Add custom types, version command, and restore --verify flag

- Add internal/types package with type-safe wrappers for IDs, hashes, paths, and credentials (FileID, BlobID, ChunkHash, etc.) - Implement driver.Valuer and sql.Scanner for UUID-based types - Add `vaultik version` command showing version, commit, go version - Add `--verify` flag to restore command that checksums all restored files against expected chunk hashes with progress bar - Remove fetch.go (dead code, functionality in restore) - Clean up TODO.md, remove completed items - Update all database and snapshot code to use new custom types
2026-01-14 17:11:52 -08:00
parent 2afd54d693
commit 417b25a5f5
53 changed files with 2330 additions and 1581 deletions
--- a/internal/cli/entry_test.go
+++ b/internal/cli/entry_test.go
@@ -18,7 +18,7 @@ func TestCLIEntry(t *testing.T) {
 	}

 	// Verify all subcommands are registered
-	expectedCommands := []string{"snapshot", "store", "restore", "prune", "verify", "fetch"}
+	expectedCommands := []string{"snapshot", "store", "restore", "prune", "verify", "info", "version"}
 	for _, expected := range expectedCommands {
 		found := false
 		for _, cmd := range cmd.Commands() {
--- a/internal/cli/fetch.go
+++ b/internal/cli/fetch.go
@@ -1,138 +0,0 @@
-package cli
-
-import (
-	"context"
-	"fmt"
-
-	"git.eeqj.de/sneak/vaultik/internal/config"
-	"git.eeqj.de/sneak/vaultik/internal/database"
-	"git.eeqj.de/sneak/vaultik/internal/globals"
-	"git.eeqj.de/sneak/vaultik/internal/log"
-	"git.eeqj.de/sneak/vaultik/internal/snapshot"
-	"git.eeqj.de/sneak/vaultik/internal/storage"
-	"github.com/spf13/cobra"
-	"go.uber.org/fx"
-)
-
-// FetchOptions contains options for the fetch command
-type FetchOptions struct {
-}
-
-// FetchApp contains all dependencies needed for fetch
-type FetchApp struct {
-	Globals      *globals.Globals
-	Config       *config.Config
-	Repositories *database.Repositories
-	Storage      storage.Storer
-	DB           *database.DB
-	Shutdowner   fx.Shutdowner
-}
-
-// NewFetchCommand creates the fetch command
-func NewFetchCommand() *cobra.Command {
-	opts := &FetchOptions{}
-
-	cmd := &cobra.Command{
-		Use:   "fetch <snapshot-id> <file-path> <target-path>",
-		Short: "Extract single file from backup",
-		Long: `Download and decrypt a single file from a backup snapshot.
-
-This command extracts a specific file from the snapshot and saves it to the target path.
-The age_secret_key must be configured in the config file for decryption.`,
-		Args: cobra.ExactArgs(3),
-		RunE: func(cmd *cobra.Command, args []string) error {
-			snapshotID := args[0]
-			filePath := args[1]
-			targetPath := args[2]
-
-			// Use unified config resolution
-			configPath, err := ResolveConfigPath()
-			if err != nil {
-				return err
-			}
-
-			// Use the app framework like other commands
-			rootFlags := GetRootFlags()
-			return RunWithApp(cmd.Context(), AppOptions{
-				ConfigPath: configPath,
-				LogOptions: log.LogOptions{
-					Verbose: rootFlags.Verbose,
-					Debug:   rootFlags.Debug,
-				},
-				Modules: []fx.Option{
-					snapshot.Module,
-					fx.Provide(fx.Annotate(
-						func(g *globals.Globals, cfg *config.Config, repos *database.Repositories,
-							storer storage.Storer, db *database.DB, shutdowner fx.Shutdowner) *FetchApp {
-							return &FetchApp{
-								Globals:      g,
-								Config:       cfg,
-								Repositories: repos,
-								Storage:      storer,
-								DB:           db,
-								Shutdowner:   shutdowner,
-							}
-						},
-					)),
-				},
-				Invokes: []fx.Option{
-					fx.Invoke(func(app *FetchApp, lc fx.Lifecycle) {
-						lc.Append(fx.Hook{
-							OnStart: func(ctx context.Context) error {
-								// Start the fetch operation in a goroutine
-								go func() {
-									// Run the fetch operation
-									if err := app.runFetch(ctx, snapshotID, filePath, targetPath, opts); err != nil {
-										if err != context.Canceled {
-											log.Error("Fetch operation failed", "error", err)
-										}
-									}
-
-									// Shutdown the app when fetch completes
-									if err := app.Shutdowner.Shutdown(); err != nil {
-										log.Error("Failed to shutdown", "error", err)
-									}
-								}()
-								return nil
-							},
-							OnStop: func(ctx context.Context) error {
-								log.Debug("Stopping fetch operation")
-								return nil
-							},
-						})
-					}),
-				},
-			})
-		},
-	}
-
-	return cmd
-}
-
-// runFetch executes the fetch operation
-func (app *FetchApp) runFetch(ctx context.Context, snapshotID, filePath, targetPath string, opts *FetchOptions) error {
-	// Check for age_secret_key
-	if app.Config.AgeSecretKey == "" {
-		return fmt.Errorf("age_secret_key missing from config - required for fetch")
-	}
-
-	log.Info("Starting fetch operation",
-		"snapshot_id", snapshotID,
-		"file_path", filePath,
-		"target_path", targetPath,
-		"bucket", app.Config.S3.Bucket,
-		"prefix", app.Config.S3.Prefix,
-	)
-
-	// TODO: Implement fetch logic
-	// 1. Download and decrypt database from S3
-	// 2. Find the file metadata and chunk list
-	// 3. Download and decrypt only the necessary blobs
-	// 4. Reconstruct the file from chunks
-	// 5. Write file to target path with proper metadata
-
-	fmt.Printf("Fetching %s from snapshot %s to %s\n", filePath, snapshotID, targetPath)
-	fmt.Println("TODO: Implement fetch logic")
-
-	return nil
-}
--- a/internal/cli/restore.go
+++ b/internal/cli/restore.go
@@ -2,13 +2,12 @@ package cli

