chore: publish 0.2.0+1.0.0 release

.drone.yml

@@ -10,12 +10,12 @@ steps:
   - name: publish image
     image: plugins/docker
     settings:
-      auto_tag: true
-      username: thecoopcloud
+      username: 3wordchant
       password:
-        from_secret: thecoopcloud_password
-      repo: thecoopcloud/backup-bot-two
-      tags: latest
+        from_secret: git_coopcloud_tech_token_3wc
+      repo: git.coopcloud.tech/coop-cloud/backup-bot-two
+      tags: 1.0.0
+      registry: git.coopcloud.tech
     depends_on:
       - run shellcheck
     when:
@@ -25,4 +25,20 @@ steps:
 
 trigger:
   branch:
-    - main
+    - bb2-classic
+---
+kind: pipeline
+name: generate recipe catalogue
+steps:
+  - name: release a new version
+    image: plugins/downstream
+    settings:
+      server: https://build.coopcloud.tech
+      token:
+        from_secret: drone_abra-bot_token
+      fork: true
+      repositories:
+        - coop-cloud/auto-recipes-catalogue-json
+
+trigger:
+  event: tag

.env.sample

@@ -22,3 +22,8 @@ REMOVE_BACKUP_VOLUME_AFTER_UPLOAD=1
 #SECRET_AWS_SECRET_ACCESS_KEY_VERSION=v1
 #AWS_ACCESS_KEY_ID=something-secret
 #COMPOSE_FILE="$COMPOSE_FILE:compose.s3.yml"
+
+# HTTPS storage
+#SECRET_HTTPS_PASSWORD_VERSION=v1
+#COMPOSE_FILE="$COMPOSE_FILE:compose.https.yml"
+#RESTIC_USER=<somebody>

.envrc.sample

@@ -10,6 +10,8 @@ export DOCKER_CONTEXT=$SERVER_NAME
 # or this:
 #export AWS_SECRET_ACCESS_KEY_FILE=s3
 #export AWS_ACCESS_KEY_ID=easter-october-emphatic-tug-urgent-customer
+# or this:
+#export HTTPS_PASSWORD_FILE=/run/secrets/https_password
 
 # optionally limit subset of services for testing
 #export SERVICES_OVERRIDE="ghost_domain_tld_app ghost_domain_tld_db"

Dockerfile

@@ -1,4 +1,4 @@
-FROM docker:24.0.2-dind
+FROM docker:24.0.6-dind
 
 RUN apk add --upgrade --no-cache \
   bash \

backup.sh

@@ -11,6 +11,8 @@ backup_path="${BACKUP_DEST:?BACKUP_DEST not set}"
 # shellcheck disable=SC2153
 ssh_key_file="${SSH_KEY_FILE}"
 s3_key_file="${AWS_SECRET_ACCESS_KEY_FILE}"
+# shellcheck disable=SC2153
+https_password_file="${HTTPS_PASSWORD_FILE}"
 
 restic_repo=
 restic_extra_options=
@@ -39,8 +41,15 @@ if [ -n "$s3_key_file" ] && [ -f "$s3_key_file" ] && [ -n "$AWS_ACCESS_KEY_ID" ]
 	restic_repo="s3:$restic_host:/$server_name"
 fi
 
+if [ -n "$https_password_file" ] && [ -f "$https_password_file" ]; then
+	HTTPS_PASSWORD="$(cat "${https_password_file}")"
+	export HTTPS_PASSWORD
+	restic_user="${RESTIC_USER:?RESTIC_USER not set}"
+	restic_repo="rest:https://$restic_user:$HTTPS_PASSWORD@$restic_host"
+fi
+
 if [ -z "$restic_repo" ]; then
-	echo "you must configure either SFTP or S3 storage, see README"
+	echo "you must configure either SFTP, S3, or HTTPS storage, see README"
 	exit 1
 fi
 
@@ -125,6 +134,6 @@ if [[ \ $*\  != *\ --skip-upload\ * ]]; then
 
 	if [ "$REMOVE_BACKUP_VOLUME_AFTER_UPLOAD" -eq 1 ]; then
 		echo "Cleaning up ${backup_path}"
-		rm -rf "${backup_path}"
+		rm -rf "${backup_path:?}"/*
 	fi
 fi

compose.https.yml

@@ -0,0 +1,15 @@
+---
+version: "3.8"
+services:
+  app:
+    environment:
+      - HTTPS_PASSWORD_FILE=/run/secrets/https_password
+      - RESTIC_USER
+    secrets:
+      - source: https_password
+        mode: 0400
+
+secrets:
+  https_password:
+    external: true
+    name: ${STACK_NAME}_https_password_${SECRET_HTTPS_PASSWORD_VERSION}

compose.yml

@@ -2,7 +2,7 @@
 version: "3.8"
 services:
   app:
-    image: thecoopcloud/backup-bot-two:latest
+    image: git.coopcloud.tech:1.0.0
 #    build: .
     volumes:
       - "/var/run/docker.sock:/var/run/docker.sock"
@@ -24,7 +24,7 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule="
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - coop-cloud.${STACK_NAME}.version=0.1.0+latest
+        - coop-cloud.${STACK_NAME}.version=0.2.0+1.0.0
 
 volumes:
   backups: