bundles: use metastack syntax for metadata.get()

2021-02-18 18:12:25 +01:00 · 2021-02-18 18:12:25 +01:00 · b06532241b
commit b06532241b
parent 4be912ac31
38 changed files with 58 additions and 58 deletions
--- a/bundles/apt/items.py
+++ b/bundles/apt/items.py
@ -31,7 +31,7 @@ files = {
        'content_type': 'mako',
        'mode': '0700',
        'context': {
-            'data': node.metadata.get('apt', {}).get('unattended-upgrades', {}),
+            'data': node.metadata.get('apt/unattended-upgrades', {}),
        }
    },
    '/etc/cloud': {
@ -132,7 +132,7 @@ pkg_apt = {
 }
-for name, data in node.metadata.get('apt', {}).get('repos', {}).items():
+for name, data in node.metadata.get('apt/repos', {}).items():
    files['/etc/apt/sources.list.d/{}.list'.format(name)] = {
        'content_type': 'mako',
        'content': ("\n".join(sorted(data['items']))).format(
@ -156,6 +156,6 @@ for name, data in node.metadata.get('apt', {}).get('repos', {}).items():
            },
        }
-if node.metadata.get('apt', {}).get('packages', {}):
+if node.metadata.get('apt/packages', {}):
    for package, options in node.metadata['apt']['packages'].items():
        pkg_apt[package] = options
--- a/bundles/backup-client/items.py
+++ b/bundles/backup-client/items.py
@ -1,6 +1,6 @@
 from os.path import join
-if node.metadata['backups'].get('exclude_from_backups', False):
+if node.metadata.get('backups/exclude_from_backups', False):
    files['/etc/backup.priv'] = {
        'delete': True,
    }
@ -17,7 +17,7 @@ else:
            'username': node.metadata['backup-client']['user-name'],
            'server': server,
            'port': port,
-            'paths': node.metadata.get('backups', {}).get('paths', {}),
+            'paths': node.metadata.get('backups/paths', {}),
        },
        'mode': '0700',
    }
@ -34,7 +34,7 @@ directories['/etc/backup-pre-hooks.d'] = {
    'purge': True,
 }
-for hname, hcontent in node.metadata['backup-client'].get('pre-hooks', {}).items():
+for hname, hcontent in node.metadata.get('backup-client/pre-hooks', {}).items():
    files[f'/etc/backup-pre-hooks.d/50-{hname}'] = {
        'content': '#!/bin/sh\n\n' + hcontent,
        'mode': '0700',
--- a/bundles/backup-server/items.py
+++ b/bundles/backup-server/items.py
@ -2,7 +2,7 @@ assert node.has_bundle('zfs')
 from os.path import join
-for nodename, config in node.metadata.get('backup-server', {}).get('clients', {}).items():
+for nodename, config in node.metadata.get('backup-server/clients', {}).items():
    with open(join(repo.path, 'data', 'backup', 'keys', f'{nodename}.pub'), 'r') as f:
        pubkey = f.read().strip()
--- a/bundles/basic/files/hosts
+++ b/bundles/basic/files/hosts
@ -7,6 +7,6 @@ ff02::1     ip6-allnodes
 ff02::2     ip6-allrouters
 ff02::3     ip6-allhosts
-% for ip, entries in sorted(node.metadata.get('hosts', {}).get('entries', {}).items()):
+% for ip, entries in sorted(node.metadata.get('hosts/entries', {}).items()):
 ${ip}       ${' '.join(sorted(entries))}
 % endfor
--- a/bundles/c3voc-addons/items.py
+++ b/bundles/c3voc-addons/items.py
@ -27,7 +27,7 @@ pkg_apt = {
    'wget': {},
 }
-if node.metadata.get('apt', {}).get('packages', {}):
+if node.metadata.get('apt/packages', {}):
    for package, options in node.metadata['apt']['packages'].items():
        pkg_apt[package] = options
@ -62,7 +62,7 @@ files = {
        'content_type': 'mako',
        'mode': '0700',
        'context': {
-            'data': node.metadata.get('apt', {}).get('unattended-upgrades', {}),
+            'data': node.metadata.get('apt/unattended-upgrades', {}),
        }
    },
 }
@ -76,7 +76,7 @@ for crontab, content in node.metadata.get('cron', {}).items():
