Work-in-progress: split S3 & SSH storage
This commit is contained in:
parent
f5e87f396a
commit
ed76e6164b
|
|
@ -0,0 +1,13 @@
|
|||
TYPE=backup-bot-two
|
||||
|
||||
SECRET_RESTIC_PASSWORD_VERSION=v1
|
||||
|
||||
COMPOSE_FILE=compose.yml
|
||||
|
||||
# SSH storage
|
||||
#SECRET_SSH_KEY_VERSION=v1
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.ssh.yml"
|
||||
|
||||
# S3 storage
|
||||
#SECRET_AWS_SECRET_ACCESS_KEY_VERSION=v1
|
||||
#COMPOSE_FILE="$COMPOSE_FILE:compose.s3.yml"
|
||||
|
|
@ -3,12 +3,13 @@ FROM docker:19.03.13-dind
|
|||
RUN apk add --upgrade --no-cache \
|
||||
bash \
|
||||
curl \
|
||||
jq \
|
||||
restic
|
||||
|
||||
RUN curl -L https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 --output /usr/bin/jq
|
||||
RUN chmod +x /usr/bin/jq
|
||||
|
||||
COPY backup.sh /usr/bin/backup.sh
|
||||
RUN chmod +x /usr/bin/backup.sh
|
||||
|
||||
ENTRYPOINT ["/usr/bin/backup.sh"]
|
||||
RUN echo "* * * * * /usr/bin/backup.sh" | crontab -
|
||||
RUN crontab -l
|
||||
|
||||
ENTRYPOINT ["crond", "-f", "-L", "/dev/stdout"]
|
||||
|
|
|
|||
|
|
@ -11,6 +11,9 @@ restic_repo="sftp:$restic_sftp_host:/$server_name"
|
|||
backup_path="${BACKUP_DEST:?BACKUP_DEST not set}"
|
||||
|
||||
if [ -n "$SERVICES_OVERRIDE" ]; then
|
||||
# this is fine because docker service names should never include spaces or
|
||||
# glob characters
|
||||
# shellcheck disable=SC2206
|
||||
services=($SERVICES_OVERRIDE)
|
||||
else
|
||||
mapfile -t services < <(docker service ls --format '{{ .Name }}')
|
||||
|
|
|
|||
|
|
@ -0,0 +1,14 @@
|
|||
---
|
||||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- AWS_ACCESS_KEY_ID
|
||||
- AWS_SECRET_ACCESS_KEY_FILE=/run/secrets/aws_secret_access_key
|
||||
secrets:
|
||||
- aws_secret_access_key
|
||||
|
||||
secrets:
|
||||
aws_secret_access_key:
|
||||
external: true
|
||||
name: ${STACK_NAME}_aws_secret_access_key_${SECRET_AWS_SECRET_ACCESS_KEY_VERSION}
|
||||
|
|
@ -0,0 +1,13 @@
|
|||
---
|
||||
version: "3.8"
|
||||
services:
|
||||
app:
|
||||
environment:
|
||||
- SSH_KEY_FILE=/run/secrets/ssh_key
|
||||
secrets:
|
||||
- ssh_key
|
||||
|
||||
secrets:
|
||||
ssh_key:
|
||||
external: true
|
||||
name: ${STACK_NAME}_ssh_key_${SECRET_SSH_KEY_VERSION}
|
||||
12
compose.yml
12
compose.yml
|
|
@ -3,6 +3,7 @@ version: "3.8"
|
|||
services:
|
||||
app:
|
||||
image: thecoopcloud/backup-bot-two:latest
|
||||
build: .
|
||||
volumes:
|
||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
||||
- "backups:/backups"
|
||||
|
|
@ -19,12 +20,17 @@ services:
|
|||
replicas: 0
|
||||
labels:
|
||||
- "swarm.cronjob.enable=true"
|
||||
# Note(3wc): every minute, testing
|
||||
# Note(3wc): every 5m, testing
|
||||
- "swarm.cronjob.schedule=*/5 * * * *"
|
||||
# - "swarm.cronjob.schedule=0 9 * * 1-5" # office hours
|
||||
- coop-cloud.${STACK_NAME}.app.version=24.98.9-slim-d3db1c25
|
||||
# Note(3wc): blank label to be picked up by `abra recipe sync`
|
||||
- coop-cloud.${STACK_NAME}.app.version=
|
||||
restart_policy:
|
||||
condition: none
|
||||
|
||||
volumes:
|
||||
backups:
|
||||
|
||||
secrets:
|
||||
restic_password:
|
||||
external: true
|
||||
name: ${STACK_NAME}_restic_password_${SECRET_RESTIC_PASSWORD_VERSION}
|
||||
|
|
|
|||
Loading…
Reference in New Issue