kb/borg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

borg container image feature/review-docker: pipelines and scripts revisions #1

Merged
marcio.fernandes merged 10 commits from feature/review-docker into main 2025-09-21 19:23:38 +00:00
Conversation 0 Commits 10 Files Changed 10 +185 -63
9 changed files with 185 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 886cbb292f - Show all commits

33
.gitea/workflows/ docker-image.deploy.beta.yml Normal file
View File

@@ -0,0 +1,33 @@
on:
push:
branches: [ feature/* ]
paths:
- "docker/**"
- ".gitea/**"
schedule:
- cron: "0 02 * * *"
jobs:
build-docker-image:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Log in to git.limbosolutions.com docker registry
uses: docker/login-action@v3
with:
registry: git.limbosolutions.com
username: ${{ secrets.GITLIMBO_DOCKER_REGISTRY_USERNAME }}
password: ${{ secrets.GITLIMBO_DOCKER_REGISTRY_PASSWORD }}
- name: Build and push Docker images
id: push
uses: docker/build-push-action@v6
with:
context: .
file: ${{gitea.workspace}}/docker/Dockerfile
push: true
tags: git.limbosolutions.com/kb/borg-backup:alpha

1
.gitea/workflows/ docker-image.deploy.yml → .gitea/workflows/ docker-image.deploy.prod.yml
View File

@@ -1,5 +1,6 @@
on:
push:
branches: [ main ]
paths:
- "docker/**"
- ".gitea/**"

