diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..28252b2 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,21 @@ +# Copyright 2020 - Offen Authors +# SPDX-License-Identifier: Apache-2.0 + +# EditorConfig is awesome: http://EditorConfig.org + +# top-most EditorConfig file +root = true + +# Unix-style newlines with a newline ending every file +[*] +end_of_line = lf +insert_final_newline = true +trim_trailing_whitespace = true +indent_style = space +indent_size = 2 + +[*.md] +trim_trailing_whitespace = false + +[*.go] +indent_style = tab diff --git a/README.md b/README.md index 5b14b02..df032b5 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,9 @@ Backup targets, schedule and retention are configured in environment variables: # template expression. BACKUP_CRON_EXPRESSION="0 2 * * *" +# Format verbs will be replaced as in the `date` command. Omitting them +# will result in the same filename for every backup run, which means previous +# versions will be overwritten. BACKUP_FILENAME="backup-%Y-%m-%dT%H-%M-%S.tar.gz" ########### BACKUP STORAGE @@ -39,6 +42,12 @@ AWS_S3_BUCKET_NAME="" # AWS_ENDPOINT_PROTO="https" +# Setting this variable to any value will disable verification of +# SSL certificates. You shouldn't use this unless you use self-signed +# certificates for your remote storage backend. + +# AWS_ENDPOINT_INSECURE="true" + # In addition to backing up you can also store backups locally. Pass in # a local path to store your backups here if needed. You likely want to # mount a local folder or Docker volume into that location when running @@ -65,10 +74,10 @@ AWS_S3_BUCKET_NAME="" # In case the duration a backup takes fluctuates noticeably in your setup # you can adjust this setting to make sure there are no race conditions -# between the backup finishing and the pruning not deleting backups that +# between the backup finishing and the rotation not deleting backups that # sit on the very edge of the time window. Set this value to a duration # that is expected to be bigger than the maximum difference of backups. -# Valid values have a suffix of (s)econds, (m)inutes, (h)ours, or (d)ays. +# Valid values have a suffix of (s)econds, (m)inutes or (h)ours. # BACKUP_PRUNING_LEEWAY="10m" @@ -96,15 +105,6 @@ AWS_S3_BUCKET_NAME="" # override this default by specifying a different value here. # BACKUP_STOP_CONTAINER_LABEL="service1" - -########### MINIO CLIENT CONFIGURATION - -# Pass these additional flags to all MinIO client `mc` invocations. -# This can be used for example to pass `--insecure` when using self -# signed certificates, or passing `--debug` to gain insights on -# unexpected behavior. - -# MC_GLOBAL_OPTIONS="" ``` ## Example in a docker-compose setup @@ -177,8 +177,8 @@ docker exec backup This image is heavily inspired by the `futurice/docker-volume-backup`. We decided to publish this image as a simpler and more lightweight alternative because of the following requirements: - The original image is based on `ubuntu`, making it very heavy. This version is roughly 1/3 in compressed size. -- This image makes use of the MinIO client `mc` instead of the full blown AWS CLI for uploading backups. -- The original image proposed to handle backup rotation through AWS S3 lifecycle policies. This image adds the option to rotate old backups through the same script so this functionality can also be offered for non-AWS storage backends like MinIO. +- The original image uses a shell script, when this is written in Go. +- The original image proposed to handle backup rotation through AWS S3 lifecycle policies. This image adds the option to rotate away old backups through the same command so this functionality can also be offered for non-AWS storage backends like MinIO. Local backups can also be pruned once they reach a certain age. - InfluxDB specific functionality was removed. - `arm64` and `arm/v7` architectures are supported. - Docker in Swarm mode is supported. diff --git a/cmd/backup/main.go b/cmd/backup/main.go index f7dc2b4..f479a21 100644 --- a/cmd/backup/main.go +++ b/cmd/backup/main.go @@ -106,7 +106,7 @@ func (s *script) init() error { os.Getenv("AWS_SECRET_ACCESS_KEY"), "", ), - Secure: os.Getenv("AWS_ENDPOINT_PROTO") == "https", + Secure: os.Getenv("AWS_ENDPOINT_INSECURE") == "" && os.Getenv("AWS_ENDPOINT_PROTO") == "https", }) if err != nil { return fmt.Errorf("init: error setting up minio client: %w", err) diff --git a/entrypoint.sh b/entrypoint.sh index e2a3c59..2469ee7 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -24,10 +24,9 @@ BACKUP_STOP_CONTAINER_LABEL="${BACKUP_STOP_CONTAINER_LABEL:-true}" AWS_S3_BUCKET_NAME="${AWS_S3_BUCKET_NAME:-}" AWS_ENDPOINT="${AWS_ENDPOINT:-s3.amazonaws.com}" AWS_ENDPOINT_PROTO="${AWS_ENDPOINT_PROTO:-https}" +AWS_ENDPOINT_INSECURE="${AWS_ENDPOINT_INSECURE:-}" GPG_PASSPHRASE="${GPG_PASSPHRASE:-}" - -MC_GLOBAL_OPTIONS="${MC_GLOBAL_OPTIONS:-}" EOF chmod a+x /etc/backup.env source /etc/backup.env