readme work

learning to use shields.io

.gitea/workflows/build.yml

@@ -1,35 +0,0 @@
-name: Build and Push Docker Image
-
-on:
-  push:
-    branches:
-      - main
-      - develop
-  pull_request:
-
-jobs:
-  build:
-    runs-on: prodesk
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Log in to Gitea Docker Registry
-        uses: docker/login-action@v3
-        with:
-          registry: gitea.calahilstudios.com
-          username: ${{ secrets.REGISTRY_USER }}
-          password: ${{ secrets.REGISTRY_TOKEN }}
-
-      - name: Build and push image
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          file: ./Dockerfile
-          push: true
-          tags: |
-            gitea.calahilstudios.com/${{ github.repository_owner }}/${{ github.event.repository.name }}:develop
-            gitea.calahilstudios.com/${{ github.repository_owner }}/${{ github.event.repository.name }}:${{ github.sha }}

.github/workflows/build.yml

@@ -0,0 +1,77 @@
+name: Build and Push Docker Image
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - "v*"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      # 🧠 Login to Docker Hub
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: docker.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      # 🧠 Login to GitHub Container Registry
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # 🧠 Login to Gitea
+      - name: Login to Gitea
+        uses: docker/login-action@v3
+        with:
+          registry: gitea.calahilstudios.com
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITEA_TOKEN }}
+
+      - name: Docker metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: |
+            ghcr.io/${{ github.repository }}
+            gitea.calahilstudios.com/${{ github.repository }}
+            ${{ github.repository }}
+          tags: |
+            # Always include short SHA
+            type=sha,format=short
+
+            # Include latest if on default branch (usually 'main' or 'develop')
+            type=raw,value=latest,enable={{is_default_branch}}
+
+            # If this is a semver tag (vX.X.X), add full + minor version tags
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      - name: Debug GitHub context
+        run: |
+          echo "Tags: ${{ steps.meta.outputs.tags }}"
+          echo "Labels:  ${{ steps.meta.outputs.labels }}"
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

