refactored container image and gitea workflows

.gitea/workflows/ docker-image.deploy.beta.yml

@@ -0,0 +1,33 @@
+on:
+  push:
+    branches: [ feature/* ]
+    paths:
+      - "docker/**"
+      - ".gitea/**"
+  schedule:
+  - cron: "0 02 * * *"   
+jobs:
+ 
+  build-docker-image:
+    runs-on: ubuntu-latest
+ 
+    steps:
+ 
+      - name: Checkout code
+        uses: actions/checkout@v2
+   
+      - name: Log in to git.limbosolutions.com docker registry
+        uses: docker/login-action@v3
+        with:
+          registry: git.limbosolutions.com
+          username: ${{ secrets.GITLIMBO_DOCKER_REGISTRY_USERNAME }}
+          password: ${{ secrets.GITLIMBO_DOCKER_REGISTRY_PASSWORD }}
+
+      - name: Build and push Docker images
+        id: push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file:  ${{gitea.workspace}}/docker/Dockerfile
+          push: true
+          tags: git.limbosolutions.com/kb/borg-backup:alpha

.gitea/workflows/ docker-image.deploy.prod.yml

@@ -1,5 +1,6 @@
 on: 
   push:
+    branches: [ main ]
     paths:
       - "docker/**"
       - ".gitea/**"

.gitignore

@@ -1 +1,2 @@
 **.local.**
+.env

README.md

@@ -2,17 +2,20 @@
 
 <https://www.borgbackup.org/>
 
+- [container image](#container-image)
+  - [environment variables](#environment-variables)
+  - [borg repo init](#borg-repo-init)
+  - [creating a backup](#creating-a-backup)
+  - [using a bash script](#using-a-bash-script)
+  - [dev](#dev)
+
 ## container image
 
-## environment variables
+### environment variables
 
 <https://borgbackup.readthedocs.io/en/stable/usage/general.html#environment-variables>
 
-``` bash
+### borg repo init
-docker run git.limbosolutions.com/kb/borg-backup:latest
-```
-
-## repo init
 
 ```bash
 services:
@@ -20,28 +23,39 @@ services:
     image: git.limbosolutions.com/kb/borg-backup:latest
     restart: no
     tty: true
+    entrypoint: [ "bash", "-c", "loadenv && /init-repo"]
     environment:
       - BORG_REPO: ssh://user@server/home/user/borg-repo
       - BORG_RSH: "-o StrictHostKeyChecking=no -o LogLevel=ERROR"
     configs:
       - source: id_ed25519 # required for ssh client
         target: /home/borg/.ssh/id_ed25519     
+      - source: borg_init_repo_sh
+        target: /init-repo
 
 configs:
-  create.sh:
+  borg_init_repo_sh:
-  content:
+    # Example, execute
-    while true; do
+    # borg init --encryption=keyfile-blake2 $BORG_REPO
-    sleep 5
+    # don't forget to copy key file content on borg folder (/root/.borg/keys/*) and BORG_PASSPHRASE used during initialization
-   done
+    content:
-   # execute for example
+      while true; do
-   #borg init --encryption=keyfile-blake2 $BORG_REPO
+      sleep 5
-   # dont forget to copy key file content on borg folder (/root/.borg/keys/*) and BORG_PASSPHRASE
+    done
-   
+
+  id_ed25519:
+      content: |
+        -----BEGIN OPENSSH PRIVATE KEY-----
+            **************
+            **************
+        -----END OPENSSH PRIVATE KEY-----   
+  ```
+
+``` bash
+docker run git.limbosolutions.com/kb/borg-backup:latest
 ```
 
-### docker compose
+### creating a backup
-
-Example of simple usage for creating a backup
 
 ```yaml
 services:
@@ -54,16 +68,17 @@ services:
       - ./home/user:/mnt/user  # Mount local folder to container
 
     environment:
-      - BORG_REPO=?????
+      - BORG_REPO: "?????"
       - BORG_RSH: "-o StrictHostKeyChecking=no -o LogLevel=ERROR"
-      - BORG_PASSPHRASE=????
+      - BORG_PASSPHRASE: "????"
 
