kopia lustrzana https://github.com/borgmatic-collective/docker-borgmatic
Remove antiquated msmtp and ntfy images
Signed-off-by: Chirag Aggarwal <thechiragaggarwal@gmail.com>pull/244/head
rodzic
186659346f
commit
2996b0010b
|
@ -11,12 +11,12 @@ updates:
|
|||
|
||||
# Maintain dependencies for Docker
|
||||
- package-ecosystem: "docker" # See documentation for possible values
|
||||
directory: "/base" # Location of package manifests
|
||||
directory: "/" # Location of package manifests
|
||||
schedule:
|
||||
interval: "daily"
|
||||
|
||||
# Maintain dependencies for PIP
|
||||
- package-ecosystem: "pip"
|
||||
directory: "/base"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
|
|
|
@ -35,46 +35,6 @@ jobs:
|
|||
type=ref,event=branch
|
||||
type=raw,value=latest,enable={{is_default_branch}}
|
||||
|
||||
- name: Prepare MSMTP Build Metadata | DockerHub
|
||||
id: meta_msmtp_dockerhub
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
${{ secrets.DOCKER_USERNAME }}/borgmatic
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=raw,value=latest-msmtp,enable={{is_default_branch}}
|
||||
|
||||
- name: Prepare MSMTP Build Metadata | GHCR
|
||||
id: meta_msmtp_ghcr
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
ghcr.io/borgmatic-collective/borgmatic
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=raw,value=latest-msmtp,enable={{is_default_branch}}
|
||||
|
||||
- name: Prepare NTFY Build Metadata | DockerHub
|
||||
id: meta_ntfy_dockerhub
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
${{ secrets.DOCKER_USERNAME }}/borgmatic
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=raw,value=latest-ntfy,enable={{is_default_branch}}
|
||||
|
||||
- name: Prepare NTFY Build Metadata | GHCR
|
||||
id: meta_ntfy_ghcr
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
ghcr.io/borgmatic-collective/borgmatic
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=raw,value=latest-ntfy,enable={{is_default_branch}}
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@master
|
||||
with:
|
||||
|
@ -103,34 +63,10 @@ jobs:
|
|||
uses: docker/build-push-action@v4
|
||||
with:
|
||||
builder: ${{ steps.buildx.outputs.name }}
|
||||
context: ./base
|
||||
file: ./base/Dockerfile
|
||||
context: ./
|
||||
file: ./Dockerfile
|
||||
platforms: linux/amd64,linux/arm64
|
||||
push: true
|
||||
tags: |
|
||||
${{ steps.meta_base_dockerhub.outputs.tags }}
|
||||
${{ steps.meta_base_ghcr.outputs.tags }}
|
||||
|
||||
- name: Build msmtp
|
||||
uses: docker/build-push-action@v4
|
||||
with:
|
||||
builder: ${{ steps.buildx.outputs.name }}
|
||||
context: ./msmtp
|
||||
file: ./msmtp/Dockerfile
|
||||
platforms: linux/amd64,linux/arm64
|
||||
push: true
|
||||
tags: |
|
||||
${{ steps.meta_msmtp_dockerhub.outputs.tags }}
|
||||
${{ steps.meta_msmtp_ghcr.outputs.tags }}
|
||||
|
||||
- name: Build ntfy
|
||||
uses: docker/build-push-action@v4
|
||||
with:
|
||||
builder: ${{ steps.buildx.outputs.name }}
|
||||
context: ./ntfy
|
||||
file: ./ntfy/Dockerfile
|
||||
platforms: linux/amd64,linux/arm64
|
||||
push: true
|
||||
tags: |
|
||||
${{ steps.meta_ntfy_dockerhub.outputs.tags }}
|
||||
${{ steps.meta_ntfy_ghcr.outputs.tags }}
|
||||
|
|
|
@ -39,70 +39,6 @@ jobs:
|
|||
type=semver,pattern={{version}}
|
||||
type=semver,pattern={{major}}.{{minor}}
|
||||
|
||||
- name: Prepare MSMTP Build Metadata | DockerHub
|
||||
id: meta_msmtp_dockerhub
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
${{ secrets.DOCKER_USERNAME }}/borgmatic
|
||||
flavor: |
|
||||
latest=false
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=ref,event=pr
|
||||
type=semver,pattern=msmtp-{{version}}
|
||||
type=semver,pattern=msmtp-{{major}}.{{minor}}
|
||||
# set latest tag for default branch
|
||||
type=raw,value=latest-msmtp,enable=true
|
||||
|
||||
- name: Prepare MSMTP Build Metadata | GHCR
|
||||
id: meta_msmtp_ghcr
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
ghcr.io/borgmatic-collective/borgmatic
|
||||
flavor: |
|
||||
latest=false
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=ref,event=pr
|
||||
type=semver,pattern=msmtp-{{version}}
|
||||
type=semver,pattern=msmtp-{{major}}.{{minor}}
|
||||
# set latest tag for default branch
|
||||
type=raw,value=latest-msmtp,enable=true
|
||||
|
||||
- name: Prepare NTFY Build Metadata | DockerHub
|
||||
id: meta_ntfy_dockerhub
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
${{ secrets.DOCKER_USERNAME }}/borgmatic
|
||||
flavor: |
|
||||
latest=false
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=ref,event=pr
|
||||
type=semver,pattern=ntfy-{{version}}
