Borg Backup

Container image for creating cron-scheduled backups with borg backup based on Alpine Linux.

Borg key features

Build: Run docker compose build to build the container image from ./build/Dockerfile
Configuration: cp .env.template .env and adapt .env (parameters are explained in the template file)
Init the backup archive: docker exec --rm -it borg bash -c "borg init --encryption repokey-blake2"
Start the container: docker compose up -d
Upgrade: Alpine and Borg versions are hard-coded in docker-compose.yml. Borg Release Notes should be consulted prior to upgrades.

Very important: The following files MUST be stored along with the backup to enable decryption of the backup data

Stop the backup container: docker compose down
Run an interactive shell in the recovery: docker compose -f docker-compose.yml -f docker-compose.restore.yml run borg bash
Fuse-mount the backup: borg mount $BORG_REPO <mount_point>
Restore your files
Unmount and exit: borg umount <mount_point> && exit.
Start the backup container: docker-compose up -d

Status and statistics are sent to Prometheus Push-Gateway using a simple bash-script and curl

This container will run with root priveliges in order to access all data for backup.
The backup source-volume is mounted read-only to avoid alering data by mistake.
This image as a reduced feature set for sake of simplicity.
- borgmatic offers more features such as notifications and backup of databases.
- py3-llfuse and bash are included for comfort during backup restore and could be potentially removed
- curl is included to push Promethous metrics and could be removed if this functionality is not used

/scripts/entry.sh is called during container startup and installs the cronjob defined in .env variable $CRON
crond starts /scripts/do-backup.sh which
- notifies Prometheus about the backup status and stats
- executes borg backup
- prunes and compacts old backups