        }
    }
-for vhost, config in node.metadata.get('nginx', {}).get('vhosts', {}).items():
+for vhost, config in node.metadata.get('nginx/vhosts', {}).items():
    if not 'domain' in config:
        config['domain'] = vhost
--- a/bundles/icinga2/files/icinga2/api-users.conf
+++ b/bundles/icinga2/files/icinga2/api-users.conf
@ -1,4 +1,4 @@
-% for user, config in sorted(node.metadata.get('icinga2', {}).get('api_users', {}).items()):
+% for user, config in sorted(node.metadata.get('icinga2/api_users', {}).items()):
 object ApiUser "${user}" {
    password = "${config['password']}"
    permissions = [ "${'", "'.join(sorted(config['permissions']))}" ]
--- a/bundles/icinga2/files/icinga2/downtimes.conf
+++ b/bundles/icinga2/files/icinga2/downtimes.conf
@ -9,7 +9,7 @@ object ScheduledDowntime "unattended_upgrades" {
    fixed = true
    ranges = {
-        "${days[monitored_node.metadata.get('apt', {}).get('unattended_upgrades', {}).get('day', 5)]}" = "01:${monitored_node.magic_number%30}-01:${(monitored_node.magic_number%30)+30}"
+        "${days[monitored_node.metadata.get('apt/unattended_upgrades/day', 5)]}" = "01:${monitored_node.magic_number%30}-01:${(monitored_node.magic_number%30)+30}"
    }
    child_options = "DowntimeTriggeredChildren"
--- a/bundles/icinga2/files/icinga2/hosts.conf
+++ b/bundles/icinga2/files/icinga2/hosts.conf
@ -2,14 +2,14 @@
 object Host "${monitored_node.name}" {
    import "generic-host"
-    address = "${monitored_node.metadata.get('icinga_options', {}).get('hostname', monitored_node.hostname)}"
+    address = "${monitored_node.metadata.get('icinga_options/hostname', monitored_node.hostname)}"
    vars.os = "${monitored_node.os}"
    vars.sla = "${monitored_node.metadata.get('sla', '24x7')}"
    vars.period = "${sla_info[monitored_node.metadata.get('sla', '24x7')]}"
    vars.location = "${monitored_node.metadata.get('location', 'unknown')}"
    vars.bw_groups = [ "${'", "'.join(sorted({group.name for group in monitored_node.groups}))}" ]
-    vars.notification.sms = ${str(monitored_node.metadata.get('icinga_options', {}).get('vars.notification.sms', True)).lower()}
+    vars.notification.sms = ${str(monitored_node.metadata.get('icinga_options/vars.notification.sms', True)).lower()}
    vars.notification.mail = true
 }
 % endfor
--- a/bundles/icinga2/files/icinga2/users.conf
+++ b/bundles/icinga2/files/icinga2/users.conf
@ -2,7 +2,7 @@ object UserGroup "on-call_sms" {
    display_name = "On-Call Support (with SMS)"
 }
-% for username, config in sorted(node.metadata.get('icinga2', {}).get('icinga_users', {}).items()):
+% for username, config in sorted(node.metadata.get('icinga2/icinga_users', {}).items()):
 object User "${username}" {
    display_name = "${username}"
    enable_notifications = true
--- a/bundles/icinga2/items.py
+++ b/bundles/icinga2/items.py
@ -290,7 +290,7 @@ svc_systemd = {
 monitored_nodes = repo.nodes
 for n in monitored_nodes[:]:
-    if n.metadata.get('icinga_options', {}).get('exclude_from_monitoring', False):
+    if n.metadata.get('icinga_options/exclude_from_monitoring', False):
        monitored_nodes.remove(n)
 bundle_metadata = {}
--- a/bundles/iptables/files/iptables-enforce
+++ b/bundles/iptables/files/iptables-enforce
@ -1,6 +1,6 @@
 #!/bin/bash
-% if not node.metadata.get('iptables', {}).get('enabled', True):
+% if not node.metadata.get('iptables/enabled', True):
 exit 0
 % endif
--- a/bundles/iptables/items.py
+++ b/bundles/iptables/items.py
@ -28,7 +28,7 @@ files = {
    },
 }
-for bundle, rules in node.metadata.get('iptables', {}).get('bundle_rules', {}).items():
+for bundle, rules in node.metadata.get('iptables/bundle_rules', {}).items():
