From c5fb74df46004f7f060825fb459e63e6d20e55c8 Mon Sep 17 00:00:00 2001 From: "push-app-to-main[bot]" <203845782+push-app-to-main[bot]@users.noreply.github.com> Date: Mon, 23 Mar 2026 15:31:35 +0100 Subject: [PATCH] Add alpine-borgbackup-server (ct) (#13219) Co-authored-by: push-app-to-main[bot] <203845782+push-app-to-main[bot]@users.noreply.github.com> --- ct/alpine-borgbackup-server.sh | 107 ++++++++++++++++++++ install/alpine-borgbackup-server-install.sh | 34 +++++++ 2 files changed, 141 insertions(+) create mode 100644 ct/alpine-borgbackup-server.sh create mode 100644 install/alpine-borgbackup-server-install.sh diff --git a/ct/alpine-borgbackup-server.sh b/ct/alpine-borgbackup-server.sh new file mode 100644 index 000000000..2c2c0f51f --- /dev/null +++ b/ct/alpine-borgbackup-server.sh @@ -0,0 +1,107 @@ +#!/usr/bin/env bash +source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func) + +# Copyright (c) 2021-2026 community-scripts ORG +# Author: Sander Koenders (sanderkoenders) +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://www.borgbackup.org/ + +APP="Alpine-BorgBackup-Server" +var_tags="${var_tags:-alpine;backup}" +var_cpu="${var_cpu:-2}" +var_ram="${var_ram:-1024}" +var_disk="${var_disk:-20}" +var_os="${var_os:-alpine}" +var_version="${var_version:-3.23}" +var_unprivileged="${var_unprivileged:-1}" + +header_info "$APP" +variables +color +catch_errors + +function update_script() { + header_info + + if [[ ! -f /usr/bin/borg ]]; then + msg_error "No ${APP} Installation Found!" + exit + fi + + CHOICE=$(msg_menu "BorgBackup Server Update Options" \ + "1" "Update BorgBackup Server" \ + "2" "Reset SSH Access" \ + "3" "Enable password authentication for backup user (not recommended, use SSH key instead)" \ + "4" "Disable password authentication for backup user (recommended for security, use SSH key)") + + case $CHOICE in + 1) + msg_info "Updating $APP LXC" + $STD apk -U upgrade + msg_ok "Updated $APP LXC successfully!" + ;; + 2) + if [[ "${PHS_SILENT:-0}" == "1" ]]; then + msg_warn "Reset SSH Public key requires interactive mode, skipping." + exit + fi + + msg_info "Setting up SSH Public Key for backup user" + + msg_info "Please paste your SSH public key (e.g., ssh-rsa AAAAB3... user@host): \n" + read -p "Key: " SSH_PUBLIC_KEY + echo + + if [[ -z "$SSH_PUBLIC_KEY" ]]; then + msg_error "No SSH public key provided!" + exit 1 + fi + + if [[ ! "$SSH_PUBLIC_KEY" =~ ^(ssh-rsa|ssh-dss|ssh-ed25519|ecdsa-sha2-) ]]; then + msg_error "Invalid SSH public key format!" + exit 1 + fi + + msg_info "Setting up SSH access" + mkdir -p /home/backup/.ssh + echo "$SSH_PUBLIC_KEY" >/home/backup/.ssh/authorized_keys + + chown -R backup:backup /home/backup/.ssh + chmod 700 /home/backup/.ssh + chmod 600 /home/backup/.ssh/authorized_keys + + msg_ok "SSH access configured for backup user" + ;; + 3) + if [[ "${PHS_SILENT:-0}" == "1" ]]; then + msg_warn "Enabling password authentication requires interactive mode, skipping." + exit + fi + + msg_info "Enabling password authentication for backup user" + msg_warn "Password authentication is less secure than using SSH keys. Consider using SSH keys instead." + passwd backup + sed -i 's/^#*\s*PasswordAuthentication\s\+\(yes\|no\)/PasswordAuthentication yes/' /etc/ssh/sshd_config + rc-service sshd restart + msg_ok "Password authentication enabled for backup user" + ;; + 4) + msg_info "Disabling password authentication for backup user" + sed -i 's/^#*\s*PasswordAuthentication\s\+\(yes\|no\)/PasswordAuthentication no/' /etc/ssh/sshd_config + rc-service sshd restart + msg_ok "Password authentication disabled for backup user" + ;; + esac + + exit 0 +} + +start +build_container +description + +msg_ok "Completed successfully!\n" +echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}" +echo -e "${INFO}${YW}Connection information:${CL}" +echo -e "${TAB}${GATEWAY}${BGN}ssh backup@${IP}${CL}" +echo -e "${TAB}${VERIFYPW}${YW}To set SSH key, run this script with the 'update' option and select option 2${CL}" diff --git a/install/alpine-borgbackup-server-install.sh b/install/alpine-borgbackup-server-install.sh new file mode 100644 index 000000000..d78f697b5 --- /dev/null +++ b/install/alpine-borgbackup-server-install.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash + +# Copyright (c) 2021-2026 community-scripts ORG +# Author: Sander Koenders (sanderkoenders) +# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE +# Source: https://www.borgbackup.org/ + +source /dev/stdin <<<"$FUNCTIONS_FILE_PATH" +color +verb_ip6 +catch_errors +setting_up_container +network_check +update_os + +msg_info "Installing BorgBackup" +$STD apk add --no-cache borgbackup openssh +$STD rc-update add sshd +$STD rc-service sshd start +msg_ok "Installed BorgBackup" + +msg_info "Creating backup user" +$STD adduser -D -s /bin/bash -h /home/backup backup +$STD passwd -d backup +msg_ok "Created backup user" + +msg_info "Configure SSH, disabling password authentication and enabling public key authentication" +$STD sed -i -e 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config +$STD rc-service sshd restart +msg_ok "Configured SSH" + +motd_ssh +customize +cleanup_lxc