Compare commits
1 Commits
main
...
transcaffe
Author | SHA1 | Date | |
---|---|---|---|
6b513531a3 |
@ -1,8 +1,14 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
LEGO_BINARY=$(/usr/bin/env which lego)
|
||||
|
||||
if [[ -n "$LEGO_HTTP_FALLBACK_PORT" ]]; then
|
||||
if ! nc_binary="$(type -p \"nc\")" || [[ -z $nc_binary ]]; then
|
||||
echo "nc not found (in PATH), exiting"
|
||||
exit 1
|
||||
fi
|
||||
nc -z 127.0.0.1 $LEGO_HTTP_PORT;
|
||||
if [[ $? -eq 0 ]]; then
|
||||
LEGO_HTTP_PORT=$LEGO_HTTP_FALLBACK_PORT
|
||||
@ -11,12 +17,12 @@ fi
|
||||
|
||||
LEGO_COMMAND_ARGS_EXPANDED=$(bash -c "echo $LEGO_COMMAND_ARGS") # This is a bit icky
|
||||
|
||||
FILES_IN_DIR=$(find "$LEGO_CERT_STORE_PATH/certificates" | wc -l)
|
||||
FILES_IN_DIR=$(find "$LEGO_CERT_STORE_PATH/certificates" -type f | wc -l)
|
||||
if [[ $FILES_IN_DIR -gt 2 ]]; then
|
||||
$LEGO_BINARY $LEGO_COMMAND_ARGS_EXPANDED renew --days=$LEGO_CERT_DAYS_TO_RENEW
|
||||
else
|
||||
$LEGO_BINARY $LEGO_COMMAND_ARGS_EXPANDED run
|
||||
fi
|
||||
|
||||
ls "$LEGO_CERT_STORE_PATH/certificates" | xargs -I{} -n 1 chmod "$LEGO_CERT_MODE" "$LEGO_CERT_STORE_PATH/certificates/{}"
|
||||
ls "$LEGO_CERT_STORE_PATH/certificates" | xargs -I{} -n 1 chown "$LEGO_CERT_USER":"$LEGO_CERT_GROUP" "$LEGO_CERT_STORE_PATH/certificates/{}"
|
||||
find "$LEGO_CERT_STORE_PATH/certificates/" -type f | xargs -I{} -n 1 chmod "$LEGO_CERT_MODE" "{}"
|
||||
find "$LEGO_CERT_STORE_PATH/certificates/" -type f | xargs -I{} -n 1 chown "${LEGO_CERT_USER}:${LEGO_CERT_GROUP}" "{}"
|
||||
|
@ -10,41 +10,18 @@ restic_backup_stdin_command: ~
|
||||
restic_backup_stdin_command_filename: ~
|
||||
|
||||
restic_policy_keep_all_within: 1d
|
||||
restic_policy_keep_hourly: 12
|
||||
restic_policy_keep_daily: 7
|
||||
restic_policy_keep_weekly: 6
|
||||
restic_policy_keep_monthly: 6
|
||||
restic_policy_keep_yearly: 5
|
||||
restic_policy_keep_hourly: 6
|
||||
restic_policy_keep_daily: 2
|
||||
restic_policy_keep_weekly: 7
|
||||
restic_policy_keep_monthly: 4
|
||||
restic_policy_backup_frequency: hourly
|
||||
|
||||
restic_base_environment:
|
||||
RESTIC_JOBNAME: "{{ restic_job_name | default('unknown') }}"
|
||||
RESTIC_FORGET_KEEP_WITHIN: "{{ restic_policy_keep_all_within }}"
|
||||
RESTIC_FORGET_KEEP_HOURLY: "{{ restic_policy_keep_hourly }}"
|
||||
RESTIC_FORGET_KEEP_DAILY: "{{ restic_policy_keep_daily }}"
|
||||
RESTIC_FORGET_KEEP_WEEKLY: "{{ restic_policy_keep_weekly }}"
|
||||
RESTIC_FORGET_KEEP_MONTHLY: "{{ restic_policy_keep_monthly }}"
|
||||
RESTIC_FORGET_KEEP_YEARLY: "{{ restic_policy_keep_yearly }}"
|
||||
|
||||
restic_s3_environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ restic_s3_key_id }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ restic_s3_access_key }}"
|
||||
|
||||
restic_complete_environment: >-
|
||||
{{
|
||||
restic_base_environment
|
||||
| combine((restic_s3_environment
|
||||
if (restic_s3_key_id and restic_s3_access_key) else {}) | default({}))
|
||||
| combine(restic_environment | default({}))
|
||||
}}
|
||||
|
||||
restic_policy:
|
||||
keep_within: "{{ restic_policy_keep_all_within }}"
|
||||
hourly: "{{ restic_policy_keep_hourly }}"
|
||||
daily: "{{ restic_policy_keep_daily }}"
|
||||
weekly: "{{ restic_policy_keep_weekly }}"
|
||||
monthly: "{{ restic_policy_keep_monthly }}"
|
||||