    files[f'/etc/iptables-rules.d/20-{bundle}'] = {
        # We must never use sorted() here. Bundles might rely on their order.
        'content': '\n'.join(rules) + '\n',
--- a/bundles/letsencrypt/files/domains.txt
+++ b/bundles/letsencrypt/files/domains.txt
@ -1,5 +1,5 @@
 ${node.metadata['hostname']}
-% for domain, aliases in sorted(node.metadata.get('letsencrypt', {}).get('domains', {}).items()):
+% for domain, aliases in sorted(node.metadata.get('letsencrypt/domains', {}).items()):
 ${domain} ${' '.join(sorted(aliases))}
 % endfor
--- a/bundles/letsencrypt/files/hook.sh
+++ b/bundles/letsencrypt/files/hook.sh
@ -1,6 +1,6 @@
 deploy_cert() {<%text>
    local DOMAIN="${1}" KEYFILE="${2}" CERTFILE="${3}" FULLCHAINFILE="${4}" CHAINFILE="${5}" TIMESTAMP="${6}"</%text>
-% for service, config in node.metadata.get('letsencrypt', {}).get('concat_and_deploy', {}).items():
+% for service, config in node.metadata.get('letsencrypt/concat_and_deploy', {}).items():
    # concat_and_deploy ${service}
    if [ "$DOMAIN" = "${config['match_domain']}" ]; then
@ -25,7 +25,7 @@ deploy_cert() {<%text>
 exit_hook() {<%text>
    local ERROR="${1:-}"</%text>
-% for service in sorted(node.metadata.get('letsencrypt', {}).get('reload_after', set())):
+% for service in sorted(node.metadata.get('letsencrypt/reload_after', set())):
    systemctl reload-or-restart ${service}
 % endfor
 }
--- a/bundles/lldp/files/bundlewrap.conf
+++ b/bundles/lldp/files/bundlewrap.conf
@ -6,5 +6,5 @@
 #
 # --> Diese Datei wird von BundleWrap verwaltet! <--
-configure system hostname "${node.metadata.get('lldp', {}).get('hostname', node.name)}"
+configure system hostname "${node.metadata.get('lldp/hostname', node.name)}"
 configure system platform "${node.os}"
--- a/bundles/nfs-client/items.py
+++ b/bundles/nfs-client/items.py
@ -1,4 +1,4 @@
-for mount, data in node.metadata.get('nfs-client',{}).get('mounts',{}).items():
+for mount, data in node.metadata.get('nfs-client/mounts',{}).items():
    data['mount'] = mount
    data['mount_options'] = set(data.get('mount_options', set()))
--- a/bundles/nginx/items.py
+++ b/bundles/nginx/items.py
@ -60,7 +60,7 @@ if node.metadata['nginx']['use_ssl_for_all_connections']:
        },
    }
-for vhost, config in node.metadata.get('nginx', {}).get('vhosts', {}).items():
+for vhost, config in node.metadata.get('nginx/vhosts', {}).items():
    if not 'domain' in config:
        config['domain'] = vhost
@ -69,7 +69,7 @@ for vhost, config in node.metadata.get('nginx', {}).get('vhosts', {}).items():
        'content_type': 'mako',
        'context': {
            'vhost': vhost,
-            'php_version': node.metadata.get('php', {}).get('version', ''),
+            'php_version': node.metadata.get('php/version', ''),
            **config,
        },
        'needs': set(),
--- a/bundles/octoprint/items.py
+++ b/bundles/octoprint/items.py
@ -39,7 +39,7 @@ files = {
        'mode': '0755',
        'content_type': 'mako',
        'context': {
-            'api_key': node.metadata.get('octoprint', {}).get('api_key', ''),
+            'api_key': node.metadata.get('octoprint/api_key', ''),
        },
    },
 }
--- a/bundles/openssh/items.py
+++ b/bundles/openssh/items.py
@ -1,5 +1,5 @@
 users_from_metadata = set()
-additional_users = node.metadata.get('openssh', {}).get('allowed_users', set())
+additional_users = node.metadata.get('openssh/allowed_users', set())
 for user, config in node.metadata.get('users', {}).items():
    if 'ssh_pubkey' in config and not config.get('delete', False):
--- a/bundles/openvpn-client/items.py
+++ b/bundles/openvpn-client/items.py
@ -6,7 +6,7 @@ directories = {
