zenermerps/docker-borgserver
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Create borg group and add option to set user id and group id explicitly for easier access to host resources

Browse source
This commit is contained in:
Matthijs Abma 2019-12-01 17:56:05 +01:00
parent a741486bb3
commit 590d6712fb
3 changed files with 29 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Dockerfile
View file

@ -14,10 +14,10 @@ ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && apt-get -y --no-install-recommends install \
borgbackup openssh-server && apt-get clean && \
useradd -s /bin/bash -m borg && \
useradd -s /bin/bash -m -U borg && \
mkdir /home/borg/.ssh && \
chmod 700 /home/borg/.ssh && \
chown borg: /home/borg/.ssh && \
chown borg:borg /home/borg/.ssh && \
mkdir /run/sshd && \
rm -f /etc/ssh/ssh_host*key* && \
rm -rf /var/lib/apt/lists/* /var/tmp/* /tmp/*

10
README.md
View file

@ -71,6 +71,14 @@ borg prune --keep-last 100 --keep-weekly 1 (...) borgserver:/clientA/clientA
```
#### PUID
Used to set the user id of the `borg` user inside the container. This can be useful when the container has to access resources on the host with a specific user id.
#### PGID
Used to set the group id of the `borg` group inside the container. This can be useful when the container has to access resources on the host with a specific group id.
### Persistent Storages & Client Configuration
We will need two persistent storage directories for our borgserver to be usefull.
@ -118,6 +126,8 @@ services:
BORG_SERVE_ARGS: ""
BORG_APPEND_ONLY: "no"
BORG_ADMIN: ""
PUID: 1000
PGID: 1000
```
### ~/.ssh/config for clients

23
data/run.sh
View file

@ -1,9 +1,20 @@
#!/bin/bash
# Start Script for docker-borgserver
PUID=${PUID:-1000}
PGID=${PGID:-1000}
usermod -o -u "$PUID" borg &>/dev/null
groupmod -o -g "$PGID" borg &>/dev/null
echo "########################################################"
echo " * User id: $(id -u borg)"
echo " * Group id: $(id -g borg)"
BORG_DATA_DIR=/backup
SSH_KEY_DIR=/sshkeys
BORG_CMD='cd ${BORG_DATA_DIR}/${client_name}; borg serve --restrict-to-path ${BORG_DATA_DIR}/${client_name} ${BORG_SERVE_ARGS}'
AUTHORIZED_KEYS_PATH=/home/borg/.ssh/authorized_keys
# Append only mode?
BORG_APPEND_ONLY=${BORG_APPEND_ONLY:=no}
@ -47,7 +58,7 @@ echo "########################################################"
echo " * Starting SSH-Key import..."
# Add every key to borg-users authorized_keys
rm /home/borg/.ssh/authorized_keys &>/dev/null
rm ${AUTHORIZED_KEYS_PATH} &>/dev/null
for keyfile in $(find "${SSH_KEY_DIR}/clients" ! -regex '.*/\..*' -a -type f); do
client_name=$(basename ${keyfile})
mkdir ${BORG_DATA_DIR}/${client_name} 2>/dev/null
@ -63,13 +74,13 @@ for keyfile in $(find "${SSH_KEY_DIR}/clients" ! -regex '.*/\..*' -a -type f); d
borg_cmd="${BORG_CMD} --append-only"
fi
echo -n "command=\"$(eval echo -n \"${borg_cmd}\")\" " >> /home/borg/.ssh/authorized_keys
cat ${keyfile} >> /home/borg/.ssh/authorized_keys
echo -n "command=\"$(eval echo -n \"${borg_cmd}\")\" " >> ${AUTHORIZED_KEYS_PATH}
cat ${keyfile} >> ${AUTHORIZED_KEYS_PATH}
done
chown -R borg: /backup
chown borg: /home/borg/.ssh/authorized_keys
chmod 600 /home/borg/.ssh/authorized_keys
chown -R borg:borg ${BORG_DATA_DIR}
chown borg:borg ${AUTHORIZED_KEYS_PATH}
chmod 600 ${AUTHORIZED_KEYS_PATH}
echo "########################################################"
echo " * Init done! Starting SSH-Daemon..."