t.behrendt/backupsidecar

Fork 0

Go to file

Renovate Bot cb466747cd

Build and Release Docker Image / Build and Push amd64 (push) Successful in 27s

Details

Build and Release Docker Image / Build and Push arm64 (push) Successful in 1m24s

Details

Build and Release Docker Image / Create and Push Multi-Arch Manifest (push) Successful in 14s

Details

chore(deps): update alpine docker tag to v3.22 (#9 )

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| alpine | final | minor | `3.21` -> `3.22` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjMuMSIsInVwZGF0ZWRJblZlciI6IjM5LjI2My4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Reviewed-on: #9
Reviewed-by: t.behrendt <t.behrendt@noreply.localhost>
Co-authored-by: Renovate Bot <renovate@t00n.de>
Co-committed-by: Renovate Bot <renovate@t00n.de>

2025-07-30 10:02:46 +02:00

.gitea/workflows

refactor: v2 (#5 )

2025-02-07 20:56:02 +01:00

src

refactor: v2 (#5 )

2025-02-07 20:56:02 +01:00

Dockerfile

chore(deps): update alpine docker tag to v3.22 (#9 )

2025-07-30 10:02:46 +02:00

LICENSE

Initial commit

2023-04-28 20:04:23 +02:00

README.md

refactor: v2 (#5 )

2025-02-07 20:56:02 +01:00

renovate.json

chore: Configure Renovate (#8 )

2025-04-18 13:58:29 +02:00

README.md

BackupSidecar

BackupSidecar is a lightweight backup solution designed to run as a cron job in Kubernetes. It automates backups using Restic and supports both directory and PostgreSQL database backups. Notifications are sent via Gotify to keep you informed of backup results.

Configuration

BackupSidecar is configured through environment variables. Below is a breakdown of the available settings.

General Settings

These variables apply to both directory and PostgreSQL backups.

BACKUP_MODE (optional) - Defines the backup type (directory or postgres). Defaults to directory.
RESTIC_PASSWORD (required) - The encryption password for Restic.
RESTIC_REPOSITORY (required) - The URI of the Restic repository (e.g., rest:http://your-rest-server:8000/backup).
RESTIC_REST_USERNAME (optional) - The username for REST server authentication.
RESTIC_REST_PASSWORD (optional) - The password for REST server authentication.
GOTIFYHOST (required) - The Gotify server URL.
GOTIFYTOKEN (required) - The API token for Gotify.
GOTIFYTOPIC (required) - The topic under which backup notifications will be sent.

Directory Backup

When running in directory mode, the following variable must be set:

SOURCEDIR (required) - The path of the directory to be backed up.

PostgreSQL Backup

For postgres mode, the following database-related variables are required:

PGHOST (required) - The hostname of the PostgreSQL server.
PGDATABASE (required) - The name of the database to back up.
PGUSER (required) - The PostgreSQL username.
PGPORT (optional) - The port for PostgreSQL (defaults to 5432).
PGPASSWORD (optional) - The password for authentication. Setting this prevents interactive prompts.
PG_DUMP_ARGS (optional) - Additional flags for pg_dump.

Dependencies

Ensure the following commands are available in the container:

restic
curl
jq
pg_dump (only required for postgres mode)

Usage

Example Kubernetes CronJob manifest for running BackupSidecar as a cron job for directory backups in minimal configuration:

apiVersion: batch/v1
kind: CronJob
metadata:
  name: backupsidecar-cron
  namespace: authentik
spec:
  schedule: "0 7 * * *"
  concurrencyPolicy: Forbid
  successfulJobsHistoryLimit: 5
  failedJobsHistoryLimit: 3
  jobTemplate:
    spec:
      backoffLimit: 3
      activeDeadlineSeconds: 300
      template:
        spec:
          restartPolicy: OnFailure
          containers:
            - name: backupsidecar
              image: backupsidecar:latest
              env:
                - name: RESTIC_REPOSITORY
                  value: "rest:http://rest-server:8000/backup"
                - name: RESTIC_PASSWORD
                  valueFrom:
                    secretKeyRef:
                      name: backupsidecar-secret
                      key: restic_password
                - name: BACKUP_MODE
                  value: "directory" # or "postgres"
                - name: SOURCEDIR
                  value: "/data/source"
                - name: GOTIFYHOST
                  value: "http://gotify.example.com"
                - name: GOTIFYTOKEN
                  valueFrom:
                    secretKeyRef:
                      name: backupsidecar-secret
                      key: gotify_token
                - name: GOTIFYTOPIC
                  value: "Backup Notification"
              # (For PostgreSQL mode, add PGHOST, PGDATABASE, PGUSER, PGPORT, PGPASSWORD)
              volumeMounts:
                - name: source-data
                  mountPath: /data/source
          restartPolicy: OnFailure
          volumes:
            - name: source-data
              persistentVolumeClaim:
                claimName: source-data-pvc

Notifications

The script sends success or failure notifications via Gotify.

Example success notification:

Backup successful. Snapshot 56ff6a909a44e01f67d2d88f9a76aa713d437809d7ed14a2361e28893f38befb: files new: 1, files changed: 0, data added: 1019 bytes in 0.277535184 sec