1
.gitignore vendored
View File

@@ -1 +1,2 @@
**.local.**
.env

84
README.md
View File

@@ -2,17 +2,20 @@
<https://www.borgbackup.org/>
- [container image](#container-image)
- [environment variables](#environment-variables)
- [borg repo init](#borg-repo-init)
- [creating a backup](#creating-a-backup)
- [using a bash script](#using-a-bash-script)
- [dev](#dev)
## container image
## environment variables
### environment variables
<https://borgbackup.readthedocs.io/en/stable/usage/general.html#environment-variables>
``` bash
docker run git.limbosolutions.com/kb/borg-backup:latest
```
## repo init
### borg repo init
```bash
services:
@@ -20,28 +23,39 @@ services:
image: git.limbosolutions.com/kb/borg-backup:latest
restart: no
tty: true
entrypoint: [ "bash", "-c", "loadenv && /init-repo"]
environment:
- BORG_REPO: ssh://user@server/home/user/borg-repo
- BORG_RSH: "-o StrictHostKeyChecking=no -o LogLevel=ERROR"
configs:
- source: id_ed25519 # required for ssh client
target: /home/borg/.ssh/id_ed25519
- source: borg_init_repo_sh
target: /init-repo
configs:
create.sh:
borg_init_repo_sh:
# Example, execute
# borg init --encryption=keyfile-blake2 $BORG_REPO
# don't forget to copy key file content on borg folder (/root/.borg/keys/*) and BORG_PASSPHRASE used during initialization
content:
while true; do
sleep 5
done
# execute for example
#borg init --encryption=keyfile-blake2 $BORG_REPO
# dont forget to copy key file content on borg folder (/root/.borg/keys/*) and BORG_PASSPHRASE
id_ed25519:
content: |
-----BEGIN OPENSSH PRIVATE KEY-----
**************
**************
-----END OPENSSH PRIVATE KEY-----
```
### docker compose
``` bash
docker run git.limbosolutions.com/kb/borg-backup:latest
```
Example of simple usage for creating a backup
### creating a backup
```yaml
services:
@@ -54,16 +68,17 @@ services:
- ./home/user:/mnt/user # Mount local folder to container
environment:
- BORG_REPO=?????
- BORG_REPO: "?????"
- BORG_RSH: "-o StrictHostKeyChecking=no -o LogLevel=ERROR"
- BORG_PASSPHRASE=????
- BORG_PASSPHRASE: "????"
configs:
- source: id_ed25519 # required for ssh client
target: /home/borg/.ssh/id_ed25519
mode: 0400
target: /root/.ssh/id_ed25519
- source: borg_key # required for borg client
target: /app/borg/key
mode: 0400
configs:
@@ -79,26 +94,27 @@ configs:
BORG_KEY ???????
????????????????
????????????????
```
Example using an bash script
### using a bash script
```yaml
services:
borg-backup:
restart: no
image: git.limbosolutions.com/kb/borg-backup:latest
entrypoint: ["bash", "backup.sh"]
# execute loadenv before you re scripts
# so some enviromnent variables are set
entrypoint: ["bash", "loadenv & /backup"]
configs:
- source: backup_script
target: /backup.sh
target: /backup
- source: id_ed25519
target: /root/.ssh/id_ed25519
mode: 0400
- source: borg_key
target: /app/borg/key
mode: 0400
environment:
BORG_REPO: ssh://user@server/path
BORG_RSH: "ssh -o StrictHostKeyChecking=no"
@@ -107,12 +123,15 @@ services:
volumes:
- /home/mf/repos:/mnt/repos
- /home/user/repos:/mnt/repos
configs:
# $$ instead of $ so it replaced during runtime and not on docker compose up
backup_script:
content: |
source loadenv
#/!bin/bash
set -e
# while true; do
@@ -161,20 +180,17 @@ configs:
### dev
For development environment and testing this docker compose files.
``` bash
BUILD=""
# uncomment do force build
#BUILD="--build"
docker compose \
--project-name borg-backup-dev \
-f docker-compose.dev.yaml \
-f docker-compose.dev.local.yaml \
up
```
Force Build:
``` bash
docker compose \
--project-name borg-backup-dev \
-f docker-compose.dev.yaml \
-f docker-compose.dev.local.yaml \
up --build
up $BUILD
```

33
docker-compose.dev.yaml
View File

@@ -2,34 +2,41 @@ services:
borg:
tty: true
stdin_open: true
# entrypoint: ["bash"]
build:
dockerfile: docker/Dockerfile
context: .
environment:
- BORG_REPO=???????
- BORG_RSH="ssh -o StrictHostKeyChecking=no"
- BORG_PASSPHRASE=????
environment:
- BORG_REPO="${BORG_REPO}"
- BORG_RSH="${BORG_REPO}"
- BORG_PASSPHRASE="${BORG_PASSPHRASE}"
- MODE=SCRIPT # Valid modes are: BORG, SCRIPT, SHELL, default is BORG
command: "${CONTAINER_COMMAND:-list}"
configs:
# - source: backup_script
# target: /app/backup-scripts/run
- source: id_ed25519
target: /root/.ssh/id_ed25519
mode: 0400
- source: borg_key
target: /app/borg/key
mode: 0400
volumes:
- ./docker/app/scripts:/app/scripts
- ./docker/dev-backup-scripts:/app/backup-scripts
configs:
# backup_script:
# content: |
# #!bin/bash
# echo "hello work!!!! (please override me)"
id_ed25519:
content: |
-----BEGIN OPENSSH PRIVATE KEY-----
???????
???????
-----END OPENSSH PRIVATE KEY-----
${ID_ED25519}
borg_key:
content: |
BORG_KEY ???????
????????????????
????????????????
${BORG_KEY}

39
docker/Dockerfile
View File

@@ -1,25 +1,48 @@
FROM alpine:latest
# Install BorgBackup and OpenSSH client
# Installs
# - BorgBackup
# - OpenSSH client
RUN echo "Installing packages."
RUN apk update && apk add --no-cache \
borgbackup \
openssh \
bash \
tzdata
RUN echo "Copying app."
COPY ./docker/app /app
RUN chmod +x /app/scripts -R
# having some problems if app/scripts files not set with executable permissions
# this is not working, so please confirm files are executable on host building docker file
# setting app owner.
# RUN chown -R root:root /app
#RUN echo "Setting app permissions"
#RUN chown -R root:root /app/scripts && find /app/scripts -type f -exec chmod +x {} \;
# use this entrypoint to verify final permissions on container
#ENTRYPOINT ["ls", "-lah", "/app/scripts"]
RUN echo "creating symbolic links to app/scripts."
RUN ln -s /app/scripts/loadenv /usr/local/bin/loadenv
RUN ln -s /app/scripts/remote-connect /usr/local/bin/remote-connect
RUN ln -s /app/scripts/remote-connect /usr/local/bin/remote-get-folder-size
RUN ln -s /app/scriptsremote-get-folder-size /usr/local/bin/remote-get-folder-size
#RUN addgroup -g 1001 -S borg && adduser -u 1001 -S borg -G borg
#USER borg
#WORKDIR /app
RUN echo "creating .ssh folder."
RUN mkdir /root/.ssh
RUN echo "setting .ssh folder permissions."
RUN chmod 700 /root/.ssh
# for files inside correct permission is chmod 600 /root/.ssh/key
RUN echo "Setting loadenv to bashrc and bash_profile"
RUN echo "source /usr/local/bin/loadenv" > /root/.bash_profile
RUN echo "source /usr/local/bin/loadenv" > /root/.bashrc
ENTRYPOINT ["bash" , "-c", "borg $0"]
RUN echo "setting entrypoint."
ENTRYPOINT ["/app/scripts/entrypoint.sh"]
CMD ["--help"]
#CMD ["--help"]

9
docker/app/README.md Normal file
View File

@@ -0,0 +1,9 @@
# borg backup helper
for mode SCRIPT, file /app/backup-scripts/backup must be created.
- Docker Compose Configs Sections (check repo <https:///git.limbosolutions.com/kb/borg> readme file for more information);
- binding mounts (Ex: ./backup-scripts:/app/backup-scripts);
- kubernetes secrets, configSections or even volumes;
The file backup will be automatically executed if exists.

33
docker/app/scripts/entrypoint.sh Executable file
View File

@@ -0,0 +1,33 @@
#!/bin/bash
source /app/scripts/loadenv
case "$MODE" in
BORG)
echo "executing borg cli"
borg "${@:1}" # Forward all arguments except $0 to another CLI so first argument (the name of this scripts don't passthrough)"
;;
SCRIPT)
# check if file exists
if [ ! -f /app/backup-scripts/backup ]; then
cat /app/README.md
exit 1
fi
echo "Executing: backup script with arguments: "\${@:1\"."
cd /app/backup-scripts && bash backup "${@:1}"
;;
SHELL)
echo "Executing: bash -c \"${@:1}\"."
bash -c "${@:1}"
;;
*)
echo "Unknown mode: $MODE."
echo "Valid modes are: BORG, SCRIPT, SHELL"
exit 1
;;
esac

3
docker/app/scripts/loadenv
View File

@@ -25,8 +25,7 @@ fi
export SSH_COMMAND="$SSH_COMMAND $SSH_CONNECTION"
: "${MODE:=BORG}" # Set default if MODE is unset to borg cli