Public Repository

Last pushed: 2 years ago
Short Description
Backup of a volume to S3. tar, zip and encrypt. https://github.com/strawpay/docker-backup-to-s3
Full Description

strawpay/backup-to-s3

Docker container that periodically backups files to Amazon S3 using s3cmd and cron.
All files will be tar:ed and encrypted with AES 256 CBC.

Always test to restore the files from the backup, before relying on it.

To decrypt resulting s3 object 2016-04-11T07:25:30Z.tgz.aes:

openssl aes-256-cbc -k <PASSPHRASE> -in 2016-04-11T07:25:30Z.tgz.aes -out restore.tgz -d
tar xf restore.tgz

Usage

docker run -d [options] strawpay/backup-to-s3 backup-once|schedule|restore
  • Backup: Make a single backup and exit.
  • Schedule: Schedule backups with using cron.
  • Restore: Restore a backup,

Options

Name Operation Required Description
-e ACCESS_KEY=<AWS_KEY> all yes Your AWS key
-e SECRET_KEY=<AWS_SECRET> all yes Your AWS secret
-e S3_PATH=s3://<BUCKET_NAME>/<PATH>/ all yes S3 Bucket name and path. Should end with trailing slash.
-e AES_PASSPHRASE=<PASSPHRASE> all yes Passphrase to generate AES-256-CBC encryption keys with.
-e VERSION=<VERSION_TO_RESTORE> restore yes The version to restore, must be the full s3 object name without the tgz.aes suffix.
-e PARAMS="--dry-run" all no Parameters to pass to the s3 command. (full list here)
-e DATA_PATH=/data/ all no Container's data folder. Default is /data/. Should end with trailing slash.
-e PREFIX=prefix backup-once, schedule no Prefix to encrypted tgz file name. The basename is a date stamp with a tgz.aes suffix
-e CRON_SCHEDULE='5 3 * * *' schedule no Specifies when cron job runs, see format. Default is 5 3 * * *, runs every night at 03:05
-v /path/to/backup:/data:ro backup-once, schedule yes Mount target local folder to container's data folder. Content of this folder will be tar:ed, encrypted and uploaded to the S3 bucket.
-v /path/to/restore:/data restore yes Mount target local folder to container's data folder. The restored files from the S3 bucket will overwrite all files in the /path/to/restore folder. Note that the folder will not be emptied first, leaving any no overwritten files as is.

Examples:

Backup to S3 everyday at 12:00:

docker run -d \
    -e ACCESS_KEY=myawskey \
    -e SECRET_KEY=myawssecret \
     -e S3_PATH=s3://my-bucket/backup/ \
    -e AES_PASSPHRASE=secret \
    -e CRON_SCHEDULE='0 12 * * *' \
    -v /home/user/data:/data:ro \
    strawpay/backup-to-s3 schedule

Backup once and then delete the container:

docker run --rm \
    -e ACCESS_KEY=myawskey \
    -e SECRET_KEY=myawssecret \
    -e S3_PATH=s3://my-bucket/backup/ \
    -e AES_PASSPHRASE=secret \
    -v /home/user/data:/data:ro \
    strawpay/backup-to-s3 backup-once

Restore the backup from 2016-04-11T07:25:30Z and then delete the container:

docker run --rm \
    -e ACCESS_KEY=myawskey \
    -e SECRET_KEY=myawssecret \
     -e S3_PATH=s3://my-bucket/backup/ \
      -e AES_PASSPHRASE=secret \
     -e VERSION=2016-04-11T07:25:30Z\
    -v /home/user/data:/data \
    strawpay/backup-to-s3 restore

Source at https://github.com/strawpay/docker-backup-to-s3
Forked from https://github.com/istepanov/docker-backup-to-s3

Docker Pull Command
Owner
strawpay