forked from coop-cloud/backup-bot-two
Compare commits
28 Commits
multi_path
...
0.2.0+1.0.
| Author | SHA1 | Date | |
|---|---|---|---|
| 7f1a02523e | |||
| b01ad30ea0 | |||
| 5e1032682b | |||
| 451c511554 | |||
| 87d584e4e8 | |||
| a171d9eea0 | |||
| 620ab4e3d7 | |||
| 83a3d82ea5 | |||
| 6450c80236 | |||
| 6f6a82153a | |||
| efc942c041 | |||
| 0c4bc19e2a | |||
| dde9987de6 | |||
| 5f734bc371 | |||
| 27e2e61d7f | |||
| 1bb1917e18 | |||
| 7b8b3b1acd | |||
| 9c5ba87232 | |||
| 9064bebb56 | |||
| 4fdb585825 | |||
| bde63b3f6f | |||
| 92dfd23b26 | |||
| bab224ab96 | |||
| 36928c34ac | |||
| 9b324476c2 | |||
| 7aa464e271 | |||
| 59c071734a | |||
| 940b6bde1a |
28
.drone.yml
28
.drone.yml
@ -10,12 +10,12 @@ steps:
|
||||
- name: publish image
|
||||
image: plugins/docker
|
||||
settings:
|
||||
auto_tag: true
|
||||
username: thecoopcloud
|
||||
username: 3wordchant
|
||||
password:
|
||||
from_secret: thecoopcloud_password
|
||||
repo: thecoopcloud/backup-bot-two
|
||||
tags: latest
|
||||
from_secret: git_coopcloud_tech_token_3wc
|
||||
repo: git.coopcloud.tech/coop-cloud/backup-bot-two
|
||||
tags: 1.0.0
|
||||
registry: git.coopcloud.tech
|
||||
depends_on:
|
||||
- run shellcheck
|
||||
when:
|
||||
@ -25,4 +25,20 @@ steps:
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- main
|
||||
- bb2-classic
|
||||
---
|
||||
kind: pipeline
|
||||
name: generate recipe catalogue
|
||||
steps:
|
||||
- name: release a new version
|
||||
image: plugins/downstream
|
||||
settings:
|
||||
server: https://build.coopcloud.tech
|
||||
token:
|
||||
from_secret: drone_abra-bot_token
|
||||
fork: true
|
||||
repositories:
|
||||
- coop-cloud/auto-recipes-catalogue-json
|
||||
|
||||
trigger:
|
||||
event: tag
|
||||
|
||||
@ -8,6 +8,7 @@ SERVER_NAME=example.com
|
||||
RESTIC_HOST=minio.example.com
|
||||
|
||||
CRON_SCHEDULE='*/5 * * * *'
|
||||
REMOVE_BACKUP_VOLUME_AFTER_UPLOAD=1
|
||||
|
||||
# swarm-cronjob, instead of built-in cron
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.swarm-cronjob.yml"
|
||||
@ -21,3 +22,8 @@ CRON_SCHEDULE='*/5 * * * *'
|
||||
#SECRET_AWS_SECRET_ACCESS_KEY_VERSION=v1
|
||||
#AWS_ACCESS_KEY_ID=something-secret
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.s3.yml"
|
||||
|
||||
# HTTPS storage
|
||||
#SECRET_HTTPS_PASSWORD_VERSION=v1
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.https.yml"
|
||||
#RESTIC_USER=<somebody>
|
||||
|
||||
@ -10,6 +10,8 @@ export DOCKER_CONTEXT=$SERVER_NAME
|
||||
# or this:
|
||||
#export AWS_SECRET_ACCESS_KEY_FILE=s3
|
||||
#export AWS_ACCESS_KEY_ID=easter-october-emphatic-tug-urgent-customer
|
||||
# or this:
|
||||
#export HTTPS_PASSWORD_FILE=/run/secrets/https_password
|
||||
|
||||
# optionally limit subset of services for testing
|
||||
#export SERVICES_OVERRIDE="ghost_domain_tld_app ghost_domain_tld_db"
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
FROM docker:19.03.13-dind
|
||||
FROM docker:24.0.6-dind
|
||||
|
||||
RUN apk add --upgrade --no-cache \