     configs:
       - source: id_ed25519 # required for ssh client
-        target: /home/borg/.ssh/id_ed25519     
+        mode: 0400
+        target: /root/.ssh/id_ed25519     
       - source: borg_key # required for borg client
         target: /app/borg/key
-
+        mode: 0400
         
 configs:
 
@@ -79,26 +94,27 @@ configs:
         BORG_KEY ???????
         ????????????????
         ????????????????
-    
-
 ```
 
-Example using an bash script
+### using a bash script
 
 ```yaml
 services:
    borg-backup:
     restart: no
     image: git.limbosolutions.com/kb/borg-backup:latest
-    entrypoint: ["bash", "backup.sh"]
+    # execute loadenv before you re scripts
+    # so some enviromnent variables are set
+    entrypoint: ["bash", "loadenv & /backup"]
     configs:
       - source: backup_script
-        target: /backup.sh
+        target: /backup
       - source: id_ed25519
         target: /root/.ssh/id_ed25519
         mode: 0400
       - source: borg_key
         target: /app/borg/key
+        mode: 0400
     environment:
       BORG_REPO: ssh://user@server/path
       BORG_RSH: "ssh -o StrictHostKeyChecking=no"
@@ -107,12 +123,15 @@ services:
     
 
     volumes:
-      - /home/mf/repos:/mnt/repos
+      - /home/user/repos:/mnt/repos
 
 configs:
+  # $$ instead of $ so it replaced during runtime and not on docker compose up
+  
   backup_script:
     content: |
-      source loadenv
+
+      #/!bin/bash
       set -e
 
       # while true; do
@@ -161,20 +180,17 @@ configs:
 
 ### dev
 
+For development environment and testing this docker compose files.
+
 ``` bash
+BUILD=""
+
+# uncomment do force build
+#BUILD="--build"
+
 docker compose \
 --project-name borg-backup-dev \
 -f docker-compose.dev.yaml \
 -f docker-compose.dev.local.yaml \
-up 
+up $BUILD
-```
-
-Force Build:
-
-``` bash
-docker compose \
---project-name borg-backup-dev \
--f docker-compose.dev.yaml \
--f docker-compose.dev.local.yaml \
-up --build
 ```

docker-compose.dev.yaml

@@ -2,34 +2,41 @@ services:
   borg:
     tty: true
     stdin_open: true
-    # entrypoint: ["bash"]
+
     build:
       dockerfile: docker/Dockerfile
       context: .
-    environment:
-      - BORG_REPO=???????
-      - BORG_RSH="ssh -o StrictHostKeyChecking=no"
-      - BORG_PASSPHRASE=????
 
+    environment:
+      - BORG_REPO="${BORG_REPO}"
+      - BORG_RSH="${BORG_REPO}"
+      - BORG_PASSPHRASE="${BORG_PASSPHRASE}"
+      - MODE=SCRIPT # Valid modes are: BORG, SCRIPT, SHELL, default is BORG
+    command: "${CONTAINER_COMMAND:-list}"
     configs:
+      # - source: backup_script
+      #   target: /app/backup-scripts/run
       - source: id_ed25519
         target: /root/.ssh/id_ed25519
+        mode: 0400
       - source: borg_key
         target: /app/borg/key
-        
+        mode: 0400      
     volumes:
       - ./docker/app/scripts:/app/scripts
+      - ./docker/dev-backup-scripts:/app/backup-scripts
 configs:
+
+  # backup_script: 
+  #   content: |
+  #     #!bin/bash
+  #     echo "hello work!!!! (please override me)"
   
+
   id_ed25519:
     content: |
-      -----BEGIN OPENSSH PRIVATE KEY-----
+        ${ID_ED25519}
-           ???????
-           ???????
-      -----END OPENSSH PRIVATE KEY-----
 
   borg_key:
     content: |
-      BORG_KEY ???????
+      ${BORG_KEY}
-      ????????????????
-      ????????????????

