diff --git a/.drone.yml b/.drone.yml index a61682f..80e60ab 100644 --- a/.drone.yml +++ b/.drone.yml @@ -6,7 +6,7 @@ steps: - name: docker image: plugins/docker settings: - repo: ldericher/kiwi-backup + repo: yavook/kiwi-backup auto_tag: true username: from_secret: DOCKER_USERNAME diff --git a/LICENSE b/LICENSE index d3884f0..e11b56d 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2020 Jörn-Michael Miehe +Copyright (c) 2020 yavook.de Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index ae87cd1..7a8cf25 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,23 @@ # kiwi-backup -[![Build Status](https://github.drone.yavook.de/api/badges/ldericher/kiwi-backup/status.svg)](https://github.drone.yavook.de/ldericher/kiwi-backup) +[![Build Status](https://github.drone.yavook.de/api/badges/yavook/kiwi-backup/status.svg)](https://github.drone.yavook.de/yavook/kiwi-backup) > `kiwi` - simple, consistent, powerful -The backup solution for [`kiwi-scp`](https://github.com/ldericher/kiwi-scp) +The backup solution for [`kiwi-scp`](https://github.com/yavook/kiwi-scp) ## Quick start kiwi-backup is an image with [duplicity](http://duplicity.nongnu.org/), tailored to backup service data of `kiwi-scp` instances. -If you want backups in the host directory `/var/kiwi.backup`, just add this to one of your projects' `docker-compose.yml` to use the default configuration. +If you want backups in the host directory `/var/local/kiwi.backup`, just add this to one of your projects' `docker-compose.yml` to use the default configuration. ```yaml backup: - image: ldericher/kiwi-backup + image: yavook/kiwi-backup volumes: - - "$TARGETROOT:/backup/source:ro" - - "/var/kiwi.backup:/backup/target" + - "${KIWI_INSTANCE}:/backup/source:ro" + - "/var/local/kiwi.backup:/backup/target" ``` - backups the entire service data directory @@ -45,7 +45,7 @@ backup: # ... volumes: # change scope here! - - "$TARGETROOT:/backup/source:ro" + - "${KIWI_INSTANCE}:/backup/source:ro" ``` You may of course create additional sources below the `/backup/source` directory to limit the backup to specific projects or services. For added safety, mount your backup sources read-only by appending `:ro`. @@ -89,14 +89,14 @@ There are three major ways to for inject secrets into `kiwi-backup` environments #### Container environment -Just fire up your container using `docker run -e "FTP_PASSWORD=my_secret_here" ldericher/kiwi-backup` +Just fire up your container using `docker run -e "FTP_PASSWORD=my_secret_here" yavook/kiwi-backup` #### Image environment Create a simple `Dockerfile` from following template. ```Dockerfile -FROM ldericher/kiwi-backup +FROM yavook/kiwi-backup ENV FTP_PASSWORD="my_secret_here" ``` @@ -175,7 +175,7 @@ Reasonable defaults for a backup encryption key are: To quickly generate a key, use the following command, then enter a passphrase: ```sh -docker run --rm -it -v "gnupg.tmp:/root/.gnupg" ldericher/kiwi-backup gpg --quick-gen-key --yes "Administrator " rsa4096 encr never +docker run --rm -it -v "gnupg.tmp:/root/.gnupg" yavook/kiwi-backup gpg --quick-gen-key --yes "Administrator " rsa4096 encr never ``` To get a more in-depth generation wizard instead, use `gpg --full-gen-key` command without any more args and follow through. @@ -185,13 +185,13 @@ To get a more in-depth generation wizard instead, use `gpg --full-gen-key` comma This one-liner exports your generated key into a new subdirectory "backup": ```sh -docker run --rm -it -v "gnupg.tmp:/root/.gnupg" -v "$(pwd)/backup:/root/backup" -e "CURRENT_USER=$(id -u):$(id -g)" ldericher/kiwi-backup sh -c 'cd /root/backup && gpg --export-secret-keys --armor > secret.asc && gpg --export-ownertrust > ownertrust.txt && chown -R "${CURRENT_USER}" .' +docker run --rm -it -v "gnupg.tmp:/root/.gnupg" -v "$(pwd)/backup:/root/backup" -e "CURRENT_USER=$(id -u):$(id -g)" yavook/kiwi-backup sh -c 'cd /root/backup && gpg --export-secret-keys --armor > secret.asc && gpg --export-ownertrust > ownertrust.txt && chown -R "${CURRENT_USER}" .' ``` You'll now find the "backup" subdirectory with files "secret.asc" and "ownertrust.txt" in it. Check your exported files: ```sh -docker run --rm -v "$(pwd)/backup:/root/backup:ro" ldericher/kiwi-backup sh -c 'cd /root/backup && gpg --import --batch secret.asc 2>/dev/null && gpg --import-ownertrust ownertrust.txt 2>/dev/null && gpg -k 2>/dev/null | grep -A1 "^pub" | xargs | tail -c17' +docker run --rm -v "$(pwd)/backup:/root/backup:ro" yavook/kiwi-backup sh -c 'cd /root/backup && gpg --import --batch secret.asc 2>/dev/null && gpg --import-ownertrust ownertrust.txt 2>/dev/null && gpg -k 2>/dev/null | grep -A1 "^pub" | xargs | tail -c17' ``` This should output your 16-digit Key-ID, so take note of it if you haven't already! Afterwards, run `docker volume rm gnupg.tmp` to get rid of the key generation volume. @@ -208,7 +208,7 @@ gpg --export-ownertrust > backup/ownertrust.txt You can still check your exported files :) ```sh -docker run --rm -v "$(pwd)/backup:/root/backup:ro" ldericher/kiwi-backup sh -c 'cd /root/backup && gpg --import --batch secret.asc && gpg --import-ownertrust ownertrust.txt && gpg -k' +docker run --rm -v "$(pwd)/backup:/root/backup:ro" yavook/kiwi-backup sh -c 'cd /root/backup && gpg --import --batch secret.asc && gpg --import-ownertrust ownertrust.txt && gpg -k' ``` ### Describe local kiwi-backup image @@ -216,7 +216,7 @@ docker run --rm -v "$(pwd)/backup:/root/backup:ro" ldericher/kiwi-backup sh -c ' Now create a simple `Dockerfile` inside the "backup" directory from following template. ```Dockerfile -FROM ldericher/kiwi-backup +FROM yavook/kiwi-backup COPY secret.asc ownertrust.txt /root/ @@ -237,7 +237,7 @@ All that's left is to come back to your project's `docker-compose.yml`, where yo ```yaml backup: - image: ldericher/kiwi-backup + image: yavook/kiwi-backup # ... ```