Pin version and add dependencies

- pin version of base image 
- add fuse 
- add openssh-client

Dockerfile

@@ -1,36 +1,39 @@
-FROM golang:1.7-alpine
-MAINTAINER info@lobaro.com
+FROM alpine:3.10.1 as build
+RUN apk add --no-cache ca-certificates
 
-RUN echo http://nl.alpinelinux.org/alpine/v3.4/community >> /etc/apk/repositories
-RUN apk add --no-cache git nfs-utils openssh fuse
-RUN git clone https://github.com/restic/restic \
-  && cd restic \
-  && go run build.go \
-  && cp restic /usr/local/bin/
-RUN apk del git
+# Get restic executable
+ENV RESTIC_VERSION=0.9.5
+ADD https://github.com/restic/restic/releases/download/v${RESTIC_VERSION}/restic_${RESTIC_VERSION}_linux_amd64.bz2 /
+RUN bzip2 -d restic_${RESTIC_VERSION}_linux_amd64.bz2 && mv restic_${RESTIC_VERSION}_linux_amd64 /bin/restic && chmod +x /bin/restic
 
-RUN mkdir /mnt/restic
+FROM alpine:3.10.1
 
-ENV RESTIC_REPOSITORY=/mnt/restic
-ENV RESTIC_PASSWORD=""
-ENV RESTIC_TAG=""
-ENV NFS_TARGET=""
-# By default backup every 6 hours
-ENV BACKUP_CRON="* */6 * * *"
-ENV RESTIC_FORGET_ARGS=""
+COPY --from=build /etc/ssl/certs /etc/ssl/certs
+COPY --from=build /bin/restic /bin/restic
+
+RUN apk add --update --no-cache fuse openssh-client
+
+RUN \
+    mkdir -p /mnt/restic /var/spool/cron/crontabs /var/log; \
+    touch /var/log/cron.log;
+
+ENV \
+    RESTIC_REPOSITORY=/mnt/restic \
+    RESTIC_PASSWORD="" \
+    RESTIC_TAG="" \
+    NFS_TARGET="" \
+    BACKUP_CRON="0 */6 * * *" \
+    RESTIC_FORGET_ARGS="" \
+    RESTIC_JOB_ARGS=""
 
 # /data is the dir where you have to put the data to be backed up
 VOLUME /data
 
 COPY backup.sh /bin/backup
-RUN chmod +x /bin/backup
-
 COPY entry.sh /entry.sh
 
-RUN touch /var/log/cron.log
 
 WORKDIR "/"
 
-#ENTRYPOINT ["ls"]
 ENTRYPOINT ["/entry.sh"]
-
+CMD ["tail","-fn0","/var/log/cron.log"]

README.md

@@ -4,21 +4,23 @@ A docker container to automate [restic backups](https://restic.github.io/)
 This container runs restic backups in regular intervals. 
 
 * Easy setup and maintanance
-* Support for different targets (currently: Local, NFS, SFTP)
+* Support for different targets (tested with: Local, NFS, SFTP, AWS)
 * Support `restic mount` inside the container to browse the backup files
 
 **Container**: [lobaro/restic-backup-docker](https://hub.docker.com/r/lobaro/restic-backup-docker/)
 
 Stable
 ```
-docker pull lobaro/restic-backup-docker:v1.0
+docker pull lobaro/restic-backup-docker:1.2-0.9.4
 ```
 
 Latest (experimental)
 ```
-docker pull lobaro/restic-backup-docker
+docker pull lobaro/restic-backup-docker:latest
 ```
 
+Please don't hesitate to report any issue you find. **Thanks.**
+
 # Test the container
 