    },
 }
-for config in node.metadata.get('openvpn-client', {}).get('configs', set()):
+for config in node.metadata.get('openvpn-client/configs', set()):
    files[f'/etc/openvpn/client/{config}.conf'] = {
        'content': repo.vault.decrypt_file(join('openvpn-client', f'{config}.conf.vault')),
        'triggers': {
--- a/bundles/pacman/items.py
+++ b/bundles/pacman/items.py
@ -15,5 +15,5 @@ pkg_pacman = {
    'wpa_actiond': {},
 }
-for pkg, config in node.metadata.get('pacman', {}).get('packages', {}).items():
+for pkg, config in node.metadata.get('pacman/packages', {}).items():
    pkg_pacman[pkg] = config
--- a/bundles/postfix/files/aliases
+++ b/bundles/postfix/files/aliases
@ -1,6 +1,6 @@
 root: hostmaster@kunbox.net
 postmaster: hostmaster@kunbox.net
-% for source, target in node.metadata.get('postfix', {}).get('aliases', {}).items():
+% for source, target in node.metadata.get('postfix/aliases', {}).items():
 ${source}: ${', '.join(sorted(target))}
 % endfor
--- a/bundles/postfix/files/main.cf
+++ b/bundles/postfix/files/main.cf
@ -3,14 +3,14 @@ biff = no
 append_dot_mydomain = no
 readme_directory = no
 compatibility_level = 2
-myhostname = ${node.metadata.get('postfix', {}).get('myhostname', node.metadata['hostname'])}
+myhostname = ${node.metadata.get('postfix/myhostname', node.metadata['hostname'])}
 myorigin = /etc/mailname
 mydestination = $myhostname, localhost
 mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
 mailbox_size_limit = 0
 recipient_delimiter = +
 inet_protocols = all
-message_size_limit = ${node.metadata.get('postfix', {}).get('message_size_limit_mb', 10)*1024*1024}
+message_size_limit = ${node.metadata.get('postfix/message_size_limit_mb', 10)*1024*1024}
 alias_database = hash:/etc/aliases
 alias_maps = hash:/etc/aliases
--- a/bundles/postfix/items.py
+++ b/bundles/postfix/items.py
@ -3,7 +3,7 @@ if node.has_bundle('postfixadmin'):
 files = {
    '/etc/mailname': {
-        'content': node.metadata.get('postfix', {}).get('myhostname', node.metadata['hostname']),
+        'content': node.metadata.get('postfix/myhostname', node.metadata['hostname']),
        'triggers': {
            'svc_systemd:postfix:restart',
        },
--- a/bundles/postgresql/files/pg_hba.conf
+++ b/bundles/postgresql/files/pg_hba.conf
@ -1,4 +1,4 @@
-% for custom_rule in sorted(node.metadata.get('postgresql', {}).get('custom_rules', [])):
+% for custom_rule in sorted(node.metadata.get('postgresql/custom_rules', [])):
 ${custom_rule}
 % endfor
 local   all             postgres                                peer
--- a/bundles/postgresql/items.py
+++ b/bundles/postgresql/items.py
@ -63,7 +63,7 @@ if node.has_bundle('backup-client'): # and not node.has_bundle('zfs'):
        'source': 'backup-pre-hook',
        'content_type': 'mako',
        'context': {
-            'databases': node.metadata.get('postgresql', {}).get('databases', {}).keys(),
+            'databases': node.metadata.get('postgresql/databases', {}).keys(),
        },
        'mode': '0700',
    }
@ -89,7 +89,7 @@ svc_systemd = {
 postgres_dbs = {}
-for user, config in node.metadata.get('postgresql', {}).get('roles', {}).items():
+for user, config in node.metadata.get('postgresql/roles', {}).items():
    postgres_roles[user] = {
        'password': config['password'],
        'needs': {
@ -97,7 +97,7 @@ for user, config in node.metadata.get('postgresql', {}).get('roles', {}).items()
        },
    }
-for database, config in node.metadata.get('postgresql', {}).get('databases', {}).items():
+for database, config in node.metadata.get('postgresql/databases', {}).items():
    postgres_dbs[database] = {
