Backup Cryptpad

This commit is contained in:
Quentin 2022-05-10 15:58:09 +02:00
parent 8cd2f72926
commit 52f14f9da2
Signed by untrusted user: quentin
GPG key ID: E9602264D639FF68
6 changed files with 76 additions and 0 deletions

View file

@ -0,0 +1,57 @@
job "cryptpad_backup" {
datacenters = ["neptune"]
type = "batch"
priority = "60"
periodic {
cron = "@daily"
// Do not allow overlapping runs.
prohibit_overlap = true
}
group "backup-cryptpad" {
constraint {
attribute = "${attr.unique.hostname}"
operator = "="
value = "courgette"
}
task "main" {
driver = "docker"
config {
image = "restic/restic:0.12.1"
entrypoint = [ "/bin/sh", "-c" ]
args = [ "restic backup /cryptpad && restic forget --keep-within 1m1d --keep-within-weekly 3m --keep-within-monthly 1y && restic prune --max-unused 50% --max-repack-size 2G && restic check" ]
volumes = [
"/mnt/storage/cryptpad:/cryptpad"
]
}
template {
data = <<EOH
AWS_ACCESS_KEY_ID={{ key "secrets/cryptpad_backup/backup_aws_access_key_id" }}
AWS_SECRET_ACCESS_KEY={{ key "secrets/cryptpad_backup/backup_aws_secret_access_key" }}
RESTIC_REPOSITORY={{ key "secrets/cryptpad_backup/backup_restic_repository" }}
RESTIC_PASSWORD={{ key "secrets/cryptpad_backup/backup_restic_password" }}
EOH
destination = "secrets/env_vars"
env = true
}
resources {
cpu = 500
memory = 200
}
restart {
attempts = 2
interval = "30m"
delay = "15s"
mode = "fail"
}
}
}
}

View file

@ -0,0 +1 @@
USER Backup AWS access key ID

View file

@ -0,0 +1 @@
USER Backup AWS secret access key

View file

@ -0,0 +1 @@
USER Restic password to encrypt backups

View file

@ -0,0 +1 @@
USER Restic repository, eg. s3:https://s3.garage.tld

15
app/shell.nix Normal file
View file

@ -0,0 +1,15 @@
{
pkgs ? import <nixpkgs> {}
}:
with pkgs; mkShell {
nativeBuildInputs = [
nomad
docker-compose
python39Packages.pip
python39Packages.ldap
python39Packages.consul
python39Packages.passlib
];
}