|
||||
type=semver,pattern=ntfy-{{major}}.{{minor}}
|
||||
# set latest tag for default branch
|
||||
type=raw,value=latest-ntfy,enable=true
|
||||
|
||||
- name: Prepare NTFY Build Metadata | GHCR
|
||||
id: meta_ntfy_ghcr
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
ghcr.io/borgmatic-collective/borgmatic
|
||||
flavor: |
|
||||
latest=false
|
||||
tags: |
|
||||
type=ref,event=branch
|
||||
type=ref,event=pr
|
||||
type=semver,pattern=ntfy-{{version}}
|
||||
type=semver,pattern=ntfy-{{major}}.{{minor}}
|
||||
# set latest tag for default branch
|
||||
type=raw,value=latest-ntfy,enable=true
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@master
|
||||
with:
|
||||
|
@ -131,34 +67,10 @@ jobs:
|
|||
uses: docker/build-push-action@v4
|
||||
with:
|
||||
builder: ${{ steps.buildx.outputs.name }}
|
||||
context: ./base
|
||||
file: ./base/Dockerfile
|
||||
context: ./
|
||||
file: ./Dockerfile
|
||||
platforms: linux/amd64,linux/arm64
|
||||
push: true
|
||||
tags: |
|
||||
${{ steps.meta_base_dockerhub.outputs.tags }}
|
||||
${{ steps.meta_base_ghcr.outputs.tags }}
|
||||
|
||||
- name: Build msmtp
|
||||
uses: docker/build-push-action@v4
|
||||
with:
|
||||
builder: ${{ steps.buildx.outputs.name }}
|
||||
context: ./msmtp
|
||||
file: ./msmtp/Dockerfile
|
||||
platforms: linux/amd64,linux/arm64
|
||||
push: true
|
||||
tags: |
|
||||
${{ steps.meta_msmtp_dockerhub.outputs.tags }}
|
||||
${{ steps.meta_msmtp_ghcr.outputs.tags }}
|
||||
|
||||
- name: Build ntfy
|
||||
uses: docker/build-push-action@v4
|
||||
with:
|
||||
builder: ${{ steps.buildx.outputs.name }}
|
||||
context: ./ntfy
|
||||
file: ./ntfy/Dockerfile
|
||||
platforms: linux/amd64,linux/arm64
|
||||
push: true
|
||||
tags: |
|
||||
${{ steps.meta_ntfy_dockerhub.outputs.tags }}
|
||||
${{ steps.meta_ntfy_ghcr.outputs.tags }}
|
||||
|
|
141
README.md
141
README.md
|
@ -10,17 +10,146 @@
|
|||
### Description
|
||||
|
||||
A little container I wrote to automate my [Borgbackup](https://github.com/borgbackup)'s using the excellent [Borgmatic](https://github.com/witten/borgmatic).
|
||||
|
||||
This image comes in the three flavours:
|
||||
1. [base](./base/) (vanilla), with docker log
|
||||
2. [msmtp](./msmtp/), with e-mail notifications
|
||||
3. [ntfy](./ntfy/), with push notifications
|
||||
It uses cron to run the backups at a time you can configure in `data/borgmatic.d/crontab.txt`.
|
||||
|
||||
> **Warning**
|
||||
> As of 2022-01-29 this image has switched to use [Supercronic](https://github.com/aptible/supercronic) instead of cron from alpine
|
||||
|
||||
### Usage
|
||||
General instructions can be found in the base image [README](./base/).
|
||||
|
||||
To set your backup timing and configuration, you will need to create
|
||||
[crontab.txt](data/borgmatic.d/crontab.txt) and your borgmatic
|
||||
[config.yaml](data/borgmatic.d/config.yaml) and mount these files into the `/etc/borgmatic.d/`
|
||||
directory. When the container starts it creates the crontab from `crontab.txt` and starts crond. By
|
||||
cloning this repo in `/opt/docker/`, you will have a working setup to get started.
|
||||
|
||||
If using remote repositories mount your .ssh to /root/.ssh within the container.
|
||||
|
||||
#### Starting and stopping containers from hooks
|
||||
|
||||
In case you are using the container to backup docker volumes used by other containers, you might
|
||||
want to make sure that the data is consistent and doesn't change while the backup is running. The
|
||||
easiest way to ensure this is to stop the affected containers before the backup and restart them
|
||||
afterwards. You can use the appropriate [borgmatic
|
||||
hooks](https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/) and
|
||||
[control the docker engine through the API](https://docs.docker.com/engine/api/) using the hosts
|
||||
docker socket.
|
||||
|
||||
Please note that you might want to prefer the `*_everything` hooks to the `*_backup` hooks, as
|
||||
`after_backup` will not run if the backup fails for any reason (missing disk space, etc.) and
|
||||
therefore the containers stay stopped.
|
||||
|
||||
First mount the docker socket from the host by adding `-v /var/run/docker.sock:/var/run/docker.sock`
|
||||
to your `run` command or in the volume list of your `docker-compose.yml`.
|
||||
|
||||
Then use the following example to create the start/stop hooks in the `config.yml` for the containers
|
||||
that you want to control.
|
||||
|
||||
```yaml
|
||||
hooks:
|
||||
before_everything:
|
||||
- echo "Stopping containers..."
