nassella/app
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adding automatic backups via restic and backblaze.

Browse Source
This commit is contained in:
Thomas Hintz
2025-09-15 10:49:10 -07:00
parent 5452c76ecb
commit 134e12d272
4 changed files with 36 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -17,6 +17,9 @@ app
apps.config apps.config
restic-env
restic-password
# generated files # generated files
all-apps/lb/Caddyfile all-apps/lb/Caddyfile
all-apps/nextcloud/nextcloud.env all-apps/nextcloud/nextcloud.env

3
Makefile
View File

@@ -40,7 +40,7 @@ all-apps/nextcloud/postgres_user \
all-apps/nextcloud/postgres_password \ all-apps/nextcloud/postgres_password \
all-apps/nextcloud/redis_password \ all-apps/nextcloud/redis_password \
all-apps/nextcloud/nextcloud.env all-apps/nextcloud/nextcloud.env
cat cl.yaml | sudo docker run --rm --volume /home/tjhintz/.ssh/id_rsa.pub:/pwd/ssh-keys --volume ${PWD}:/pwd --workdir /pwd -i quay.io/coreos/butane:latest -d /pwd > ignition.json cat cl.yaml | docker run --rm --volume /home/tjhintz/.ssh/id_rsa.pub:/pwd/ssh-keys --volume ${PWD}:/pwd --workdir /pwd -i quay.io/coreos/butane:latest -d /pwd > ignition.json
generated.tfvars: apps.config make-generated.sh generated.tfvars: apps.config make-generated.sh
./make-generated.sh > generated.tfvars ./make-generated.sh > generated.tfvars
@@ -63,3 +63,4 @@ flatcarbuild: ignition.json
flatcarrun: flatcarrun:
./flatcar/flatcar_production_qemu.sh -i ignition.json ./flatcar/flatcar_production_qemu.sh -i ignition.json

29
cl.yaml
View File

@@ -22,6 +22,29 @@ systemd:
- name: app.service - name: app.service
enabled: true enabled: true
contents_local: app/app.service contents_local: app/app.service
- name: restic-backup.service
contents: |
[Unit]
Description=Backs up application data
Conflicts=app.service
[Service]
Type=oneshot
EnvironmentFile=/restic-env
ExecStart=/usr/bin/bash -c "docker run --rm --volume /nassella:/nassella --volume /restic-password:/restic-password -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} -i restic/restic:0.18.0 backup --verbose --repo s3:s3.us-west-004.backblazeb2.com/nassella-test-bucket --password-file /restic-password /nassella"
ExecStopPost=systemctl start app.service
- name: restic-backup.timer
contents: |
[Unit]
Description=Run restic-backup.service at 3am PT
[Timer]
OnCalendar=*-*-* 10:00:00
[Install]
WantedBy=multi-user.target
### docker-compose sysext ### docker-compose sysext
### https://flatcar.github.io/sysext-bakery/docker_compose/ ### https://flatcar.github.io/sysext-bakery/docker_compose/
- name: systemd-sysupdate.timer - name: systemd-sysupdate.timer
@@ -63,6 +86,12 @@ storage:
- path: /app - path: /app
local: app local: app
files: files:
- path: /restic-password
contents:
local: restic-password
- path: /restic-env
contents:
local: restic-env
### docker-compose sysext ### docker-compose sysext
### https://flatcar.github.io/sysext-bakery/docker_compose/ ### https://flatcar.github.io/sysext-bakery/docker_compose/
- path: /opt/extensions/docker-compose/docker-compose-2.34.0-x86-64.raw - path: /opt/extensions/docker-compose/docker-compose-2.34.0-x86-64.raw

2
restic-env.tmpl Normal file
View File

@@ -0,0 +1,2 @@
AWS_ACCESS_KEY_ID=""
AWS_SECRET_ACCESS_KEY=""