Ensure restic-init works in prod.

init-restic.sh

@@ -2,30 +2,58 @@
 
 . $1 # source the apps.config file with the env vars
 
-mkdir -p "emptydir-$ROOT_DOMAIN"
+# if we are on a dev machine try to use docker
+# otherwise assume we are in prod and restic is installed
+# (since we can't/don't run docker-in-docker)
+docker run --rm hello-world
+if [ $? -ne 0 ]; then
+    # from the restic docs, this allows us to check if the
+    # repo is initialized. If it is not, this will have the
+    # exit code of 10
+    AWS_ACCESS_KEY_ID="$BACKBLAZE_KEY_ID" AWS_SECRET_ACCESS_KEY="$BACKBLAZE_APPLICATION_KEY" restic cat config --repo s3:$BACKBLAZE_BUCKET_URL --password-file restic-password
 
-# from the restic docs, this allows us to check if the
+    status=$?
-# repo is initialized. If it is not, this will have the
+    init_status=0
-# exit code of 10
-docker run --rm --volume "$PWD/emptydir-$ROOT_DOMAIN:/nassella" --volume $PWD/restic-password:/restic-password -e AWS_ACCESS_KEY_ID="$BACKBLAZE_KEY_ID" -e AWS_SECRET_ACCESS_KEY="$BACKBLAZE_APPLICATION_KEY" -i restic/restic:0.18.0 cat config --repo s3:$BACKBLAZE_BUCKET_URL --password-file /restic-password
 
-status=$?
+    if [ $status -eq 10 ]; then
-init_status=0
+        # restic repo is not initialized so initialize it
+        AWS_ACCESS_KEY_ID="$BACKBLAZE_KEY_ID" -e AWS_SECRET_ACCESS_KEY="$BACKBLAZE_APPLICATION_KEY" restic init --repo s3:$BACKBLAZE_BUCKET_URL --password-file restic-password
+        init_status=$?
+    elif [ $status -ne 0  ]; then
+        # something unexpected happened, exit
+        exit $status
+    fi
 
-if [ $status -eq 10 ]; then
+    if [ $init_status -ne 0 ]; then
+        # something unexpected happened, exit
+        exit $init_status
+    fi
+else
+    mkdir -p "emptydir-$ROOT_DOMAIN"
+
+    # from the restic docs, this allows us to check if the
+    # repo is initialized. If it is not, this will have the
+    # exit code of 10
+    docker run --rm --volume "$PWD/emptydir-$ROOT_DOMAIN:/nassella" --volume $PWD/restic-password:/restic-password -e AWS_ACCESS_KEY_ID="$BACKBLAZE_KEY_ID" -e AWS_SECRET_ACCESS_KEY="$BACKBLAZE_APPLICATION_KEY" -i restic/restic:0.18.0 cat config --repo s3:$BACKBLAZE_BUCKET_URL --password-file /restic-password
+
+    status=$?
+    init_status=0
+
+    if [ $status -eq 10 ]; then
         # restic repo is not initialized so initialize it
         docker run --rm --volume "$PWD/emptydir-$ROOT_DOMAIN:/nassella" --volume $PWD/restic-password:/restic-password -e AWS_ACCESS_KEY_ID="$BACKBLAZE_KEY_ID" -e AWS_SECRET_ACCESS_KEY="$BACKBLAZE_APPLICATION_KEY" -i restic/restic:0.18.0 init --repo s3:$BACKBLAZE_BUCKET_URL --password-file /restic-password
         init_status=$?
-elif [ $status -ne 0  ]; then
+    elif [ $status -ne 0  ]; then
         # something unexpected happened, exit
         rm -Rf "emptydir-$ROOT_DOMAIN"
         exit $status
-fi
+    fi
 
-if [ $init_status -ne 0 ]; then
+    if [ $init_status -ne 0 ]; then
         # something unexpected happened, exit
         rm -Rf "emptydir-$ROOT_DOMAIN"
         exit $init_status
-fi
+    fi
 
-rm -Rf "emptydir-$ROOT_DOMAIN"
+    rm -Rf "emptydir-$ROOT_DOMAIN"
+fi

src/Dockerfile

@@ -44,7 +44,7 @@ RUN chmod +x nassella-run
 
 FROM debian:trixie-slim
 RUN apt-get update && apt-get -y --no-install-recommends install \
- libpq-dev ca-certificates gettext-base openssh-client \
+ libpq-dev ca-certificates gettext-base openssh-client restic \
  && rm -rf /var/lib/apt/lists/*
 COPY --from=buildeggs /usr/local/ /usr/local/