|
||||
- 'echo -ne "POST /v1.41/containers/<container1-name>/stop HTTP/1.1\r\nHost: localhost\r\n\r\n" | nc local:/var/run/docker.sock 80 > /dev/null && echo "Stopped Container 1" || echo "Failed to stop Container 1"'
|
||||
- 'echo -ne "POST /v1.41/containers/<container2-name>/stop HTTP/1.1\r\nHost: localhost\r\n\r\n" | nc local:/var/run/docker.sock 80 > /dev/null && echo "Stopped Container 2" || echo "Failed to stop Container 2"'
|
||||
- echo "Containers stopped."
|
||||
- echo "Starting a backup."
|
||||
|
||||
after_everything:
|
||||
- echo "Finished a backup."
|
||||
- echo "Restarting containers..."
|
||||
- 'echo -ne "POST /v1.41/containers/<container1-name>/start HTTP/1.1\r\nHost: localhost\r\n\r\n" | nc local:/var/run/docker.sock 80 > /dev/null && echo "Started Container 1" || echo "Failed to start Container 1"'
|
||||
- 'echo -ne "POST /v1.41/containers/<container2-name>/start HTTP/1.1\r\nHost: localhost\r\n\r\n" | nc local:/var/run/docker.sock 80 > /dev/null && echo "Started Container 2" || echo "Failed to start Container 2"'
|
||||
- echo "Containers restarted."
|
||||
```
|
||||
|
||||
### Example run command
|
||||
```
|
||||
docker run \
|
||||
--detach --name borgmatic \
|
||||
-v /home:/mnt/source:ro \
|
||||
-v /opt/docker/docker-borgmatic/data/repository:/mnt/borg-repository \
|
||||
-v /opt/docker/docker-borgmatic/data/borgmatic.d:/etc/borgmatic.d/ \
|
||||
-v /opt/docker/docker-borgmatic/data/.config/borg:/root/.config/borg \
|
||||
-v /opt/docker/docker-borgmatic/data/.ssh:/root/.ssh \
|
||||
-v /opt/docker/docker-borgmatic/data/.cache/borg:/root/.cache/borg \
|
||||
-e TZ=Europe/Berlin \
|
||||
ghcr.io/borgmatic-collective/borgmatic
|
||||
```
|
||||
While the parameters above are sufficient for regular backups, following additional privileges will
|
||||
be needed to mount an archive as FUSE filesystem:
|
||||
```
|
||||
--cap-add SYS_ADMIN \
|
||||
--device /dev/fuse \
|
||||
--security-opt label:disable \
|
||||
--security-opt apparmor:unconfined
|
||||
```
|
||||
Depending on your security system, `--security-opt` parameters may not be necessary. `label:disable`
|
||||
is needed for *SELinux*, while `apparmor:unconfined` is needed for *AppArmor*.
|
||||
|
||||
To init the repo with encryption, run:
|
||||
```
|
||||
docker exec borgmatic \
|
||||
bash -c "borgmatic --init --encryption repokey-blake2"
|
||||
```
|
||||
|
||||
### Layout
|
||||
#### /mnt/source
|
||||
Your data you wish to backup. For *some* safety you may want to mount read-only. Borgmatic is
|
||||
running as root so all files can be backed up.
|
||||
#### /mnt/borg-repository
|
||||
Mount your borg backup repository here.
|
||||
#### /etc/borgmatic.d
|
||||
Where you need to create crontab.txt and your borgmatic config.yml
|
||||
- To generate an example borgmatic configuration, run:
|
||||
```
|
||||
docker exec borgmatic \
|
||||
bash -c "cd && generate-borgmatic-config -d /etc/borgmatic.d/config.yaml"
|
||||
```
|
||||
- crontab.txt example: In this file set the time you wish for your backups to take place default is
|
||||
1am every day. In here you can add any other tasks you want ran
|
||||
```
|
||||
0 1 * * * PATH=$PATH:/usr/bin /usr/bin/borgmatic --stats -v 0 2>&1
|
||||
```
|
||||
#### /root/.borgmatic
|
||||
**Note** this is now redundant and has been deprecated, please remove this from your configs
|
||||
#### /root/.config/borg
|
||||
Here the borg config and keys for keyfile encryption modes are stored. Make sure to backup your
|
||||
keyfiles! Also needed when encryption is set to none.
|
||||
#### /root/.ssh
|
||||
Mount either your own .ssh here or create a new one with ssh keys in for your remote repo locations.
|
||||
#### /root/.cache/borg
|
||||
A non-volatile place to store the borg chunk cache.
|
||||
|
||||
### Environment
|
||||
- Time zone, e.g. `TZ="Europe/Berlin"'`.
