mirror of
https://github.com/Steffo99/backup-duplicity.git
synced 2024-12-22 11:34:22 +00:00
x
This commit is contained in:
parent
2218c00738
commit
7dd5322e77
1 changed files with 39 additions and 29 deletions
64
README.md
64
README.md
|
@ -16,60 +16,66 @@ Backup solution for Docker volumes based on Duplicity
|
||||||
|
|
||||||
### Backup with Google Drive
|
### Backup with Google Drive
|
||||||
|
|
||||||
1. Create a new Docker volume with the name `ga_cache`, which Duplicity will use to temporarily store previous backups:
|
1. Create a new directory somewhere on your system to use to store certain configuration files; it can be anywhere, but for the purposes of this guide, it'll be referred to as `$ga_config_dir`, and will be located in `/srv/docker/.ga`:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
mkdir --verbose --parents /srv/docker/.ga
|
||||||
|
export ga_config_dir="/srv/docker/.ga"
|
||||||
|
```
|
||||||
|
|
||||||
|
1. Create a new file inside `$ga_config_dir` secret with the name `ga_passphrase.txt`, which will contain the password used to encrypt backups before uploading them to Google Drive:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
cat "/dev/urandom" | LC_ALL="C" tr --delete --complement '[:graph:]' | head --bytes 32 > "$ga_config_dir/ga_passphrase.txt"
|
||||||
|
```
|
||||||
|
|
||||||
|
1. [Use the Google Cloud Console to create new OAuth credentials](https://console.cloud.google.com/apis/credentials) for a ***Desktop Application***.
|
||||||
|
|
||||||
|
1. Download the resulting JSON credential file, and move it inside `$ga_config_dir` with the name `ga_gdrive_client_secret.json`:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
mv --verbose --interactive ./client_secret* "$ga_config_dir/ga_gdrive_client_secret.json"
|
||||||
|
|
||||||
|
1. Create a new Docker volume with the name `ga_cache`, which will be used to temporarily store previous backups:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
docker volume create "ga_cache"
|
docker volume create "ga_cache"
|
||||||
```
|
```
|
||||||
|
|
||||||
1. Create a new Docker volume with the name `ga_credentials`, which Duplicity will use to store Google Drive API credentials:
|
1. Create a new Docker volume with the name `ga_credentials`, which will be use to store Google Drive API credentials:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
docker volume create "ga_credentials"
|
docker volume create "ga_credentials"
|
||||||
```
|
```
|
||||||
|
|
||||||
1. Create a new Docker secret with the name `ga_passphrase` containing the password that will be used to encrypt backups before uploading them:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
# This command will generate a secure random password, print it to the console, and use it to create a Docker secret
|
|
||||||
cat /dev/urandom | LC_ALL="C" tr --delete --complement '[:graph:]' | head --bytes 32 | tee "/dev/stderr" | docker secret create "ga_passphrase" -
|
|
||||||
```
|
|
||||||
|
|
||||||
1. [Use the Google Cloud Console to create new OAuth credentials](https://console.cloud.google.com/apis/credentials) for a ***Desktop Application***.
|
|
||||||
|
|
||||||
1. Download the JSON credential file, and use it to create a new Docker secret with the name `ga_gdrive_client_secret`:
|
|
||||||
|
|
||||||
```bash
|
|
||||||
docker secret create "ga_gdrive_client_secret" ./client_secret*
|
|
||||||
```
|
|
||||||
|
|
||||||
1. Create a new directory in Google Drive, open it, and copy the final part of the URL:
|
1. Create a new directory in Google Drive, open it, and copy the final part of the URL:
|
||||||
|
|
||||||
```text
|
```text
|
||||||
https://drive.google.com/drive/u/0/folders/1_8rQ4E8ssoN-guFrGs7CC2IFofXBaimi
|
https://drive.google.com/drive/u/0/folders/1_AAAAAAAAAA-BBBBBBBBBBBBBBBBBBBB
|
||||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||||
copy this part
|
copy this part
|
||||||
```
|
```
|
||||||
|
|
||||||
1. Add your Gestalt Amadeus configuration in your Compose project at `compose.yml`:
|
1. Add your Gestalt Amadeus configuration at the top of your `compose.yml` project:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
x-gestalt-automata:
|
x-gestalt-automata:
|
||||||
# Set this to "restore" to recover files from the last available backup.
|
# Set this to "restore" to recover files from the last available backup.
|
||||||
ga_mode: &ga_mode
|
x-ga-mode: &ga_mode
|
||||||
"backup"
|
"backup"
