add restic compute-2-mep

compute-2-mep/restic/README.md

@@ -0,0 +1,7 @@
+# Restic
+
+Restic is the tool used to backup and restore data on the compute-2-mep server.
+
+The ``pre_deploy.sh`` script is used as a Pre-Deploy shell command in the Komodo UI to deploy the restic container on the server with the required secrets.
+
+Backups are ran at 

compute-2-mep/restic/docker-compose.yaml

@@ -0,0 +1,42 @@
+services:
+  backup:
+    image: mazzolino/restic:1.7.2
+    hostname: docker
+    restart: unless-stopped
+    environment:
+      RUN_ON_STARTUP: "false"
+      BACKUP_CRON: "0 30 2 * * *"
+      RESTIC_REPOSITORY: ${RESTIC_BASE_URL}/compute-2-mep
+      RESTIC_PASSWORD: ${RESTIC_PASSWORD}
+      RESTIC_BACKUP_SOURCES: >-
+        /mnt/volumes/vaultwarden_vaultwarden/
+        /mnt/volumes/gitlab_gitlab-config/
+        /mnt/volumes/gitlab_gitlab-data/_data/git-data/
+      RESTIC_BACKUP_ARGS: >-
+        --tag plan:dockervol_dump --tag created-by:compute_2_mep
+        --exclude *.tmp --exclude *.log --exclude *.bak
+        --verbose
+      RESTIC_FORGET_ARGS: >-
+        --keep-last 3
+        --keep-daily 1
+        --keep-weekly 1
+        --keep-monthly 1
+      TZ: Europe/Paris
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /var/lib/docker/volumes:/mnt/volumes:ro
+      - ./ssh:/run/secrets/.ssh:ro
+
+  prune:
+    image: mazzolino/restic:1.7.2
+    hostname: docker
+    restart: unless-stopped
+    environment:
+      SKIP_INIT: "true"
+      RUN_ON_STARTUP: "false"
+      PRUNE_CRON: "0 30 5 * * *"
+      RESTIC_REPOSITORY: ${RESTIC_BASE_URL}/compute-2-mep
+      RESTIC_PASSWORD: ${RESTIC_PASSWORD}
+      TZ: Europe/Paris
+    volumes:
+      - ./ssh:/run/secrets/.ssh:ro

compute-2-mep/restic/pre_deploy.sh

@@ -0,0 +1,5 @@
+mkdir -p ssh
+rm -rf .ssh/*
+echo -n '[[RESTIC_PRIVKEY]]' | base64 --decode > ./ssh/id_ed25519
+echo -n '[[RESTIC_PUBKEY]]' | base64 --decode > ./ssh/id_ed25519.pub
+echo -n '[[RESTIC_KNOWN_HOSTS]]' | base64 --decode  > ./ssh/known_hosts