|
||||
- SSH parameters, e.g. `BORG_RSH="ssh -i /root/.ssh/id_ed25519 -p 50221"`
|
||||
- BORG_RSH="ssh -i /root/.ssh/id_ed25519 -p 50221"
|
||||
- Repository passphrase, e.g. `BORG_PASSPHRASE="DonNotMissToChangeYourPassphrase"`
|
||||
|
||||
### Docker Compose
|
||||
- Prepare your configuration
|
||||
1. `cp .env.template .env`
|
||||
2. Set your environment and adapt volumes as needed
|
||||
- To start the container for backup: `docker-compose up -d`
|
||||
- For backup restore:
|
||||
1. Stop the backup container: `docker-compose down`
|
||||
2. Run an interactive shell: `docker-compose -f docker-compose.yml -f docker-compose.restore.yml
|
||||
run borgmatic`
|
||||
3. Fuse-mount the backup: `borg mount /mnt/borg-repository <mount_point>`
|
||||
4. Restore your files
|
||||
5. Finally unmount and exit: `borg umount <mount_point> && exit`.
|
||||
- In case Borg fails to create/acquire a lock: `borg break-lock /mnt/repository`
|
||||
|
||||
### Example interactive command
|
||||
|
||||
If you ever need to run borgmatic manually, for instance to view or recover files, run:
|
||||
|
||||
```
|
||||
docker exec -it borgmatic bash
|
||||
```
|
||||
|
||||
Then you can run `borgmatic` directly within that shell.
|
||||
|
||||
|
||||
### Additional Reading
|
||||
[Backup Docker using Borgmatic](https://www.modem7.com/books/docker-backup/page/backup-docker-using-borgmatic) - Thank you [@modem7](https://github.com/modem7)
|
||||
|
|
148
base/README.md
148
base/README.md
|
@ -1,148 +0,0 @@
|
|||
# Borgmatic Container
|
||||
<img src="https://github.com/witten/borgmatic/raw/master/docs/static/borgmatic.png" />
|
||||
|
||||
[![](https://images.microbadger.com/badges/image/borgmatic-collective/borgmatic.svg)](https://microbadger.com/images/borgmatic-collective/borgmatic
|
||||
"Get your own image badge on microbadger.com") <img
|
||||
src="https://img.shields.io/docker/pulls/borgmatic-collective/borgmatic.svg" />
|
||||
|
||||
### Description
|
||||
|
||||
A little container I wrote to automate my [Borgbackup](https://github.com/borgbackup)'s using the
|
||||
excellent [Borgmatic](https://github.com/witten/borgmatic).
|
||||
|
||||
It uses cron to run the backups at a time you can configure in `data/borgmatic.d/crontab.txt`.
|
||||
|
||||
### Usage
|
||||
|
||||
To set your backup timing and configuration, you will need to create
|
||||
[crontab.txt](data/borgmatic.d/crontab.txt) and your borgmatic
|
||||
[config.yaml](data/borgmatic.d/config.yaml) and mount these files into the `/etc/borgmatic.d/`
|
||||
directory. When the container starts it creates the crontab from `crontab.txt` and starts crond. By
|
||||
cloning this repo in `/opt/docker/`, you will have a working setup to get started.
|
||||
|
||||
If using remote repositories mount your .ssh to /root/.ssh within the container.
|
||||
|
||||
#### Starting and stopping containers from hooks
|
||||
|
||||
In case you are using the container to backup docker volumes used by other containers, you might
|
||||
want to make sure that the data is consistent and doesn't change while the backup is running. The
|
||||
easiest way to ensure this is to stop the affected containers before the backup and restart them
|
||||
afterwards. You can use the appropriate [borgmatic
|
||||
hooks](https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/) and
|
||||
[control the docker engine through the API](https://docs.docker.com/engine/api/) using the hosts
|
||||
docker socket.
|
||||
|
||||
Please note that you might want to prefer the `*_everything` hooks to the `*_backup` hooks, as
|
||||
`after_backup` will not run if the backup fails for any reason (missing disk space, etc.) and
|
||||
therefore the containers stay stopped.
|
||||
|
||||
First mount the docker socket from the host by adding `-v /var/run/docker.sock:/var/run/docker.sock`
|
||||
to your `run` command or in the volume list of your `docker-compose.yml`.
|
||||
|
||||
Then use the following example to create the start/stop hooks in the `config.yml` for the containers
|
||||
that you want to control.
|
||||
|
||||
```yaml
|
||||
hooks:
|
||||
before_everything:
|
||||
- echo "Stopping containers..."
|
||||
- 'echo -ne "POST /v1.41/containers/<container1-name>/stop HTTP/1.1\r\nHost: localhost\r\n\r\n" | nc local:/var/run/docker.sock 80 > /dev/null && echo "Stopped Container 1" || echo "Failed to stop Container 1"'
|
||||
- 'echo -ne "POST /v1.41/containers/<container2-name>/stop HTTP/1.1\r\nHost: localhost\r\n\r\n" | nc local:/var/run/docker.sock 80 > /dev/null && echo "Stopped Container 2" || echo "Failed to stop Container 2"'
|
||||
- echo "Containers stopped."
|
||||
- echo "Starting a backup."
|
||||
|
||||
after_everything:
|
||||
- echo "Finished a backup."
|
||||
- echo "Restarting containers..."
|
||||
- 'echo -ne "POST /v1.41/containers/<container1-name>/start HTTP/1.1\r\nHost: localhost\r\n\r\n" | nc local:/var/run/docker.sock 80 > /dev/null && echo "Started Container 1" || echo "Failed to start Container 1"'
|
||||
- 'echo -ne "POST /v1.41/containers/<container2-name>/start HTTP/1.1\r\nHost: localhost\r\n\r\n" | nc local:/var/run/docker.sock 80 > /dev/null && echo "Started Container 2" || echo "Failed to start Container 2"'
|
||||
- echo "Containers restarted."