docker/Dockerfile

@@ -1,25 +1,48 @@
 FROM alpine:latest
 
-# Install BorgBackup and OpenSSH client
+# Installs
+# - BorgBackup
+# - OpenSSH client
+RUN echo "Installing packages."
 RUN apk update && apk add --no-cache \
     borgbackup \
     openssh \
     bash \
     tzdata
 
+RUN echo "Copying app."   
 COPY ./docker/app /app
-RUN chmod +x /app/scripts -R
+
+
+
+# having some problems if app/scripts files not set with executable permissions 
+# this is not working, so please confirm files are executable on host building docker file
+# setting app owner.
+# RUN chown -R root:root /app
+#RUN echo "Setting app permissions"
+#RUN chown -R root:root /app/scripts && find /app/scripts -type f -exec chmod +x {} \;
+# use this entrypoint to verify final permissions on container
+#ENTRYPOINT ["ls", "-lah", "/app/scripts"]
+
+
+RUN echo "creating symbolic links to app/scripts."
 RUN ln -s /app/scripts/loadenv /usr/local/bin/loadenv
 RUN ln -s /app/scripts/remote-connect /usr/local/bin/remote-connect
-RUN ln -s /app/scripts/remote-connect /usr/local/bin/remote-get-folder-size
+RUN ln -s /app/scriptsremote-get-folder-size /usr/local/bin/remote-get-folder-size
 
-#RUN addgroup -g 1001 -S borg && adduser -u 1001 -S borg -G borg
+RUN echo "creating .ssh folder."
-#USER borg
+RUN mkdir /root/.ssh
-#WORKDIR /app
+RUN echo "setting .ssh folder permissions."
+RUN chmod 700 /root/.ssh
+
+# for files inside correct permission is chmod 600 /root/.ssh/key
+
+RUN echo "Setting loadenv to bashrc and bash_profile"
 
 RUN echo "source /usr/local/bin/loadenv" > /root/.bash_profile 
 RUN echo "source /usr/local/bin/loadenv" > /root/.bashrc
 
-ENTRYPOINT ["bash" , "-c", "borg $0"]
+RUN echo "setting entrypoint."
+ENTRYPOINT ["/app/scripts/entrypoint.sh"]
 
-CMD ["--help"]
+#CMD ["--help"]

docker/app/README.md

@@ -0,0 +1,9 @@
+# borg backup helper
+
+for mode SCRIPT, file /app/backup-scripts/backup must be created.
+
+- Docker Compose Configs Sections (check repo <https:///git.limbosolutions.com/kb/borg> readme file for more information);
+- binding mounts (Ex: ./backup-scripts:/app/backup-scripts);
+- kubernetes secrets, configSections or even volumes;
+  
+The file backup will be automatically executed if exists.

docker/app/scripts/entrypoint.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+
+source /app/scripts/loadenv
+
+
+case "$MODE" in
+
+  BORG)
+    echo "executing borg cli"
+    borg "${@:1}"  # Forward all arguments except $0 to another CLI so first argument (the name of this scripts don't passthrough)"
+    ;;
+
+  SCRIPT)
+    # check if file exists
+    if [ ! -f /app/backup-scripts/backup ]; then
+      cat /app/README.md
+      exit 1
+    fi
+    echo "Executing: backup script with arguments: "\${@:1\"."
+    cd /app/backup-scripts && bash backup "${@:1}" 
+    ;;
+
+  SHELL)
+    echo "Executing: bash -c \"${@:1}\"."
+    bash -c "${@:1}"
+    ;;
+
+  *)
+    echo "Unknown mode: $MODE."
+    echo "Valid modes are: BORG, SCRIPT, SHELL"
+    exit 1
+    ;;
+esac

docker/app/scripts/loadenv

@@ -25,8 +25,7 @@ fi
 
 export SSH_COMMAND="$SSH_COMMAND $SSH_CONNECTION" 
 
-
+ : "${MODE:=BORG}"  # Set default if MODE is unset to borg cli
-