def global_settings
       @data.slice("passbolt", "compression", "encryption", "auto_init", "borg_options", "log_file", "retention",
-                  "auto_prune")
+                  "auto_prune", "hostname")
     end
     private

data/lib/ruborg/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Ruborg
-  VERSION = "0.4.0"
+  VERSION = "0.5.0"
 end

data/ruborg.yml.example CHANGED Viewed

@@ -6,6 +6,7 @@
 #   # Edit ruborg.yml with your settings
 # Global settings (applied to all repositories unless overridden)
+hostname: myserver.local  # Optional: restrict configuration to specific hostname
 compression: lz4          # Options: lz4 (fast), zstd (balanced), lzma (high compression), none
 encryption: repokey       # Options: repokey, keyfile, none (NOT recommended)
 auto_init: true           # Automatically initialize repositories on first use
@@ -65,6 +66,7 @@ repositories:
   - name: databases
     description: "MySQL and PostgreSQL database dumps"
     path: /mnt/backup/borg-databases
+    hostname: dbserver.local  # Optional: repository-specific hostname override
     retention_mode: per_file  # Each file gets its own archive
     # Repository-specific passbolt (overrides global)
     passbolt:

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruborg
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Michail Pantelelis