forked from coop-cloud/backup-bot-two
		
	Compare commits
	
		
			28 Commits
		
	
	
		
			multi_path
			...
			bb2-classi
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 7f1a02523e | |||
| b01ad30ea0 | |||
| 5e1032682b | |||
| 451c511554 | |||
| 87d584e4e8 | |||
| a171d9eea0 | |||
| 620ab4e3d7 | |||
| 83a3d82ea5 | |||
| 6450c80236 | |||
| 6f6a82153a | |||
| efc942c041 | |||
| 0c4bc19e2a | |||
| dde9987de6 | |||
| 5f734bc371 | |||
| 27e2e61d7f | |||
| 1bb1917e18 | |||
| 7b8b3b1acd | |||
| 9c5ba87232 | |||
| 9064bebb56 | |||
| 4fdb585825 | |||
| bde63b3f6f | |||
| 92dfd23b26 | |||
| bab224ab96 | |||
| 36928c34ac | |||
| 9b324476c2 | |||
| 7aa464e271 | |||
| 59c071734a | |||
| 940b6bde1a | 
							
								
								
									
										28
									
								
								.drone.yml
									
									
									
									
									
								
							
							
						
						
									
										28
									
								
								.drone.yml
									
									
									
									
									
								
							| @ -10,12 +10,12 @@ steps: | ||||
|   - name: publish image | ||||
|     image: plugins/docker | ||||
|     settings: | ||||
|       auto_tag: true | ||||
|       username: thecoopcloud | ||||
|       username: 3wordchant | ||||
|       password: | ||||
|         from_secret: thecoopcloud_password | ||||
|       repo: thecoopcloud/backup-bot-two | ||||
|       tags: latest | ||||
|         from_secret: git_coopcloud_tech_token_3wc | ||||
|       repo: git.coopcloud.tech/coop-cloud/backup-bot-two | ||||
|       tags: 1.0.0 | ||||
|       registry: git.coopcloud.tech | ||||
|     depends_on: | ||||
|       - run shellcheck | ||||
|     when: | ||||
| @ -25,4 +25,20 @@ steps: | ||||
|  | ||||
| trigger: | ||||
|   branch: | ||||
|     - main | ||||
|     - bb2-classic | ||||
| --- | ||||
| kind: pipeline | ||||
| name: generate recipe catalogue | ||||
| steps: | ||||
|   - name: release a new version | ||||
|     image: plugins/downstream | ||||
|     settings: | ||||
|       server: https://build.coopcloud.tech | ||||
|       token: | ||||
|         from_secret: drone_abra-bot_token | ||||
|       fork: true | ||||
|       repositories: | ||||
|         - coop-cloud/auto-recipes-catalogue-json | ||||
|  | ||||
| trigger: | ||||
|   event: tag | ||||
|  | ||||
| @ -8,6 +8,7 @@ SERVER_NAME=example.com | ||||
| RESTIC_HOST=minio.example.com | ||||
|  | ||||
| CRON_SCHEDULE='*/5 * * * *' | ||||
| REMOVE_BACKUP_VOLUME_AFTER_UPLOAD=1 | ||||
|  | ||||
| # swarm-cronjob, instead of built-in cron | ||||
| #COMPOSE_FILE="$COMPOSE_FILE:compose.swarm-cronjob.yml" | ||||
| @ -21,3 +22,8 @@ CRON_SCHEDULE='*/5 * * * *' | ||||
| #SECRET_AWS_SECRET_ACCESS_KEY_VERSION=v1 | ||||
| #AWS_ACCESS_KEY_ID=something-secret | ||||
| #COMPOSE_FILE="$COMPOSE_FILE:compose.s3.yml" | ||||
|  | ||||
| # HTTPS storage | ||||
| #SECRET_HTTPS_PASSWORD_VERSION=v1 | ||||
| #COMPOSE_FILE="$COMPOSE_FILE:compose.https.yml" | ||||
| #RESTIC_USER=<somebody> | ||||
|  | ||||
| @ -10,6 +10,8 @@ export DOCKER_CONTEXT=$SERVER_NAME | ||||
| # or this: | ||||
| #export AWS_SECRET_ACCESS_KEY_FILE=s3 | ||||
| #export AWS_ACCESS_KEY_ID=easter-october-emphatic-tug-urgent-customer | ||||
| # or this: | ||||
| #export HTTPS_PASSWORD_FILE=/run/secrets/https_password | ||||
|  | ||||
| # optionally limit subset of services for testing | ||||
| #export SERVICES_OVERRIDE="ghost_domain_tld_app ghost_domain_tld_db" | ||||
|  | ||||
| @ -1,4 +1,4 @@ | ||||
| FROM docker:19.03.13-dind | ||||
| FROM docker:24.0.6-dind | ||||
|  | ||||
| RUN apk add --upgrade --no-cache \ | ||||
|   bash \ | ||||
|  | ||||
							
