Merge pull request #26 from offen/instance-profile

Allow s3 authentication via IAM role

.circleci/config.yml

@@ -11,6 +11,10 @@ jobs:
           name: Build
           command: |
             docker build . -t offen/docker-volume-backup:canary
+      - run:
+          name: Install gnupg
+          command: |
+            sudo apt-get install -y gnupg
       - run:
           name: Run tests
           working_directory: ~/docker-volume-backup/test

NOTICE

@@ -1,22 +0,0 @@
-Copyright 2021 Offen Authors <hioffen@posteo.de>
-
-This project contains software that is Copyright (c) 2018 Futurice
-Licensed under the Terms of the MIT License:
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.

README.md

@@ -2,114 +2,47 @@
 
 Backup Docker volumes locally or to any S3 compatible storage.
 
-The [offen/docker-volume-backup](https://hub.docker.com/r/offen/docker-volume-backup) Docker image can be used as a sidecar container to an existing Docker setup. It handles recurring backups of Docker volumes to a local directory or any S3 compatible storage (or both) and rotates away old backups if configured.
+The [offen/docker-volume-backup](https://hub.docker.com/r/offen/docker-volume-backup) Docker image can be used as a lightweight (below 15MB) sidecar container to an existing Docker setup.
+It handles __recurring or one-off backups of Docker volumes__ to a __local directory__ or __any S3 compatible storage__ (or both), and __rotates away old backups__ if configured. It also supports __encrypting your backups using GPG__ and __sending notifications for failed backup runs__.
 
-## Configuration
+<!-- MarkdownTOC -->
 
-Backup targets, schedule and retention are configured in environment variables:
+- [Quickstart](#quickstart)
+  - [Recurring backups in a compose setup](#recurring-backups-in-a-compose-setup)
+  - [One-off backups using Docker CLI](#one-off-backups-using-docker-cli)
+- [Configuration reference](#configuration-reference)
+- [How to](#how-to)
+  - [Stopping containers during backup](#stopping-containers-during-backup)
+  - [Automatically pruning old backups](#automatically-pruning-old-backups)
+  - [Send email notifications on failed backup runs](#send-email-notifications-on-failed-backup-runs)
+  - [Encrypting your backup using GPG](#encrypting-your-backup-using-gpg)
+  - [Restoring a volume from a backup](#restoring-a-volume-from-a-backup)
+  - [Using with Docker Swarm](#using-with-docker-swarm)
+  - [Manually triggering a backup](#manually-triggering-a-backup)
+- [Recipes](#recipes)
+  - [Backing up to AWS S3](#backing-up-to-aws-s3)
+  - [Backing up to MinIO](#backing-up-to-minio)
+  - [Backing up locally](#backing-up-locally)
+  - [Backing up to AWS S3 as well as locally](#backing-up-to-aws-s3-as-well-as-locally)
+  - [Running on a custom cron schedule](#running-on-a-custom-cron-schedule)
+  - [Rotating away backups that are older than 7 days](#rotating-away-backups-that-are-older-than-7-days)
+  - [Encrypting your backups using GPG](#encrypting-your-backups-using-gpg)
+  - [Running multiple instances in the same setup](#running-multiple-instances-in-the-same-setup)
+- [Differences to `futurice/docker-volume-backup`](#differences-to-futuricedocker-volume-backup)
 
-```ini
-########### BACKUP SCHEDULE
+<!-- /MarkdownTOC -->
 
-# Backups run on the given cron schedule and use the filename defined in the
-# template expression.
+---
 
-BACKUP_CRON_EXPRESSION="0 2 * * *"
-# Format verbs will be replaced as in the `date` command. Omitting them
-# will result in the same filename for every backup run, which means previous
-# versions will be overwritten.
-BACKUP_FILENAME="backup-%Y-%m-%dT%H-%M-%S.tar.gz"
+Code and documentation for `v1` versions are found on [this branch][v1-branch].
 
-########### BACKUP STORAGE
+[v1-branch]: https://github.com/offen/docker-volume-backup/tree/v1
 
-# Define credentials for authenticating against the backup storage and a bucket
-# name. Although all of these values are `AWS`-prefixed, the setup can be used
-# with any S3 compatible storage.
+## Quickstart
 
-AWS_ACCESS_KEY_ID="<xxx>"
-AWS_SECRET_ACCESS_KEY="<xxx>"
-AWS_S3_BUCKET_NAME="<xxx>"
+### Recurring backups in a compose setup
 
-# This is the FQDN of your storage server, e.g. `storage.example.com`.
-# Do not set this when working against AWS S3. If you need to set a
-# specific protocol, you will need to use the option below.
-
-# AWS_ENDPOINT="<xxx>"
-
-# The protocol to be used when communicating with your storage server.
-# Defaults to "https". You can set this to "http" when communicating with
-# a different Docker container on the same host for example.
-
-# AWS_ENDPOINT_PROTO="https"
-
-# Setting this variable to any value will disable verification of
-# SSL certificates. You shouldn't use this unless you use self-signed
-# certificates for your remote storage backend.
-
-# AWS_ENDPOINT_INSECURE="true"
-
-# In addition to backing up you can also store backups locally. Pass in
-# a local path to store your backups here if needed. You likely want to
-# mount a local folder or Docker volume into that location when running
-# the container. Local paths can also be subject to pruning of old
-# backups as defined below.
-
-# BACKUP_ARCHIVE="/archive"
-
-########### BACKUP PRUNING
-
-# **IMPORTANT, PLEASE READ THIS BEFORE USING THIS FEATURE**:
-# The mechanism used for pruning backups is not very sophisticated
-# and applies its rules to **all files in the target directory** by default,
-# which means that if you are storing your backups next to other files,
-# these might become subject to deletion too. When using this option
-# make sure the backup files are stored in a directory used exclusively
-# for storing them or to configure BACKUP_PRUNING_PREFIX to limit
-# removal to certain files.
-
-# Define this value to enable automatic pruning of old backups. The value
-# declares the number of days for which a backup is kept.
-
-# BACKUP_RETENTION_DAYS="7"
-
-# In case the duration a backup takes fluctuates noticeably in your setup
-# you can adjust this setting to make sure there are no race conditions
-# between the backup finishing and the rotation not deleting backups that
-# sit on the very edge of the time window. Set this value to a duration
-# that is expected to be bigger than the maximum difference of backups.
-# Valid values have a suffix of (s)econds, (m)inutes or (h)ours.
-
-# BACKUP_PRUNING_LEEWAY="10m"
-
-# In case your target bucket or directory contains other files than the ones
-# managed by this container, you can limit the scope of rotation by setting
-# a prefix value. This would usually be the non-parametrized part of your
-# BACKUP_FILENAME. E.g. if BACKUP_FILENAME is `db-backup-%Y-%m-%dT%H-%M-%S.tar.gz`,
-# you can set BACKUP_PRUNING_PREFIX to `db-backup-` and make sure
-# unrelated files are not affected.
-
-# BACKUP_PRUNING_PREFIX="backup-"
-
-########### BACKUP ENCRYPTION
-
-# Backups can be encrypted using gpg in case a passphrase is given
-
-# GPG_PASSPHRASE="<xxx>"
-
-########### STOPPING CONTAINERS DURING BACKUP
-
-# Containers can be stopped by applying a
-# `docker-volume-backup.stop-during-backup` label. By default, all containers
-# that are labeled with `true` will be stopped. If you need more fine grained
-# control (e.g. when running multiple containers based on this image), you can
-# override this default by specifying a different value here.
-
-# BACKUP_STOP_CONTAINER_LABEL="service1"
-```
-
-## Example in a docker-compose setup
-
-Most likely, you will use this image as a sidecar container in an existing docker-compose setup like this:
+Add a `backup` service to your compose setup and mount the volumes you would like to see backed up:
 
 ```yml
 version: '3'
@@ -127,26 +60,304 @@ services:
       - docker-volume-backup.stop-during-backup=true
 
   backup:
+    # In production, it is advised to lock your image tag to a proper
+    # release version instead of using `latest`.
+    # Check https://github.com/offen/docker-volume-backup/releases
+    # for a list of available releases.
     image: offen/docker-volume-backup:latest
     restart: always
-    env_file: ./backup.env
+    env_file: ./backup.env # see below for configuration reference
     volumes:
+      - data:/backup/my-app-backup:ro
       # Mounting the Docker socket allows the script to stop and restart
       # the container during backup. You can omit this if you don't want
       # to stop the container
       - /var/run/docker.sock:/var/run/docker.sock:ro
-      - data:/backup/my-app-backup:ro
       # If you mount a local directory or volume to `/archive` a local
       # copy of the backup will be stored there. You can override the
-      # location inside of the container by setting `BACKUP_ARCHIVE`
-      # - /path/to/local_backups:/archive
+      # location inside of the container by setting `BACKUP_ARCHIVE`.
+      # You can omit this if you do not want to keep local backups.
+      - /path/to/local_backups:/archive
 volumes:
   data:
 ```
 