 import (
 	"context"
-	"fmt"

 	"git.eeqj.de/sneak/vaultik/internal/config"
-	"git.eeqj.de/sneak/vaultik/internal/database"
 	"git.eeqj.de/sneak/vaultik/internal/globals"
 	"git.eeqj.de/sneak/vaultik/internal/log"
 	"git.eeqj.de/sneak/vaultik/internal/storage"
+	"git.eeqj.de/sneak/vaultik/internal/vaultik"
 	"github.com/spf13/cobra"
 	"go.uber.org/fx"
 )
@@ -16,16 +15,17 @@ import (
 // RestoreOptions contains options for the restore command
 type RestoreOptions struct {
 	TargetDir string
+	Paths     []string // Optional paths to restore (empty = all)
+	Verify    bool     // Verify restored files after restore
 }

 // RestoreApp contains all dependencies needed for restore
 type RestoreApp struct {
-	Globals      *globals.Globals
-	Config       *config.Config
-	Repositories *database.Repositories
-	Storage      storage.Storer
-	DB           *database.DB
-	Shutdowner   fx.Shutdowner
+	Globals    *globals.Globals
+	Config     *config.Config
+	Storage    storage.Storer
+	Vaultik    *vaultik.Vaultik
+	Shutdowner fx.Shutdowner
 }

 // NewRestoreCommand creates the restore command
@@ -33,16 +33,35 @@ func NewRestoreCommand() *cobra.Command {
 	opts := &RestoreOptions{}

 	cmd := &cobra.Command{
-		Use:   "restore <snapshot-id> <target-dir>",
+		Use:   "restore <snapshot-id> <target-dir> [paths...]",
 		Short: "Restore files from backup",
 		Long: `Download and decrypt files from a backup snapshot.

