commit d12fbebb44bccb1dbc3392f99d671262b8e399aa
Author: Nicolas NOSAL <nicolas.nosal@gmail.com>
Date:   Sat Nov 25 20:57:01 2023 +0100

    ini

diff --git a/.env.sample b/.env.sample
new file mode 100644
index 0000000..6c7d9f0
--- /dev/null
+++ b/.env.sample
@@ -0,0 +1,10 @@
+DATA_TO_BACKUP=/root
+KOPIA_REPOSITORY_USER=kopia
+KOPIA_REPOSITORY_PASSWORD=9VRyJAhyMJxC5d3AQzPUCTGzGY5
+
+KOPIA_S3_BUCKET=bucketest
+KOPIA_S3_PATH="/" # "folder/"
+KOPIA_S3_KEY=XXX
+KOPIA_S3_SECRET=XXX
+KOPIA_S3_ENDPOINT=XXX.XXX.idrivee2-XXX.com
+KOPIA_RCLONE_PATH="s3e2-backup-kopia:"
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..b7c3435
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+url.md
+.env
+config/repo/repository.*
+config/rclone/rclone.conf
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..4398609
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,52 @@
+
+up:
+	docker-compose up
+
+up-d:
+	docker-compose up -d && timeout 45 docker-compose logs --tail 5 -f
+
+down:
+	docker-compose down --volumes
+
+url:
+	echo "http://$$(curl ifconfig.me):51515" > url.md
+	echo "http://$$(hostname -I | awk '{print $$1}'):51515" >> url.md
+	cat url.md
+
+check:
+	rclone --config=config/rclone/rclone.conf ls s3e2-backup-kopia:
+
+ncdu:
+	rclone --config=config/rclone/rclone.conf ncdu s3e2-backup-kopia:
+
+bash:
+	docker-compose exec kopia bash
+
+restart:
+	docker-compose restart kopia
+
+apply-policy:
+	docker-compose exec kopia bash -c 'kopia policy set --global --compression pgzip --add-never-compress="*.gz,*.gzip,*.tar.gz,*.tgz,*.mp4,*.avi,*.mp3,*.7z,*.xz,*.zst,*.zstd,*.bz2,*.rar"'
+	docker-compose exec kopia bash -c 'kopia policy set --global --add-ignore .DS_Store --add-ignore .DS_Store? --add-ignore ._* --add-ignore .Spotlight-V100 --add-ignore .Trashes \
+	--add-ignore .trash --add-ignore Icon? --add-ignore ehthumbs.db --add-ignore Thumbs.db --add-ignore "System Volume Information" --add-ignore *.filepart --add-ignore *.crdownload'
+	docker-compose restart kopia
+
+create-s3:
+	docker-compose exec kopia bash -c 'kopia repository create s3 --description="S3 - $$KOPIA_S3_BUCKET" --bucket="$$KOPIA_S3_BUCKET" --prefix="$$KOPIA_S3_PATH" --access-key="$$KOPIA_S3_KEY" --secret-access-key="$$KOPIA_S3_SECRET" --endpoint="$$KOPIA_S3_ENDPOINT" && kopia repository validate-provider && kopia repository status'
+	make apply-policy
+
+create-rclone:
+	docker-compose exec kopia bash -c 'kopia repository create rclone --description="S3-rclone - $$KOPIA_S3_BUCKET" --remote-path="$$KOPIA_RCLONE_PATH" && kopia repository validate-provider && kopia repository status'
+	make apply-policy
+
+create-snap:
+	docker-compose exec kopia bash -c 'kopia snapshot create --description="BACKUP-RECUP" /data/BACKUP-RECUP/CSTOR2-TODEL-SYNC-BACKUP'
+
+check-snap:
+	docker-compose exec kopia bash -c 'kopia snapshot verify --verify-files-percent=100 --file-parallelism=10 --parallel=10'
+
+maintenance:
+	docker-compose exec kopia bash -c 'kopia maintenance run'
+
+maintenance-full:
+	docker-compose exec kopia bash -c 'kopia maintenance run --full'
\ No newline at end of file
diff --git a/README.MD b/README.MD
new file mode 100644
index 0000000..eb5af74
--- /dev/null
+++ b/README.MD
@@ -0,0 +1,3 @@