|
||||
```
|
||||
|
||||
### Example run command
|
||||
```
|
||||
docker run \
|
||||
--detach --name borgmatic \
|
||||
-v /home:/mnt/source:ro \
|
||||
-v /opt/docker/docker-borgmatic/data/repository:/mnt/borg-repository \
|
||||
-v /opt/docker/docker-borgmatic/data/borgmatic.d:/etc/borgmatic.d/ \
|
||||
-v /opt/docker/docker-borgmatic/data/.config/borg:/root/.config/borg \
|
||||
-v /opt/docker/docker-borgmatic/data/.ssh:/root/.ssh \
|
||||
-v /opt/docker/docker-borgmatic/data/.cache/borg:/root/.cache/borg \
|
||||
-e TZ=Europe/Berlin \
|
||||
ghcr.io/borgmatic-collective/borgmatic
|
||||
```
|
||||
While the parameters above are sufficient for regular backups, following additional privileges will
|
||||
be needed to mount an archive as FUSE filesystem:
|
||||
```
|
||||
--cap-add SYS_ADMIN \
|
||||
--device /dev/fuse \
|
||||
--security-opt label:disable \
|
||||
--security-opt apparmor:unconfined
|
||||
```
|
||||
Depending on your security system, `--security-opt` parameters may not be necessary. `label:disable`
|
||||
is needed for *SELinux*, while `apparmor:unconfined` is needed for *AppArmor*.
|
||||
|
||||
To init the repo with encryption, run:
|
||||
```
|
||||
docker exec borgmatic \
|
||||
bash -c "borgmatic --init --encryption repokey-blake2"
|
||||
```
|
||||
|
||||
### Layout
|
||||
#### /mnt/source
|
||||
Your data you wish to backup. For *some* safety you may want to mount read-only. Borgmatic is
|
||||
running as root so all files can be backed up.
|
||||
#### /mnt/borg-repository
|
||||
Mount your borg backup repository here.
|
||||
#### /etc/borgmatic.d
|
||||
Where you need to create crontab.txt and your borgmatic config.yml
|
||||
- To generate an example borgmatic configuration, run:
|
||||
```
|
||||
docker exec borgmatic \
|
||||
bash -c "cd && generate-borgmatic-config -d /etc/borgmatic.d/config.yaml"
|
||||
```
|
||||
- crontab.txt example: In this file set the time you wish for your backups to take place default is
|
||||
1am every day. In here you can add any other tasks you want ran
|
||||
```
|
||||
0 1 * * * PATH=$PATH:/usr/bin /usr/bin/borgmatic --stats -v 0 2>&1
|
||||
```
|
||||
#### /root/.borgmatic
|
||||
**Note** this is now redundant and has been deprecated, please remove this from your configs
|
||||
#### /root/.config/borg
|
||||
Here the borg config and keys for keyfile encryption modes are stored. Make sure to backup your
|
||||
keyfiles! Also needed when encryption is set to none.
|
||||
#### /root/.ssh
|
||||
Mount either your own .ssh here or create a new one with ssh keys in for your remote repo locations.
|
||||
#### /root/.cache/borg
|
||||
A non-volatile place to store the borg chunk cache.
|
||||
|
||||
### Environment
|
||||
- Time zone, e.g. `TZ="Europe/Berlin"'`.
|
||||
- SSH parameters, e.g. `BORG_RSH="ssh -i /root/.ssh/id_ed25519 -p 50221"`
|
||||
- BORG_RSH="ssh -i /root/.ssh/id_ed25519 -p 50221"
|
||||
- Repository passphrase, e.g. `BORG_PASSPHRASE="DonNotMissToChangeYourPassphrase"`
|
||||
|
||||
### Docker Compose
|
||||
- Prepare your configuration
|
||||
1. `cp .env.template .env`
|
||||
2. Set your environment and adapt volumes as needed
|
||||
- To start the container for backup: `docker-compose up -d`
|
||||
- For backup restore:
|
||||
1. Stop the backup container: `docker-compose down`
|
||||
2. Run an interactive shell: `docker-compose -f docker-compose.yml -f docker-compose.restore.yml
|
||||
run borgmatic`
|
||||
3. Fuse-mount the backup: `borg mount /mnt/borg-repository <mount_point>`
|
||||
4. Restore your files
|
||||
5. Finally unmount and exit: `borg umount <mount_point> && exit`.
|
||||
- In case Borg fails to create/acquire a lock: `borg break-lock /mnt/repository`
|
||||
|
||||
### Example interactive command
|
||||
|
||||
If you ever need to run borgmatic manually, for instance to view or recover files, run:
|
||||
|
||||
```
|
||||
docker exec -it borgmatic bash
|
||||
```
|
||||
|
||||
Then you can run `borgmatic` directly within that shell.