|
||||||
# The URL where your backups should be uploaded to.
|
# The URL where your backups should be uploaded to.
|
||||||
# For Google Drive, replace:
|
# For Google Drive, replace:
|
||||||
# - `1_AAAAAAAAAA-BBBBBBBBBBBBBBBBBBBB` with the final part of the URL you've previously copied
|
# - `1_AAAAAAAAAA-BBBBBBBBBBBBBBBBBBBB` with the final part of the URL you've previously copied
|
||||||
# - `111111111111-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.apps.googleusercontent.com` with the value of the `.installed.client_id` key of the Google client_secret file you've previously downloaded
|
# - `111111111111-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.apps.googleusercontent.com` with the value of the `.installed.client_id` key of the Google client_secret file you've previously downloaded
|
||||||
ga_backup_to: &ga_backup_to
|
x-ga-backup-to: &ga_backup_to
|
||||||
"gdrive://111111111111-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.apps.googleusercontent.com/${COMPOSE_PROJECT_NAME}?myDriveFolderID=1_AAAAAAAAAA-BBBBBBBBBBBBBBBBBBBB"
|
"gdrive://111111111111-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.apps.googleusercontent.com/${COMPOSE_PROJECT_NAME}?myDriveFolderID=1_AAAAAAAAAA-BBBBBBBBBBBBBBBBBBBB"
|
||||||
# If you're planning to use ntfy, set this to the full URL of the topic you'd like to receive notifications at.
|
# If you're planning to use ntfy, set this to the full URL of the topic you'd like to receive notifications at.
|
||||||
# An example: `ntfy.sh/ko7OC50phzmh1ZMQ`
|
# If you don't want to use ntfy, set this to an empty string, "".
|
||||||
ga_ntfy: &ga_ntfy
|
x-ga-ntfy: &ga_ntfy
|
||||||
""
|
"https://ntfy.sh/phil_alerts"
|
||||||
```
|
```
|
||||||
|
|
||||||
1. Merge the following keys to your Compose project at `compose.yml`:
|
1. Merge the following keys with the rest of your existent `compose.yml` project:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
services:
|
services:
|
||||||
|
@ -93,7 +99,7 @@ Backup solution for Docker volumes based on Duplicity
|
||||||
MODE: *ga_mode
|
MODE: *ga_mode
|
||||||
DUPLICITY_TARGET_URL: *ga_backup_to
|
DUPLICITY_TARGET_URL: *ga_backup_to
|
||||||
NTFY: *ga_ntfy
|
NTFY: *ga_ntfy
|
||||||
NTFY_TAGS: "host-${HOSTNAME},${COMPOSE_PROJECT_NAME}"
|
NTFY_TAGS: "host-${HOSTNAME:-${hostname:-undefined}},${COMPOSE_PROJECT_NAME}"
|
||||||
DUPLICITY_PASSPHRASE_FILE: "/run/secrets/ga_passphrase"
|
DUPLICITY_PASSPHRASE_FILE: "/run/secrets/ga_passphrase"
|
||||||
GOOGLE_CLIENT_SECRET_JSON_FILE: "/run/secrets/ga_gdrive_client_secret"
|
GOOGLE_CLIENT_SECRET_JSON_FILE: "/run/secrets/ga_gdrive_client_secret"
|
||||||
GOOGLE_CREDENTIALS_FILE: "/var/lib/duplicity/google_credentials"
|
GOOGLE_CREDENTIALS_FILE: "/var/lib/duplicity/google_credentials"
|
||||||
|
@ -102,16 +108,20 @@ Backup solution for Docker volumes based on Duplicity
|
||||||
secrets:
|
secrets:
|
||||||
- ga_passphrase
|
- ga_passphrase
|
||||||
- ga_gdrive_client_secret
|
- ga_gdrive_client_secret
|
||||||
|
```
|
||||||
|
|
||||||
|
```yaml
|
||||||
volumes:
|
volumes:
|
||||||
ga_cache:
|
ga_cache:
|
||||||
external: true
|
external: true
|
||||||
ga_credentials:
|
ga_credentials:
|
||||||
external: true
|
external: true
|
||||||
|
```
|
||||||
|
|
||||||
|
```yaml
|
||||||
secrets:
|
secrets:
|
||||||
ga_passphrase:
|
ga_passphrase:
|
||||||
external: true
|
file:
|
||||||
ga_gdrive_client_secret:
|
ga_gdrive_client_secret:
|
||||||
external: true
|
external: true
|
||||||
```
|
```
|
||||||
|
|
Loading…
Reference in a new issue