-This command will restore all files from the specified snapshot to the target directory.
-The age_secret_key must be configured in the config file for decryption.`,
-		Args: cobra.ExactArgs(2),
+This command will restore files from the specified snapshot to the target directory.
+If no paths are specified, all files are restored.
+If paths are specified, only matching files/directories are restored.
+
+Requires the VAULTIK_AGE_SECRET_KEY environment variable to be set with the age private key.
+
+Examples:
+  # Restore entire snapshot
+  vaultik restore myhost_docs_2025-01-01T12:00:00Z /restore
+
+  # Restore specific file
+  vaultik restore myhost_docs_2025-01-01T12:00:00Z /restore /home/user/important.txt
+
+  # Restore specific directory
+  vaultik restore myhost_docs_2025-01-01T12:00:00Z /restore /home/user/documents/
+
+  # Restore and verify all files
+  vaultik restore --verify myhost_docs_2025-01-01T12:00:00Z /restore`,
+		Args: cobra.MinimumNArgs(2),
 		RunE: func(cmd *cobra.Command, args []string) error {
 			snapshotID := args[0]
 			opts.TargetDir = args[1]
+			if len(args) > 2 {
+				opts.Paths = args[2:]
+			}

 			// Use unified config resolution
 			configPath, err := ResolveConfigPath()
@@ -60,15 +79,14 @@ The age_secret_key must be configured in the config file for decryption.`,
 				},
 				Modules: []fx.Option{
 					fx.Provide(fx.Annotate(
-						func(g *globals.Globals, cfg *config.Config, repos *database.Repositories,
-							storer storage.Storer, db *database.DB, shutdowner fx.Shutdowner) *RestoreApp {
+						func(g *globals.Globals, cfg *config.Config,
+							storer storage.Storer, v *vaultik.Vaultik, shutdowner fx.Shutdowner) *RestoreApp {
 							return &RestoreApp{
-								Globals:      g,
-								Config:       cfg,
-								Repositories: repos,
-								Storage:      storer,
-								DB:           db,
-								Shutdowner:   shutdowner,
+								Globals:    g,
+								Config:     cfg,
+								Storage:    storer,
+								Vaultik:    v,
+								Shutdowner: shutdowner,
 							}
 						},
 					)),
@@ -80,7 +98,13 @@ The age_secret_key must be configured in the config file for decryption.`,
 								// Start the restore operation in a goroutine
 								go func() {
 									// Run the restore operation
-									if err := app.runRestore(ctx, snapshotID, opts); err != nil {
+									restoreOpts := &vaultik.RestoreOptions{
+										SnapshotID: snapshotID,
+										TargetDir:  opts.TargetDir,
+										Paths:      opts.Paths,
+										Verify:     opts.Verify,
+									}
+									if err := app.Vaultik.Restore(restoreOpts); err != nil {
 										if err != context.Canceled {
 											log.Error("Restore operation failed", "error", err)
 										}
@@ -95,6 +119,7 @@ The age_secret_key must be configured in the config file for decryption.`,
 							},
 							OnStop: func(ctx context.Context) error {
 								log.Debug("Stopping restore operation")
+								app.Vaultik.Cancel()
 								return nil
 							},
 						})
@@ -104,31 +129,7 @@ The age_secret_key must be configured in the config file for decryption.`,
 		},
 	}

