borg/README.md

# borg-backup

<https://www.borgbackup.org/>

- [container image](#container-image)
  - [environment variables](#environment-variables)
  - [borg init repo](#borg-init-repo)
  - [creating a backup](#creating-a-backup)
  - [using a bash script](#using-a-bash-script)
- [Using binding volumes](#using-binding-volumes)
  - [dev](#dev)

## container image

### environment variables

<https://borgbackup.readthedocs.io/en/stable/usage/general.html#environment-variables>

### borg init repo

```yaml
services:
   borg-backup:
    image: git.limbosolutions.com/kb/borg-backup:latest
    restart: no
    environment:
      - BORG_REPO=${BORG_REPO}
      - BORG_RSH=ssh -o StrictHostKeyChecking=no -p 2222
      - BORG_PASSPHRASE="${BORG_PASSPHRASE}"
      - MODE=SHELL # Valid modes are: BORG, SCRIPT, SHELL, default is BORG
    configs:

      - source: id_ed25519
        target: /root/.ssh/id_ed25519
        mode: 0400

    command:
      - |
        borg init --encryption=keyfile-blake2 $BORG_REPO
        cat /root/.config/borg/keys/*

configs:

  id_ed25519:
      file: ~/.ssh/id_ed25519

  ```

### creating a backup

```yaml
services:
   borg-backup:
    image: git.limbosolutions.com/kb/borg-backup:latest
    command: create ${BORG_REPO}::repos-$(date +%Y%m%d%H%M%S) /mnt/user
    restart: no

    volumes:
      - ./home/user:/mnt/user  # Mount local folder to container

    environment:
      - BORG_REPO=${BORG_REPO}
      - BORG_RSH=ssh -o StrictHostKeyChecking=no -p 2222
      - BORG_PASSPHRASE="${BORG_PASSPHRASE}"

    configs:
      - source: id_ed25519 # required for ssh client
        mode: 0400
        target: /root/.ssh/id_ed25519     
      - source: borg_key # required for borg client
        target: /app/borg/key
        mode: 0400
        
configs:

  id_ed25519:
      file: ~/.ssh/id_ed25519

  borg_key:
    content: |
      ${BORG_KEY}
```

### using a bash script

```yaml
services:
   borg-backup:
    restart: no
    image: git.limbosolutions.com/kb/borg-backup:latest
    # execute loadenv before you re scripts
    # so some enviromnent variables are set

    configs:
      - source: backup_script
        target: /app/backup-scripts/backup
      - source: id_ed25519
        target: /root/.ssh/id_ed25519
        mode: 0400
      - source: borg_key
        target: /app/borg/key
        mode: 0400
    environment:
      - BORG_REPO=${BORG_REPO}
      - BORG_RSH=ssh -o StrictHostKeyChecking=no -p 2222
      - BORG_PASSPHRASE="${BORG_PASSPHRASE}"
      - REPO_SYNC_MAX_SIZE=10737418240 #10GB
      - MODE=SCRIPT

    volumes:
      - "./backup-scripts:/app/backup-scripts"
      - /home/user/data:/mnt/backup

configs:
  # $$ instead of $ so it replaced during runtime and not on docker compose up
  
  backup_script:
    content: |

      #/!bin/bash
      set -e

      # while true; do
      #   sleep 5
      # done      
      
      SCRIPT_START_TIME=$$(date +%s)
      
      borg create $${BORG_REPO}::repos-$$(date +%Y%m%d%H%M%S) /mnt/backup

      #cleanup
      borg prune -v --list --keep-daily=10 --keep-weekly=7 --keep-monthly=-1 $${BORG_REPO} --glob-archives='backup*'
      borg compact $${BORG_REPO} 

      # check repo size
      REPO_SIZE_IN_BYTES=$$(remote-connect du -b "$$SSH_FOLDER" -d 0  | awk '{print $$1}')
      echo "Repository size: $$((REPO_SIZE_IN_BYTES / 1024 / 1024)) MB"
      echo "Repository max size: $$((REPO_SYNC_MAX_SIZE / 1024 / 1024)) MB"
      if [ $$REPO_SIZE_IN_BYTES -gt $$REPO_SYNC_MAX_SIZE ]; then \
        echo "ERROR: Repository size exceeds $$REPO_SYNC_MAX_SIZE";
        exit 1;
      else 
        # Repository size is within limits for offsite sync
        # ssh to backup server and enforce rclone to onedrive
        remote-connect "rclone sync $$SSH_FOLDER xxxxx:.backups/xxxxxx" && \
        SCRIPT_DURATION=$$(($(date +%s) - SCRIPT_START_TIME)) && \
        echo "INFO: Finished Backup (offsite) ($((SCRIPT_DURATION / 60 / 60)):$$((SCRIPT_DURATION / 60)):$$((SCRIPT_DURATION % 60))) "
      fi

      #outputs info
      borg info ${BORG_REPO}
      exit 0


  id_ed25519:
      file: ~/.ssh/id_ed25519

  borg_key:
    content: |
      ${BORG_KEY}
```

## Using binding volumes

Creates folder ./backup-scripts
And file ./backup-scripts/backup.

```yaml
services:
  borg:
    image: git.limbosolutions.com/kb/borg-backup:latest

    environment:
      - BORG_REPO=${BORG_REPO}
      - BORG_RSH=${BORG_RSH}
      - BORG_PASSPHRASE="${BORG_PASSPHRASE}"
      - MODE=SCRIPT
    volumes:
        - "./backup-scripts:/app/backup-scripts"
        - "/home/mf/repos:/backup/repos"

    configs:
      - source: id_ed25519
        target: /root/.ssh/id_ed25519
        mode: 0400
      - source: borg_key
        target: /app/borg/key
        mode: 0400      
configs:
   
  id_ed25519:
    file: ~/.ssh/id_ed25519

  borg_key:
    content: |
      ${BORG_KEY}

```

### dev

For development environment and testing this docker compose files.

``` bash
BUILD=""

# uncomment do force build
BUILD="--build"

if [ ! -f ./docker-compose.dev.local.yaml ]; then
  touch ./docker-compose.dev.local.yaml
EOF
fi

docker compose \
--project-name borg-backup-dev \
-f docker-compose.dev.yaml \
-f docker-compose.dev.local.yaml \
up $BUILD
```