borg/README.md

# borg-backup

<https://www.borgbackup.org/>

- [container image](#container-image)
  - [environment variables](#environment-variables)
  - [borg init repo](#borg-init-repo)
  - [creating a backup](#creating-a-backup)
  - [using a bash script](#using-a-bash-script)
- [Using binding volumes](#using-binding-volumes)
  - [dev](#dev)

## container image

### environment variables

<https://borgbackup.readthedocs.io/en/stable/usage/general.html#environment-variables>

### borg init repo

```yaml
services:
   borg-backup:
    image: git.limbosolutions.com/kb/borg-backup:latest
    restart: no
    environment:
      - BORG_REPO=${BORG_REPO}
      - BORG_RSH=ssh -o StrictHostKeyChecking=no -p 2222
      - BORG_PASSPHRASE="${BORG_PASSPHRASE}"
      - MODE=SHELL # Valid modes are: BORG, SCRIPT, SHELL, default is BORG
    configs:

      - source: id_ed25519
        target: /root/.ssh/id_ed25519
        mode: 0400

    command:
      - |
        borg init --encryption=keyfile-blake2 $BORG_REPO
        cat /root/.config/borg/keys/*

configs:

  id_ed25519:
      file: ~/.ssh/id_ed25519

  ```

### creating a backup

```yaml
services:
   borg-backup:
    image: git.limbosolutions.com/kb/borg-backup:latest
    command: create ${BORG_REPO}::repos-$(date +%Y%m%d%H%M%S) /mnt/user
    restart: no

    volumes:
      - ./home/user:/mnt/user  # Mount local folder to container

    environment:
      - BORG_REPO=${BORG_REPO}
      - BORG_RSH=ssh -o StrictHostKeyChecking=no -p 2222
      - BORG_PASSPHRASE="${BORG_PASSPHRASE}"

    configs:
      - source: id_ed25519 # required for ssh client
        mode: 0400
        target: /root/.ssh/id_ed25519     
      - source: borg_key # required for borg client
        target: /app/borg/key
        mode: 0400
        
configs:

  id_ed25519:
      file: ~/.ssh/id_ed25519

  borg_key:
    content: |
      ${BORG_KEY}
```

### using a bash script

```yaml
services:
  borg:
    image: git.limbosolutions.com/kb/borg-backup:alpha

    environment:
      - BORG_REPO=${BORG_REPO}
      - BORG_RSH=${BORG_RSH}
      - OFFSITE_TARGET_FOLDER=${OFFSITE_TARGET_FOLDER}
      - BORG_PASSPHRASE="${BORG_PASSPHRASE}"
      - REPO_SYNC_MAX_SIZE=10737418240 #10GB
      - MODE=SCRIPT
    volumes:
        - "/home/mf/repos:/backup/repos"

    configs:
      - source: backup_script
        target: /app/backup-scripts/backup
        mode: 0400

      - source: id_ed25519
        target: /root/.ssh/id_ed25519
        mode: 0400
      - source: borg_key
        target: /app/borg/key
        mode: 0400      
configs:
  backup_script:
    content: |

      #!/bin/bash
      set -e
      SCRIPT_START_TIME=$$(date +%s)

      borg create $${BORG_REPO}::backup-$$(date +%Y%m%d%H%M%S) /backup
      borg prune -v --list --keep-daily=10 --keep-weekly=7 --keep-monthly=-1 $${BORG_REPO} --glob-archives='backup-*'
               
      # check repo size
      REPO_SIZE_IN_BYTES="$$(remote-get-folder-size)"
      echo "Repository size: $$((REPO_SIZE_IN_BYTES / 1024 / 1024)) MB"

      if [ $$REPO_SIZE_IN_BYTES -gt $$REPO_SYNC_MAX_SIZE ]; then \
          echo "ERROR: Repository size exceeds $$REPO_SYNC_MAX_SIZE";
          exit 1;
      else 
          # Repository size is within limits for offsite sync
          # ssh to backup server and enforce rclone to offsite
          remote-connect "rclone sync $$SSH_FOLDER $$OFFSITE_TARGET_FOLDER --progress" && \
          echo "INFO: Backup offsite sync Finished.($$(date -u -d "@$$(($$(date +%s) - SCRIPT_START_TIME))" +%H:%M:%S))"
      fi
      exit 0

  id_ed25519:
    file: ~/.ssh/id_ed25519

  borg_key:
    content: |
      ${BORG_KEY}
```

## Using binding volumes

Creates folder ./backup-scripts
And file ./backup-scripts/backup.

```yaml
services:
  borg:
    image: git.limbosolutions.com/kb/borg-backup:latest

    environment:
      - BORG_REPO=${BORG_REPO}
      - BORG_RSH=${BORG_RSH}
      - BORG_PASSPHRASE="${BORG_PASSPHRASE}"
      - MODE=SCRIPT
    volumes:
        - "./backup-scripts:/app/backup-scripts"
        - "/home/mf/repos:/backup/repos"

    configs:
      - source: id_ed25519
        target: /root/.ssh/id_ed25519
        mode: 0400
      - source: borg_key
        target: /app/borg/key
        mode: 0400      
configs:
   
  id_ed25519:
    file: ~/.ssh/id_ed25519

  borg_key:
    content: |
      ${BORG_KEY}

```

### dev

For development environment and testing this docker compose files.

``` bash
BUILD=""

# uncomment do force build
BUILD="--build"

if [ ! -f ./docker-compose.dev.local.yaml ]; then
  touch ./docker-compose.dev.local.yaml
EOF
fi

docker compose \
--project-name borg-backup-dev \
-f docker-compose.dev.yaml \
-f docker-compose.dev.local.yaml \
up $BUILD
```