Initial commit of actual data

.dockerignore

@@ -0,0 +1,2 @@
+Readme.md
+docker-compose.yaml

Dockerfile

@@ -0,0 +1,27 @@
+FROM ubuntu:xenial
+MAINTAINER ViViDboarder <vividboarder@gmail.com>
+
+RUN apt-get update \
+        && apt-get install -y software-properties-common python-software-properties \
+        && add-apt-repository ppa:duplicity-team/ppa \
+        && apt-get update \
+        && apt-get install -y duplicity python-setuptools \
+        python-boto python-swiftclient python-pexpect openssh-client \
+        && rm -rf /var/apt/lists/*
+
+VOLUME "/root/.cache/duplicity"
+VOLUME "/backups"
+
+ENV BACKUP_DEST="file:///backups"
+ENV BACKUP_NAME="backup"
+ENV PATH_TO_BACKUP="/data"
+ENV PASSPHRASE="Correct.Horse.Battery.Staple"
+
+# Cron schedules
+ENV CRON_SCHEDULE=""
+ENV VERIFY_CRON_SCHEDULE=""
+
+ADD entrypoint.sh /
+ADD backup.sh /
+
+ENTRYPOINT [ "/entrypoint.sh" ]

Readme.md

@@ -0,0 +1,39 @@
+# Duplicity Backup
+
+## Instructions
+Mount any directories you'd like to back up as a volume and run
+
+## Env Variables
+| Variable | Default | Description |
+| -------- | ------- | ----------- |
+|AWS_ACCESS_KEY_ID| |Required for writing to S3|
+|AWS_DEFAULT_REGION| |Required for writing to S3|
+|AWS_SECRET_ACCESS_KEY| |Required for writing to S3|
+|BACKUP_DEST|file:///backups|Destination to store backups (See [duplicity documenation](http://duplicity.nongnu.org/duplicity.1.html#sect7))|
+|BACKUP_NAME|backup|What the name for the backup should be. If using a single store for multiple backups, make sure this is unique|
+|CLEANUP_COMMAND| |An optional duplicity command to execute after backups to clean older ones out (eg. "remove-all-but-n-full 2")|
+|CRON_SCHEDULE| |If you want to backup on a schedule, provide it here. By default we just backup once and exit|
+|FTP_PASSWORD| |Required if using FTP for backups|
+|GPG_KEY_ID| |The ID of the key you wish to use. See [Encryption](#encryption) section below|
+|OPT_ARGUMENTS| |Any additional arguments to provide to the duplicity backup command. These can also be provided as additional arguments via the command line|
+|PASSPHRASE|Correct.Horse.Battery.Staple|Passphrase to use for GPG|
+|PATH_TO_BACKUP|/data|The path to the directory you wish to backup. If you want to backup multiple, see the [tip below](#backing-up-more-than-one-source-directory)|
+|SKIP_ON_START| |Skips backup on start if set to "true"|
+|VERIFY_CRON_SCHEDULE| |If you want to verify your backups on a schedule, provide it here|
+
+## Encryption
+Add a ro mount to your `~/.gnupg` directory and then provide the `GPG_KEY_ID` as an environment variable. The key will be used to sign and encrypt your files before sending to the backup destination.
+
+Need to generate a key? Install `gnupg` and run `gnupg --gen-key`
+
+## Tips
+
+### Backing up more than one source directory
+Duplicity only accepts one target, however you can refine that selection with `--exclude` and `--include` arguments. The below example shows how this can be used to select multiple backup sources
+```
+OPT_ARGUMENTS="--include /home --include /etc --exclude '**'"
+PATH_TO_BACKUP="/"
+```
+
+### Backing up from another container
+Mount all volumes from your existing container with `--volumes-from` and then back up by providing the paths to those volumes. If there are more than one volumes, you'll want to use the above tip for mulitple backup sources

backup.sh

@@ -0,0 +1,22 @@
+#! /bin/bash
+set -e
+
+# If key id is provied add arg
+if [ -e "$GPG_KEY_ID" ]; then
+    OPT_ARGUMENTS="$OPT_ARGUMENTS --encrypt-sign-key=\"$GPG_KEY_ID\""
+fi
+
+duplicity \
+    --allow-source-mismatch \
+    --asynchronous-upload \
+    --log-file /root/duplicity.log \
+    --name $BACKUP_NAME \
+    $OPT_ARGUMENTS \
+    $PATH_TO_BACKUP \
+    $BACKUP_DEST
+
+if [ -n "$CLEANUP_COMMAND" ]; then
+    duplicity $CLEANUP_COMMAND \
+        --log-file /root/duplicity.log \
+        $BACKUP_DEST
+fi

docker-compose.yaml

@@ -0,0 +1,15 @@
+version: '2'
+
+services:
+  duplicity:
+    build: .
+    volumes:
+      - ~/.gnupg:/root/.gnupg:ro
+      - ~/my-backups:/backups
+      - ~/my-data:/data:ro
+    environment:
+      GPG_KEY_ID: 2CBD492E
+      PASSPHRASE: Correct.Horse.Battery.Staple
+      CLEANUP_COMMAND: remove-older-than 5m
+      CRON_SCHEDULE: "* * * * *"
+      VERIFY_CRON_SCHEDULE: "* * * * *"

entrypoint.sh

@@ -0,0 +1,40 @@
+#! /bin/bash
+
+export OPT_ARGUMENTS="$@"
+
+if [ "$1" == "bash" ]; then
+    exec "$@"
+    exit 0
+fi
+
+if [ "$SKIP_ON_START" != "true" ]; then
+    /backup.sh
+fi
+
+if [ -n "$CRON_SCHEDULE" ]; then
+    # Export the environment to a file so it can be loaded from cron
+    env | sed 's/^\(.*\)=\(.*\)$/export \1="\2"/g' > /env.sh
+    # Remove some vars we don't want to keep
+    sed -i '/\(HOSTNAME\|affinity\|SHLVL\|PWD\)/d' /env.sh
+
+    # Use bash for cron
+    echo "SHELL=/bin/bash" > /crontab.conf
+
+    # Schedule the backups
+    echo "$CRON_SCHEDULE source /env.sh && /backup.sh 2>> /cron.log" >> /crontab.conf
+    echo "Backups scheduled as $CRON_SCHEDULE"
+
+    if [ -n "$VERIFY_CRON_SCHEDULE" ]; then
+        echo "$VERIFY_CRON_SCHEDULE source /env.sh && duplicity verify $BACKUP_DEST $PATH_TO_BACKUP" >> /crontab.conf
+        echo "Verify scheduled as $VERIFY_CRON_SCHEDULE"
+    fi
+
+    # Add to crontab
+    crontab /crontab.conf
+
+    echo "Starting duplicity cron..."
+    cron
+
+    touch /cron.log /root/duplicity.log
+    tail -f /cron.log /root/duplicity.log
+fi