 Clone this repository
@@ -48,7 +50,7 @@ To enter your container execute
 docker exec -ti backup-test /bin/sh
 ```
 
-Now you can use restic [as documented](https://restic.readthedocs.io/en/stable/Manual/), e.g. try to run `restic snapshots` to list all your snapshots.
+Now you can use restic [as documented](https://restic.readthedocs.io/en/stable/), e.g. try to run `restic snapshots` to list all your snapshots.
 
 ## Logfiles
 Logfiles are inside the container. If needed you can create volumes for them.
@@ -66,12 +68,15 @@ The container is setup by setting [environment variables](https://docs.docker.co
 
 ## Environment variables
 
-* `RESTIC_REPOSITORY` - the location of the restic repository. Default `/mnt/restic`
+* `RESTIC_REPOSITORY` - the location of the restic repository. Default `/mnt/restic`. For S3: `s3:https://s3.amazonaws.com/BUCKET_NAME`
 * `RESTIC_PASSWORD` - the password for the restic repository. Will also be used for restic init during first start when the repository is not initialized.
 * `RESTIC_TAG` - Optional. To tag the images created by the container.
 * `NFS_TARGET` - Optional. If set the given NFS is mounted, i.e. `mount -o nolock -v ${NFS_TARGET} /mnt/restic`. `RESTIC_REPOSITORY` must remain it's default value!
-* `BACKUP_CRON` - A cron expression to run the backup. Default: `* */6 * * *` aka every 6 hours.
+* `BACKUP_CRON` - A cron expression to run the backup. Note: cron daemon uses UTC time zone. Default: `0 */6 * * *` aka every 6 hours.
 * `RESTIC_FORGET_ARGS` - Optional. Only if specified `restic forget` is run with the given arguments after each backup. Example value: `-e "RESTIC_FORGET_ARGS=--prune --keep-last 10 --keep-hourly 24 --keep-daily 7 --keep-weekly 52 --keep-monthly 120 --keep-yearly 100"`
+* `RESTIC_JOB_ARGS` - Optional. Allows to specify extra arguments to the back up job such as limiting bandwith with `--limit-upload` or excluding file masks with `--exclude`.
+* `AWS_ACCESS_KEY_ID` - Optional. When using restic with AWS S3 storage.
+* `AWS_SECRET_ACCESS_KEY` - Optional. When using restic with AWS S3 storage.
 
 ## Volumes
 
@@ -79,7 +84,7 @@ The container is setup by setting [environment variables](https://docs.docker.co
 
 ## Set the hostname
 
-Since restic saves the hostname with each snapshot and the hostname of a docker container is it's id you might want to customize this by setting the hostname of the container to another value.
+Since restic saves the hostname with each snapshot and the hostname of a docker container is derived from it's id you might want to customize this by setting the hostname of the container to another value.
 
 Either by setting the [environment variable](https://docs.docker.com/engine/reference/run/#env-environment-variables) `HOSTNAME` or with `--hostname` in the [network settings](https://docs.docker.com/engine/reference/run/#network-settings)
 
@@ -93,16 +98,12 @@ Now you can simply specify the restic repository to be an [SFTP repository](http
 -e "RESTIC_REPOSITORY=sftp:user@host:/tmp/backup"
 ```
 
-# Changelog
+# Versioning & Changelog
 
-Versioning follows [Semantic versioning](http://semver.org/)
+Starting from v1.3.0 versioning follows [Semantic versioning](http://semver.org/)
 
-! Breaking changes
+Build metadata is used to declare the Restic version.
 
-**:latest**  
-* ! `--prune` must be passed to `RESTIC_FORGET_ARGS` to execute prune after forget.
-* Switch to base Docker container to `golang:1.7-alpine` to support latest restic build.
+**Example:** 1.3.0+0.9.5 (includes Restic 0.9.5)
 
-
-**:v1.0**
-* First stable version
+For changelog see: https://github.com/lobaro/restic-backup-docker/releases

backup.sh

@@ -17,10 +17,12 @@ echo "Starting Backup at $(date)" >> ${lastLogfile}
 logLast "BACKUP_CRON: ${BACKUP_CRON}"
 logLast "RESTIC_TAG: ${RESTIC_TAG}"
 logLast "RESTIC_FORGET_ARGS: ${RESTIC_FORGET_ARGS}"
-
+logLast "RESTIC_JOB_ARGS: ${RESTIC_JOB_ARGS}"
+logLast "RESTIC_REPOSITORY: ${RESTIC_REPOSITORY}"
+logLast "AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}"
 