README.md

@@ -1 +1,265 @@
-Docker backup system for configs and databases
+# BackupBot 🤖
+
+
+![Docker Image Version (tag)](https://img.shields.io/docker/v/calahil/backupbot/latest?arch=amd64&style=for-the-badge&logo=docker&logoColor=white&labelColor=blue&color=green)
+![Docker Pulls](https://img.shields.io/docker/pulls/calahil/backupbot?style=for-the-badge&logo=docker&logoColor=white&labelColor=blue&color=green)
+![Docker Stars](https://img.shields.io/docker/stars/calahil/backupbot?style=for-the-badge&logo=docker&logoColor=white&labelColor=blue&color=green)
+![GitHub License](https://img.shields.io/github/license/calahil/backupbot?style=for-the-badge&logo=docker&logoColor=white&labelColor=blue&color=green)
+![GitHub Release](https://img.shields.io/github/v/release/calahil/backupbot?display_name=release&style=for-the-badge&logo=github&labelColor=blue&color=green)
+
+
+> **Automated Docker backup system for PostgreSQL databases and application configurations with Duplicati integration**
+
+BackupBot is a comprehensive backup solution that automatically discovers and backs up PostgreSQL containers, creates btrfs snapshots of your application data, and provides a web-based configuration interface. Built on top of LinuxServer.io's Duplicati image, it combines database backups with flexible cloud storage options.
+
+---
+
+## ✨ Features
+
+- 🔍 **Auto-Discovery**: Automatically detects PostgreSQL containers by image patterns
+- 📊 **Multi-Database Support**: Backs up all databases within each PostgreSQL container using `pg_dumpall`
+- 📸 **Filesystem Snapshots**: Creates read-only btrfs snapshots of application data
+- 🔄 **Automated Scheduling**: Configurable backup times with retry logic
+- 🌐 **Web Interface**: Simple configuration UI accessible on port 8080
+- 🔔 **Gotify Integration**: Optional push notifications for backup failures
+- 🗄️ **Duplicati Integration**: Full access to Duplicati for cloud backup destinations
+- 🧹 **Retention Management**: Automatic cleanup of old backups based on retention policy
+- 🐳 **Docker-Native**: Designed to run in containerized environments
+
+---
+
+## 🚀 Quick Start
+
+### Prerequisites
+
+- Docker Engine 20.10+
+- Docker Compose 2.0+
+- Btrfs filesystem for snapshot functionality (optional but recommended)
+- Running PostgreSQL containers you want to back up
+
+### Installation
+
+1. **Clone the repository:**
+   ```bash
+   git clone https://gitea.calahilstudios.com/owner/backupbot.git
+   cd backupbot
+   ```
+
+2. **Start the container:**
+   ```bash
+   docker-compose up -d
+   ```
+
+3. **Access the interfaces:**
+   - BackupBot Config: http://localhost:8201
+   - Duplicati Web UI: http://localhost:8200
+
+---
+
+## 📋 Configuration
+
+### Environment Variables
+
+```env
+# Duplicati encryption key (required)
+KEY=your_encryption_key_here
+
+# Duplicati web password (required)
+PASSWORD=your_secure_password
+
+# User/Group IDs (optional)
+PUID=1000
+PGID=1000
+
+# Timezone (optional)
+TZ=America/Los_Angeles
+```
+
+### BackupBot Configuration
+
+BackupBot settings are managed through the web interface at `http://localhost:8201` or via the config file at `/config/backupbot.conf`:
+
+```bash
+TZ=America/Los_Angeles
+BACKUP_DIR=/backups/postgres
+LOG_FILE=/config/log/pgbackup.log
+MAX_RETRIES=3
+GOTIFY_URL=http://gotify.example.com
+GOTIFY_TOKEN=your_gotify_token_here
+BACKUP_HOUR=03
+BACKUP_MINUTE=00
+RETENTION_DAYS=7
+```
+
+### Supported PostgreSQL Images
+
+BackupBot automatically detects containers running these images:
+
+- `postgres:17.0-alpine`
+- `postgres:17`
+- `postgres:14.0-alpine`
+- `postgres` (any version)
+- `ghcr.io/immich-app/postgres:*`
+
+Additional patterns can be added by modifying the `KNOWN_IMAGES` list in `backup.sh`.
+
+---
+
+## 🗂️ Volume Mappings
+
+```yaml
+volumes:
+  # Duplicati configuration
+  - /path/to/duplicati/config:/config
+  
+  # Backup storage (where dumps are stored)
+  - /path/to/backups:/backups:rshared
+  
+  # Docker socket (for container discovery)
+  - /var/run/docker.sock:/var/run/docker.sock:ro
+  
+  # Source data for snapshots (optional)
+  - /path/to/appdata:/source:ro
+```
+
+---
+
+## 🔧 Usage
+
+### Manual Backup
+
+Trigger a backup manually:
+
+```bash
+docker exec backupbot /usr/local/bin/backup.sh
+```
+
+### View Logs
+
+Monitor backup operations:
+
+```bash
+docker logs -f backupbot
+```
+
+### Check Backup Files
+
+Backups are organized by container name:
+
+```bash
+ls -lh /backups/postgres_dumps/
+```
+
+Example structure:
+```
+/backups/
+├── postgres_dumps/
+│   ├── myapp_db/
+│   │   ├── 2024-10-23_03-00-00.sql
+│   │   └── 2024-10-24_03-00-00.sql
+│   └── another_db/
+│       └── 2024-10-23_03-00-00.sql
+└── snapshots/
+    ├── hostname-2024-10-23/
+    └── hostname-2024-10-24/
+```
+
+---
+
+## 🎯 How It Works
+
+1. **Discovery Phase**: BackupBot scans running Docker containers and identifies PostgreSQL instances
+2. **Extraction**: For each database, credentials are extracted from environment variables
+3. **Backup**: `pg_dumpall` creates a complete SQL dump of all databases
+4. **Snapshot**: A read-only btrfs snapshot is created of `/source`
+5. **Retention**: Old backups exceeding the retention period are automatically deleted
+6. **Notification**: On failure after retries, Gotify notifications are sent (if configured)
+
+---
+
+## 🔐 Security Notes
+
+- **Privileged Mode**: Required for btrfs snapshot functionality
+- **Docker Socket**: Read-only access needed for container discovery
+- **Credentials**: Database passwords are extracted from container environment variables
+- **Network**: BackupBot runs in bridge mode by default
+
+### Best Practices
+
+- Use strong encryption keys for Duplicati
+- Restrict access to the web interfaces using a reverse proxy with authentication
+- Regularly test backup restoration procedures
+- Store encryption keys securely outside the container
+
+---
+
+## 📊 Monitoring
+
+### Web Interfaces
+
+- **BackupBot Config**: `http://localhost:8201`
+  - Configure backup schedules
+  - Set retention policies
+  - Manage Gotify notifications
+
+- **Duplicati**: `http://localhost:8200`
+  - Configure cloud storage destinations
+  - Schedule remote backups
+  - Restore from backups
+
+### Log Levels
+
+Set via `BACKUPBOT_WEB_LOGGING` environment variable:
+- `DEBUG`: Verbose logging with exception traces
+- `INFO`: Standard operational logs (default)
+- `WARN`: Warnings and errors only
+
+---
+
+## 🤝 Contributing
+
+Contributions are welcome! Please feel free to submit a Pull Request.
+
+1. Fork the repository
+2. Create your feature branch (`git checkout -b feature/amazing-feature`)
+3. Commit your changes (`git commit -m 'Add some amazing feature'`)
+4. Push to the branch (`git push origin feature/amazing-feature`)
+5. Open a Pull Request on Github
+
+---
+
+## 📝 License
+
+This project is licensed under the GNU Affero General Public License v3.0 - see the [LICENSE](LICENSE) file for details.
+
+---
+
+## 🙏 Acknowledgments
+
+- Built on [LinuxServer.io Duplicati](https://github.com/linuxserver/docker-duplicati)
+- PostgreSQL backup functionality inspired by community best practices
+- Web interface uses vanilla JavaScript for minimal dependencies
+
+---
+
+## 📞 Support
+
+- 🐛 **Issues**: [Report bugs on Github](https://github.com/calahil/backupbot/issues)
+- 📚 **Documentation**: This README and inline code comments
+- 💬 **Discussions**: Open an issue for questions
+
+---
+
+## 🗺️ Roadmap
+
+- [ ] MySQL/MariaDB support
+- [ ] MongoDB backup integration
+- [ ] Advanced scheduling options (multiple backup windows)
+- [ ] Backup verification and integrity checks
+- [ ] Prometheus metrics export
+- [ ] Email notifications
+- [ ] Backup compression options
+
+---
+
+**Made by Calahil Studios**