-## Using with Docker Swarm
+### One-off backups using Docker CLI
 
-By default, Docker Swarm will restart stopped containers automatically, even when manually stopped. If you plan to have your containers / services stopped during backup, this means you need to apply the `on-failure` restart policy to your service's definitions. A restart policy of `always` is not compatible with this tool.
+To run a one time backup, mount the volume you would like to see backed up into a container and run the `backup` command:
+
+```console
+docker run --rm \
+  -v data:/backup/data \
+  --env AWS_ACCESS_KEY_ID="<xxx>" \
+  --env AWS_SECRET_ACCESS_KEY="<xxx>" \
+  --env AWS_S3_BUCKET_NAME="<xxx>" \
+  --entrypoint backup \
+  offen/docker-volume-backup:latest
+```
+
+Alternatively, pass a `--env-file` in order to use a full config as described below.
+
+## Configuration reference
+
+Backup targets, schedule and retention are configured in environment variables.
+You can populate below template according to your requirements and use it as your `env_file`:
+
+```ini
+########### BACKUP SCHEDULE
+
+# Backups run on the given cron schedule in `busybox` flavor. If no
+# value is set, `@daily` will be used. If you do not want the cron
+# to ever run, use `0 0 5 31 2 ?`.
+
+# BACKUP_CRON_EXPRESSION="0 2 * * *"
+
+# The name of the backup file including the `.tar.gz` extension.
+# Format verbs will be replaced as in `strftime`. Omitting them
+# will result in the same filename for every backup run, which means previous
+# versions will be overwritten on subsequent runs. The default results
+# in filenames like `backup-2021-08-29T04-00-00.tar.gz`.
+
+# BACKUP_FILENAME="backup-%Y-%m-%dT%H-%M-%S.tar.gz"
+
+########### BACKUP STORAGE
+
+# The name of the remote bucket that should be used for storing backups. If
+# this is not set, no remote backups will be stored.
+
+# AWS_S3_BUCKET_NAME="backup-bucket"
+
+# Define credentials for authenticating against the backup storage and a bucket
+# name. Although all of these keys are `AWS`-prefixed, the setup can be used
+# with any S3 compatible storage.
+
+# AWS_ACCESS_KEY_ID="<xxx>"
+# AWS_SECRET_ACCESS_KEY="<xxx>"
+
+# Instead of providing static credentials, you can also use IAM instance profiles
+# or similar to provide authentication. Some possible configuration options on AWS:
+# - EC2: http://169.254.169.254
+# - ECS: http://169.254.170.2
+
+# AWS_IAM_ROLE_ENDPOINT="http://169.254.169.254"
+
+# This is the FQDN of your storage server, e.g. `storage.example.com`.
+# Do not set this when working against AWS S3 (the default value is 
+# `s3.amazonaws.com`). If you need to set a specific (non-https) protocol, you
+# will need to use the option below.
+
+# AWS_ENDPOINT="storage.example.com"
+
+# The protocol to be used when communicating with your storage server.
+# Defaults to "https". You can set this to "http" when communicating with
+# a different Docker container on the same host for example.
+
+# AWS_ENDPOINT_PROTO="https"
+
+# Setting this variable to `true` will disable verification of
+# SSL certificates. You shouldn't use this unless you use self-signed
+# certificates for your remote storage backend.
+
+# AWS_ENDPOINT_INSECURE="true"
+
+# In addition to storing backups remotely, you can also keep local copies.
+# Pass a container-local path to store your backups if needed. You also need to
+# mount a local folder or Docker volume into that location (`/archive`
+# by default) when running the container. In case the specified directory does
+# not exist (nothing is mounted) in the container when the backup is running,
+# local backups will be skipped. Local paths are also be subject to pruning of
+# old backups as defined below.
+
+# BACKUP_ARCHIVE="/archive"
+
+########### BACKUP PRUNING
+
+# **IMPORTANT, PLEASE READ THIS BEFORE USING THIS FEATURE**:
+# The mechanism used for pruning old backups is not very sophisticated
+# and applies its rules to **all files in the target directory** by default,
+# which means that if you are storing your backups next to other files,
+# these might become subject to deletion too. When using this option
+# make sure the backup files are stored in a directory used exclusively
+# for such files, or to configure BACKUP_PRUNING_PREFIX to limit
+# removal to certain files.
+
+# Define this value to enable automatic rotation of old backups. The value
+# declares the number of days for which a backup is kept.
+
+# BACKUP_RETENTION_DAYS="7"
+
+# In case the duration a backup takes fluctuates noticeably in your setup
+# you can adjust this setting to make sure there are no race conditions
+# between the backup finishing and the rotation not deleting backups that
+# sit on the edge of the time window. Set this value to a duration
+# that is expected to be bigger than the maximum difference of backups.
+# Valid values have a suffix of (s)econds, (m)inutes or (h)ours. By default,
+# one minute is used.
+
+# BACKUP_PRUNING_LEEWAY="1m"
+
+# In case your target bucket or directory contains other files than the ones
+# managed by this container, you can limit the scope of rotation by setting
+# a prefix value. This would usually be the non-parametrized part of your
+# BACKUP_FILENAME. E.g. if BACKUP_FILENAME is `db-backup-%Y-%m-%dT%H-%M-%S.tar.gz`,
+# you can set BACKUP_PRUNING_PREFIX to `db-backup-` and make sure
+# unrelated files are not affected by the rotation mechanism.
+
+# BACKUP_PRUNING_PREFIX="backup-"
+
+########### BACKUP ENCRYPTION
+
+# Backups can be encrypted using gpg in case a passphrase is given.
+
+# GPG_PASSPHRASE="<xxx>"
+
+########### STOPPING CONTAINERS DURING BACKUP
+
+# Containers can be stopped by applying a
+# `docker-volume-backup.stop-during-backup` label. By default, all containers
+# that are labeled with `true` will be stopped. If you need more fine grained
+# control (e.g. when running multiple containers based on this image), you can
+# override this default by specifying a different value here.
+
+# BACKUP_STOP_CONTAINER_LABEL="service1"
+
+########### EMAIL NOTIFICATIONS ON FAILED BACKUP RUNS
+
+# In case SMTP credentials are provided, notification emails can be sent out on
+# failed backup runs. These emails will contain the start time, the error
+# message and all log output prior to the failure.
+
+# The recipient(s) of the notification. Supply a comma separated list
+# of adresses if you want to notify multiple recipients. If this is
+# not set, no emails will be sent.
+
+# EMAIL_NOTIFICATION_RECIPIENT="you@example.com"
+
+# The "From" header of the sent email. Defaults to `noreply@nohost`.
+
+# EMAIL_NOTIFICATION_SENDER="no-reply@example.com"
+
+# Configuration and credentials for the SMTP server to be used.
+# EMAIL_SMTP_PORT defaults to 587.
+
+# EMAIL_SMTP_HOST="posteo.de"
+# EMAIL_SMTP_PASSWORD="<xxx>"
+# EMAIL_SMTP_USERNAME="no-reply@example.com"
+# EMAIL_SMTP_PORT="<port>"
+```
+
+## How to
+
+### Stopping containers during backup
+
+In many cases, it will be desirable to stop the services that are consuming the volume you want to backup in order to ensure data integrity.
+This image can automatically stop and restart containers and services (in case you are running Docker in Swarm mode).
+By default, any container that is labeled `docker-volume-backup.stop-during-backup=true` will be stopped before the backup is being taken and restarted once it has finished.
+
+In case you need more fine grained control about which containers should be stopped (e.g. when backing up multiple volumes on different schedules), you can set the `BACKUP_STOP_CONTAINER_LABEL` environment variable and then use the same value for labeling:
+
+```yml
+version: '3'
+
+services:
+  app:
+    # definition for app ...
+    labels:
+      - docker-volume-backup.stop-during-backup=service1
+
+  backup:
+    image: offen/docker-volume-backup:latest
+    environment:
+      BACKUP_STOP_CONTAINER_LABEL: service1
+    volumes:
+      - data:/backup/my-app-backup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+
+volumes:
+  data:
+```
+
+### Automatically pruning old backups
+
+When `BACKUP_RETENTION_DAYS` is configured, the image will check if there are any backups in the remote bucket or local archive that are older than the given retention value and rotate these backups away.
+
+Be aware that this mechanism looks at __all files in the target bucket or archive__, which means that other files that are older than the given deadline are deleted as well. In case you need to use a target that cannot be used exclusively for your backups, you can configure `BACKUP_PRUNING_PREFIX` to limit which files are considered eligible for deletion:
+
+```yml
+version: '3'
+
+services:
+  # ... define other services using the `data` volume here
+  backup:
+    image: offen/docker-volume-backup:latest
+    environment:
+      BACKUP_FILENAME: backup-%Y-%m-%dT%H-%M-%S.tar.gz
+      BACKUP_PRUNING_PREFIX: backup-
+      BACKUP_RETENTION_DAYS: 7
+    volumes:
+      - ${HOME}/backups:/archive
+      - data:/backup/my-app-backup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+
+volumes:
+  data:
+```
+
+### Send email notifications on failed backup runs
+
+To send out email notifications on failed backup runs, provide SMTP credentials, a sender and a recipient:
+
+```yml
+version: '3'
+
+services:
+  backup:
+    image: offen/docker-volume-backup:latest
+    environment:
+      # ... other configuration values go here
+      EMAIL_SMTP_HOST: "smtp.example.com"
+      EMAIL_SMTP_PASSWORD: "password"
+      EMAIL_SMTP_USERNAME: "username"
+      EMAIL_NOTIFICATION_SENDER: "noreply@example.com"
+      EMAIL_NOTIFICATION_RECIPIENT: "notifications@example.com"
+```
+
+### Encrypting your backup using GPG
+
+The image supports encrypting backups using GPG out of the box.
+In case a `GPG_PASSPHRASE` environment variable is set, the backup will be encrypted using the given key and saved as a `.gpg` file instead.
+
+Assuming you have `gpg` installed, you can decrypt such a backup using (your OS will prompt for the passphrase before decryption can happen):
+
+```console
+gpg -o backup.tar.gz -d backup.tar.gz.gpg
+```
+
+### Restoring a volume from a backup
+
+In case you need to restore a volume from a backup, the most straight forward procedure to do so would be:
+
+- Stop the container(s) that are using the volume
+- Untar the backup you want to restore
+  ```console
+  tar -C /tmp -xvf  backup.tar.gz
+  ```
+- Using a temporary one-off container, mount the volume (the example assumes it's named `data`) and copy over the backup. Make sure you copy the correct path level (this depends on how you mount your volume into the backup container), you might need to strip some leading elements
+  ```console
+  docker run -d --name backup_restore -v data:/backup_restore alpine
+  docker cp /tmp/backup/data-backup backup_restore:/backup_restore
+  docker stop backup_restore
+  docker rm backup_restore
+  ```
+- Restart the container(s) that are using the volume 
+
+Depending on your setup and the application(s) you are running, this might involve other steps to be taken still.
+
+### Using with Docker Swarm
+
+By default, Docker Swarm will restart stopped containers automatically, even when manually stopped.
+If you plan to have your containers / services stopped during backup, this means you need to apply the `on-failure` restart policy to your service's definitions.
+A restart policy of `always` is not compatible with this tool.
 
