diff --git a/README.md b/README.md index 92be861..683034e 100644 --- a/README.md +++ b/README.md @@ -1,32 +1,31 @@ # Backupbot II: This Time It's Easily Configurable -Automatically backup files from running Docker Swarm services based on labels. +[![Build Status](https://build.coopcloud.tech/api/badges/coop-cloud/backup-bot-two/status.svg)](https://build.coopcloud.tech/coop-cloud/backup-bot-two) + +Automatically take backups from running Docker Swarm services into a volume. ## Background -There are lots of Docker volume backup systems; all of them have one or both of -these problems: +There are lots of Docker volume backup systems; all of them have one or both of these problems: - You need to define all the volumes to back up in the configuration system - Backups require services to be stopped to take consistent copies Backupbot II tries to solve these problems by **letting you define how to back up your services using Docker labels**, so you can **easily collect your backups for use with another system** like docker-volume-backup. -## TODO +## Deployment -A first stab: -- [x] Make a Docker image of this -- [x] Add secret handling for database backups -- [ ] SSH remote storage - - [ ] Add SSH key handling - - [ ] SSH host key checking -- [x] S3 remote storage -- [x] Re-add `crond` support +### With Co-op Cloud -Future: -- [ ] Continuous linting with shellcheck -- [ ] Rip out or improve Restic stuff +1. Set up Docker Swarm and [`abra`][abra] +2. `abra app new backup-bot-two` +3. `abra app config `, and set storage options. Either configure `CRON_SCHEDULE`, or set up `swarm-cronjob` +4. `abra app secret generate restic-password v1`, optionally with `--pass` before `` to save the generated secret in `pass`. +5. `abra app secret insert ssh-key v1 ...` or similar, to load required secrets. +4. `abra app deploy ` -## Label format +## Configuration + +Like Traefik, or `swarm-cronjob`, Backupbot II uses access to the Docker socket to read labels from running Docker Swarm services: ``` services: @@ -34,9 +33,23 @@ services: deploy: labels: backupbot.backup: "true" - backupbot.backup.repos: "$some_thing" - backupbot.backup.at: "* * * * *" backupbot.backup.pre-hook: 'mysqldump -u root -p"$(cat /run/secrets/db_root_password)" -f /tmp/dump/dump.db' backupbot.backup.post-hook: "rm -rf /tmp/dump/dump.db" backupbot.backup.path: "/tmp/dump/" ``` + +- `backupbot.backup` -- set to `true` to back up this service (REQUIRED) +- `backupbot.backup.path` -- file path within the service to copy (REQUIRED) +- `backupbot.backup.pre-hook` -- command to run before copying files (optional) +- `backupbot.backup.post-hook` -- command to run after copying files (optional) + +As in the above example, you can reference Docker Secrets, e.g. for looking up database passwords, by reading the files in `/run/secrets` directly. + +## Development + +1. Install `direnv` +2. `cp .envrc.sample .envrc` +3. Edit `.envrc` as appropriate, including setting `DOCKER_CONTEXT` to a remote Docker context, if you're not running a swarm server locally. +4. Run `./backup.sh` -- you can add the `--skip-backup` or `--skip-upload` options if you just want to test one other step + +[abra]: https://git.autonomic.zone/autonomic-cooperative/abra