+# KOPIA-DOCKER - BACKUP
+
+# Stack pour backup un serveur via KOPIA
diff --git a/config/rclone/.gitkeep b/config/rclone/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/config/rclone/rclone.conf.sample b/config/rclone/rclone.conf.sample
new file mode 100644
index 0000000..639c93f
--- /dev/null
+++ b/config/rclone/rclone.conf.sample
@@ -0,0 +1,71 @@
+
+# ##########
+# SAMPLE:S3
+# ##########
+
+[s3contabo-de]
+type = s3
+provider = Other
+access_key_id = XXX
+secret_access_key = XXX
+endpoint = eu2.contabostorage.com
+
+[s3e2-de]
+type = s3
+provider = IDrive
+env_auth = false
+access_key_id = XXX
+secret_access_key = XXX
+server_side_encryption = aws:kms
+endpoint = XXX.XXX.idrivee2-XXX.com
+no_check_bucket = true
+
+[s3e2-fr]
+type = s3
+provider = IDrive
+env_auth = false
+access_key_id = XXX
+secret_access_key = XXX
+server_side_encryption = aws:kms
+endpoint = XXX.XXX.idrivee2-XXX.com
+no_check_bucket = true
+
+[s3leviia-fr]
+type = s3
+provider = Other
+env_auth = false
+access_key_id = XXX
+secret_access_key = XXX
+endpoint = s3.leviia.com
+no_check_bucket = true
+acl = private
+
+
+[s3e2-backup-kopia]
+type = alias
+remote = s3e2-de:bucketname/folder
+
+# ###########
+# SAMPLE:FTP
+# ###########
+
+[ftp]
+type = ftp
+host = ftp.xxx.universe.wf
+user = sc1xxx
+pass = xxx # echo "MONPASS" | rclone obscure - 
+
+[ftp-folder]
+type = alias
+remote = ftp:folder/subfolder
+
+# ###########
+# SAMPLE:WEBDAV (nextcloud)
+# ###########
+
+[drive-webdav]
+type = webdav
+url = https://drive.shadow.tech/remote.php/webdav
+vendor = nextcloud
+user = XXX
+pass = XXX
\ No newline at end of file
diff --git a/config/repo/ui-preferences.json b/config/repo/ui-preferences.json
new file mode 100644
index 0000000..a1fcad0
--- /dev/null
+++ b/config/repo/ui-preferences.json
@@ -0,0 +1 @@
+{"bytesStringBase2":false,"defaultSnapshotViewAll":false,"theme":"dark","pageSize":100}
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..758c9e0
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,134 @@
+version: '3.9'
+# See:      https://github.com/kopia/kopia
+# Website:  https://kopia.io/
+# Inspired: https://github.com/kopia/kopia/blob/master/tools/docker/docker-compose.yml
+
+# ##############
+# ### CONFIG ###
+################
+x-config: 
+    - &common-env
+      PUID: ${UID:-1000} #0
+      PGID: ${GROUPS:-1000} #0
+      TZ: Europe/Paris
+    - &repo-credentials
+      USER: ${KOPIA_REPOSITORY_USER:-kopia}
+      KOPIA_PASSWORD: ${KOPIA_REPOSITORY_PASSWORD:-9VRyJAhyMJxC5d3AQzPUCTGzGY5}
+      # For login web-ui: http://IP:51515 ( see KOPIA_WEBUI_USER/KOPIA_WEBUI_PASS )
+      <<: {KOPIA_S3_BUCKET: $KOPIA_S3_BUCKET, KOPIA_S3_PATH: $KOPIA_S3_PATH, KOPIA_S3_KEY: $KOPIA_S3_KEY, KOPIA_S3_SECRET: $KOPIA_S3_SECRET, KOPIA_S3_ENDPOINT: $KOPIA_S3_ENDPOINT, KOPIA_RCLONE_PATH: $KOPIA_RCLONE_PATH }
+x-traefik:
+    - &traefik-labels
+      traefik.enable: "true"
+      traefik.http.routers.kopia.tls: "true"
+      traefik.http.routers.kopia.rule: Host(`${DOMAIN:-kopia.mondomaine.fr}`)
+      traefik.http.routers.kopia.entrypoints: ${DOMAIN_ENTRY:-websecure} # websecure
+      traefik.http.routers.kopia.tls.certResolver: ${DOMAIN_TLS_METHOD:-letest} # leprod
