Add cryptography to consul backup
This commit is contained in:
parent
e2a0c40e6b
commit
f931dd939c
3 changed files with 12 additions and 4 deletions
|
@ -1,5 +1,12 @@
|
|||
FROM golang:buster as builder
|
||||
|
||||
WORKDIR /root
|
||||
RUN git clone https://filippo.io/age && cd age/cmd/age && go build -o age .
|
||||
|
||||
FROM amd64/debian:buster
|
||||
|
||||
COPY --from=builder /root/age/cmd/age/age /usr/local/bin/age
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get -qq -y full-upgrade && \
|
||||
apt-get install -y rsync wget openssh-client unzip && \
|
||||
|
|
|
@ -13,7 +13,8 @@ Host backuphost
|
|||
User $TARGET_SSH_USER
|
||||
EOF
|
||||
|
||||
consul kv export > consul_kv_dump.json
|
||||
gzip consul_kv_dump.json
|
||||
consul kv export | \
|
||||
gzip | \
|
||||
age -r "$(cat /root/.ssh/id_ed25519.pub)" | \
|
||||
ssh backuphost "cat > $TARGET_SSH_DIR/consul/consul_kv_export.gz.age"
|
||||
|
||||
rsync -vvvz --progress consul_kv_dump.json.gz "backuphost:$TARGET_SSH_DIR/consul/"
|
||||
|
|
|
@ -15,7 +15,7 @@ job "backup_periodic" {
|
|||
driver = "docker"
|
||||
|
||||
config {
|
||||
image = "lxpz/backup_consul:9"
|
||||
image = "lxpz/backup_consul:11"
|
||||
volumes = [
|
||||
"secrets/id_ed25519:/root/.ssh/id_ed25519",
|
||||
"secrets/id_ed25519.pub:/root/.ssh/id_ed25519.pub",
|
||||
|
|
Reference in a new issue