|
|
@ -1,9 +0,0 @@
|
|||
TZ=Europe/Berlin
|
||||
BORG_PASSPHRASE=ReplaceWithYourSecretPassPhrase
|
||||
VOLUME_SOURCE=/home
|
||||
VOLUME_TARGET=./data/repository
|
||||
VOLUME_ETC_BORGMATIC=./data/borgmatic.d
|
||||
VOLUME_DOT_BORGMATIC=./data/.borgmatic
|
||||
VOLUME_BORG_CONFIG=./data/.config/borg
|
||||
VOLUME_SSH=./data/.ssh
|
||||
VOLUME_BORG_CACHE=./data/.cache/borg
|
|
@ -1,6 +0,0 @@
|
|||
data/.cache/
|
||||
data/.config/
|
||||
data/.ssh/
|
||||
data/repository/
|
||||
msmtp.env
|
||||
.env
|
|
@ -1,12 +0,0 @@
|
|||
FROM ghcr.io/borgmatic-collective/borgmatic:latest
|
||||
LABEL mainainer='b3vis'
|
||||
COPY entry.sh /entry.sh
|
||||
COPY data/scripts /scripts
|
||||
RUN chmod +x /scripts/*
|
||||
COPY data/borgmatic.d /etc/borgmatic.d
|
||||
RUN apk upgrade --no-cache \
|
||||
&& apk add --no-cache \
|
||||
msmtp \
|
||||
&& ln -sf /usr/bin/msmtp /usr/sbin/sendmail \
|
||||
&& rm -rf /var/cache/apk/* \
|
||||
&& chmod 755 /entry.sh
|
|
@ -1,39 +0,0 @@
|
|||
# E-Mail notifications for docker-borgmatic
|
||||
|
||||
### Description
|
||||
|
||||
This image adds e-mail notifications with [msmtp](https://marlam.de/msmtp/) to
|
||||
the docker-borgmatic container.
|
||||
|
||||
### Usage
|
||||
|
||||
For general usage instructions see the [README](../base/README.md) of the base
|
||||
image.
|
||||
|
||||
To setup e-mail notifications follow these steps:
|
||||
|
||||
* Add your mail relay details to the [`msmtp.env`](data/borgmatic.d/msmtp.env.template) and place it in the borgmatic.d directory. See
|
||||
the list of environment variables below.
|
||||
* Restart the container to apply the changes.
|
||||
|
||||
For those who update the image from `v1.1.17-1.5.23` or below, you might want to
|
||||
migrate to the new e-mail notification script that provides you proper subject
|
||||
lines and adds further possibilities to use the environment for configuration:
|
||||
|
||||
* Remove the `MAILTO` from your `crontab.txt`.
|
||||
* Edit your `crontab.txt` to match the [upstream file](data/borgmatic.d/crontab.txt).
|
||||
* Extend the environment in [`msmtp.env`](data/borgmatic.d/msmtp.env.template) to contain `MAIL_TO` and `MAIL_SUBJECT`.
|
||||
|
||||
### Environment
|
||||
|
||||
Set your mail configuration in [`msmtp.env`](data/borgmatic.d/msmtp.env.template):
|
||||
|
||||
| Key | Description |
|
||||
| ------------------ | -------------------------- |
|
||||
| `MAIL_RELAY_HOST` | IP or hostname of the mail relay (SMTP server) |
|
||||
| `MAIL_PORT` | SMTP port of the mail relay |
|
||||
| `MAIL_USER` | Username for SMTP login |
|
||||
| `MAIL_PASSWORD` | Password for SMTP login |
|
||||
| `MAIL_FROM` | From address for e-mail notifications |
|
||||
| `MAIL_TO` | Recipients for e-mail notifications |
|
||||
| `MAIL_SUBJECT` | Subject line for e-mail notifications |
|
|
@ -1,35 +0,0 @@
|
|||
location:
|
||||
source_directories:
|
||||
- /mnt/source
|
||||
repositories:
|
||||
- /mnt/borg-repository
|
||||
one_file_system: true
|
||||
|
||||
storage:
|
||||
# Passphase is set in varibable $BORG_PASSPHRASE
|
||||
# encryption_passphrase: "DonNotMissToChangeYourPassphrase"
|
||||
compression: lz4
|
||||
archive_name_format: 'backup-{now}'
|
||||
|
||||
retention:
|
||||
keep_hourly: 2
|
||||
keep_daily: 7
|
||||
keep_weekly: 4
|
||||
keep_monthly: 12
|
||||
keep_yearly: 10
|
||||
prefix: 'backup-'
|
||||
|
||||
consistency:
|
||||
checks:
|
||||
- repository
|
||||
- archives
|
||||
check_last: 3
|
||||
prefix: 'backup-'
|
||||
|
||||
hooks:
|
||||
before_backup:
|
||||
- echo "Starting a backup job."
|
||||
after_backup:
|
||||
- echo "Backup created."
|
||||
on_error:
|
||||
- echo "Error while creating a backup."
