A docker service running borgmatic to backup anything to anywhere.
Leverages borg, s6, and s6-overlay
master branch uses jobber as a cron replacementsnooze branch uses snooze as a cron replacementBorgmatic will look for its config.yaml file in the borgmatic/ directory. See the config.yaml.example file for inspiration and config.full.yaml.example for every available option.
The example Borgmatic config file uses before-backup, after-backup, and failed-backup scripts. They provide a convenient mechanism for preparing the backups, cleaning up after them, and handling failures. They are only here for inspiration, but they're not required; it depends on what is in you config.yaml file. The path must be absolute, anything in borgmatic/ is mounted as /borgmatic/ within the container.
To avoid borg prompting for a password or to accept the SSH fingerprint, the files at ssh/ will be mounted at /root/.ssh in the container. You most likely want your id_rsa{,pub} and known_hosts files in there. To generate the known_hosts file, you can either use ssh-keyscan or ssh to the remote server within a temporary container and look at the resulting known_hosts file.
mountpoint | purpose
/borgmatic | required files, cf. section above
/cache | borg cache if you want to persist it, cf. https://borgbackup.readthedocs.io/
/root/.ssh | share ssh keys and known_hosts file with container
For more details on how to setup logging, see here and there. TLDR: create a root/etc/services.d/borgmatic/log/run sh script to log to stdout.
See https://github.com/coaxial/ansible-role-mailcow/blob/master/tasks/borgmatic.yml for an Ansible task using the jobber version of this service.
See https://github.com/coaxial/ansible-role-taskd/ for an Ansible role using the snooze version of this service.