nicolas.nosal
/
backup-kopia-with-docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ini

This commit is contained in:
Nicolas NOSAL 2023-11-25 20:57:01 +01:00
commit d12fbebb44
8 changed files with 275 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.env.sample Normal file
View File

@ -0,0 +1,10 @@
DATA_TO_BACKUP=/root
KOPIA_REPOSITORY_USER=kopia
KOPIA_REPOSITORY_PASSWORD=9VRyJAhyMJxC5d3AQzPUCTGzGY5
KOPIA_S3_BUCKET=bucketest
KOPIA_S3_PATH="/" # "folder/"
KOPIA_S3_KEY=XXX
KOPIA_S3_SECRET=XXX
KOPIA_S3_ENDPOINT=XXX.XXX.idrivee2-XXX.com
KOPIA_RCLONE_PATH="s3e2-backup-kopia:"

4
.gitignore vendored Normal file
View File

@ -0,0 +1,4 @@
url.md
.env
config/repo/repository.*
config/rclone/rclone.conf

52
Makefile Normal file
View File

@ -0,0 +1,52 @@
up:
docker-compose up
up-d:
docker-compose up -d && timeout 45 docker-compose logs --tail 5 -f
down:
docker-compose down --volumes
url:
echo "http://$$(curl ifconfig.me):51515" > url.md
echo "http://$$(hostname -I | awk '{print $$1}'):51515" >> url.md
cat url.md
check:
rclone --config=config/rclone/rclone.conf ls s3e2-backup-kopia:
ncdu:
rclone --config=config/rclone/rclone.conf ncdu s3e2-backup-kopia:
bash:
docker-compose exec kopia bash
restart:
docker-compose restart kopia
apply-policy:
docker-compose exec kopia bash -c 'kopia policy set --global --compression pgzip --add-never-compress="*.gz,*.gzip,*.tar.gz,*.tgz,*.mp4,*.avi,*.mp3,*.7z,*.xz,*.zst,*.zstd,*.bz2,*.rar"'
docker-compose exec kopia bash -c 'kopia policy set --global --add-ignore .DS_Store --add-ignore .DS_Store? --add-ignore ._* --add-ignore .Spotlight-V100 --add-ignore .Trashes \
--add-ignore .trash --add-ignore Icon? --add-ignore ehthumbs.db --add-ignore Thumbs.db --add-ignore "System Volume Information" --add-ignore *.filepart --add-ignore *.crdownload'
docker-compose restart kopia
create-s3:
docker-compose exec kopia bash -c 'kopia repository create s3 --description="S3 - $$KOPIA_S3_BUCKET" --bucket="$$KOPIA_S3_BUCKET" --prefix="$$KOPIA_S3_PATH" --access-key="$$KOPIA_S3_KEY" --secret-access-key="$$KOPIA_S3_SECRET" --endpoint="$$KOPIA_S3_ENDPOINT" && kopia repository validate-provider && kopia repository status'
make apply-policy
create-rclone:
docker-compose exec kopia bash -c 'kopia repository create rclone --description="S3-rclone - $$KOPIA_S3_BUCKET" --remote-path="$$KOPIA_RCLONE_PATH" && kopia repository validate-provider && kopia repository status'
make apply-policy
create-snap:
docker-compose exec kopia bash -c 'kopia snapshot create --description="BACKUP-RECUP" /data/BACKUP-RECUP/CSTOR2-TODEL-SYNC-BACKUP'
check-snap:
docker-compose exec kopia bash -c 'kopia snapshot verify --verify-files-percent=100 --file-parallelism=10 --parallel=10'
maintenance:
docker-compose exec kopia bash -c 'kopia maintenance run'
maintenance-full:
docker-compose exec kopia bash -c 'kopia maintenance run --full'

3
README.MD Normal file
View File

@ -0,0 +1,3 @@
# KOPIA-DOCKER - BACKUP
# Stack pour backup un serveur via KOPIA

0
config/rclone/.gitkeep Normal file
View File

71
config/rclone/rclone.conf.sample Normal file
View File

@ -0,0 +1,71 @@
# ##########
# SAMPLE:S3
# ##########
[s3contabo-de]
type = s3
provider = Other
access_key_id = XXX
secret_access_key = XXX
endpoint = eu2.contabostorage.com
[s3e2-de]
type = s3
provider = IDrive
env_auth = false
access_key_id = XXX
secret_access_key = XXX
server_side_encryption = aws:kms
endpoint = XXX.XXX.idrivee2-XXX.com
no_check_bucket = true
[s3e2-fr]
type = s3
provider = IDrive
env_auth = false
access_key_id = XXX
secret_access_key = XXX
server_side_encryption = aws:kms
endpoint = XXX.XXX.idrivee2-XXX.com
no_check_bucket = true
[s3leviia-fr]
type = s3
provider = Other
env_auth = false
access_key_id = XXX
secret_access_key = XXX
endpoint = s3.leviia.com
no_check_bucket = true
acl = private
[s3e2-backup-kopia]
type = alias
remote = s3e2-de:bucketname/folder
# ###########
# SAMPLE:FTP
# ###########
[ftp]
type = ftp
host = ftp.xxx.universe.wf
user = sc1xxx
pass = xxx # echo "MONPASS" | rclone obscure -
[ftp-folder]
type = alias
remote = ftp:folder/subfolder
# ###########
# SAMPLE:WEBDAV (nextcloud)
# ###########
[drive-webdav]
type = webdav
url = https://drive.shadow.tech/remote.php/webdav
vendor = nextcloud
user = XXX
pass = XXX