|
|
@ -1,4 +0,0 @@
|
|||
# Set MAILTO, to send crontab output to mail (Instead of docker logs)
|
||||
# Comma separate multiple addresses, do not use spaces or quotes
|
||||
|
||||
0 1 * * * /scripts/run.sh 2>&1
|
|
@ -1,19 +0,0 @@
|
|||
# Mail - example values
|
||||
|
||||
MAIL_RELAY_HOST=mail.example.com
|
||||
MAIL_PORT=587
|
||||
|
||||
# smtp auth method: on,off,login...
|
||||
MAIL_AUTH_METHOD=login
|
||||
|
||||
# set tls on, off
|
||||
MAIL_TLS=on
|
||||
|
||||
# set starttls on, of
|
||||
MAIL_STARTTLS=on
|
||||
|
||||
MAIL_USER=backup-user
|
||||
MAIL_FROM=backup-user@example.com
|
||||
MAIL_TO=recipient@example.com
|
||||
MAIL_SUBJECT=Borgmatic Backup
|
||||
MAIL_PASSWORD=s3cret
|
|
@ -1,11 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
source /etc/borgmatic.d/msmtp.env
|
||||
|
||||
cat >/etc/mailenv << EOF
|
||||
# THIS FILE GETS RECREATED AUTOMATICALLY ON CONTAINER STARTUP
|
||||
BACKUP_COMMAND="/usr/local/bin/borgmatic --stats"
|
||||
MAILTO="${MAIL_TO}"
|
||||
MAILSUBJECT="${MAIL_SUBJECT}"
|
||||
|
||||
EOF
|
|
@ -1,22 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
source /etc/borgmatic.d/msmtp.env
|
||||
|
||||
cat >/etc/msmtprc << EOF
|
||||
# THIS FILE GETS RECREATED AUTOMATICALLY ON CONTAINER STARTUP
|
||||
# Set default values for all following accounts.
|
||||
defaults
|
||||
auth ${MAIL_AUTH_METHOD}
|
||||
tls ${MAIL_TLS}
|
||||
tls_starttls ${MAIL_STARTTLS}
|
||||
tls_trust_file /etc/ssl/certs/ca-certificates.crt
|
||||
logfile /var/log/sendmail.log
|
||||
|
||||
account default
|
||||
host ${MAIL_RELAY_HOST}
|
||||
port ${MAIL_PORT}
|
||||
from ${MAIL_FROM}
|
||||
user ${MAIL_USER}
|
||||
password ${MAIL_PASSWORD}
|
||||
|
||||
EOF
|
|
@ -1,20 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
source /etc/mailenv
|
||||
LOGFILE="/tmp/backup_run_$(date +%s).log"
|
||||
|
||||
set -o pipefail
|
||||
$BACKUP_COMMAND 2>&1 | tee $LOGFILE
|
||||
|
||||
if [ $? -eq "0" ]; then
|
||||
SUBJECT_PREFIX="=?utf-8?Q? =E2=9C=85 SUCCESS?="
|
||||
else
|
||||
SUBJECT_PREFIX="=?utf-8?Q? =E2=9D=8C FAILED?="
|
||||
fi
|
||||
|
||||
if [ -n "$MAILTO" ]; then
|
||||
echo -e "Subject: $SUBJECT_PREFIX: $MAILSUBJECT\n\n$(cat $LOGFILE)\n" |
|
||||
sendmail -t $MAILTO
|
||||
fi
|
||||
|
||||
rm $LOGFILE
|
|
@ -1,16 +0,0 @@
|
|||
version: '3'
|
||||
services:
|
||||
borgmatic:
|
||||
image: ghcr.io/borgmatic-collective/borgmatic:msmtp
|
||||
container_name: borgmatic
|
||||
volumes:
|
||||
- ${VOLUME_SOURCE}:/mnt/source:ro # backup source
|
||||
- ${VOLUME_TARGET}:/mnt/borg-repository # backup target
|
||||
- ${VOLUME_ETC_BORGMATIC}:/etc/borgmatic.d/ # borgmatic config file(s) + crontab.txt
|
||||
- ${VOLUME_BORGMATIC_STATE}:/root/.borgmatic # borgmatic state files
|
||||
- ${VOLUME_BORG_CONFIG}:/root/.config/borg # config and keyfiles
|
||||
- ${VOLUME_SSH}:/root/.ssh # ssh key for remote repositories
|
||||
- ${VOLUME_BORG_CACHE}:/root/.cache/borg # checksums used for deduplication
|
||||
environment:
|
||||
- TZ=${TZ}
|
||||
- BORG_PASSPHRASE=${BORG_PASSPHRASE}
|
|
@ -1,8 +0,0 @@
|
|||
#!/bin/sh
|
||||
/bin/sh /scripts/msmtprc.sh
|
||||
/bin/sh /scripts/env.sh
|
||||
|
||||
# Import your cron file
|
||||
/usr/bin/crontab /etc/borgmatic.d/crontab.txt
|
||||
# Start cron
|
||||
/usr/sbin/crond -f -L /dev/stdout
|
|
@ -1,9 +0,0 @@
|
|||
TZ=Europe/Berlin
|
||||
BORG_PASSPHRASE=ReplaceWithYourSecretPassPhrase
|
||||
VOLUME_SOURCE=/home
|
||||
VOLUME_TARGET=./data/repository
|
||||
VOLUME_ETC_BORGMATIC=./data/borgmatic.d
|
||||
VOLUME_DOT_BORGMATIC=./data/.borgmatic
|
||||
VOLUME_BORG_CONFIG=./data/.config/borg
|
||||
VOLUME_SSH=./data/.ssh
|
||||
VOLUME_BORG_CACHE=./data/.cache/borg
|
|
@ -1,5 +0,0 @@
|
|||
data/.cache/
|
||||
data/.config/
|
||||
data/.ssh/
|
||||
data/repository/
|
||||
.env
|
|
@ -1,17 +0,0 @@
|
|||
FROM alpine:3.15 as builder
|
||||
LABEL mainainer='b3vis'
|
||||
RUN apk upgrade --no-cache \
|
||||
&& apk add --no-cache \
|
||||
alpine-sdk \
|
||||
python3-dev \
|
||||
py3-pip \
|
||||
openssl-dev \
|
||||
libffi-dev \
|
||||
&& pip3 install --upgrade pip \
|
||||
&& pip3 install --upgrade ntfy[pid,emoji,xmpp,telegram,instapush,slack,rocketchat]
|
||||
|
||||
FROM ghcr.io/borgmatic-collective/borgmatic:latest
|
||||
LABEL mainainer='b3vis'
|
||||
VOLUME /root/.config/ntfy
|
||||
COPY --from=builder /usr/lib/python3.9/site-packages /usr/lib/python3.9/
|
||||
COPY --from=builder /usr/bin/ntfy /usr/bin/
|
|
@ -1,29 +0,0 @@
|
|||
# ntfy notification for Borgmatic Container
|
||||
|
||||
### Description
|
||||
|
||||
This image adds mail notification with [ntfy](https://github.com/dschep/ntfy) to the docker-bormatic.