+      traefik.http.services.kopia.loadbalancer.server.port: 51515 # internal port used by the image
+      traefik.http.routers.kopia.middlewares: iplimit
+x-volumes:
+    - &kopia_data_tobackup
+      kopia_data_tobackup:
+        external: false
+    - &kopia_data_tomount
+      kopia_data_tomount:
+        external: false
+    - &kopia_data_logs
+      kopia_data_logs:
+        external: false
+    - &kopia_config
+      kopia_config:
+        external: false
+    - &kopia_config_rclone
+      kopia_config_rclone:
+        external: false
+    - &kopia_s3
+      kopia_s3:
+        driver: rclone
+        driver_opts: &kopia_s3_opts
+          type: s3
+          s3-provider: Other
+          s3-endpoint: ${S3_ENDPOINT:-https://eu2.contabostorage.com}
+          s3-access_key_id: ${S3_KEY:-XXX}
+          s3-secret_access_key: ${S3_PASS:-XXX}
+          path: ${S3_BUCKET_NAME:-kopia_conf} # bucket_name
+          allow-other: 'true'
+    - &data_s3
+      data_s3: 
+        <<: *kopia_s3
+        driver_opts: 
+          <<: *kopia_s3_opts
+          path: ${S3_BUCKET_NAME:-mydata} # bucket_name
+
+# ###############
+# ### VOLUMES ###
+# ###############
+
+volumes:
+  <<: [
+  # *kopia_data_tobackup,
+  # *kopia_data_tomount,
+  *kopia_data_logs,
+  # *kopia_config,
+  # *kopia_config_rclone,
+  # *kopia_s3,
+  # *data_s3,
+  ]
+
+# ###############
+# ### NETWORK ###
+# ###############
+
+#networks:
+#  web_public:
+#    name: ${PUBLIC_NET:-web_public}
+#    external: ${EXTERN_NET:-true}
+
+services:
+    kopia:
+        image: kopia/kopia:latest
+        container_name: Kopia
+        #hostname: Hostname
+        # #############
+        # SETUP EXPOSE:METHOD
+        # #############
+        # 1.PORT METHOD
+        ports: [51515:51515]
+        # ..OR 2.TRAEFIK METHOD
+        #networks: [web_public]
+        #labels: *traefik-labels
+        #deploy: { labels: *traefik-labels }
+        # #############
+        # SETUP WEB-GUI
+        # #############
+        command:
+          - server
+          - start
+          - --disable-csrf-token-checks
+          - --insecure
+          - --address=0.0.0.0:51515
+          - --server-username=${KOPIA_WEBUI_USER:-admin}
+          - --server-password=${KOPIA_WEBUI_PASS:-admin}
+        # ######################
+        # SETUP REPO-CREDENTIALS
+        # ######################
+        environment:
+          <<: [ *common-env, *repo-credentials ]
+        # ###################### 
+        # ALLOW: MOUNT WITH FUSE
+        # ######################
+        privileged: true # buggy: { cap_add: [SYS_ADMIN] security_opt: [apparmor:unconfined] }
+        devices: [/dev/fuse:/dev/fuse:rwm]
+        # ################## 
+        # MOUNT: DATA/CONFIG
+        # ##################
+        volumes:
+          # DATA
+          - ${DATA_TO_BACKUP:-/}:/data:ro
+          - ${DATA_TO_MOUNT:-./tmp_mount}:/tmp:shared
+          - kopia_data_logs:/app/logs
+          # CONFIG
+          - ${REPO_SETTINGS:-./config/repo}:/app/config
+          - ${RCLONE_SETTINGS:-./config/rclone}:/app/rclone # /root/.config/rclone
+          # REMOTE DATA?: (via rclone-docker-volume )
+          #- data_s3:/data:ro 
+        restart: unless-stopped