Swarm backup bot
|
||
---|---|---|
.drone.yml | ||
Dockerfile | ||
LICENSE | ||
Makefile | ||
README.md | ||
renovate.json |
backup-bot
A robot who does backups in the swarm.
Publishing
If you push a commit to master, the Drone config will publish to Docker Hub.
Usage
docker stack deploy -c compose.yml -c compose.backup.yml mycoolapp
compose.backup.yml
backupbot:
image: "decentral1se/backup-bot:latest"
networks:
- backend
volumes:
- "wordpress_content:/var/www/html/wp-content/"
secrets:
- source: backup_bot_ssh_key
mode: 0400
- backup_bot_password
- db_password
configs:
- source: borgmatic_config_yml
target: /etc/borgmatic/config.yaml
environment:
- BORGBASE_REPO="foo@bar.repo.borgbase.com:repo"
- DB_HOST=mariadb
- DB_TABLE=wordpress
- DB_USER=wordpress
deploy:
mode: replicated
replicas: 0
labels:
- "swarm.cronjob.enable=true"
- "swarm.cronjob.schedule=0 2 * * *" # At 02:00
restart_policy:
condition: none
borgmatic.yml
location:
source_directories:
- /var/www/html/wp-content
repositories:
- { { env "BORGBASE_REPO" } }
storage:
compression: auto,zstd
encryption_passphrase: { { secret "backup_bot_password" } }
archive_name_format: "{hostname}-{now}"
ssh_command: "ssh -o 'StrictHostKeyChecking no' -i /run/secrets/backup_bot_ssh_key"
retention:
keep_daily: 3
keep_weekly: 4
keep_monthly: 12
keep_yearly: 2
prefix: "{hostname}-"
consistency:
checks:
- disabled
check_last: 3
prefix: "{hostname}-"
hooks:
before_backup:
- echo "`date` - Starting backup"
after_backup:
- echo "`date` - Finished backup"
mysql_databases:
- name: { { env "DB_TABLE" } }
hostname: { { env "DB_HOST" } }
port: 3306
username: { { env "DB_USER" } }
password: { { secret "db_password" } }