								
								
									
										17
									
								
								backup.sh
									
									
									
									
									
								
							
							
						
						
									
										17
									
								
								backup.sh
									
									
									
									
									
								
							| @ -11,6 +11,8 @@ backup_path="${BACKUP_DEST:?BACKUP_DEST not set}" | ||||
| # shellcheck disable=SC2153 | ||||
| ssh_key_file="${SSH_KEY_FILE}" | ||||
| s3_key_file="${AWS_SECRET_ACCESS_KEY_FILE}" | ||||
| # shellcheck disable=SC2153 | ||||
| https_password_file="${HTTPS_PASSWORD_FILE}" | ||||
|  | ||||
| restic_repo= | ||||
| restic_extra_options= | ||||
| @ -39,8 +41,15 @@ if [ -n "$s3_key_file" ] && [ -f "$s3_key_file" ] && [ -n "$AWS_ACCESS_KEY_ID" ] | ||||
| 	restic_repo="s3:$restic_host:/$server_name" | ||||
| fi | ||||
|  | ||||
| if [ -n "$https_password_file" ] && [ -f "$https_password_file" ]; then | ||||
| 	HTTPS_PASSWORD="$(cat "${https_password_file}")" | ||||
| 	export HTTPS_PASSWORD | ||||
| 	restic_user="${RESTIC_USER:?RESTIC_USER not set}" | ||||
| 	restic_repo="rest:https://$restic_user:$HTTPS_PASSWORD@$restic_host" | ||||
| fi | ||||
|  | ||||
| if [ -z "$restic_repo" ]; then | ||||
| 	echo "you must configure either SFTP or S3 storage, see README" | ||||
| 	echo "you must configure either SFTP, S3, or HTTPS storage, see README" | ||||
| 	exit 1 | ||||
| fi | ||||
|  | ||||
| @ -122,5 +131,9 @@ fi | ||||
|  | ||||
| if [[ \ $*\  != *\ --skip-upload\ * ]]; then | ||||
| 	_restic backup --host "$server_name" --tag coop-cloud "$backup_path" | ||||
| fi | ||||
|  | ||||
| 	if [ "$REMOVE_BACKUP_VOLUME_AFTER_UPLOAD" -eq 1 ]; then | ||||
| 		echo "Cleaning up ${backup_path}" | ||||
| 		rm -rf "${backup_path:?}"/* | ||||
| 	fi | ||||
| fi | ||||
|  | ||||
							
								
								
									
										15
									
								
								compose.https.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										15
									
								
								compose.https.yml
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,15 @@ | ||||
| --- | ||||
| version: "3.8" | ||||
| services: | ||||
|   app: | ||||
|     environment: | ||||
|       - HTTPS_PASSWORD_FILE=/run/secrets/https_password | ||||
|       - RESTIC_USER | ||||
|     secrets: | ||||
|       - source: https_password | ||||
|         mode: 0400 | ||||
|  | ||||
| secrets: | ||||
|   https_password: | ||||
|     external: true | ||||
|     name: ${STACK_NAME}_https_password_${SECRET_HTTPS_PASSWORD_VERSION} | ||||
							
								
								
									
										12
									
								
								compose.yml
									
									
									
									
									
								
							
							
						
						
									
										12
									
								
								compose.yml
									
									
									
									
									
								
							| @ -2,8 +2,8 @@ | ||||
| version: "3.8" | ||||
| services: | ||||
|   app: | ||||
|     image: thecoopcloud/backup-bot-two:latest | ||||
|     build: . | ||||
|     image: git.coopcloud.tech:1.0.0 | ||||
| #    build: . | ||||
|     volumes: | ||||
|       - "/var/run/docker.sock:/var/run/docker.sock" | ||||
|       - "backups:/backups" | ||||
| @ -14,11 +14,17 @@ services: | ||||
|       - BACKUP_DEST=/backups | ||||
|       - RESTIC_HOST | ||||
|       - SERVER_NAME | ||||
|       - REMOVE_BACKUP_VOLUME_AFTER_UPLOAD=1 | ||||
|     secrets: | ||||
|       - restic_password | ||||
|     deploy: | ||||
|       labels: | ||||
|         - coop-cloud.${STACK_NAME}.app.version= | ||||
|         - "traefik.enable=true" | ||||
|         - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=8008" | ||||
|         - "traefik.http.routers.${STACK_NAME}.rule=" | ||||
|         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure" | ||||
|         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}" | ||||
|         - coop-cloud.${STACK_NAME}.version=0.2.0+1.0.0 | ||||
|  | ||||
| volumes: | ||||
|   backups: | ||||
|  | ||||
							
								
								
									
										3
									
								
								renovate.json
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								renovate.json
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,3 @@ | ||||
| { | ||||
|   "$schema": "https://docs.renovatebot.com/renovate-schema.json" | ||||
| } | ||||
		Reference in New Issue
	
	Block a user