1
0
Fork 0
mirror of https://github.com/yavook/kiwi-backup.git synced 2024-11-24 07:53:01 +00:00

ldericher -> yavook

This commit is contained in:
Jörn-Michael Miehe 2022-02-27 16:42:51 +01:00
parent 8f02696677
commit e2912b590a
2 changed files with 16 additions and 16 deletions

View file

@ -1,6 +1,6 @@
MIT License MIT License
Copyright (c) 2020 Jörn-Michael Miehe Copyright (c) 2020 yavook.de
Permission is hereby granted, free of charge, to any person obtaining a copy Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal of this software and associated documentation files (the "Software"), to deal

View file

@ -1,23 +1,23 @@
# kiwi-backup # kiwi-backup
[![Build Status](https://github.drone.yavook.de/api/badges/ldericher/kiwi-backup/status.svg)](https://github.drone.yavook.de/ldericher/kiwi-backup) [![Build Status](https://github.drone.yavook.de/api/badges/yavook/kiwi-backup/status.svg)](https://github.drone.yavook.de/yavook/kiwi-backup)
> `kiwi` - simple, consistent, powerful > `kiwi` - simple, consistent, powerful
The backup solution for [`kiwi-scp`](https://github.com/ldericher/kiwi-scp) The backup solution for [`kiwi-scp`](https://github.com/yavook/kiwi-scp)
## Quick start ## Quick start
kiwi-backup is an image with [duplicity](http://duplicity.nongnu.org/), tailored to backup service data of `kiwi-scp` instances. kiwi-backup is an image with [duplicity](http://duplicity.nongnu.org/), tailored to backup service data of `kiwi-scp` instances.
If you want backups in the host directory `/var/kiwi.backup`, just add this to one of your projects' `docker-compose.yml` to use the default configuration. If you want backups in the host directory `/var/local/kiwi.backup`, just add this to one of your projects' `docker-compose.yml` to use the default configuration.
```yaml ```yaml
backup: backup:
image: ldericher/kiwi-backup image: yavook/kiwi-backup
volumes: volumes:
- "$TARGETROOT:/backup/source:ro" - "${KIWI_INSTANCE}:/backup/source:ro"
- "/var/kiwi.backup:/backup/target" - "/var/local/kiwi.backup:/backup/target"
``` ```
- backups the entire service data directory - backups the entire service data directory
@ -45,7 +45,7 @@ backup:
# ... # ...
volumes: volumes:
# change scope here! # change scope here!
- "$TARGETROOT:/backup/source:ro" - "${KIWI_INSTANCE}:/backup/source:ro"
``` ```
You may of course create additional sources below the `/backup/source` directory to limit the backup to specific projects or services. For added safety, mount your backup sources read-only by appending `:ro`. You may of course create additional sources below the `/backup/source` directory to limit the backup to specific projects or services. For added safety, mount your backup sources read-only by appending `:ro`.
@ -89,14 +89,14 @@ There are three major ways to for inject secrets into `kiwi-backup` environments
#### Container environment #### Container environment
Just fire up your container using `docker run -e "FTP_PASSWORD=my_secret_here" ldericher/kiwi-backup` Just fire up your container using `docker run -e "FTP_PASSWORD=my_secret_here" yavook/kiwi-backup`
#### Image environment #### Image environment
Create a simple `Dockerfile` from following template. Create a simple `Dockerfile` from following template.
```Dockerfile ```Dockerfile
FROM ldericher/kiwi-backup FROM yavook/kiwi-backup
ENV FTP_PASSWORD="my_secret_here" ENV FTP_PASSWORD="my_secret_here"
``` ```
@ -175,7 +175,7 @@ Reasonable defaults for a backup encryption key are:
To quickly generate a key, use the following command, then enter a passphrase: To quickly generate a key, use the following command, then enter a passphrase:
```sh ```sh