        'owner': config['owner'],
        'needs': {
--- a/bundles/powerdns/items.py
+++ b/bundles/powerdns/items.py
@ -24,7 +24,7 @@ $TTL 60
    )
 """
 for rnode in sorted(repo.nodes_in_group('dns')):
-    ZONE_HEADER += '@       IN  NS {}.\n'.format(rnode.metadata.get('powerdns', {}).get('my_hostname', rnode.metadata['hostname']))
+    ZONE_HEADER += '@       IN  NS {}.\n'.format(rnode.metadata.get('powerdns/my_hostname', rnode.metadata['hostname']))
 directories = {
    '/etc/powerdns/pdns.d': {
@ -85,7 +85,7 @@ actions = {
    },
 }
-if node.metadata['powerdns'].get('features', {}).get('bind', False):
+if node.metadata.get('powerdns/features/bind', False):
    primary_zones = set()
    for zone in listdir(zone_path):
        if not isfile(join(zone_path, zone)) or zone.startswith(".") or zone.startswith("_"):
@ -103,7 +103,7 @@ if node.metadata['powerdns'].get('features', {}).get('bind', False):
            'content_type': 'mako',
            'context': {
                'header': ZONE_HEADER.format(serial=serial),
-                'metadata_records': node.metadata.get('powerdns', {}).get('bind-zones', {}).get(zone, {}).get('records', []),
+                'metadata_records': node.metadata.get('powerdns/bind-zones/{}/records'.format(zone), []),
            },
            'source': 'bind-zones/{}'.format(zone),
            'triggers': {
@ -142,7 +142,7 @@ if node.metadata['powerdns'].get('features', {}).get('bind', False):
        },
    }
-if node.metadata['powerdns'].get('features', {}).get('pgsql', False):
+if node.metadata.get('powerdns/features/pgsql', False):
    files['/etc/powerdns/pdns.d/pgsql.conf'] = {
        'content_type': 'mako',
        'context': {
--- a/bundles/pppd/items.py
+++ b/bundles/pppd/items.py
@ -71,7 +71,7 @@ files = {
    '/etc/ppp/wait-until-stopped': {
        'content_type': 'mako',
        'context': {
-            'services': node.metadata.get('pppd', {}).get('wait-until-stopped', set()),
+            'services': node.metadata.get('pppd/wait-until-stopped', set()),
        },
        'mode': '0700',
    },
--- a/bundles/radicale/items.py
+++ b/bundles/radicale/items.py
@ -27,7 +27,7 @@ files = {
    '/etc/radicale/htpasswd': {
        'content_type': 'mako',
        'context': {
-            'users': node.metadata.get('radicale', {}).get('users', {}),
+            'users': node.metadata.get('radicale/users', {}),
        },
        'triggers': {
            'svc_systemd:radicale:restart',
--- a/bundles/redis/files/redis.conf
+++ b/bundles/redis/files/redis.conf
@ -3,10 +3,10 @@ aof-load-truncated yes
 aof-rewrite-incremental-fsync yes
 appendfilename "appendonly.aof"
 appendfsync everysec
-appendonly ${node.metadata.get('redis', {}).get('appendonly', "no")}
+appendonly ${node.metadata.get('redis/appendonly', "no")}
 auto-aof-rewrite-min-size 64mb
 auto-aof-rewrite-percentage 100
-bind ${node.metadata.get('redis', {}).get('bind', "127.0.0.1")}
+bind ${node.metadata.get('redis/bind', '127.0.0.1')}
 client-output-buffer-limit normal 0 0 0
 client-output-buffer-limit pubsub 32mb 8mb 60
 client-output-buffer-limit slave 256mb 64mb 60
--- a/bundles/rspamd/files/ip_whitelist.map
+++ b/bundles/rspamd/files/ip_whitelist.map
@ -1,3 +1,3 @@
-% for ip in sorted(node.metadata.get('rspamd', {}).get('ignore_spam_check_for_ips', set())):
+% for ip in sorted(node.metadata.get('rspamd/ignore_spam_check_for_ips', set())):
 ${ip}
 % endfor
--- a/bundles/smartd/files/smartd.conf
+++ b/bundles/smartd/files/smartd.conf
@ -1,4 +1,4 @@
 DEFAULT -d auto -a -n standby,12
-% for disk in sorted(node.metadata.get('smartd', {}).get('disks', set())):