backupbot.env

@@ -1,8 +0,0 @@
-TZ=America/Los_Angeles
-BACKUP_DIR=/backups/postgres
-LOG_FILE=/config/log/pgbackup.log
-MAX_RETRIES=3
-GOTIFY_URL=http://gotify.example.com
-GOTIFY_TOKEN=your_gotify_token_here
-BACKUP_HOUR=03
-BACKUP_MINUTE=00

web/backupbot.cgi

@@ -1,50 +0,0 @@
-#!/usr/bin/env python3
-import cgi
-import cgitb
-import os
-import json
-
-cgitb.enable()
-print("Content-Type: application/json\n")
-
-ENV_FILE = "/config/web/backupbot.env"
-
-
-def read_env():
-    env = {}
-    if os.path.exists(ENV_FILE):
-        with open(ENV_FILE) as f:
-            for line in f:
-                line = line.strip()
-                if not line or line.startswith("#") or "=" not in line:
-                    continue
-                key, val = line.split("=", 1)
-                key = key.strip()
-                val = val.strip().split("#")[0].strip()  # strip inline comments
-                env[key] = val
-    return env
-
-
-def write_env(env):
-    with open(ENV_FILE, "w") as f:
-        for key, val in env.items():
-            f.write(f"{key}={val}\n")
-
-
-form = cgi.FieldStorage()
-action = form.getvalue("action")
-
-if action == "get":
-    env = read_env()
-    print(json.dumps(env))
-elif action == "set":
-    try:
-        raw = os.environ.get("CONTENT_LENGTH")
-        length = int(raw) if raw else 0
-        data = json.loads(os.read(0, length))
-        write_env(data)
-        print(json.dumps({"status": "ok", "message": "Configuration saved."}))
-    except Exception as e:
-        print(json.dumps({"status": "error", "message": str(e)}))
-else:
-    print(json.dumps({"status": "error", "message": "Invalid action"}))