steve/restic-manager
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases 1 Wiki Activity

P3 sweep fixes: snap-row CSS, tree expand, --no-ownership drop, target path

Browse Source 
Bug fixes from the Playwright sweep against the live smoke server:

1. Snapshot-picker layout. The .snap-row class was used in the wireframe
   but never landed in web/styles/input.css; rows rendered as vertical
   blocks instead of a 6-column grid. Added the token (mirrors host-row
   shape with restore-specific column widths).

2. Tree expansion. hx-target='closest .tree-row + .tree-children' isn't
   a valid HTMX selector — modifiers don't chain. Replaced HTMX-driven
   expansion with a small window.__rmTreeToggle helper that uses plain
   fetch + .tree-pair wrapper structure for trivial sibling lookup.
   Caches loaded state per node.

3. --no-ownership flag dropped. Restic 0.17 introduced --no-ownership;
   0.16 rejects it ('unknown flag') before doing any work. Since the
   agent runs as root in the systemd unit, restored files keep their
   original uid/gid either way and the parent dir is root-owned, so
   the 'cp without sudo' rationale doesn't hold. Drop the flag entirely.

4. Default target dir moved to /var/lib/restic-manager/restore. The
   systemd unit pins ReadWritePaths to /etc/restic-manager +
   /var/lib/restic-manager (with ProtectSystem=strict making the rest
   of /var read-only); writes to /var/restic-restore failed with
   'read-only file system'.

5. Confirm summary HTML escaping. defaultTarget JS literal evaluates
   to a string with literal angle brackets; insertion into innerHTML
   must escape them. Added an inline HTML-escape pass.

tasks.md ticked for the Restore sub-phase with a sweep summary
covering the live end-to-end test.
This commit is contained in:
Steve Cliff
2026-05-04 15:57:42 +01:00
parent c417b5e9ab
commit 65a0134101
9 changed files with 133 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/restic/restore.go
+9 -3
View File
@@ -65,9 +65,15 @@ func (e Env) RunRestore(ctx context.Context, snapshotID string, paths []string,
target = "/"
}
args = append(args, "--target", target)
if !inPlace {
args = append(args, "--no-ownership")
}
// NOTE: restic added --no-ownership in 0.17. Older versions reject
// the flag with "unknown flag: --no-ownership" before doing any
// work. Since the agent runs as root in the systemd unit, files
// land under /var/restic-restore with their original uid/gid
// either way — the original "cp without sudo" rationale doesn't
// hold (operators copying from /var/restic-restore need sudo
// regardless because the parent dir is root-owned). Drop the flag
// entirely until we drop 0.16 support; revisit if a non-root
// agent deployment requirement comes back.
for _, p := range paths {
args = append(args, "--include", p)
}