 ---
 
@@ -162,7 +373,7 @@ services:
           memory: 25M
 ```
 
-## Manually triggering a backup
+### Manually triggering a backup
 
 You can manually trigger a backup run outside of the defined cron schedule by executing the `backup` command inside the container:
 
@@ -170,15 +381,207 @@ You can manually trigger a backup run outside of the defined cron schedule by ex
 docker exec <container_ref> backup
 ```
 
----
+## Recipes
+
+This section lists configuration for some real-world use cases that you can mix and match according to your needs.
+
+### Backing up to AWS S3
+
+```yml
+version: '3'
+
+services:
+  # ... define other services using the `data` volume here
+  backup:
+    image: offen/docker-volume-backup:latest
+    environment:
+      AWS_BUCKET_NAME: backup-bucket
+      AWS_ACCESS_KEY_ID: AKIAIOSFODNN7EXAMPLE
+      AWS_SECRET_ACCESS_KEY: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+    volumes:
+      - data:/backup/my-app-backup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+
+volumes:
+  data:
+```
+
+### Backing up to MinIO
+
+```yml
+version: '3'
+
+services:
+  # ... define other services using the `data` volume here
+  backup:
+    image: offen/docker-volume-backup:latest
+    environment:
+      AWS_ENDPOINT: minio.example.com
+      AWS_BUCKET_NAME: backup-bucket
+      AWS_ACCESS_KEY_ID: MINIOACCESSKEY
+      AWS_SECRET_ACCESS_KEY: MINIOSECRETKEY
+    volumes:
+      - data:/backup/my-app-backup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+
+volumes:
+  data:
+```
+
+### Backing up locally
+
+```yml
+version: '3'
+
+services:
+  # ... define other services using the `data` volume here
+  backup:
+    image: offen/docker-volume-backup:latest
+    volumes:
+      - data:/backup/my-app-backup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ${HOME}/backups:/archive
+
+volumes:
+  data:
+```
+
+### Backing up to AWS S3 as well as locally
+
+```yml
+version: '3'
+
+services:
+  # ... define other services using the `data` volume here
+  backup:
+    image: offen/docker-volume-backup:latest
+    environment:
+      AWS_BUCKET_NAME: backup-bucket
+      AWS_ACCESS_KEY_ID: AKIAIOSFODNN7EXAMPLE
+      AWS_SECRET_ACCESS_KEY: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+    volumes:
+      - data:/backup/my-app-backup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ${HOME}/backups:/archive
+
+volumes:
+  data:
+```
+
+### Running on a custom cron schedule
+
+```yml
+version: '3'
+
+services:
+  # ... define other services using the `data` volume here
+  backup:
+    image: offen/docker-volume-backup:latest
+    environment:
+      # take a backup on every hour
+      BACKUP_CRON_EXPRESSION: "0 * * * *"
+      AWS_BUCKET_NAME: backup-bucket
+      AWS_ACCESS_KEY_ID: AKIAIOSFODNN7EXAMPLE
+      AWS_SECRET_ACCESS_KEY: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+    volumes:
+      - data:/backup/my-app-backup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+
+volumes:
+  data:
+```
+
+### Rotating away backups that are older than 7 days
+
+```yml
+version: '3'
+
+services:
+  # ... define other services using the `data` volume here
+  backup:
+    image: offen/docker-volume-backup:latest
+    environment:
+      AWS_BUCKET_NAME: backup-bucket
+      AWS_ACCESS_KEY_ID: AKIAIOSFODNN7EXAMPLE
+      AWS_SECRET_ACCESS_KEY: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+      BACKUP_FILENAME: backup-%Y-%m-%dT%H-%M-%S.tar.gz
+      BACKUP_PRUNING_PREFIX: backup-
+      BACKUP_RETENTION_DAYS: 7
+    volumes:
+      - data:/backup/my-app-backup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+
+volumes:
+  data:
+```
+
+### Encrypting your backups using GPG
+
+```yml
+version: '3'
+
+services:
+  # ... define other services using the `data` volume here
+  backup:
+    image: offen/docker-volume-backup:latest
+    environment:
+      AWS_BUCKET_NAME: backup-bucket
+      AWS_ACCESS_KEY_ID: AKIAIOSFODNN7EXAMPLE
+      AWS_SECRET_ACCESS_KEY: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+      GPG_PASSPHRASE: somesecretstring
+    volumes:
+      - data:/backup/my-app-backup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+
+volumes:
+  data:
+```
+
+### Running multiple instances in the same setup
+
+```yml
+version: '3'
+
+services:
+  # ... define other services using the `data_1` and `data_2` volumes here
+  backup_1: &backup_service
+    image: offen/docker-volume-backup:latest
+    environment: &backup_environment
+      BACKUP_CRON_EXPRESSION: "0 2 * * *"
+      AWS_BUCKET_NAME: backup-bucket
+      AWS_ACCESS_KEY_ID: AKIAIOSFODNN7EXAMPLE
+      AWS_SECRET_ACCESS_KEY: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+      # Label the container using the `data_1` volume as `docker-volume-backup.stop-during-backup=service1`
+      BACKUP_STOP_CONTAINER_LABEL: service1
+    volumes:
+      - data_1:/backup/data-1-backup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+  backup_2:
+    <<: *backup_service
+    environment:
+      <<: *backup_environment
+      # Label the container using the `data_2` volume as `docker-volume-backup.stop-during-backup=service2`
+      BACKUP_CRON_EXPRESSION: "0 3 * * *"
+      BACKUP_STOP_CONTAINER_LABEL: service2
+    volumes:
+      - data_2:/backup/data-2-backup:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+
+volumes:
+  data_1:
+  data_2:
+```
 
 ## Differences to `futurice/docker-volume-backup`
 
 This image is heavily inspired by the `futurice/docker-volume-backup`. We decided to publish this image as a simpler and more lightweight alternative because of the following requirements:
 
