summaryrefslogtreecommitdiff
path: root/images/backup/duplicity
diff options
context:
space:
mode:
authorTill Höppner2017-05-31 18:00:15 +0200
committerTill Höppner2017-05-31 18:00:15 +0200
commit33c2361ab6f0d7bfc802d2fc10d2f29aef44867b (patch)
tree706f4c46e942433eb13cba20cedd816bb07226ae /images/backup/duplicity
parentc20a9f58eb362ad84a1f0e3b911b89ffc9bf8451 (diff)
downloadserver-33c2361ab6f0d7bfc802d2fc10d2f29aef44867b.tar.gz
server-33c2361ab6f0d7bfc802d2fc10d2f29aef44867b.tar.xz
server-33c2361ab6f0d7bfc802d2fc10d2f29aef44867b.zip
Add backup image
Diffstat (limited to 'images/backup/duplicity')
-rw-r--r--images/backup/duplicity/Dockerfile16
-rwxr-xr-ximages/backup/duplicity/backup.sh39
-rw-r--r--images/backup/duplicity/gpg-agent.conf1
-rwxr-xr-ximages/backup/duplicity/restore.sh26
4 files changed, 82 insertions, 0 deletions
diff --git a/images/backup/duplicity/Dockerfile b/images/backup/duplicity/Dockerfile
new file mode 100644
index 0000000..9ce6d6b
--- /dev/null
+++ b/images/backup/duplicity/Dockerfile
@@ -0,0 +1,16 @@
+FROM alpine:3.5
+
+RUN apk add --update duplicity ca-certificates gnupg openssh-client py-paramiko py2-pip
+
+RUN pip install --upgrade setuptools
+RUN pip install --upgrade distribute
+
+ADD backup.sh /backup.sh
+ADD restore.sh /restore.sh
+
+RUN mkdir /root/.gnupg/
+ADD gpg-agent.conf /root/.gnupg/gpg-agent.conf
+RUN chmod 600 /root/.gnupg
+
+RUN mkdir /root/.ssh
+RUN chmod 600 /root/.ssh
diff --git a/images/backup/duplicity/backup.sh b/images/backup/duplicity/backup.sh
new file mode 100755
index 0000000..38223e3
--- /dev/null
+++ b/images/backup/duplicity/backup.sh
@@ -0,0 +1,39 @@
+#!/bin/sh -xe
+set -x
+set -e
+
+ls -lah /data
+
+CONNECTION_OPTIONS="--use-agent \
+ --verbosity $LOG_LEVEL \
+ --num-retries 3 \
+ --encrypt-key $FINGERPRINT \
+ --log-file /dev/stdout \
+ --archive-dir /cache/archive \
+ --ssh-options=-oIdentityFile=/ssh_keys/backup \
+ --gpg-options --passphrase=$PASSPHRASE \
+ --gpg-options --no-tty \
+ --gpg-options --batch \
+ --gpg-options --pinentry-mode=loopback"
+
+# Import and trust the GPG Keys
+gpg --passphrase $PASSPHRASE --no-tty --batch --import /gpg_keys/*.priv.asc
+echo "$FINGERPRINT:6:" | gpg --import-ownertrust
+
+mkdir -p /cache/archive
+
+# Make the actual backup
+duplicity --asynchronous-upload \
+ --volsize 250 \
+ --full-if-older-than 1M \
+ $CONNECTION_OPTIONS \
+ $EXCLUDE_DIRS \
+ /data/ "$BACKUP_STORAGE"
+
+# Clean up broken backups
+duplicity cleanup $CONNECTION_OPTIONS \
+ "$BACKUP_STORAGE"
+
+# Clean up old backups
+duplicity remove-all-but-n-full 1 $CONNECTION_OPTIONS \
+ "$BACKUP_STORAGE"
diff --git a/images/backup/duplicity/gpg-agent.conf b/images/backup/duplicity/gpg-agent.conf
new file mode 100644
index 0000000..d1b6ae3
--- /dev/null
+++ b/images/backup/duplicity/gpg-agent.conf
@@ -0,0 +1 @@
+allow-loopback-pinentry
diff --git a/images/backup/duplicity/restore.sh b/images/backup/duplicity/restore.sh
new file mode 100755
index 0000000..df3f9c9
--- /dev/null
+++ b/images/backup/duplicity/restore.sh
@@ -0,0 +1,26 @@
+#!/bin/sh -xe
+set -x
+set -e
+
+CONNECTION_OPTIONS="--use-agent \
+ --verbosity $LOG_LEVEL \
+ --num-retries 3 \
+ --encrypt-key $FINGERPRINT \
+ --log-file /dev/stdout \
+ --archive-dir /cache/archive \
+ --ssh-options=-oIdentityFile=/ssh_keys/backup \
+ --gpg-options --passphrase=$PASSPHRASE \
+ --gpg-options --no-tty \
+ --gpg-options --batch \
+ --gpg-options --pinentry-mode=loopback"
+
+# Import and trust the GPG Keys
+gpg --passphrase $PASSPHRASE --no-tty --batch --import /gpg_keys/*.priv.asc
+echo "$FINGERPRINT:6:" | gpg --import-ownertrust
+
+mkdir -p /cache/archive
+
+# Restore the Backup
+duplicity restore \
+ $CONNECTION_OPTIONS \
+ "$BACKUP_STORAGE" /data/