commit 5550daec905a160f292a2962db74482ef83a4114
parent 61756927fca1bab4b2a10d08512002ea17afa0c3
Author: Andreas Gruhler <agruhl@gmx.ch>
Date: Mon, 16 Dec 2024 14:39:44 +0100
feat: add borg-backup container
Diffstat:
2 files changed, 123 insertions(+), 0 deletions(-)
diff --git a/borg-backup-lxc.pkr.hcl b/borg-backup-lxc.pkr.hcl
@@ -0,0 +1,51 @@
+variable "manifest" {
+ type = string
+ default = "manifest.json"
+}
+
+variable "borg_repo" {
+ type = string
+ default = "rclone:pcloud:borg-backup"
+}
+
+variable "borg_passphrase" {
+ type = string
+ sensitive = true
+}
+
+variable "patternsfile" {
+ type = string
+ default = "/root/.config/borg/patterns.lst"
+}
+
+source "lxc" "borg-backup-build" {
+ config_file = "config/lxc-config"
+ template_name = "download"
+ template_parameters = ["--dist", "Debian", "--release", "Bookworm", "--arch", "armv7l"]
+}
+
+build {
+ sources = ["source.lxc.borg-backup-build"]
+
+ provisioner "shell" {
+ script = "scripts/timezone.sh"
+ }
+
+ provisioner "shell" {
+ environment_vars = [
+ "BORG_REPO=${var.borg_repo}",
+ "BORG_PASSPHRASE=${var.borg_passphrase}",
+ "PATTERNSFILE=${var.patternsfile}",
+ ]
+ script = "scripts/borg-backup.sh"
+ }
+}
+
+packer {
+ required_plugins {
+ lxc = {
+ version = ">= 1.0.2"
+ source = "github.com/hashicorp/lxc"
+ }
+ }
+}
diff --git a/scripts/borg-backup.sh b/scripts/borg-backup.sh
@@ -0,0 +1,72 @@
+#!/usr/bin/env bash
+
+set -o errexit
+set -o nounset
+set -o xtrace
+
+cd /root/
+
+# Install borg backup prerequisites
+# https://borgbackup.readthedocs.io/en/master/installation.html#debian-ubuntu
+apt-get install -y python3 python3-dev python3-pip python3-virtualenv \
+ libacl1-dev libacl1 \
+ libssl-dev \
+ liblz4-dev libzstd-dev libxxhash-dev \
+ libffi-dev \
+ build-essential \
+ pkg-config python3-pkgconfig
+
+# Install latest borg2 with pip
+# https://borgbackup.readthedocs.io/en/master/installation.html#using-pip
+virtualenv --python=python3 borg-env
+source borg-env/bin/activate
+pip install -U pip setuptools wheel
+pip install pkgconfig
+pip install borgbackup==2.0.0b14
+
+# Symlink borg from venv to global path
+ln -s /root/borg-env/bin/borg /usr/local/bin/borg
+
+# Ensure the borg binary is in the path
+cat <<'EOF' >> /root/.bashrc
+
+PATH=$PATH:/usr/local/bin
+EOF
+
+# Configure borg repo on pcloud
+mkdir /root/.config/borg
+
+cat <<EOF > /root/.config/borg/config
+BORG_REPO='$BORG_REPO'
+BORG_PASSPHRASE='$BORG_PASSPHRASE'
+PATTERNSFILE='$PATTERNSFILE'
+EOF
+
+# Check the encryption/hash bench with `borg benchmark cpu`
+# You have to initialize the borg repo and rclone before first use
+# borg repo-create --encryption=repokey-chacha20-poly1305
+# rclone config
+
+cat <<EOF > "$PATTERNSFILE"
+# https://borgbackup.readthedocs.io/en/stable/usage/help.html#borg-patterns
+# "sh:" pattern style, patternfiles use sh: by default
+P sh
+# A root path starts with the prefix R, followed by a path
+R /host-nfs
+R /host-srv
+EOF
+
+# Install systemd service unit
+cat <<'EOF' > /etc/systemd/system/borg-backup.service
+[Unit]
+Description=Create a backup with borg
+
+[Service]
+Type=oneshot
+EnvironmentFile=/root/.config/borg/config
+ExecStart=/usr/local/bin/borg create -v --stats --compression lz4 ::{hostname}-{now:%%Y%%m%%dT%%H%%M} --patterns-from "$PATTERNSFILE" --exclude-caches
+ExecStart=/usr/local/bin/borg prune -v --list :: --prefix '{hostname}-' --keep-daily=7 --keep-weekly=4 --keep-monthly=12
+
+[Install]
+WantedBy=default.target
+EOF