-- The original image is based on `ubuntu` and additional tools, making it very heavy. This version is roughly 1/25 in compressed size (it's ~12MB).
-- The original image uses a shell script, when this is written in Go.
-- The original image proposed to handle backup rotation through AWS S3 lifecycle policies. This image adds the option to rotate away old backups through the same command so this functionality can also be offered for non-AWS storage backends like MinIO. Local copies of backups can also be pruned once they reach a certain age.
-- InfluxDB specific functionality was removed.
+- The original image is based on `ubuntu` and requires additional tools, making it heavy.
+This version is roughly 1/25 in compressed size (it's ~12MB).
+- The original image uses a shell script, when this version is written in Go, which makes it easier to extend and maintain (more verbose too).
+- The original image proposed to handle backup rotation through AWS S3 lifecycle policies.
+This image adds the option to rotate away old backups through the same command so this functionality can also be offered for non-AWS storage backends like MinIO.
+Local copies of backups can also be pruned once they reach a certain age.
+- InfluxDB specific functionality from the original image was removed.
 - `arm64` and `arm/v7` architectures are supported.
 - Docker in Swarm mode is supported.

cmd/backup/main.go

@@ -9,12 +9,9 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
-	"os/exec"
 	"path"
 	"path/filepath"
-	"strconv"
 	"strings"
 	"time"
 
@@ -22,125 +19,203 @@ import (
 	"github.com/docker/docker/api/types/filters"
 	"github.com/docker/docker/api/types/swarm"
 	"github.com/docker/docker/client"
-	"github.com/joho/godotenv"
-	minio "github.com/minio/minio-go/v7"
+	"github.com/go-gomail/gomail"
+	"github.com/gofrs/flock"
+	"github.com/kelseyhightower/envconfig"
+	"github.com/leekchan/timeutil"
+	"github.com/m90/targz"
+	"github.com/minio/minio-go/v7"
 	"github.com/minio/minio-go/v7/pkg/credentials"
 	"github.com/sirupsen/logrus"
-	"github.com/walle/targz"
 	"golang.org/x/crypto/openpgp"
 )
 
 func main() {
-	unlock := lock("/var/dockervolumebackup.lock")
+	unlock := lock("/var/lock/dockervolumebackup.lock")
 	defer unlock()
 
-	s := &script{}
-	s.must(s.init())
-	s.must(s.stopContainersAndRun(s.takeBackup))
-	s.must(s.encryptBackup())
-	s.must(s.copyBackup())
-	s.must(s.cleanBackup())
+	s, err := newScript()
+	if err != nil {
+		panic(err)
+	}
+
+	defer func() {
+		if err := recover(); err != nil {
+			if e, ok := err.(error); ok && strings.Contains(e.Error(), msgBackupFailed) {
+				os.Exit(1)
+			}
+			panic(err)
+		}
+	}()
+
+	s.must(func() error {
+		restartContainers, err := s.stopContainers()
+		defer func() {
+			s.must(restartContainers())
+		}()
+		if err != nil {
+			return err
+		}
+		return s.takeBackup()
+	}())
+
+	s.must(func() error {
+		defer func() {
+			s.must(s.removeArtifacts())
+		}()
+		s.must(s.encryptBackup())
+		return s.copyBackup()
+	}())
+
 	s.must(s.pruneOldBackups())
 	s.logger.Info("Finished running backup tasks.")
 }
 
+// script holds all the stateful information required to orchestrate a
+// single backup run.
 type script struct {
-	ctx        context.Context
-	cli        *client.Client
-	mc         *minio.Client
-	logger     *logrus.Logger
-	file       string
-	bucket     string
-	archive    string
-	sources    string
-	passphrase string
+	cli    *client.Client
+	mc     *minio.Client
+	logger *logrus.Logger
+	hooks  []hook
+
+	start  time.Time
+	file   string
+	output *bytes.Buffer
+
+	c *config
 }
 
-// lock opens a lockfile at the given location, keeping it locked until the
-// caller invokes the returned release func. When invoked while the file is
-// still locked the function panics.
-func lock(lockfile string) func() error {
-	lf, err := os.OpenFile(lockfile, os.O_CREATE, os.ModeAppend)
-	if err != nil {
-		panic(err)
-	}
-	return func() error {
-		if err := lf.Close(); err != nil {
-			return fmt.Errorf("lock: error releasing file lock: %w", err)
-		}
-		if err := os.Remove(lockfile); err != nil {
-			return fmt.Errorf("lock: error removing lock file: %w", err)
-		}
-		return nil
-	}
+type config struct {
+	BackupSources              string        `split_words:"true" default:"/backup"`
+	BackupFilename             string        `split_words:"true" default:"backup-%Y-%m-%dT%H-%M-%S.tar.gz"`
+	BackupArchive              string        `split_words:"true" default:"/archive"`
+	BackupRetentionDays        int32         `split_words:"true" default:"-1"`
+	BackupPruningLeeway        time.Duration `split_words:"true" default:"1m"`
+	BackupPruningPrefix        string        `split_words:"true"`
+	BackupStopContainerLabel   string        `split_words:"true" default:"true"`
+	AwsS3BucketName            string        `split_words:"true"`
+	AwsEndpoint                string        `split_words:"true" default:"s3.amazonaws.com"`
+	AwsEndpointProto           string        `split_words:"true" default:"https"`
+	AwsEndpointInsecure        bool          `split_words:"true"`
+	AwsAccessKeyID             string        `envconfig:"AWS_ACCESS_KEY_ID"`
+	AwsSecretAccessKey         string        `split_words:"true"`
+	AwsIamRoleEndpoint         string        `split_words:"true"`
+	GpgPassphrase              string        `split_words:"true"`
+	EmailNotificationRecipient string        `split_words:"true"`
+	EmailNotificationSender    string        `split_words:"true" default:"noreply@nohost"`
+	EmailSMTPHost              string        `envconfig:"EMAIL_SMTP_HOST"`
+	EmailSMTPPort              int           `envconfig:"EMAIL_SMTP_PORT" default:"587"`
+	EmailSMTPUsername          string        `envconfig:"EMAIL_SMTP_USERNAME"`
+	EmailSMTPPassword          string        `envconfig:"EMAIL_SMTP_PASSWORD"`
 }
 
-// init creates all resources needed for the script to perform actions against
-// remote resources like the Docker engine or remote storage locations.
-func (s *script) init() error {
-	s.ctx = context.Background()
-	s.logger = logrus.New()
-	s.logger.SetOutput(os.Stdout)
+var msgBackupFailed = "backup run failed"
 
-	if err := godotenv.Load("/etc/backup.env"); err != nil {
-		return fmt.Errorf("init: failed to load env file: %w", err)
+// newScript creates all resources needed for the script to perform actions against
+// remote resources like the Docker engine or remote storage locations. All
+// reading from env vars or other configuration sources is expected to happen
+// in this method.
+func newScript() (*script, error) {
+	stdOut, logBuffer := buffer(os.Stdout)
+	s := &script{
+		c: &config{},
+		logger: &logrus.Logger{
+			Out:       stdOut,
+			Formatter: new(logrus.TextFormatter),
+			Hooks:     make(logrus.LevelHooks),
+			Level:     logrus.InfoLevel,
+		},
+		start:  time.Now(),
+		output: logBuffer,
 	}
 
+	if err := envconfig.Process("", s.c); err != nil {
+		return nil, fmt.Errorf("newScript: failed to process configuration values: %w", err)
+	}
+
+	s.file = path.Join("/tmp", s.c.BackupFilename)
+
 	_, err := os.Stat("/var/run/docker.sock")
 	if !os.IsNotExist(err) {
 		cli, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation())
 		if err != nil {
-			return fmt.Errorf("init: failed to create docker client")
+			return nil, fmt.Errorf("newScript: failed to create docker client")
 		}
 		s.cli = cli
 	}
 
