Hosting Operations
Verify Restored File Checksums
You need to run the checksum manifest inside the restored sandbox and confirm each restored file is OK.
Command
cd restore-dr && rm -rf restore-sandbox/full && mkdir -p restore-sandbox/full && tar -xf backups/2026-06-25/site.tar -C restore-sandbox/full && (cd restore-sandbox/full && sha256sum -c CHECKSUMS.sha256)What changed
The archive is extracted under restore-sandbox/full, then checksum validation reads restored files.
Danger
caution
When to use it
Use during restore drills when byte-level validation matters.
When not to use it
Do not validate against a checksum file from an untrusted or unrelated backup.
Undo or recovery
Remove the restore-dr/restore-sandbox/full directory from the fixture copy.
Expected output
One OK line per restored file in the checksum manifest.
demo script
Disposable terminal steps
cd restore-dr && rm -rf restore-sandbox/full && mkdir -p restore-sandbox/full && tar -xf backups/2026-06-25/site.tar -C restore-sandbox/fullcd restore-dr && (cd restore-sandbox/full && sha256sum -c CHECKSUMS.sha256)
simulated output
What it looks like
::fixture-ready::
$ cd restore-dr && rm -rf restore-sandbox/full && mkdir -p restore-sandbox/full && tar -xf backups/2026-06-25/site.tar -C restore-sandbox/full
::exit-code::0
$ cd restore-dr && (cd restore-sandbox/full && sha256sum -c CHECKSUMS.sha256)
app/config.yml: OK
app/secrets.env: OK
public/index.html: OK
app/orders.csv: OK
uploads/avatar.txt: OK
bin/deploy.sh: OK
::exit-code::0
YouTube Short
Verify restored bytes.
File names are not enough. Run the checksum manifest inside the restored sandbox and look for OK on every critical file.
LinkedIn hook
A restore is not validated until the bytes match.
Question: Do your restore drills verify bytes or only file names?
experiments
A/B tests to run
Metric: save_rate
A: Restored is not verified.
B: Make every restored byte prove itself.