SisyphusMD/archiver
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases 28 Packages 1 Wiki Activity Actions
28 releases 28 tags
  • v0.8.6 a79d1ef4d6

    v0.8.6 - CI and Dockerfile modernization
    All checks were successful
    CI / Build / Publish / Shellcheck (push) Successful in 3s
    Details
    CI / Build / Publish / Validate CHANGELOG structure (push) Successful in 2s
    Details
    CI / Build / Publish / PR build & smoke test (push) Has been skipped
    Details
    CI / Build / Publish / Build multi-arch and push (push) Successful in 7m47s
    Details
    CI / Build / Publish / Reconcile releases across registries (push) Successful in 59s
    Details
    CI / Build / Publish / Workflow summary (push) Successful in 1s
    Details
    Stable

    Cody Bryant released this 2026-05-05 14:30:49 -07:00 | 2 commits to main since this release

    No behavioral changes to the archiver application itself — only the CI pipeline, release flow, and image build process. Aligns archiver with the same externalized-repo conventions used by sibling projects on forgejo.bryantserver.com.

    Added

    • release.yml workflow for cutting releases via workflow_dispatch with bump=patch|minor|major. Promotes [Unreleased] to a versioned section, bumps image refs in compose.yaml and README.md, runs a smoke test, then tags + pushes — replaces the prior manual git tag flow.
    • .renovaterc.json introduced. Tracks the Dockerfile base image, ENV-pinned upstream versions (DUPLICACY_VERSION via github-releases against gilbertchen/duplicacy, DOCKER_CLI_VERSION via github-releases against moby/moby), Forgejo Action versions, and the inline skopeo image referenced by docker-publish.yml.

    Changed

    • CI: docker-publish.yml split from a monolithic build-and-push job into separate jobs (shellcheck, validate-changelog, pr-validate, build-and-push, create-release, summary). Each concern has its own gate; failures surface to the new aggregator job rather than silently passing.
    • CI: cluster push now builds to a local OCI archive and uses skopeo copy per tag rather than docker buildx build --push. Forgejo 15.0.1 nil-derefs in EndUploadBlob when buildx's parallel multi-arch push hits the UQE_package_blob_blake2b/sha512 unique constraint — byte-identical blobs across amd64/arm64 (e.g. arch-independent COPY layers) race two PUTs of the same digest. Skopeo walks manifests serially with TryReusingBlob HEAD-checks, so byte-identical blobs across arches dedupe before PUT.
    • CI: NAS Forgejo mirror now uses skopeo sync (full repo, self-healing) instead of docker buildx imagetools create. Same Forgejo 15.0.1 bug class as the cluster push.
    • CI: GitHub Container Registry mirror now uses skopeo copy per tag instead of docker buildx imagetools create. Different registry (no Forgejo nil-deref bug there), but skopeo's HEAD-first dedup is safer against any concurrent-PUT race in the GHCR backend.
    • CI: build cache moved from type=registry,ref=...:buildcache (separate cache push that hits the same Forgejo bug) to type=inline (cache annotations embedded on the published image manifest; cache-from: ...:0.8 reads the previous release's inline cache on subsequent builds).
    • CI: skopeo invocation stages the OCI archive into a docker-managed named volume via docker cp rather than bind-mounting from ${{ github.workspace }} — the runner-container's view of the workspace path differs from the docker host's, so a child container's -v <archive>:<target> silently creates an empty dir at the host path instead of finding the archive.
    • CI: release creation now reconciles every v*.*.* tag on every release run across all three registries (cluster Forgejo, NAS Forgejo, GitHub). A release that failed to publish on any registry (transient 5xx, NAS down, mirror lag) is picked up by the next successful release run rather than staying absent forever. Includes per-tag target_commitish from git rev-parse "${tag}^{}" for metadata normalization and defense against mirror-lag races where a reconciled tag isn't yet on the destination.
    • CI: cluster Forgejo release is now attributed to a real-user PAT (CLUSTER_REPO_WRITE_PAT) instead of the auto-injected GITHUB_TOKEN, so release commits and tags carry a stable author identity rather than appearing as "ghost".
    • CI: secret naming aligned with the bryantserver externalized-repo convention. BRYANTSERVER_REGISTRY_PATCLUSTER_REGISTRY_PUSH_PAT, NAS_FORGEJO_PATNAS_FORGEJO_WRITE_PAT. New: CLUSTER_REPO_WRITE_PAT for release.yml's commit/tag/push and create-release attribution. GHCR_PUSH_PAT and GH_RELEASE_PAT unchanged (already convention-shaped).
    • CI: tag patterns reduced to SemVer-only (was also :main/:pr-N from type=ref,event=branch/event=pr). PR builds now validate via the pr-validate job (build + smoke + arm64 dry-run) without polluting the registry with branch-name and PR-number tags.
    • CI: Forgejo Action versions digest-pinned (@v4/@v5@<digest>); Renovate tracks both major version and digest.
    • Dockerfile: base image digest-pinned (debian:trixie-20260112-slim...@sha256:...).
    • Dockerfile: removed wget, gnupg, and lsb-release from the apt install list. No longer needed once curl replaces wget for the duplicacy download and the docker-ce-cli apt repo dance is gone.
    • Dockerfile: Docker CLI install switched from the docker-ce-cli debian package (with epoch:upstream-revision versioning that has no clean Renovate datasource) to the static binary archive at download.docker.com/linux/static/stable/<arch>/docker-<version>.tgz. ENV pin becomes clean SemVer (29.4.2 instead of 5:29.1.4-1), Renovate-tracked via extractVersion=^docker-v(?<version>.+)$ against moby/moby GitHub releases. Trade-off: lose apt's auto security-patch flow within a release stream; gain explicit Renovate-managed bumps. Acceptable for a CLI talking to a host-mounted socket.
    • Dockerfile: DUPLICACY_VERSION Renovate-tracked via extractVersion=^v(?<version>.+)$ against gilbertchen/duplicacy GitHub releases. Renovate auto-opens PRs for new duplicacy releases.
    • Dockerfile: switched wgetcurl for the duplicacy binary download, since curl is already installed and wget is no longer needed.