-	if bucket := os.Getenv("AWS_S3_BUCKET_NAME"); bucket != "" {
-		s.bucket = bucket
-		mc, err := minio.New(os.Getenv("AWS_ENDPOINT"), &minio.Options{
-			Creds: credentials.NewStaticV4(
-				os.Getenv("AWS_ACCESS_KEY_ID"),
-				os.Getenv("AWS_SECRET_ACCESS_KEY"),
+	if s.c.AwsS3BucketName != "" {
+		var creds *credentials.Credentials
+		if s.c.AwsAccessKeyID != "" && s.c.AwsSecretAccessKey != "" {
+			creds = credentials.NewStaticV4(
+				s.c.AwsAccessKeyID,
+				s.c.AwsSecretAccessKey,
 				"",
-			),
-			Secure: os.Getenv("AWS_ENDPOINT_INSECURE") == "" && os.Getenv("AWS_ENDPOINT_PROTO") == "https",
+			)
+		} else if s.c.AwsIamRoleEndpoint != "" {
+			creds = credentials.NewIAM(s.c.AwsIamRoleEndpoint)
+		} else {
+			return nil, errors.New("newScript: AWS_S3_BUCKET_NAME is defined, but no credentials were provided")
+		}
+
+		mc, err := minio.New(s.c.AwsEndpoint, &minio.Options{
+			Creds:  creds,
+			Secure: !s.c.AwsEndpointInsecure && s.c.AwsEndpointProto == "https",
 		})
 		if err != nil {
-			return fmt.Errorf("init: error setting up minio client: %w", err)
+			return nil, fmt.Errorf("newScript: error setting up minio client: %w", err)
 		}
 		s.mc = mc
 	}
 
-	file := os.Getenv("BACKUP_FILENAME")
-	if file == "" {
-		return errors.New("init: BACKUP_FILENAME not given")
+	if s.c.EmailNotificationRecipient != "" {
+		s.hooks = append(s.hooks, hook{hookLevelFailure, func(err error, start time.Time, logOutput string) error {
+			mailer := gomail.NewDialer(
+				s.c.EmailSMTPHost, s.c.EmailSMTPPort, s.c.EmailSMTPUsername, s.c.EmailSMTPPassword,
+			)
+
+			subject := fmt.Sprintf(
+				"Failure running docker-volume-backup at %s", start.Format(time.RFC3339),
+			)
+			body := fmt.Sprintf(
+				"Running docker-volume-backup failed with error: %s\n\nLog output of the failed run was:\n\n%s\n", err, logOutput,
+			)
+
+			message := gomail.NewMessage()
+			message.SetHeader("From", s.c.EmailNotificationSender)
+			message.SetHeader("To", s.c.EmailNotificationRecipient)
+			message.SetHeader("Subject", subject)
+			message.SetBody("text/plain", body)
+			return mailer.DialAndSend(message)
+		}})
 	}
-	s.file = path.Join("/tmp", file)
-	s.archive = os.Getenv("BACKUP_ARCHIVE")
-	s.sources = os.Getenv("BACKUP_SOURCES")
-	s.passphrase = os.Getenv("GPG_PASSPHRASE")
-	return nil
+
+	return s, nil
 }
 
-// stopContainersAndRun stops all Docker containers that are marked as to being
-// stopped during the backup and runs the given thunk. After returning, it makes
-// sure containers are being restarted if required.
-func (s *script) stopContainersAndRun(thunk func() error) error {
+var noop = func() error { return nil }
+
+// stopContainers stops all Docker containers that are marked as to being
+// stopped during the backup and returns a function that can be called to
+// restart everything that has been stopped.
+func (s *script) stopContainers() (func() error, error) {
 	if s.cli == nil {
-		return nil
+		return noop, nil
 	}
-	allContainers, err := s.cli.ContainerList(s.ctx, types.ContainerListOptions{
+
+	allContainers, err := s.cli.ContainerList(context.Background(), types.ContainerListOptions{
 		Quiet: true,
 	})
 	if err != nil {
-		return fmt.Errorf("stopContainersAndRun: error querying for containers: %w", err)
+		return noop, fmt.Errorf("stopContainersAndRun: error querying for containers: %w", err)
 	}
 
 	containerLabel := fmt.Sprintf(
 		"docker-volume-backup.stop-during-backup=%s",
-		os.Getenv("BACKUP_STOP_CONTAINER_LABEL"),
+		s.c.BackupStopContainerLabel,
 	)
-	containersToStop, err := s.cli.ContainerList(s.ctx, types.ContainerListOptions{
+	containersToStop, err := s.cli.ContainerList(context.Background(), types.ContainerListOptions{
 		Quiet: true,
 		Filters: filters.NewArgs(filters.KeyValuePair{
 			Key:   "label",
@@ -149,28 +224,40 @@ func (s *script) stopContainersAndRun(thunk func() error) error {
 	})
 
 	if err != nil {
-		return fmt.Errorf("stopContainersAndRun: error querying for containers to stop: %w", err)
+		return noop, fmt.Errorf("stopContainersAndRun: error querying for containers to stop: %w", err)
 	}
+
+	if len(containersToStop) == 0 {
+		return noop, nil
+	}
+
 	s.logger.Infof(
-		"Stopping %d containers labeled `%s` out of %d running containers.",
+		"Stopping %d container(s) labeled `%s` out of %d running container(s).",
 		len(containersToStop),
 		containerLabel,
 		len(allContainers),
 	)
 
 	var stoppedContainers []types.Container
-	var errors []error
-	if len(containersToStop) != 0 {
-		for _, container := range containersToStop {
-			if err := s.cli.ContainerStop(s.ctx, container.ID, nil); err != nil {
-				errors = append(errors, err)
-			} else {
-				stoppedContainers = append(stoppedContainers, container)
-			}
+	var stopErrors []error
+	for _, container := range containersToStop {
+		if err := s.cli.ContainerStop(context.Background(), container.ID, nil); err != nil {
+			stopErrors = append(stopErrors, err)
+		} else {
+			stoppedContainers = append(stoppedContainers, container)
 		}
 	}
 
-	defer func() error {
+	var stopError error
+	if len(stopErrors) != 0 {
+		stopError = fmt.Errorf(
+			"stopContainersAndRun: %d error(s) stopping containers: %w",
+			len(stopErrors),
+			join(stopErrors...),
+		)
+	}
+
+	return func() error {
 		servicesRequiringUpdate := map[string]struct{}{}
 
 		var restartErrors []error
@@ -179,13 +266,13 @@ func (s *script) stopContainersAndRun(thunk func() error) error {
 				servicesRequiringUpdate[swarmServiceName] = struct{}{}
 				continue
 			}
-			if err := s.cli.ContainerStart(s.ctx, container.ID, types.ContainerStartOptions{}); err != nil {
+			if err := s.cli.ContainerStart(context.Background(), container.ID, types.ContainerStartOptions{}); err != nil {
 				restartErrors = append(restartErrors, err)
 			}
 		}
 
 		if len(servicesRequiringUpdate) != 0 {
-			services, _ := s.cli.ServiceList(s.ctx, types.ServiceListOptions{})
+			services, _ := s.cli.ServiceList(context.Background(), types.ServiceListOptions{})
 			for serviceName := range servicesRequiringUpdate {
 				var serviceMatch swarm.Service
 				for _, service := range services {
@@ -195,11 +282,11 @@ func (s *script) stopContainersAndRun(thunk func() error) error {
 					}
 				}
 				if serviceMatch.ID == "" {
-					return fmt.Errorf("stopContainersAndRun: Couldn't find service with name %s", serviceName)
+					return fmt.Errorf("stopContainersAndRun: couldn't find service with name %s", serviceName)
 				}
 				serviceMatch.Spec.TaskTemplate.ForceUpdate = 1
 				_, err := s.cli.ServiceUpdate(
-					s.ctx, serviceMatch.ID,
+					context.Background(), serviceMatch.ID,
 					serviceMatch.Version, serviceMatch.Spec, types.ServiceUpdateOptions{},
 				)
 				if err != nil {
@@ -212,83 +299,65 @@ func (s *script) stopContainersAndRun(thunk func() error) error {
 			return fmt.Errorf(
 				"stopContainersAndRun: %d error(s) restarting containers and services: %w",
 				len(restartErrors),
-				err,
+				join(restartErrors...),
 			)
 		}
-		s.logger.Infof("Successfully restarted %d containers.", len(stoppedContainers))
-		return nil
-	}()
-
-	var stopErr error
-	if len(errors) != 0 {
-		stopErr = fmt.Errorf(
-			"stopContainersAndRun: %d errors stopping containers: %w",
-			len(errors),
-			err,
+		s.logger.Infof(
+			"Restarted %d container(s) and the matching service(s).",
+			len(stoppedContainers),
 		)
-	}
-	if stopErr != nil {
-		return stopErr
-	}
-
-	return thunk()
+		return nil
+	}, stopError
 }
 
 // takeBackup creates a tar archive of the configured backup location and
 // saves it to disk.
 func (s *script) takeBackup() error {
-	outBytes, err := exec.Command("date", fmt.Sprintf("+%s", s.file)).Output()
-	if err != nil {
-		return fmt.Errorf("takeBackup: error formatting filename template: %w", err)
-	}
-	s.file = strings.TrimSpace(string(outBytes))
-	if err := targz.Compress(s.sources, s.file); err != nil {
+	s.file = timeutil.Strftime(&s.start, s.file)
+	if err := targz.Compress(s.c.BackupSources, s.file); err != nil {
 		return fmt.Errorf("takeBackup: error compressing backup folder: %w", err)
 	}
-	s.logger.Infof("Successfully created backup of `%s` at `%s`.", s.sources, s.file)
+	s.logger.Infof("Created backup of `%s` at `%s`.", s.c.BackupSources, s.file)
 	return nil
 }
 