+% for disk in sorted(node.metadata.get('smartd/disks', set())):
 ${disk}
 % endfor
--- a/bundles/systemd-networkd/items.py
+++ b/bundles/systemd-networkd/items.py
@ -73,7 +73,7 @@ for interface, config in node.metadata['interfaces'].items():
            },
        }
-for bond, config in node.metadata.get('systemd-networkd', {}).get('bonds', {}).items():
+for bond, config in node.metadata.get('systemd-networkd/bonds', {}).items():
    files['/etc/systemd/network/20-bond-{}.netdev'.format(bond)] = {
        'source': 'template-bond.netdev',
        'content_type': 'mako',
@ -104,7 +104,7 @@ for bond, config in node.metadata.get('systemd-networkd', {}).get('bonds', {}).i
        },
    }
-for brname, config in node.metadata.get('systemd-networkd', {}).get('bridges', {}).items():
+for brname, config in node.metadata.get('systemd-networkd/bridges', {}).items():
    files['/etc/systemd/network/30-bridge-{}.netdev'.format(brname)] = {
        'source': 'template-bridge.netdev',
        'content_type': 'mako',
--- a/bundles/systemd/items.py
+++ b/bundles/systemd/items.py
@ -31,7 +31,7 @@ files = {
    '/etc/systemd/journald.conf': {
        'content_type': 'mako',
        'context': {
-            'journal': node.metadata.get('systemd', {}).get('journal', {}),
+            'journal': node.metadata.get('systemd/journal', {}),
        },
        'triggers': {
            'svc_systemd:systemd-journald:restart',
--- a/bundles/wireguard/files/pppd-ip-up
+++ b/bundles/wireguard/files/pppd-ip-up
@ -4,7 +4,7 @@
 # it gets connected. Easiest way is to simply send some pings to the
 # other side.
-% for peer, config in node.metadata.get('wireguard', {}).get('peers', {}).items():
+% for peer, config in node.metadata.get('wireguard/peers', {}).items():
 %   for ip in sorted(config['ips']):
 # refresh connection to ${peer} ${ip}
 /usr/bin/ping -c 4 ${ip.split('/')[0] if '/' in ip else ip}
--- a/bundles/zfs/files/zfs-modprobe.conf
+++ b/bundles/zfs/files/zfs-modprobe.conf
@ -1,5 +1,5 @@
 <%
-    arc_max_mb = node.metadata.get('zfs', {}).get('module_options', {}).get('zfs_arc_max_mb', 1024)
+    arc_max_mb = node.metadata.get('zfs/module_options/zfs_arc_max_mb', 1024)
 %>\
 % if arc_max_mb != 0:
 options zfs zfs_arc_max=${arc_max_mb * 1024 * 1024}
--- a/bundles/zfs/items.py
+++ b/bundles/zfs/items.py
@ -30,7 +30,7 @@ files = {
    },
    '/etc/zfs-snapshot-config.json': {
        'content': dumps(
-            node.metadata.get('zfs', {}).get('snapshots', {}),
+            node.metadata.get('zfs/snapshots', {}),
            cls=MetadataJSONEncoder,  # turns sets into sorted lists
            indent=4,
            sort_keys=True,
@ -72,10 +72,10 @@ svc_systemd = {
    },
 }
-zfs_datasets = node.metadata.get('zfs', {}).get('datasets', {})
+zfs_datasets = node.metadata.get('zfs/datasets', {})
 zfs_pools = {}
-for name, attrs in node.metadata.get('zfs', {}).get('pools', {}).items():
+for name, attrs in node.metadata.get('zfs/pools', {}).items():
    zfs_pools[name] = attrs
    # Not yet supported on debian buster
--- a/hooks/test_backup_metadata.py
+++ b/hooks/test_backup_metadata.py
@ -2,7 +2,7 @@ def test_node(repo, node, **kwargs):
    if not node.has_bundle('backup-client'):
        return
-    if node.metadata.get('backups', {}).get('exclude_from_backups', False):
+    if node.metadata.get('backups/exclude_from_backups', False):
        return
-    assert len(node.metadata.get('backups', {}).get('paths', set())) > 0, f'{node.name} has backups configured, but no backup paths defined!'
+    assert len(node.metadata.get('backups/paths', set())) > 0, f'{node.name} has backups configured, but no backup paths defined!'