|
||||
bash \
|
||||
|
||||
17
backup.sh
17
backup.sh
@ -11,6 +11,8 @@ backup_path="${BACKUP_DEST:?BACKUP_DEST not set}"
|
||||
# shellcheck disable=SC2153
|
||||
ssh_key_file="${SSH_KEY_FILE}"
|
||||
s3_key_file="${AWS_SECRET_ACCESS_KEY_FILE}"
|
||||
# shellcheck disable=SC2153
|
||||
https_password_file="${HTTPS_PASSWORD_FILE}"
|
||||
|
||||
restic_repo=
|
||||
restic_extra_options=
|
||||
@ -39,8 +41,15 @@ if [ -n "$s3_key_file" ] && [ -f "$s3_key_file" ] && [ -n "$AWS_ACCESS_KEY_ID" ]
|
||||
restic_repo="s3:$restic_host:/$server_name"
|
||||
fi
|
||||
|
||||
if [ -n "$https_password_file" ] && [ -f "$https_password_file" ]; then
|
||||
HTTPS_PASSWORD="$(cat "${https_password_file}")"
|
||||
export HTTPS_PASSWORD
|
||||
restic_user="${RESTIC_USER:?RESTIC_USER not set}"
|
||||
restic_repo="rest:https://$restic_user:$HTTPS_PASSWORD@$restic_host"
|
||||
fi
|
||||
|
||||
if [ -z "$restic_repo" ]; then
|
||||
echo "you must configure either SFTP or S3 storage, see README"
|
||||
echo "you must configure either SFTP, S3, or HTTPS storage, see README"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
@ -122,5 +131,9 @@ fi
|
||||
|
||||
if [[ \ $*\ != *\ --skip-upload\ * ]]; then
|
||||
_restic backup --host "$server_name" --tag coop-cloud "$backup_path"
|
||||
fi
|
||||
|
||||
if [ "$REMOVE_BACKUP_VOLUME_AFTER_UPLOAD" -eq 1 ]; then
|
||||
echo "Cleaning up ${backup_path}"
|
||||
rm -rf "${backup_path:?}"/*
|
||||
fi
|
||||
fi
|
||||
|
||||
15
compose.https.yml
Normal file
15
compose.https.yml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- HTTPS_PASSWORD_FILE=/run/secrets/https_password
|
||||
- RESTIC_USER
|
||||
secrets:
|
||||
- source: https_password
|
||||
mode: 0400
|
||||
|
||||
secrets:
|
||||
https_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_https_password_${SECRET_HTTPS_PASSWORD_VERSION}
|
||||
12
compose.yml
12
compose.yml
@ -2,8 +2,8 @@
|
||||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
image: thecoopcloud/backup-bot-two:latest
|
||||
build: .
|
||||
image: git.coopcloud.tech:1.0.0
|
||||
# build: .
|
||||
volumes:
|
||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
||||
- "backups:/backups"
|
||||
@ -14,11 +14,17 @@ services:
|
||||
- BACKUP_DEST=/backups
|
||||
- RESTIC_HOST
|
||||
- SERVER_NAME
|
||||
- REMOVE_BACKUP_VOLUME_AFTER_UPLOAD=1
|
||||
secrets:
|
||||
- restic_password
|
||||
deploy:
|
||||
labels:
|
||||
- coop-cloud.${STACK_NAME}.app.version=
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8008"
|
||||
- "traefik.http.routers.${STACK_NAME}.rule="
|
||||
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
|
||||
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
|
||||
- coop-cloud.${STACK_NAME}.version=0.2.0+1.0.0
|
||||
|
||||
volumes:
|
||||
backups:
|
||||
|
||||
3
renovate.json
Normal file
3
renovate.json
Normal file
@ -0,0 +1,3 @@
|
||||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json"
|
||||
}
|
||||
Reference in New Issue
Block a user