 // encryptBackup encrypts the backup file using PGP and the configured passphrase.
 // In case no passphrase is given it returns early, leaving the backup file
-//  untouched.
+// untouched.
 func (s *script) encryptBackup() error {
-	if s.passphrase == "" {
+	if s.c.GpgPassphrase == "" {
 		return nil
 	}
+	defer os.Remove(s.file)
+
+	gpgFile := fmt.Sprintf("%s.gpg", s.file)
+	outFile, err := os.Create(gpgFile)
+	defer outFile.Close()
+	if err != nil {
+		return fmt.Errorf("encryptBackup: error opening out file: %w", err)
+	}
 
-	buf := bytes.NewBuffer(nil)
 	_, name := path.Split(s.file)
-	pt, err := openpgp.SymmetricallyEncrypt(buf, []byte(s.passphrase), &openpgp.FileHints{
+	dst, err := openpgp.SymmetricallyEncrypt(outFile, []byte(s.c.GpgPassphrase), &openpgp.FileHints{
 		IsBinary: true,
 		FileName: name,
 	}, nil)
+	defer dst.Close()
 	if err != nil {
 		return fmt.Errorf("encryptBackup: error encrypting backup file: %w", err)
 	}
 
-	unencrypted, err := ioutil.ReadFile(s.file)
+	src, err := os.Open(s.file)
 	if err != nil {
-		pt.Close()
-		return fmt.Errorf("encryptBackup: error reading unencrypted backup file: %w", err)
-	}
-	_, err = pt.Write(unencrypted)
-	if err != nil {
-		pt.Close()
-		return fmt.Errorf("encryptBackup: error writing backup contents: %w", err)
-	}
-	pt.Close()
-
-	gpgFile := fmt.Sprintf("%s.gpg", s.file)
-	if err := ioutil.WriteFile(gpgFile, buf.Bytes(), os.ModeAppend); err != nil {
-		return fmt.Errorf("encryptBackup: error writing encrypted version of backup: %w", err)
+		return fmt.Errorf("encryptBackup: error opening backup file %s: %w", s.file, err)
 	}
 
-	if err := os.Remove(s.file); err != nil {
-		return fmt.Errorf("encryptBackup: error removing unencrpyted backup: %w", err)
+	if _, err := io.Copy(dst, src); err != nil {
+		return fmt.Errorf("encryptBackup: error writing ciphertext to file: %w", err)
 	}
+
 	s.file = gpgFile
-	s.logger.Infof("Successfully encrypted backup using given passphrase, saving as `%s`.", s.file)
+	s.logger.Infof("Encrypted backup using given passphrase, saving as `%s`.", s.file)
 	return nil
 }
 
@@ -296,31 +365,38 @@ func (s *script) encryptBackup() error {
 // as per the given configuration.
 func (s *script) copyBackup() error {
 	_, name := path.Split(s.file)
-	if s.bucket != "" {
-		_, err := s.mc.FPutObject(s.ctx, s.bucket, name, s.file, minio.PutObjectOptions{
+	if s.mc != nil {
+		_, err := s.mc.FPutObject(context.Background(), s.c.AwsS3BucketName, name, s.file, minio.PutObjectOptions{
 			ContentType: "application/tar+gzip",
 		})
 		if err != nil {
 			return fmt.Errorf("copyBackup: error uploading backup to remote storage: %w", err)
 		}
-		s.logger.Infof("Successfully uploaded a copy of backup `%s` to bucket `%s`", s.file, s.bucket)
+		s.logger.Infof("Uploaded a copy of backup `%s` to bucket `%s`.", s.file, s.c.AwsS3BucketName)
 	}
 
-	if _, err := os.Stat(s.archive); !os.IsNotExist(err) {
-		if err := copy(s.file, path.Join(s.archive, name)); err != nil {
+	if _, err := os.Stat(s.c.BackupArchive); !os.IsNotExist(err) {
+		if err := copy(s.file, path.Join(s.c.BackupArchive, name)); err != nil {
 			return fmt.Errorf("copyBackup: error copying file to local archive: %w", err)
 		}
-		s.logger.Infof("Successfully stored copy of backup `%s` in local archive `%s`", s.file, s.archive)
+		s.logger.Infof("Stored copy of backup `%s` in local archive `%s`.", s.file, s.c.BackupArchive)
 	}
 	return nil
 }
 
-// cleanBackup removes the backup file from disk.
-func (s *script) cleanBackup() error {
-	if err := os.Remove(s.file); err != nil {
-		return fmt.Errorf("cleanBackup: error removing file: %w", err)
+// removeArtifacts removes the backup file from disk.
+func (s *script) removeArtifacts() error {
+	_, err := os.Stat(s.file)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return nil
+		}
+		return fmt.Errorf("removeArtifacts: error calling stat on file %s: %w", s.file, err)
 	}
-	s.logger.Info("Successfully cleaned up local artifacts.")
+	if err := os.Remove(s.file); err != nil {
+		return fmt.Errorf("removeArtifacts: error removing file %s: %w", s.file, err)
+	}
+	s.logger.Infof("Removed local artifacts %s.", s.file)
 	return nil
 }
 
@@ -328,29 +404,21 @@ func (s *script) cleanBackup() error {
 // the given configuration. In case the given configuration would delete all
 // backups, it does nothing instead.
 func (s *script) pruneOldBackups() error {
-	retention := os.Getenv("BACKUP_RETENTION_DAYS")
-	if retention == "" {
+	if s.c.BackupRetentionDays < 0 {
 		return nil
 	}
-	retentionDays, err := strconv.Atoi(retention)
-	if err != nil {
-		return fmt.Errorf("pruneOldBackups: error parsing BACKUP_RETENTION_DAYS as int: %w", err)
-	}
-	leeway := os.Getenv("BACKUP_PRUNING_LEEWAY")
-	sleepFor, err := time.ParseDuration(leeway)
-	if err != nil {
-		return fmt.Errorf("pruneBackups: error parsing given leeway value: %w", err)
-	}
-	s.logger.Infof("Sleeping for %s before pruning backups.", leeway)
-	time.Sleep(sleepFor)
 
-	s.logger.Infof("Trying to prune backups older than %d days now.", retentionDays)
-	deadline := time.Now().AddDate(0, 0, -retentionDays)
+	if s.c.BackupPruningLeeway != 0 {
+		s.logger.Infof("Sleeping for %s before pruning backups.", s.c.BackupPruningLeeway)
+		time.Sleep(s.c.BackupPruningLeeway)
+	}
 
-	if s.bucket != "" {
-		candidates := s.mc.ListObjects(s.ctx, s.bucket, minio.ListObjectsOptions{
+	deadline := time.Now().AddDate(0, 0, -int(s.c.BackupRetentionDays))
+
+	if s.mc != nil {
+		candidates := s.mc.ListObjects(context.Background(), s.c.AwsS3BucketName, minio.ListObjectsOptions{
 			WithMetadata: true,
-			Prefix:       os.Getenv("BACKUP_PRUNING_PREFIX"),
+			Prefix:       s.c.BackupPruningPrefix,
 		})
 
 		var matches []minio.ObjectInfo
@@ -358,7 +426,10 @@ func (s *script) pruneOldBackups() error {
 		for candidate := range candidates {
 			lenCandidates++
 			if candidate.Err != nil {
-				return fmt.Errorf("pruneOldBackups: error looking up candidates from remote storage: %w", candidate.Err)
+				return fmt.Errorf(
+					"pruneOldBackups: error looking up candidates from remote storage: %w",
+					candidate.Err,
+				)
 			}
 			if candidate.LastModified.Before(deadline) {
 				matches = append(matches, candidate)
@@ -373,39 +444,41 @@ func (s *script) pruneOldBackups() error {
 				}
 				close(objectsCh)
 			}()
-			errChan := s.mc.RemoveObjects(s.ctx, s.bucket, objectsCh, minio.RemoveObjectsOptions{})
-			var errors []error
+			errChan := s.mc.RemoveObjects(context.Background(), s.c.AwsS3BucketName, objectsCh, minio.RemoveObjectsOptions{})
+			var removeErrors []error
 			for result := range errChan {
 				if result.Err != nil {
-					errors = append(errors, result.Err)
+					removeErrors = append(removeErrors, result.Err)
 				}
 			}
 
