diff options
author | Till Höppner | 2017-05-31 18:00:15 +0200 |
---|---|---|
committer | Till Höppner | 2017-05-31 18:00:15 +0200 |
commit | 33c2361ab6f0d7bfc802d2fc10d2f29aef44867b (patch) | |
tree | 706f4c46e942433eb13cba20cedd816bb07226ae /images/backup/duplicity | |
parent | c20a9f58eb362ad84a1f0e3b911b89ffc9bf8451 (diff) | |
download | server-33c2361ab6f0d7bfc802d2fc10d2f29aef44867b.tar.gz server-33c2361ab6f0d7bfc802d2fc10d2f29aef44867b.tar.xz server-33c2361ab6f0d7bfc802d2fc10d2f29aef44867b.zip |
Add backup image
Diffstat (limited to 'images/backup/duplicity')
-rw-r--r-- | images/backup/duplicity/Dockerfile | 16 | ||||
-rwxr-xr-x | images/backup/duplicity/backup.sh | 39 | ||||
-rw-r--r-- | images/backup/duplicity/gpg-agent.conf | 1 | ||||
-rwxr-xr-x | images/backup/duplicity/restore.sh | 26 |
4 files changed, 82 insertions, 0 deletions
diff --git a/images/backup/duplicity/Dockerfile b/images/backup/duplicity/Dockerfile new file mode 100644 index 0000000..9ce6d6b --- /dev/null +++ b/images/backup/duplicity/Dockerfile @@ -0,0 +1,16 @@ +FROM alpine:3.5 + +RUN apk add --update duplicity ca-certificates gnupg openssh-client py-paramiko py2-pip + +RUN pip install --upgrade setuptools +RUN pip install --upgrade distribute + +ADD backup.sh /backup.sh +ADD restore.sh /restore.sh + +RUN mkdir /root/.gnupg/ +ADD gpg-agent.conf /root/.gnupg/gpg-agent.conf +RUN chmod 600 /root/.gnupg + +RUN mkdir /root/.ssh +RUN chmod 600 /root/.ssh diff --git a/images/backup/duplicity/backup.sh b/images/backup/duplicity/backup.sh new file mode 100755 index 0000000..38223e3 --- /dev/null +++ b/images/backup/duplicity/backup.sh @@ -0,0 +1,39 @@ +#!/bin/sh -xe +set -x +set -e + +ls -lah /data + +CONNECTION_OPTIONS="--use-agent \ + --verbosity $LOG_LEVEL \ + --num-retries 3 \ + --encrypt-key $FINGERPRINT \ + --log-file /dev/stdout \ + --archive-dir /cache/archive \ + --ssh-options=-oIdentityFile=/ssh_keys/backup \ + --gpg-options --passphrase=$PASSPHRASE \ + --gpg-options --no-tty \ + --gpg-options --batch \ + --gpg-options --pinentry-mode=loopback" + +# Import and trust the GPG Keys +gpg --passphrase $PASSPHRASE --no-tty --batch --import /gpg_keys/*.priv.asc +echo "$FINGERPRINT:6:" | gpg --import-ownertrust + +mkdir -p /cache/archive + +# Make the actual backup +duplicity --asynchronous-upload \ + --volsize 250 \ + --full-if-older-than 1M \ + $CONNECTION_OPTIONS \ + $EXCLUDE_DIRS \ + /data/ "$BACKUP_STORAGE" + +# Clean up broken backups +duplicity cleanup $CONNECTION_OPTIONS \ + "$BACKUP_STORAGE" + +# Clean up old backups +duplicity remove-all-but-n-full 1 $CONNECTION_OPTIONS \ + "$BACKUP_STORAGE" diff --git a/images/backup/duplicity/gpg-agent.conf b/images/backup/duplicity/gpg-agent.conf new file mode 100644 index 0000000..d1b6ae3 --- /dev/null +++ b/images/backup/duplicity/gpg-agent.conf @@ -0,0 +1 @@ +allow-loopback-pinentry diff --git a/images/backup/duplicity/restore.sh b/images/backup/duplicity/restore.sh new file mode 100755 index 0000000..df3f9c9 --- /dev/null +++ b/images/backup/duplicity/restore.sh @@ -0,0 +1,26 @@ +#!/bin/sh -xe +set -x +set -e + +CONNECTION_OPTIONS="--use-agent \ + --verbosity $LOG_LEVEL \ + --num-retries 3 \ + --encrypt-key $FINGERPRINT \ + --log-file /dev/stdout \ + --archive-dir /cache/archive \ + --ssh-options=-oIdentityFile=/ssh_keys/backup \ + --gpg-options --passphrase=$PASSPHRASE \ + --gpg-options --no-tty \ + --gpg-options --batch \ + --gpg-options --pinentry-mode=loopback" + +# Import and trust the GPG Keys +gpg --passphrase $PASSPHRASE --no-tty --batch --import /gpg_keys/*.priv.asc +echo "$FINGERPRINT:6:" | gpg --import-ownertrust + +mkdir -p /cache/archive + +# Restore the Backup +duplicity restore \ + $CONNECTION_OPTIONS \ + "$BACKUP_STORAGE" /data/ |