yearly: "{{ restic_policy_keep_yearly }}"
|
||||
frequency: "{{ restic_policy_backup_frequency }}"
|
||||
|
||||
restic_user: root
|
||||
|
@ -9,43 +9,26 @@ SyslogIdentifier={{ restic_systemd_syslog_identifier }}
|
||||
|
||||
Environment=RESTIC_REPOSITORY={{ restic_repo_url }}
|
||||
Environment=RESTIC_PASSWORD={{ restic_repo_password }}
|
||||
{% for kv in restic_complete_environment | dict2items %}
|
||||
Environment={{ kv.key }}={{ kv.value }}
|
||||
{% endfor %}
|
||||
|
||||
{% if restic_init | default(true) %}
|
||||
ExecStartPre=-/bin/sh -c '/usr/bin/restic snapshots || /usr/bin/restic init'
|
||||
{% if restic_s3_key_id and restic_s3_access_key %}
|
||||
Environment=AWS_ACCESS_KEY_ID={{ restic_s3_key_id }}
|
||||
Environment=AWS_SECRET_ACCESS_KEY={{ restic_s3_access_key }}
|
||||
{% endif %}
|
||||
{% if restic_unlock_before_backup | default(false) %}
|
||||
ExecStartPre=-/bin/sh -c 'sleep 3 && /usr/bin/restic unlock'
|
||||
ExecStartPre=-/bin/sh -c '/usr/bin/restic unlock'
|
||||
{% endif %}
|
||||
|
||||
ExecStartPre=-/bin/sh -c '/usr/bin/restic snapshots || /usr/bin/restic init'
|
||||
{% if restic_backup_pre_hook | default(false) %}
|
||||
ExecStartPre=-{{ restic_backup_pre_hook }}
|
||||
ExecStart=-{{ restic_backup_pre_hook }}
|
||||
{% endif %}
|
||||
{% if restic_backup_stdin_command %}
|
||||
ExecStart=/bin/sh -c '{{ restic_backup_stdin_command }} | /usr/bin/restic backup \
|
||||
--retry-lock {{ restic_retry_lock | default('5m') }} \
|
||||
--verbose --stdin \
|
||||
--stdin-filename {{ restic_backup_stdin_command_filename }}'
|
||||
ExecStart=/bin/sh -c '{{ restic_backup_stdin_command }} | /usr/bin/restic backup --verbose --stdin --stdin-filename {{ restic_backup_stdin_command_filename }}'
|
||||
{% else %}
|
||||
ExecStart=/opt/restic-backup-directories.sh {{ restic_backup_paths | join(' ') }}
|
||||
{% endif %}
|
||||
{% if restic_forget_prune | default(true) %}
|
||||
ExecStartPost=/usr/bin/restic forget --prune \
|
||||
--retry-lock {{ restic_retry_lock | default('5m') }} \
|
||||
--keep-within={{ restic_policy.keep_within }} \
|
||||
--keep-hourly={{ restic_policy.hourly }} \
|
||||
--keep-daily={{ restic_policy.daily }} \
|
||||
--keep-weekly={{ restic_policy.weekly }} \
|
||||
--keep-monthly={{ restic_policy.monthly }} \
|
||||
--keep-yearly={{ restic_policy.yearly }}
|
||||
{% endif %}
|
||||
{% if restic_list_snapshots | default(true) %}
|
||||
ExecStartPost=-/usr/bin/restic snapshots --retry-lock {{ restic_retry_lock | default('5m') }}
|
||||
ExecStart=/usr/bin/restic --verbose backup {{ restic_backup_paths | join(' ') }}
|
||||
{% endif %}
|
||||
ExecStartPost=/usr/bin/restic forget --prune --keep-within={{ restic_policy.keep_within }} --keep-hourly={{ restic_policy.hourly }} --keep-daily={{ restic_policy.daily }} --keep-weekly={{ restic_policy.weekly }} --keep-monthly={{ restic_policy.monthly }}
|
||||
ExecStartPost=-/usr/bin/restic snapshots
|
||||
{% if restic_backup_post_hook | default(false) %}
|
||||
ExecStartPost=-{{ restic_backup_post_hook }}
|
||||
{% endif %}
|
||||
{% if restic_check | default(true) %}
|
||||
ExecStartPost=/usr/bin/restic check --retry-lock {{ restic_retry_lock | default('5m') }}
|
||||
{% endif %}
|
||||
ExecStartPost=/usr/bin/restic check
|
||||
|
Loading…
Reference in New Issue
Block a user