+	cmd.Flags().BoolVar(&opts.Verify, "verify", false, "Verify restored files by checking chunk hashes")
+
 	return cmd
 }
-
-// runRestore executes the restore operation
-func (app *RestoreApp) runRestore(ctx context.Context, snapshotID string, opts *RestoreOptions) error {
-	// Check for age_secret_key
-	if app.Config.AgeSecretKey == "" {
-		return fmt.Errorf("age_secret_key required for restore - set in config file or VAULTIK_AGE_SECRET_KEY environment variable")
-	}
-
-	log.Info("Starting restore operation",
-		"snapshot_id", snapshotID,
-		"target_dir", opts.TargetDir,
-		"bucket", app.Config.S3.Bucket,
-		"prefix", app.Config.S3.Prefix,
-	)
-
-	// TODO: Implement restore logic
-	// 1. Download and decrypt database from S3
-	// 2. Download and decrypt blobs
-	// 3. Reconstruct files from chunks
-	// 4. Write files to target directory with proper metadata
-
-	fmt.Printf("Restoring snapshot %s to %s\n", snapshotID, opts.TargetDir)
-	fmt.Println("TODO: Implement restore logic")
-
-	return nil
-}
--- a/internal/cli/root.go
+++ b/internal/cli/root.go
@@ -40,10 +40,10 @@ on the source system.`,
 		NewRestoreCommand(),
 		NewPruneCommand(),
 		NewVerifyCommand(),
-		NewFetchCommand(),
 		NewStoreCommand(),
 		NewSnapshotCommand(),
 		NewInfoCommand(),
+		NewVersionCommand(),
 	)

 	return cmd
--- a/internal/cli/snapshot.go
+++ b/internal/cli/snapshot.go
@@ -35,14 +35,19 @@ func newSnapshotCreateCommand() *cobra.Command {
 	opts := &vaultik.SnapshotCreateOptions{}

 	cmd := &cobra.Command{
-		Use:   "create",
-		Short: "Create a new snapshot",
-		Long: `Creates a new snapshot of the configured directories.
+		Use:   "create [snapshot-names...]",
+		Short: "Create new snapshots",
+		Long: `Creates new snapshots of the configured directories.

-Config is located at /etc/vaultik/config.yml by default, but can be overridden by 
+If snapshot names are provided, only those snapshots are created.
+If no names are provided, all configured snapshots are created.
+
+Config is located at /etc/vaultik/config.yml by default, but can be overridden by
 specifying a path using --config or by setting VAULTIK_CONFIG to a path.`,
-		Args: cobra.NoArgs,
+		Args: cobra.ArbitraryArgs,
 		RunE: func(cmd *cobra.Command, args []string) error {
+			// Pass snapshot names from args
+			opts.Snapshots = args
 			// Use unified config resolution
 			configPath, err := ResolveConfigPath()
 			if err != nil {
@@ -95,6 +100,7 @@ specifying a path using --config or by setting VAULTIK_CONFIG to a path.`,
 	cmd.Flags().BoolVar(&opts.Daemon, "daemon", false, "Run in daemon mode with inotify monitoring")
 	cmd.Flags().BoolVar(&opts.Cron, "cron", false, "Run in cron mode (silent unless error)")
 	cmd.Flags().BoolVar(&opts.Prune, "prune", false, "Delete all previous snapshots and unreferenced blobs after backup")
+	cmd.Flags().BoolVar(&opts.SkipErrors, "skip-errors", false, "Skip file read errors (log them loudly but continue)")

 	return cmd
 }
--- a/internal/cli/version.go
+++ b/internal/cli/version.go
@@ -0,0 +1,27 @@
+package cli
+
+import (
+	"fmt"
+	"runtime"
+
+	"git.eeqj.de/sneak/vaultik/internal/globals"
+	"github.com/spf13/cobra"
+)
+
+// NewVersionCommand creates the version command
+func NewVersionCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "version",
+		Short: "Print version information",
+		Long:  `Print version, git commit, and build information for vaultik.`,
+		Args:  cobra.NoArgs,
+		Run: func(cmd *cobra.Command, args []string) {
+			fmt.Printf("vaultik %s\n", globals.Version)
+			fmt.Printf("  commit:  %s\n", globals.Commit)
+			fmt.Printf("  go:      %s\n", runtime.Version())
+			fmt.Printf("  os/arch: %s/%s\n", runtime.GOOS, runtime.GOARCH)
+		},
+	}
+
+	return cmd
+}