-			if len(errors) != 0 {
+			if len(removeErrors) != 0 {
 				return fmt.Errorf(
-					"pruneOldBackups: %d errors removing files from remote storage: %w",
-					len(errors),
-					errors[0],
+					"pruneOldBackups: %d error(s) removing files from remote storage: %w",
+					len(removeErrors),
+					join(removeErrors...),
 				)
 			}
 			s.logger.Infof(
-				"Successfully pruned %d out of %d remote backups as their age exceeded the configured retention period.",
+				"Pruned %d out of %d remote backup(s) as their age exceeded the configured retention period of %d days.",
 				len(matches),
 				lenCandidates,
+				s.c.BackupRetentionDays,
 			)
 		} else if len(matches) != 0 && len(matches) == lenCandidates {
 			s.logger.Warnf(
-				"The current configuration would delete all %d remote backup copies. Refusing to do so, please check your configuration.",
+				"The current configuration would delete all %d remote backup copies.",
 				len(matches),
 			)
+			s.logger.Warn("Refusing to do so, please check your configuration.")
 		} else {
-			s.logger.Infof("None of %d remote backups were pruned.", lenCandidates)
+			s.logger.Infof("None of %d remote backup(s) were pruned.", lenCandidates)
 		}
 	}
 
-	if _, err := os.Stat(s.archive); !os.IsNotExist(err) {
+	if _, err := os.Stat(s.c.BackupArchive); !os.IsNotExist(err) {
 		candidates, err := filepath.Glob(
-			path.Join(s.archive, fmt.Sprintf("%s*", os.Getenv("BACKUP_PRUNING_PREFIX"))),
+			path.Join(s.c.BackupArchive, fmt.Sprintf("%s*", s.c.BackupPruningPrefix)),
 		)
 		if err != nil {
 			return fmt.Errorf(
@@ -413,7 +486,7 @@ func (s *script) pruneOldBackups() error {
 			)
 		}
 
-		var matches []os.FileInfo
+		var matches []string
 		for _, candidate := range candidates {
 			fi, err := os.Stat(candidate)
 			if err != nil {
@@ -425,51 +498,91 @@ func (s *script) pruneOldBackups() error {
 			}
 
 			if fi.ModTime().Before(deadline) {
-				matches = append(matches, fi)
+				matches = append(matches, candidate)
 			}
 		}
 
 		if len(matches) != 0 && len(matches) != len(candidates) {
-			var errors []error
+			var removeErrors []error
 			for _, candidate := range matches {
-				if err := os.Remove(candidate.Name()); err != nil {
-					errors = append(errors, err)
+				if err := os.Remove(candidate); err != nil {
+					removeErrors = append(removeErrors, err)
 				}
 			}
-			if len(errors) != 0 {
+			if len(removeErrors) != 0 {
 				return fmt.Errorf(
-					"pruneOldBackups: %d errors deleting local files, starting with: %w",
-					len(errors),
-					errors[0],
+					"pruneOldBackups: %d error(s) deleting local files, starting with: %w",
+					len(removeErrors),
+					join(removeErrors...),
 				)
 			}
 			s.logger.Infof(
-				"Successfully pruned %d out of %d local backups as their age exceeded the configured retention period.",
+				"Pruned %d out of %d local backup(s) as their age exceeded the configured retention period of %d days.",
 				len(matches),
 				len(candidates),
+				s.c.BackupRetentionDays,
 			)
 		} else if len(matches) != 0 && len(matches) == len(candidates) {
 			s.logger.Warnf(
-				"The current configuration would delete all %d local backup copies. Refusing to do so, please check your configuration.",
+				"The current configuration would delete all %d local backup copies.",
 				len(matches),
 			)
+			s.logger.Warn("Refusing to do so, please check your configuration.")
 		} else {
-			s.logger.Infof("None of %d local backups were pruned.", len(candidates))
+			s.logger.Infof("None of %d local backup(s) were pruned.", len(candidates))
 		}
 	}
 	return nil
 }
 
+// runHooks runs all hooks that have been registered using the
+// given level. In case executing a hook returns an error, the following
+// hooks will still be run before the function returns an error.
+func (s *script) runHooks(err error, targetLevel string) error {
+	var actionErrors []error
+	for _, hook := range s.hooks {
+		if hook.level != targetLevel {
+			continue
+		}
+		if err := hook.action(err, s.start, s.output.String()); err != nil {
+			actionErrors = append(actionErrors, err)
+		}
+	}
+	if len(actionErrors) != 0 {
+		return join(actionErrors...)
+	}
+	return nil
+}
+
+// must exits the script run prematurely in case the given error
+// is non-nil. If failure hooks have been registered on the script object, they
+// will be called, passing the failure and previous log output.
 func (s *script) must(err error) {
 	if err != nil {
-		if s.logger == nil {
-			panic(err)
-		}
 		s.logger.Errorf("Fatal error running backup: %s", err)
-		os.Exit(1)
+		if hookErr := s.runHooks(err, hookLevelFailure); hookErr != nil {
+			s.logger.Errorf("An error occurred calling the registered failure hooks: %s", hookErr)
+		}
+		panic(errors.New(msgBackupFailed))
 	}
 }
 
+// lock opens a lockfile at the given location, keeping it locked until the
+// caller invokes the returned release func. When invoked while the file is
+// still locked the function panics.
+func lock(lockfile string) func() error {
+	fileLock := flock.New(lockfile)
+	acquired, err := fileLock.TryLock()
+	if err != nil {
+		panic(err)
+	}
+	if !acquired {
+		panic("unable to acquire file lock")
+	}
+	return fileLock.Unlock
+}
+
+// copy creates a copy of the file located at `dst` at `src`.
 func copy(src, dst string) error {
 	in, err := os.Open(src)
 	if err != nil {
@@ -489,3 +602,48 @@ func copy(src, dst string) error {
 	}
 	return out.Close()
 }
+
+// join takes a list of errors and joins them into a single error
+func join(errs ...error) error {
+	if len(errs) == 1 {
+		return errs[0]
+	}
+	var msgs []string
+	for _, err := range errs {
+		if err == nil {
+			continue
+		}
+		msgs = append(msgs, err.Error())
+	}
+	return errors.New("[" + strings.Join(msgs, ", ") + "]")
+}
+
+// buffer takes an io.Writer and returns a wrapped version of the
+// writer that writes to both the original target as well as the returned buffer
+func buffer(w io.Writer) (io.Writer, *bytes.Buffer) {
+	buffering := &bufferingWriter{buf: bytes.Buffer{}, writer: w}
+	return buffering, &buffering.buf
+}
+
+type bufferingWriter struct {
+	buf    bytes.Buffer
+	writer io.Writer
+}
+
+func (b *bufferingWriter) Write(p []byte) (n int, err error) {
+	if n, err := b.buf.Write(p); err != nil {
+		return n, fmt.Errorf("bufferingWriter: error writing to buffer: %w", err)
+	}
+	return b.writer.Write(p)
+}
+
+// hook contains a queued action that can be trigger them when the script
+// reaches a certain point (e.g. unsuccessful backup)
+type hook struct {
+	level  string
+	action func(err error, start time.Time, logOutput string) error
+}
+
+const (
+	hookLevelFailure = "failure"
+)

entrypoint.sh

@@ -3,38 +3,12 @@
 # Copyright 2021 - Offen Authors <hioffen@posteo.de>
 # SPDX-License-Identifier: MPL-2.0
 
-# Portions of this file are taken from github.com/futurice/docker-volume-backup
-# See NOTICE for information about authors and licensing.
-
 set -e
 
-# Write cronjob env to file, fill in sensible defaults, and read them back in
-mkdir -p /etc/backup
-cat <<EOF > /etc/backup.env
-BACKUP_SOURCES="${BACKUP_SOURCES:-/backup}"
 BACKUP_CRON_EXPRESSION="${BACKUP_CRON_EXPRESSION:-@daily}"
-BACKUP_FILENAME="${BACKUP_FILENAME:-backup-%Y-%m-%dT%H-%M-%S.tar.gz}"
-BACKUP_ARCHIVE="${BACKUP_ARCHIVE:-/archive}"
 
-BACKUP_RETENTION_DAYS="${BACKUP_RETENTION_DAYS:-}"
-BACKUP_PRUNING_LEEWAY="${BACKUP_PRUNING_LEEWAY:-10m}"
-BACKUP_PRUNING_PREFIX="${BACKUP_PRUNING_PREFIX:-}"
-BACKUP_STOP_CONTAINER_LABEL="${BACKUP_STOP_CONTAINER_LABEL:-true}"
-
-AWS_S3_BUCKET_NAME="${AWS_S3_BUCKET_NAME:-}"
-AWS_ENDPOINT="${AWS_ENDPOINT:-s3.amazonaws.com}"
-AWS_ENDPOINT_PROTO="${AWS_ENDPOINT_PROTO:-https}"
-AWS_ENDPOINT_INSECURE="${AWS_ENDPOINT_INSECURE:-}"
-
-GPG_PASSPHRASE="${GPG_PASSPHRASE:-}"
-EOF
-chmod a+x /etc/backup.env
-source /etc/backup.env
-
-# Add our cron entry, and direct stdout & stderr to Docker commands stdout
 echo "Installing cron.d entry with expression $BACKUP_CRON_EXPRESSION."
 echo "$BACKUP_CRON_EXPRESSION backup 2>&1" | crontab -
 
