# borg-backup
- [container image](#container-image)
- [environment variables](#environment-variables)
- [borg init repo](#borg-init-repo)
- [creating a backup](#creating-a-backup)
- [using a bash script](#using-a-bash-script)
- [dev](#dev)
## container image
### environment variables
### borg init repo
```bash
services:
borg-backup:
image: git.limbosolutions.com/kb/borg-backup:latest
restart: no
environment:
- BORG_REPO=${BORG_REPO}
- BORG_RSH=${BORG_RSH}
- BORG_PASSPHRASE="${BORG_PASSPHRASE}"
- MODE=SCRIPT # Valid modes are: BORG, SCRIPT, SHELL, default is BORG
configs:
- source: id_ed25519
target: /root/.ssh/id_ed25519
mode: 0400
command:
- |
borg init --encryption=keyfile-blake2 $BORG_REPO
cat /root/.config/borg/keys/*
configs:
id_ed25519:
file: ~/.ssh/id_ed25519
```
### creating a backup
```yaml
services:
borg-backup:
image: git.limbosolutions.com/kb/borg-backup:latest
command: create ${BORG_REPO}::repos-$(date +%Y%m%d%H%M%S) /mnt/user
restart: no
volumes:
- ./home/user:/mnt/user # Mount local folder to container
environment:
- BORG_REPO: "?????"
- BORG_RSH: "-o StrictHostKeyChecking=no -o LogLevel=ERROR"
- BORG_PASSPHRASE: "????"
configs:
- source: id_ed25519 # required for ssh client
mode: 0400
target: /root/.ssh/id_ed25519
- source: borg_key # required for borg client
target: /app/borg/key
mode: 0400
configs:
id_ed25519:
content: |
-----BEGIN OPENSSH PRIVATE KEY-----
**************
**************
-----END OPENSSH PRIVATE KEY-----
borg_key:
content: |
BORG_KEY ???????
????????????????
????????????????
```
### using a bash script
```yaml
services:
borg-backup:
restart: no
image: git.limbosolutions.com/kb/borg-backup:latest
# execute loadenv before you re scripts
# so some enviromnent variables are set
configs:
- source: backup_script
target: /backup
- source: id_ed25519
target: /root/.ssh/id_ed25519
mode: 0400
- source: borg_key
target: /app/borg/key
mode: 0400
environment:
BORG_REPO: ssh://user@server/path
BORG_RSH: "ssh -o StrictHostKeyChecking=no"
BORG_PASSPHRASE: *****
REPO_SYNC_MAX_SIZE: 10737418240 #10GB
MODE:
volumes:
- /home/user/repos:/mnt/repos
configs:
# $$ instead of $ so it replaced during runtime and not on docker compose up
backup_script:
content: |
#/!bin/bash
set -e
# while true; do
# sleep 5
# done
SCRIPT_START_TIME=$$(date +%s)
borg create $${BORG_REPO}::repos-$$(date +%Y%m%d%H%M%S) /mnt/backup
#cleanup
borg prune -v --list --keep-daily=10 --keep-weekly=7 --keep-monthly=-1 $${BORG_REPO} --glob-archives='backup*'
borg compact $${BORG_REPO}
# check repo size
REPO_SIZE_IN_BYTES=$$(remote-connect du -b "$$SSH_FOLDER" -d 0 | awk '{print $$1}')
echo "Repository size: $$((REPO_SIZE_IN_BYTES / 1024 / 1024)) MB"
echo "Repository max size: $$((REPO_SYNC_MAX_SIZE / 1024 / 1024)) MB"
if [ $$REPO_SIZE_IN_BYTES -gt $$REPO_SYNC_MAX_SIZE ]; then \
echo "ERROR: Repository size exceeds $$REPO_SYNC_MAX_SIZE";
exit 1;
else
# Repository size is within limits for offsite sync
# ssh to backup server and enforce rclone to onedrive
remote-connect "rclone sync $$SSH_FOLDER xxxxx:.backups/xxxxxx" && \
SCRIPT_DURATION=$$(($(date +%s) - SCRIPT_START_TIME)) && \
echo "INFO: Finished Backup (offsite) ($((SCRIPT_DURATION / 60 / 60)):$$((SCRIPT_DURATION / 60)):$$((SCRIPT_DURATION % 60))) "
fi
#outputs info
borg info ${BORG_REPO}
exit 0
id_ed25519:
content: |
-----BEGIN OPENSSH PRIVATE KEY-----
`*****************************ยด
-----END OPENSSH PRIVATE KEY-----
borg_key:
content: |
BORG_KEY ******
***************
```
### dev
For development environment and testing this docker compose files.
``` bash
BUILD=""
# uncomment do force build
BUILD="--build"
if [ ! -f ./docker-compose.dev.local.yaml ]; then
touch ./docker-compose.dev.local.yaml
EOF
fi
docker compose \
--project-name borg-backup-dev \
-f docker-compose.dev.yaml \
-f docker-compose.dev.local.yaml \
up $BUILD
```