Upgrade: bullseye & borgbackup 1.1.16 (#13)

* Upgrade to bullseye-slim image
* Fix(run.sh): authorized_keys permissions
* Change(run.sh): Add restrict to client keys & output debian version
* Change(Dockerfile): Allow different base images
* Update(drone): Build buster & bullseye images
* Update README
This commit is contained in:
Nold 2022-01-21 10:33:54 +01:00 committed by GitHub
parent 7b241c142b
commit 0b641a8253
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 31 additions and 3 deletions

View file

@ -4,7 +4,7 @@ name: build
type: kubernetes
steps:
- name: build-image
- name: build-bullseye
image: plugins/kaniko
settings:
username:
@ -13,6 +13,24 @@ steps:
from_secret: docker_password
repo: nold360/borgserver
dockerfile: Dockerfile
build_args:
- BASE_IMAGE=debian:bullseye-slim
tags:
- latest
- bullseye
- 1.1.16
- name: build-buster
image: plugins/kaniko
settings:
username:
from_secret: docker_username
password:
from_secret: docker_password
repo: nold360/borgserver
dockerfile: Dockerfile
build_args:
- BASE_IMAGE=debian:buster-slim
tags:
- buster
- 1.1.9

View file

@ -2,7 +2,8 @@
# Dockerfile to build borgbackup server images
# Based on Debian
############################################################
FROM debian:buster-slim
ARG BASE_IMAGE=debian:bullseye-slim
FROM $BASE_IMAGE
# Volume for SSH-Keys
VOLUME /sshkeys

View file

@ -132,3 +132,9 @@ And create your first backup!
```
$ borg create backup:my_first_borg_repo::documents-2017-11-01 /home/user/MyImportentDocs
```
## Tags
All images are freshly built every week & published as `nold360/borgserver` with the following tags:
- Latest / Stable [borg 1.1.16]: `bullseye`, `1.1.16`, `latest`
- Legacy / Buster [borg 1.1.9 ]: `buster`, `1.1.9`

View file

@ -15,9 +15,11 @@ AUTHORIZED_KEYS_PATH=/home/borg/.ssh/authorized_keys
# Append only mode?
BORG_APPEND_ONLY=${BORG_APPEND_ONLY:=no}
source /etc/os-release
echo "########################################################"
echo -n " * Docker BorgServer powered by "
borg -V
echo " * Based on ${PRETTY_NAME}"
echo "########################################################"
echo " * User id: $(id -u borg)"
echo " * Group id: $(id -g borg)"
@ -74,9 +76,10 @@ for keyfile in $(find "${SSH_KEY_DIR}/clients" ! -regex '.*/\..*' -a -type f); d
borg_cmd="${BORG_CMD} --append-only"
fi
echo -n "command=\"$(eval echo -n \"${borg_cmd}\")\" " >> ${AUTHORIZED_KEYS_PATH}
echo -n "restrict,command=\"$(eval echo -n \"${borg_cmd}\")\" " >> ${AUTHORIZED_KEYS_PATH}
cat ${keyfile} >> ${AUTHORIZED_KEYS_PATH}
done
chmod 0600 "${AUTHORIZED_KEYS_PATH}"
echo " * Validating structure of generated ${AUTHORIZED_KEYS_PATH}..."
ERROR=$(ssh-keygen -lf ${AUTHORIZED_KEYS_PATH} 2>&1 >/dev/null)