Patch: Separation of secrets and cron

[Psycho0verload]

Description

During the extensive changes with the S6 PullRequest #303, we have already discussed that the functionality of the Secrets should be retained, but that we would like to separate them cleanly in the end, when we have dealt with S6 a little more.

After @modem7 drew my attention to another project (https://github.com/linuxserver/docker-baseimage-alpine/blob/master/root/etc/s6-overlay/s6-rc.d/init-envfile/run) and I had a look at the changes made by @chrisblech - I decided to try to separate the cron and the secrets cleanly.

Tasks

• [x] Remove deprecated items
  • [x] Docker has deprecated the use of version
• [x] Separation of Cron and Secrets
  • [x] Own S6 service for Secrets
  • [x] Optimizing debugging for secrets
  • [x] Make secrets available
  • [x] Error in cron script corrected (Thanks to @chrisblech)
• [x] Documentation adapted

Relevant resources

• https://github.com/linuxserver/docker-baseimage-alpine/blob/master/root/etc/s6-overlay/s6-rc.d/init-envfile/run
• https://github.com/caronc/apprise/wiki/Notify_email

Testing

There are several points to check with this PullRequest.

• [ ] Secrets work
• [ ] Secrets are displayed adequately with debugging activated
• [ ] Cron is set properly in the log
• [ ] Cron runs without errors
• [ ] BACKUP_CRON behaves as actually defined

Here is an example docker-compose.yml template for testing:

services:
  borgmatic:
    image: borgmatic:s6-secrets-1000
    container_name: borgmatic
    volumes:
      - ${VOLUME_SOURCE}:/mnt/source:ro                     # backup source
      - ${VOLUME_TARGET}:/mnt/borg-repository            # backup target
      - ${VOLUME_ETC_BORGMATIC}:/etc/borgmatic.d/  # borgmatic config file(s) + crontab.txt
      - ${VOLUME_BORG_CONFIG}:/root/.config/borg      # config and keyfiles
      - ${VOLUME_SSH}:/root/.ssh                                     # ssh key for remote repositories
      - ${VOLUME_BORG_CACHE}:/root/.cache/borg       # checksums used for deduplication
    environment:
      - TZ=${TZ}
      - DEBUG_SECRETS=1
      - BACKUP_CRON=* * * * *
      - BORG_PASSPHRASE_FILE=/run/secrets/borg_passphrase
      - BORG_TEST_FILE=/run/secrets/borg_passphrase
      - YOUR_TEST_PASSHRASE_FILE=/run/secrets/borg_passphrase
    secrets:
      - borg_passphrase
secrets:
  borg_passphrase:
    file: ./secrets/secret

Feel free to test it extensively and ask questions.

[modem7]

FYI, I haven't forgotten this. I've been swamped with work. Will have a proper look when I can get 5 mins to myself!

[Psycho0verload]

Works on my machine 😅 Tested it and add relevant documentations

It is important to know that the secrets only work with automated calls

[grantbevis]

This change will be in the :master image being currently built