nold360 / docker-borgserver Goto Github PK
View Code? Open in Web Editor NEWDockerimage that runs a Borg backup server, accessible by ssh using publickey authentication
Dockerimage that runs a Borg backup server, accessible by ssh using publickey authentication
Hello,
I keep getting the following error Docker container borg-server stopped unexpectedly
around the time watchtower
is scheduled. I have looked into and the only thing I think that has happened is that the container isnt responding to SIGTERM signals causing watchtower, after sometime, to force it via SIGKILL.
I read that this can be caused if the processes of the container are called under bash -c
because the SIGTERM signals are not passed on to processes.
Apparently
ENTRYPOINT /run.sh
wraps /run.sh
in bash -c
and
ENTRYPOINT [“/run.sh”]
doesn’t
as officially explained
You can also propagate SIGTERM signals to bash child processes using bash’s trap and wait
Lastly, not all docker containers or applications use SIGTERM here you can use dockerfile's STOPSIGNAL
to change the signal type
I think its probably the first two issues.
Hey there,
I've been using this docker image for a while. I was curious if automated builds (as stated in the README) are still working?
It's also likely an appropriate time to promote 1.2 to the new stable (latest borg release is 1.2.7)
Hi,
First of all big thanks for building and maintaining these images.
Would you be willing / could you please support multi arch builds. I would really like to run this container on my raspberry pi which is running on arm64.
Kind regards
BorgServer v2
Ideas:
AuthorizedKeysCommand
")I think i would simply provide both methods using labels, :latest would stay directory based.
@abmaonline do you got anything in mind?
Would it be possible to include a way to ignore hidden files like .gitignore and .gitkeep in the clients folder?
Should be easy to implement by changing following code in data/run.sh
:
find ${SSH_KEY_DIR}/clients -type f -not -name ".*" | wc -l
and find "${SSH_KEY_DIR}/clients" -type f -not -name ".*"
I didn't create a Pull request, as I wasn't sure which option would seem the best to you:
Personally, I feel the environment variable is the way to go. As it very easy to implement and can be set dynamically by the user.
Thanks on advance!
Thanks a bunch for making this image! I was going crazy trying to figure out why I couldn't add the --restrict-to-path
magic to my client ssh keys. I was getting ERROR: /home/borg/.ssh/authorized_keys is not a public key file.
. But once I looked at (https://github.com/Nold360/docker-borgserver/blob/master/data/run.sh#L12, I saw that you'd taken care of all this for us.
It would be nice to add language in the readme to reassure people that this is already done for them, and they don't need to mess around with custom ssh restrictions. Thanks again!
Hello, is there any nice way to add something like to the build?
for i in $(ls $BORG_DATA_DIR/)
do
echo "###### Pruning backup for $i on $(date) ######"
borg prune -v $BORG_DATA_DIR/$i --keep-daily=7 --keep-weekly=4 --keep-monthly=6
done
I tried to add cron and run it, but i didn't get it working
Build failed with the error "COPY failed: stat /var/lib/docker/tmp/docker-builder549501746/data/run.sh: no such file or directory".
The Dockerfile declares:
COPY ./data/run.sh /run.sh
COPY ./data/sshd_config /etc/ssh/sshd_config
but the documentation does not mention these files or what they should contain.
Thanks for your work. I use it all the time.
It would be nice to have a way to specify sshd_config
options to follow the recommendation in the borg documentation. If it undesirable to add general sshd_config
options, just having a way to specify:
ClientAliveInterval 10
ClientAliveCountMax 30
would be good.
Thanks.
Hey,
I'm running your borg-server on my Synology NAS.
I've added my pub Key in the /sshkeys/client Folder and start the Container.
The container found the Key and import it.
But when i try to init my repo there is a permission denied error.
The Container see my connection, but is it normal that the port ist increase with every try?
Did you have an idea?
Here the log from the Docker:
date | stream | content |
---|---|---|
2019-10-10 07:56:10 | stdout | Connection closed by authenticating user borg 172.17.0.1 port 36208 [preauth] |
2019-10-10 07:55:54 | stdout | Connection closed by authenticating user borg 172.17.0.1 port 36207 [preauth] |
2019-10-10 07:55:31 | stdout | Server listening on 0.0.0.0 port 22. |
2019-10-10 07:55:31 | stdout | Server listening on :: port 22. |
2019-10-10 07:55:31 | stdout | * Init done! Starting SSH-Daemon... |
2019-10-10 07:55:31 | stdout | ######################################################## |
2019-10-10 07:55:31 | stdout | ** Adding client xyz.pub with repo path /backup/xyz.pub |
2019-10-10 07:55:31 | stdout | * Starting SSH-Key import... |
2019-10-10 07:55:31 | stdout | ######################################################## |
2019-10-10 07:55:31 | stdout | * Checking / Preparing SSH Host-Keys... |
2019-10-10 07:55:31 | stdout | * Testing Volume SSH_KEY_DIR: /sshkeys |
2019-10-10 07:55:31 | stdout | * Testing Volume BORG_DATA_DIR: /backup |
2019-10-10 07:55:31 | stdout | ######################################################## |
2019-10-10 07:55:31 | stdout | * Docker BorgServer powered by borg 1.1.9 |
2019-10-10 07:55:31 | stdout | ######################################################## |
Here is my terminal:
root@xyz:~# borg init ssh://[email protected]:port/backup/xyz.pub/repo
Remote: Permission denied (publickey).
Connection closed by remote host. Is borg working on the server?
Thx
Jan
First of all, thanks for the awesome project!
Unfortunately, while setting a new backup server, I hit a weird issue.
After adding multiple hosts, it seems there are new lines missing in authorized_keys
and everything sticks together.
Did you ever face this issue?
As a workaround, I just appended a blank line in each client key.
root@1e79af88bb3f:/# bash run.sh
########################################################
* Docker BorgServer powered by borg 1.1.9
########################################################
* User id: 1000
* Group id: 1000
########################################################
* Testing Volume BORG_DATA_DIR: /backup
* Testing Volume SSH_KEY_DIR: /sshkeys
* Checking / Preparing SSH Host-Keys...
########################################################
* Starting SSH-Key import...
** Adding client kubo with repo path /backup/kubo
** Adding client olaf with repo path /backup/olaf
** Adding client eve with repo path /backup/eve
* Validating structure of generated /home/borg/.ssh/authorized_keys...
ERROR: /home/borg/.ssh/authorized_keys is not a public key file.
root@1e79af88bb3f:/# cat /home/borg/.ssh/authorized_keys
command="cd /backup/kubo; borg serve --restrict-to-path /backup/kubo " ssh-rsa AAAAB3...qisc=command="cd /backup/olaf; borg serve --restrict-to-path /backup/olaf " ssh-rsa AAAAB3...dGrk=command="cd /backup/eve; borg serve --restrict-to-path /backup/eve " ssh-rsa AAAAB3...wdIV
First line in a docker-compose.yml file needs to be a version number, i.e.
version: "3"
The documentation is inconsistent about directories, sometimes referring to borg/sshkeys/clients, other times just sshkeys/clients. Same with borg/backup and just backup.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.