 # Do not save full backup log to logfile but to backup-last.log
-restic backup /data --tag=${RESTIC_TAG?"Missing environment variable RESTIC_TAG"} >> ${lastLogfile} 2>&1
+restic backup /data ${RESTIC_JOB_ARGS} --tag=${RESTIC_TAG?"Missing environment variable RESTIC_TAG"} >> ${lastLogfile} 2>&1
 rc=$?
 logLast "Finished backup at $(date)"
 if [[ $rc == 0 ]]; then
@@ -29,6 +31,7 @@ else
     echo "Backup Failed with Status ${rc}"
     restic unlock
     copyErrorLog
+    kill 1
 fi
 
 if [ -n "${RESTIC_FORGET_ARGS}" ]; then
@@ -46,4 +49,4 @@ if [ -n "${RESTIC_FORGET_ARGS}" ]; then
 fi
 
 end=`date +%s`
-echo "Finished Backup at $(date +"%Y-%m-%d %H:%M:%S") after $((end-start)) sconds"
+echo "Finished Backup at $(date +"%Y-%m-%d %H:%M:%S") after $((end-start)) seconds"

config.yml

@@ -0,0 +1,21 @@
+schemaVersion: '2.0.0'
+commandTests:  
+  - name: "restic package installation"
+    setup: [["/entry.sh"]]
+    command: "which"
+    args: ["restic"]
+    expectedOutput: ["/bin/restic"]
+fileExistenceTests:
+- name: 'log directory exists'
+  path: '/var/log'
+  shouldExist: true
+- name: 'cron log file exists'
+  path: '/var/log/cron.log'
+  shouldExist: true
+- name: 'backup script exists'
+  path: '/bin/backup'
+  shouldExist: true
+metadataTest:
+  volumes: ["/data"]
+  entrypoint: ["/entry.sh"]
+  cmd: ["tail","-fn0", "/var/log/cron.log"]

docker-compose.test.yml

@@ -0,0 +1,9 @@
+version: '2'
+
+services:
+  test:
+    image: gcr.io/gcp-runtimes/container-structure-test
+    command: ["test", "--image", "restic-backup", "--config", "config.yml"]
+    volumes:
+      - ./config.yml:/config.yml
+      - /var/run/docker.sock:/var/run/docker.sock

entry.sh

@@ -1,18 +1,37 @@
 #!bin/sh
-set -e
 
 echo "Starting container ..."
 
+RESTIC_CMD=restic
+
+if [ -n "${ROOT_CERT}" ]; then
+	RESTIC_CMD="${RESTIC_CMD} --cert ${ROOT_CERT}"
+fi
+
 if [ -n "${NFS_TARGET}" ]; then
     echo "Mounting NFS based on NFS_TARGET: ${NFS_TARGET}"
     mount -o nolock -v ${NFS_TARGET} /mnt/restic
 fi
 
-if [ ! -f "$RESTIC_REPOSITORY/config" ]; then
+restic snapshots &>/dev/null
+status=$?
+echo "Check Repo status $status"
+
+if [ $status != 0 ]; then
     echo "Restic repository '${RESTIC_REPOSITORY}' does not exists. Running restic init."
-    restic init | true
+    restic init
+
+    init_status=$?
+    echo "Repo init status $init_status"
+
+    if [ $init_status != 0 ]; then
+        echo "Failed to init the repository: '${RESTIC_REPOSITORY}'"
+        exit 1
+    fi
 fi
 
+
+
 echo "Setup backup cron job with cron expression BACKUP_CRON: ${BACKUP_CRON}"
 echo "${BACKUP_CRON} /bin/backup >> /var/log/cron.log 2>&1" > /var/spool/cron/crontabs/root
 
@@ -24,4 +43,4 @@ crond
 
 echo "Container started."
 
-tail -fn0 /var/log/cron.log
+exec "$@"