|
||||
|
||||
### Usage
|
||||
|
||||
For general usage instuctions see the [README](../base/README.md) of the base image.
|
||||
|
||||
|
||||
### Layout
|
||||
#### /root/.config/ntfy
|
||||
Where you can map your own `ntfy.yml` config to have Borgmatic send notifications
|
||||
|
||||
|
||||
### ntfy
|
||||
Mount your own `ntfy.yml` to `/root/.config/ntfy/ntfy.yml` to set your backends for ntfy. Alternatively you can interactively send notifications via a command with API keys in line. I've opted to just map my own `ntfy.yml`
|
||||
|
||||
#### Example for your borgmatic config.yml
|
||||
```
|
||||
hooks:
|
||||
before_backup:
|
||||
- 'ntfy -b pushover -t Borgmatic send "Borgmatic: Backup Starting"'
|
||||
after_backup:
|
||||
- 'ntfy -b pushover -t Borgmatic send "Borgmatic: Backup Finished"'
|
||||
on_error:
|
||||
- 'ntfy -b pushover -t Borgmatic send "Borgmatic: Backup Error!"'
|
||||
```
|
|
@ -1,35 +0,0 @@
|
|||
location:
|
||||
source_directories:
|
||||
- /mnt/source
|
||||
repositories:
|
||||
- /mnt/borg-repository
|
||||
one_file_system: true
|
||||
|
||||
storage:
|
||||
# Passphase is set in varibable $BORG_PASSPHRASE
|
||||
# encryption_passphrase: "DonNotMissToChangeYourPassphrase"
|
||||
compression: lz4
|
||||
archive_name_format: 'backup-{now}'
|
||||
|
||||
retention:
|
||||
keep_hourly: 2
|
||||
keep_daily: 7
|
||||
keep_weekly: 4
|
||||
keep_monthly: 12
|
||||
keep_yearly: 10
|
||||
prefix: 'backup-'
|
||||
|
||||
consistency:
|
||||
checks:
|
||||
- repository
|
||||
- archives
|
||||
check_last: 3
|
||||
prefix: 'backup-'
|
||||
|
||||
hooks:
|
||||
before_backup:
|
||||
- echo "Starting a backup job."
|
||||
after_backup:
|
||||
- echo "Backup created."
|
||||
on_error:
|
||||
- echo "Error while creating a backup."
|
|
@ -1 +0,0 @@
|
|||
0 1 * * * PATH=$PATH:/usr/bin /usr/bin/borgmatic --stats -v 0 2>&1
|
|
@ -1,17 +0,0 @@
|
|||
version: '3'
|
||||
services:
|
||||
borgmatic:
|
||||
image: ghcr.io/borgmatic-collective/borgmatic:ntfy
|
||||
container_name: borgmatic
|
||||
volumes:
|
||||
- ${VOLUME_SOURCE}:/mnt/source:ro # backup source
|
||||
- ${VOLUME_TARGET}:/mnt/borg-repository # backup target
|
||||
- ${VOLUME_ETC_BORGMATIC}:/etc/borgmatic.d/ # borgmatic config file(s) + crontab.txt
|
||||
- ${VOLUME_BORGMATIC_STATE}:/root/.borgmatic # borgmatic state files
|
||||
- ${VOLUME_BORG_CONFIG}:/root/.config/borg # config and keyfiles
|
||||
- ${VOLUME_SSH}:/root/.ssh # ssh key for remote repositories
|
||||
- ${VOLUME_BORG_CACHE}:/root/.cache/borg # checksums used for deduplication
|
||||
- ${VOLUME_NTFY}:/root/.config/ntfy # ntfy configuration: https://github.com/dschep/ntfy#configuring-ntfy
|
||||
environment:
|
||||
- TZ=${TZ}
|
||||
- BORG_PASSPHRASE=${BORG_PASSPHRASE}
|
|
@ -1,5 +0,0 @@
|
|||
#!/bin/sh
|
||||
# Import your cron file
|
||||
/usr/bin/crontab /etc/borgmatic.d/crontab.txt
|
||||
# Start cron
|
||||
/usr/sbin/crond -f -L /dev/stdout
|
Ładowanie…
Reference in New Issue