1
config/repo/ui-preferences.json Normal file
View File

@ -0,0 +1 @@
{"bytesStringBase2":false,"defaultSnapshotViewAll":false,"theme":"dark","pageSize":100}

134
docker-compose.yml Normal file
View File

@ -0,0 +1,134 @@
version: '3.9'
# See: https://github.com/kopia/kopia
# Website: https://kopia.io/
# Inspired: https://github.com/kopia/kopia/blob/master/tools/docker/docker-compose.yml
# ##############
# ### CONFIG ###
################
x-config:
- &common-env
PUID: ${UID:-1000} #0
PGID: ${GROUPS:-1000} #0
TZ: Europe/Paris
- &repo-credentials
USER: ${KOPIA_REPOSITORY_USER:-kopia}
KOPIA_PASSWORD: ${KOPIA_REPOSITORY_PASSWORD:-9VRyJAhyMJxC5d3AQzPUCTGzGY5}
# For login web-ui: http://IP:51515 ( see KOPIA_WEBUI_USER/KOPIA_WEBUI_PASS )
<<: {KOPIA_S3_BUCKET: $KOPIA_S3_BUCKET, KOPIA_S3_PATH: $KOPIA_S3_PATH, KOPIA_S3_KEY: $KOPIA_S3_KEY, KOPIA_S3_SECRET: $KOPIA_S3_SECRET, KOPIA_S3_ENDPOINT: $KOPIA_S3_ENDPOINT, KOPIA_RCLONE_PATH: $KOPIA_RCLONE_PATH }
x-traefik:
- &traefik-labels
traefik.enable: "true"
traefik.http.routers.kopia.tls: "true"
traefik.http.routers.kopia.rule: Host(`${DOMAIN:-kopia.mondomaine.fr}`)
traefik.http.routers.kopia.entrypoints: ${DOMAIN_ENTRY:-websecure} # websecure
traefik.http.routers.kopia.tls.certResolver: ${DOMAIN_TLS_METHOD:-letest} # leprod
traefik.http.services.kopia.loadbalancer.server.port: 51515 # internal port used by the image
traefik.http.routers.kopia.middlewares: iplimit
x-volumes:
- &kopia_data_tobackup
kopia_data_tobackup:
external: false
- &kopia_data_tomount
kopia_data_tomount:
external: false
- &kopia_data_logs
kopia_data_logs:
external: false
- &kopia_config
kopia_config:
external: false
- &kopia_config_rclone
kopia_config_rclone:
external: false
- &kopia_s3
kopia_s3:
driver: rclone
driver_opts: &kopia_s3_opts
type: s3
s3-provider: Other
s3-endpoint: ${S3_ENDPOINT:-https://eu2.contabostorage.com}
s3-access_key_id: ${S3_KEY:-XXX}
s3-secret_access_key: ${S3_PASS:-XXX}
path: ${S3_BUCKET_NAME:-kopia_conf} # bucket_name
allow-other: 'true'
- &data_s3
data_s3:
<<: *kopia_s3
driver_opts:
<<: *kopia_s3_opts
path: ${S3_BUCKET_NAME:-mydata} # bucket_name
# ###############
# ### VOLUMES ###
# ###############
volumes:
<<: [
# *kopia_data_tobackup,
# *kopia_data_tomount,
*kopia_data_logs,
# *kopia_config,
# *kopia_config_rclone,
# *kopia_s3,
# *data_s3,
]
# ###############
# ### NETWORK ###
# ###############
#networks:
# web_public:
# name: ${PUBLIC_NET:-web_public}
# external: ${EXTERN_NET:-true}
services:
kopia:
image: kopia/kopia:latest
container_name: Kopia
#hostname: Hostname
# #############
# SETUP EXPOSE:METHOD
# #############
# 1.PORT METHOD
ports: [51515:51515]
# ..OR 2.TRAEFIK METHOD
#networks: [web_public]
#labels: *traefik-labels
#deploy: { labels: *traefik-labels }
# #############
# SETUP WEB-GUI
# #############
command:
- server
- start
- --disable-csrf-token-checks
- --insecure
- --address=0.0.0.0:51515
- --server-username=${KOPIA_WEBUI_USER:-admin}
- --server-password=${KOPIA_WEBUI_PASS:-admin}
# ######################
# SETUP REPO-CREDENTIALS
# ######################
environment:
<<: [ *common-env, *repo-credentials ]
# ######################
# ALLOW: MOUNT WITH FUSE
# ######################
privileged: true # buggy: { cap_add: [SYS_ADMIN] security_opt: [apparmor:unconfined] }
devices: [/dev/fuse:/dev/fuse:rwm]
# ##################
# MOUNT: DATA/CONFIG
# ##################
volumes:
# DATA
- ${DATA_TO_BACKUP:-/}:/data:ro
- ${DATA_TO_MOUNT:-./tmp_mount}:/tmp:shared
- kopia_data_logs:/app/logs
# CONFIG
- ${REPO_SETTINGS:-./config/repo}:/app/config
- ${RCLONE_SETTINGS:-./config/rclone}:/app/rclone # /root/.config/rclone
# REMOTE DATA?: (via rclone-docker-volume )
#- data_s3:/data:ro
restart: unless-stopped