xdrum/borgship
A simple Borg SSH (central) repository - We will add your backups to our own repo.
568
"We are the borg [..] We will add your backups to our own [..]"
-- The Borg
A simple and easy to use BorgBackup central (SSH) repository with: OpenSSH, Borg Backup, Borgmatic
Borg backup does not provide official docker images, this container allows to quickly setup and host secure and isolated borg SSH repositories, multiple repositories are supported (see examples below).
Docker builds linked to official Debian and Alpine repository images with upstream [Borgbackup]https://www.borgbackup.org/) binaries.
Github Repository:https://github.com/x-drum/borgship
Docker Hub:https://hub.docker.com/r/xdrum/borgship
Docker Hub Tags:https://hub.docker.com/r/xdrum/borgship/tags
Tag | Distribution release | Borgbackup release | OS/ARCH | Notes |
---|---|---|---|---|
dev | debian 12 (bookworm) | 2.0.0b9 | linux/amd64 | pip package, WARNING: beta/unstable builds |
1.4.0-bookworm | debian 12 (bookworm) | 1.4.0 | linux/amd64 | pip package |
1.4.0-alpine | alpine 3.17.0 | 1.4.0 | linux/amd64, linux/arm64, linux/amd64 | pip package, works on arm32 QNAP NAS!! |
1.2.4-bookworm | debian 12 (bookworm) | 1.2.4 | linux/arm/v7, linux/arm64, linux/amd64 | system package |
1.2.4-alpine | alpine 3.17.0 | 1.2.4 | linux/arm/v7, linux/arm64, linux/amd64 | system package, works on arm32 QNAP NAS!! |
1.2.8-alpine | alpine 3.20.0 | 1.2.8 | linux/arm/v7, linux/arm64, linux/amd64 | system package |
backup
on /backups (REQUIRED)restore
on /restore (OPTIONAL)./id_rsa.pub:/home/borg/.ssh/authorized_keys:ro
) (REQUIRED)./ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key
, ./ssh_host_rsa_key:/etc/ssh/sh_host_rsa_key
) (OPTIONAL)./config/server/sshd_config:/etc/ssh/sshd_config
) (OPTIONAL)docker run \
-p 3333:22 \
-v ./backups:/backups \
-v ./id_rsa.pub:/home/borg/.ssh/authorized_keys:ro \
-d xdrum/borgship
backups
directory.UID 1000
and GID 1000
. Keep it in mind and check host filesystem permissions and ownership.docker run -p 3333:22 -d xdrum/borgship
User "foo" with password "pass" can login with sftp and upload files to a folder called "upload". No mounted directories or custom UID/GID. Later you can inspect the iles and use --volumes-from
to mount them somewhere else (or see next example).
docker run \
-p 3333:22 \
-v ./backups:/backups \
-v ./id_rsa.pub:/home/borg/.ssh/authorized_keys:ro \
-d xdrum/borgship
docker run \
-p 3333:22 \
-v ./backups:/backups \
-v ./id_rsa.pub:/home/borg/.ssh/authorized_keys:ro \
-v ./ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key \
-v ./ssh_host_rsa_key:/etc/ssh/ssh_host_rsa_key \
-v ./config/server/sshd_config:/etc/ssh/sshd_config
-d xdrum/borgship
services:
borgship1:
image: xdrum/borgship
container_name: borgship1
volumes:
- ./backups:/backups
- ./id_rsa.pub:/home/borg/.ssh/authorized_keys:ro
- ./sshd_config:/etc/ssh/sshd_config
- ./ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key
- ./ssh_host_rsa_key:/etc/ssh/ssh_host_rsa_key
ports:
- "3333:22"
network_mode: bridge
services:
borgship1:
image: xdrum/borgship
container_name: borgship1
volumes:
- ./backups:/backups
- ./id_rsa.pub:/home/borg/.ssh/authorized_keys:ro
- ./sshd_config:/etc/ssh/sshd_config
- ./ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key
- ./ssh_host_rsa_key:/etc/ssh/ssh_host_rsa_key
ports:
- "3333:22"
network_mode: bridge
borgship2:
image: xdrum/borgship
container_name: borgship2
volumes:
- ./backups-server2:/backups
- ./id_rsa-server2.pub:/home/borg/.ssh/authorized_keys:ro
- ./sshd_config:/etc/ssh/sshd_config
- ./ssh_host_ed25519_key:/etc/ssh/ssh_host_ed25519_key
- ./ssh_host_rsa_key:/etc/ssh/ssh_host_rsa_key
ports:
- "3334:22"
network_mode: bridge
## [ .. cut .. ]
This container will generate new SSH host keys at first run. To avoid that your users get a MITM warning when you recreate your container (and the host keys changes), ou can mount your own host keys.
ssh-keygen -t rsa -b 4096 -f ./ssh_host_rsa_key -N "" < /dev/null
ssh-keygen -t ed25519 -f ./ssh_host_ed25519_key -N "" < /dev/null
docker pull xdrum/borgship