docker run --rm -it -v "gnupg.tmp:/root/.gnupg" ldericher/kiwi-backup gpg --quick-gen-key --yes "Administrator <root@my-hostname.com>" rsa4096 encr never docker run --rm -it -v "gnupg.tmp:/root/.gnupg" yavook/kiwi-backup gpg --quick-gen-key --yes "Administrator <root@my-hostname.com>" rsa4096 encr never
``` ```
To get a more in-depth generation wizard instead, use `gpg --full-gen-key` command without any more args and follow through. To get a more in-depth generation wizard instead, use `gpg --full-gen-key` command without any more args and follow through.
@ -185,13 +185,13 @@ To get a more in-depth generation wizard instead, use `gpg --full-gen-key` comma
This one-liner exports your generated key into a new subdirectory "backup": This one-liner exports your generated key into a new subdirectory "backup":
```sh ```sh
docker run --rm -it -v "gnupg.tmp:/root/.gnupg" -v "$(pwd)/backup:/root/backup" -e "CURRENT_USER=$(id -u):$(id -g)" ldericher/kiwi-backup sh -c 'cd /root/backup && gpg --export-secret-keys --armor > secret.asc && gpg --export-ownertrust > ownertrust.txt && chown -R "${CURRENT_USER}" .' docker run --rm -it -v "gnupg.tmp:/root/.gnupg" -v "$(pwd)/backup:/root/backup" -e "CURRENT_USER=$(id -u):$(id -g)" yavook/kiwi-backup sh -c 'cd /root/backup && gpg --export-secret-keys --armor > secret.asc && gpg --export-ownertrust > ownertrust.txt && chown -R "${CURRENT_USER}" .'
``` ```
You'll now find the "backup" subdirectory with files "secret.asc" and "ownertrust.txt" in it. Check your exported files: You'll now find the "backup" subdirectory with files "secret.asc" and "ownertrust.txt" in it. Check your exported files:
```sh ```sh
docker run --rm -v "$(pwd)/backup:/root/backup:ro" ldericher/kiwi-backup sh -c 'cd /root/backup && gpg --import --batch secret.asc 2>/dev/null && gpg --import-ownertrust ownertrust.txt 2>/dev/null && gpg -k 2>/dev/null | grep -A1 "^pub" | xargs | tail -c17' docker run --rm -v "$(pwd)/backup:/root/backup:ro" yavook/kiwi-backup sh -c 'cd /root/backup && gpg --import --batch secret.asc 2>/dev/null && gpg --import-ownertrust ownertrust.txt 2>/dev/null && gpg -k 2>/dev/null | grep -A1 "^pub" | xargs | tail -c17'
``` ```
This should output your 16-digit Key-ID, so take note of it if you haven't already! Afterwards, run `docker volume rm gnupg.tmp` to get rid of the key generation volume. This should output your 16-digit Key-ID, so take note of it if you haven't already! Afterwards, run `docker volume rm gnupg.tmp` to get rid of the key generation volume.
@ -208,7 +208,7 @@ gpg --export-ownertrust > backup/ownertrust.txt
You can still check your exported files :) You can still check your exported files :)
```sh ```sh
docker run --rm -v "$(pwd)/backup:/root/backup:ro" ldericher/kiwi-backup sh -c 'cd /root/backup && gpg --import --batch secret.asc && gpg --import-ownertrust ownertrust.txt && gpg -k' docker run --rm -v "$(pwd)/backup:/root/backup:ro" yavook/kiwi-backup sh -c 'cd /root/backup && gpg --import --batch secret.asc && gpg --import-ownertrust ownertrust.txt && gpg -k'
``` ```
### Describe local kiwi-backup image ### Describe local kiwi-backup image
@ -216,7 +216,7 @@ docker run --rm -v "$(pwd)/backup:/root/backup:ro" ldericher/kiwi-backup sh -c '
Now create a simple `Dockerfile` inside the "backup" directory from following template. Now create a simple `Dockerfile` inside the "backup" directory from following template.
```Dockerfile ```Dockerfile
FROM ldericher/kiwi-backup FROM yavook/kiwi-backup
COPY secret.asc ownertrust.txt /root/ COPY secret.asc ownertrust.txt /root/
@ -237,7 +237,7 @@ All that's left is to come back to your project's `docker-compose.yml`, where yo
```yaml ```yaml
backup: backup:
image: ldericher/kiwi-backup image: yavook/kiwi-backup
# ... # ...
``` ```