-# Let cron take the wheel
 echo "Starting cron in foreground."
 crond -f -l 8

go.mod

@@ -4,9 +4,12 @@ go 1.17
 
 require (
 	github.com/docker/docker v20.10.8+incompatible
-	github.com/joho/godotenv v1.3.0
+	github.com/gofrs/flock v0.8.1
+	github.com/kelseyhightower/envconfig v1.4.0
+	github.com/leekchan/timeutil v0.0.0-20150802142658-28917288c48d
+	github.com/m90/targz v0.0.0-20210904082215-2e9a4529a615
 	github.com/minio/minio-go/v7 v7.0.12
-	github.com/walle/targz v0.0.0-20140417120357-57fe4206da5a
+	github.com/sirupsen/logrus v1.8.1
 	golang.org/x/crypto v0.0.0-20210817164053-32db794688a5
 )
 
@@ -17,6 +20,7 @@ require (
 	github.com/docker/go-connections v0.4.0 // indirect
 	github.com/docker/go-units v0.4.0 // indirect
 	github.com/dustin/go-humanize v1.0.0 // indirect
+	github.com/go-gomail/gomail v0.0.0-20160411212932-81ebce5c23df // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.0 // indirect
 	github.com/google/uuid v1.2.0 // indirect
@@ -32,12 +36,12 @@ require (
 	github.com/opencontainers/image-spec v1.0.1 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/rs/xid v1.2.1 // indirect
-	github.com/sirupsen/logrus v1.8.1 // indirect
 	golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 // indirect
 	golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 // indirect
 	golang.org/x/text v0.3.4 // indirect
 	google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a // indirect
 	google.golang.org/grpc v1.33.2 // indirect
 	google.golang.org/protobuf v1.26.0 // indirect
+	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/ini.v1 v1.57.0 // indirect
 )

go.sum

@@ -254,6 +254,8 @@ github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeME
 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
+github.com/go-gomail/gomail v0.0.0-20160411212932-81ebce5c23df h1:Bao6dhmbTA1KFVxmJ6nBoMuOJit2yjEgLJpIMYpop0E=
+github.com/go-gomail/gomail v0.0.0-20160411212932-81ebce5c23df/go.mod h1:GJr+FCSXshIwgHBtLglIg9M2l2kQSi6QjVAngtzI08Y=
 github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8=
 github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
 github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
@@ -274,6 +276,8 @@ github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblf
 github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4=
 github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
+github.com/gofrs/flock v0.8.1 h1:+gYjHKf32LDeiEEFhQaotPbLuUXjY5ZqxKgXy7n59aw=
+github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU=
 github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU=
 github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
@@ -370,8 +374,6 @@ github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANyt
 github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA=
 github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
 github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
-github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc=
-github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
 github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
@@ -382,6 +384,8 @@ github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/X
 github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
+github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8=
+github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg=
 github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
 github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
@@ -397,10 +401,16 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxv
 github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
 github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA=
+github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/leekchan/timeutil v0.0.0-20150802142658-28917288c48d h1:2puqoOQwi3Ai1oznMOsFIbifm6kIfJaLLyYzWD4IzTs=
+github.com/leekchan/timeutil v0.0.0-20150802142658-28917288c48d/go.mod h1:hO90vCP2x3exaSH58BIAowSKvV+0OsY21TtzuFGHON4=
+github.com/m90/targz v0.0.0-20210904082215-2e9a4529a615 h1:rn0LO2tQEgCDOct8qnbcslTUpAIWdVlWcGkjoumhf2U=
+github.com/m90/targz v0.0.0-20210904082215-2e9a4529a615/go.mod h1:YZK3bSO/oVlk9G+v00BxgzxW2Us4p/R4ysHOBjk0fJI=
 github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
 github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
@@ -590,8 +600,6 @@ github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:tw
 github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI=
 github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU=
 github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
-github.com/walle/targz v0.0.0-20140417120357-57fe4206da5a h1:6cKSHLRphD9Fo1LJlISiulvgYCIafJ3QfKLimPYcAGc=
-github.com/walle/targz v0.0.0-20140417120357-57fe4206da5a/go.mod h1:nccQrXCnc5SjsThFLmL7hYbtT/mHJcuolPifzY5vJqE=
 github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4=
 github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI=
 github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
@@ -902,9 +910,12 @@ google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/l
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
+gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc h1:2gGKlE2+asNV9m7xrywl36YYNnBG5ZQ0r/BOOxqPpmk=
+gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc/go.mod h1:m7x9LTH6d71AHyAX77c9yqWCCa3UKHcVEj9y7hAtKDk=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=

test/cli/run.sh

@@ -29,8 +29,7 @@ docker run -d \
 
 sleep 10
 
-docker run -d \
-  --name backup \
+docker run --rm \
   --network test_network \
   -v app_data:/backup/app_data \
   -v /var/run/docker.sock:/var/run/docker.sock \
@@ -40,18 +39,16 @@ docker run -d \
   --env AWS_ENDPOINT_PROTO=http \
   --env AWS_S3_BUCKET_NAME=backup \
   --env BACKUP_FILENAME=test.tar.gz \
-  --env BACKUP_CRON_EXPRESSION="0 0 5 31 2 ?" \
+  --entrypoint backup \
   offen/docker-volume-backup:$TEST_VERSION
 
-docker exec backup backup
-
 docker run --rm -it \
   -v backup_data:/data alpine \
   ash -c 'tar -xvf /data/backup/test.tar.gz && test -f /backup/app_data/offen.db'
 
 echo "[TEST:PASS] Found relevant files in untared backup."
 
-if [ "$(docker ps -q | wc -l)" != "3" ]; then
+if [ "$(docker ps -q | wc -l)" != "2" ]; then
   echo "[TEST:FAIL] Expected all containers to be running post backup, instead seen:"
   docker ps
   exit 1

test/compose/docker-compose.yml

@@ -28,6 +28,7 @@ services:
       BACKUP_RETENTION_DAYS: ${BACKUP_RETENTION_DAYS:-7}
       BACKUP_PRUNING_LEEWAY: 5s
       BACKUP_PRUNING_PREFIX: test
+      GPG_PASSPHRASE: 1234secret
     volumes:
       - ./local:/archive
       - app_data:/backup/app_data:ro
@@ -40,7 +41,6 @@ services:
     volumes:
       - app_data:/var/opt/offen
 
-
 volumes:
   backup_data:
   app_data:

test/compose/run.sh

@@ -9,15 +9,19 @@ mkdir -p local
 docker-compose up -d
 sleep 5
 
+docker-compose exec offen ln -s /var/opt/offen/offen.db /var/opt/offen/db.link
 docker-compose exec backup backup
 
 docker run --rm -it \
   -v compose_backup_data:/data alpine \
-  ash -c 'tar -xf /data/backup/test.tar.gz && test -f /backup/app_data/offen.db'
+  ash -c 'apk add gnupg && echo 1234secret | gpg -d --pinentry-mode loopback --passphrase-fd 0 --yes /data/backup/test.tar.gz.gpg > /tmp/test.tar.gz && tar -xf /tmp/test.tar.gz -C /tmp && test -f /tmp/backup/app_data/offen.db'
 
 echo "[TEST:PASS] Found relevant files in untared remote backup."
 
-tar -xf ./local/test.tar.gz -C /tmp && test -f /tmp/backup/app_data/offen.db
+echo 1234secret | gpg -d --yes --passphrase-fd 0 ./local/test.tar.gz.gpg > ./local/decrypted.tar.gz
+tar -xf ./local/decrypted.tar.gz -C /tmp && test -f /tmp/backup/app_data/offen.db
+rm ./local/decrypted.tar.gz
+test -L /tmp/backup/app_data/db.link
 
 echo "[TEST:PASS] Found relevant files in untared local backup."
 
@@ -29,8 +33,6 @@ fi
 
 echo "[TEST:PASS] All containers running post backup."
 
-docker-compose down
-
 # The second part of this test checks if backups get deleted when the retention
 # is set to 0 days (which it should not as it would mean all backups get deleted)
 # TODO: find out if we can test actual deletion without having to wait for a day