-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1 from ValMati/AddBuildAndPublishDocker
Add build and publish docker
- Loading branch information
Showing
2 changed files
with
118 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,70 @@ | ||
| name: Build & Publish Docker Image | ||
|
|
||
| on: | ||
| release: | ||
| types: [published] | ||
|
|
||
| jobs: | ||
| # Push image to Docker Hub. | ||
| # See also https://blog.oddbit.com/post/2020-09-25-building-multi-architecture-im/ | ||
| push: | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
|
|
||
| - name: Checkout | ||
| uses: actions/checkout@v2 | ||
|
|
||
| - name: Prepare | ||
| id: prep | ||
| run: | | ||
| DOCKER_IMAGE=${{ secrets.DOCKER_HUB_USERNAME }}/${GITHUB_REPOSITORY#*/} | ||
| DOCKER_IMAGE=${DOCKER_IMAGE%-docker} | ||
| VERSION=latest | ||
| SHORTREF=${GITHUB_SHA::8} | ||
| # If this is git tag, use the tag name as a docker tag | ||
| if [[ $GITHUB_REF == refs/tags/* ]]; then | ||
| VERSION=${GITHUB_REF#refs/tags/v} | ||
| fi | ||
| TAGS="${DOCKER_IMAGE}:${VERSION},${DOCKER_IMAGE}:${SHORTREF}" | ||
| # If the VERSION looks like a version number, assume that | ||
| # this is the most recent version of the image and also | ||
| # tag it 'latest'. | ||
| if [[ $VERSION =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then | ||
| TAGS="$TAGS,${DOCKER_IMAGE}:latest" | ||
| fi | ||
| # Set output parameters. | ||
| echo ::set-output name=tags::${TAGS} | ||
| echo ::set-output name=docker_image::${DOCKER_IMAGE} | ||
| - name: Set up QEMU | ||
| uses: docker/setup-qemu-action@master | ||
| with: | ||
| platforms: all | ||
|
|
||
| - name: Set up Docker Buildx | ||
| id: buildx | ||
| uses: docker/setup-buildx-action@master | ||
|
|
||
| - name: Login to DockerHub | ||
| uses: docker/login-action@v1 | ||
| with: | ||
| username: ${{ secrets.DOCKER_HUB_USERNAME }} | ||
| password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | ||
|
|
||
| - name: Build and push | ||
| id: docker_build | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| builder: ${{ steps.buildx.outputs.name }} | ||
| context: ./ | ||
| file: ./Dockerfile | ||
| platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le | ||
| push: true | ||
| tags: ${{ steps.prep.outputs.tags }} | ||
|
|
||
| - name: Image digest | ||
| run: echo ${{ steps.docker_build.outputs.digest }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,49 @@ | ||
| # BORG SERVER DOCKER | ||
| # BORG SERVER | ||
|
|
||
| A dockerized Borg Backup server. | ||
| Docker image with openSSH and BorgBackup installed and ready to use as a backup server over SSH. | ||
|
|
||
| ## Image | ||
|
|
||
| With each release a new version of the image is published on [DockerHub](https://hub.docker.com/r/valmati/borgserver) | ||
|
|
||
| ## Usage | ||
|
|
||
| It is recommended to launch the image from a docker-compose as in the [example](docker-compose.yml). | ||
|
|
||
| As usual, it is necessary to indicate the image, in this case [valmati/borgserver:latest](https://hub.docker.com/r/valmati/borgserver). | ||
|
|
||
| ### Port | ||
|
|
||
| The SSH server listens on port 22, but as this port is usually in use by the host it is recommended to use another one, in the example it is 2222. | ||
|
|
||
| ### Environment | ||
|
|
||
| Inside the container a user and a group are created (*borguser* and *borggroup*) that are the ones that will create the backups. The environment variables *UID* and *GID* are the ids with wich the user and the group are created. It is recommended that theses are those of the host user from witch we want to manage the backups later. | ||
|
|
||
| ### Volumes | ||
|
|
||
| The *borgserver* container must have access to three volumes: | ||
|
|
||
| #### Host Keys (/etc/ssh/host_keys/) | ||
|
|
||
| The keys to identify the server are stored in this volume. To avoid receiving a security warning the host keys should be mounted on an external volumen. | ||
|
|
||
| When the image is executed, it is checked if these keys already exist and if don't new ones are generated. | ||
|
|
||
| #### Authorized Keys (/etc/authorized_keys/) | ||
|
|
||
| In this volumen the public keys of the clients must be accessible. In case you want to add or remove a cliente it is not necessary to stop and relaunch the container, just remove or add the publich keys and execute the following command: | ||
|
|
||
| ``` | ||
| docker exec [ContainerName] /bin/genauthkeys.sh | ||
| ``` | ||
|
|
||
| #### Backups (/backups) | ||
|
|
||
| This volume is where the backups of the differente clients will be generated. It is essential that this volume is not lost with the destruction of the container because in that case **we will lost our backups**. | ||
|
|
||
| ## Inspired on | ||
|
|
||
| https://github.com/panubo/docker-sshd | ||
|
|
||
| https://practical-admin.com/blog/backups-using-borg/ |