    Notes

    • All 27 prior releases (v0.1.0 through v0.8.5) will be retroactively reconciled on the cluster + NAS Forgejos and GitHub on the next release run to set per-tag target_commitish. They previously had blank or "main" values; cosmetic backfill, no functional change.
    Downloads
  • v0.8.5 d3fef4d25e

    v0.8.5
    All checks were successful
    Build and Publish Docker Image / build-and-push (push) Successful in 3m14s
    Details
    Build and Publish Docker Image / create-release (push) Successful in 6s
    Details
    Stable

    SisyphusMD released this 2026-05-01 18:06:43 -07:00 | 4 commits to main since this release

    Changed

    • Distribution: Container images are now published to both forgejo.bryantserver.com/sisyphusmd/archiver and ghcr.io/sisyphusmd/archiver. Forgejo is the primary registry; ghcr.io remains available as a mirror. Existing image tags through 0.8.4 are unchanged on both registries.
    • Repository: Project source-of-truth has moved to forgejo.bryantserver.com/SisyphusMD/archiver. The GitHub repository at github.com/SisyphusMD/archiver is now a read-only push-mirror.
    • Documentation: README and configuration guides updated to reference the Forgejo image path as primary.
    Downloads
  • v0.8.4 fac4c7315e

    v0.8.4 Stable

    SisyphusMD released this 2026-04-23 18:14:20 -07:00 | 21 commits to main since this release

    Changed

    • archiver run backup CLI now exits 1 on per-service errors. Previously exited 0 regardless, surfacing failures only via log output and the optional Pushover notification. This makes the CLI suitable for external schedulers that key off the exit code — e.g., Kubernetes Job / CronJob (where the Complete / Failed status condition is derived from container exit code) or CI pipelines. The long-lived container deployment (archiver start, with the internal cron) is unaffected: per-service iteration and notification behavior are unchanged, and the backgrounded backup cycle's exit code remains unobserved by the daemon.

    Migration

    • Shell wrappers around archiver run backup that relied on exit 0 and chained subsequent commands: wrap with || true if the old continue-on-error behavior is desired.
    • No action needed for containerized archiver start deployments.
    Downloads
  • v0.8.3 4a0477f3ea

    v0.8.3 Stable

    SisyphusMD released this 2026-04-23 16:45:29 -07:00 | 22 commits to main since this release

    Fixed

    • Container Detection in Kubernetes: The container-deployment guard now recognizes Kubernetes Pods running on containerd or CRI-O, which create neither /.dockerenv nor /run/.containerenv. Detection now also checks $KUBERNETES_SERVICE_HOST (set automatically in every Pod) and /proc/self/cgroup (catches standalone containerd, CRI-O, LXC, rkt). Previously, running archiver:0.8.2 run backup from a Kubernetes CronJob or Job failed at startup with "Only container deployment is supported" unless the image was rebuilt with a touch /.dockerenv kludge.

    Changed

    • Internal: Renamed lib/core/require-docker.shlib/core/require-container.sh and the associated REQUIRE_DOCKER_CORE / REQUIRE_DOCKER_SH_SOURCED constants. No user-visible change; the script is sourced internally.
    Downloads
  • v0.8.2 3378e8ba41

    v0.8.2 Stable

    SisyphusMD released this 2026-04-21 18:58:35 -07:00 | 25 commits to main since this release

    Added

    • run backup Mode: New synchronous backup path for external schedulers (Kubernetes CronJob, GitHub Actions scheduled workflows, systemd timers, etc.). docker run ... archiver:0.8.2 run backup decrypts the bundle, runs a backup synchronously, and exits with the backup's result code so the scheduler can report success/failure accurately. Accepts the same optional prune / retain flags as archiver start. This complements — and does not replace — archiver start, which remains async and is the right choice for the in-container cron daemon and for fire-and-forget use from a long-lived container.
    Downloads
  • v0.8.1 fcebd11336

    v0.8.1 Stable

    SisyphusMD released this 2026-04-21 18:19:12 -07:00 | 27 commits to main since this release

    Added

    • run Entrypoint Mode: New container mode for one-shot non-interactive command invocation, designed for Kubernetes Jobs / init containers and other CI flows. docker run ... archiver:0.8.1 run <subcommand> decrypts the bundle, execs the subcommand, and the container's exit code equals the subcommand's exit code. Whitelisted subcommands: auto-restore, snapshot-exists, healthcheck. Long-running or async commands (start, stop, pause, etc.) are intentionally rejected with exit code 2.

    Changed

    • Internal: Renamed lib/features/duplicacy.sh to lib/features/duplicacy-backup.sh for symmetry with lib/features/duplicacy-restore.sh (introduced in 0.8.0). No user-visible change.
    • Internal: Extracted bundle decrypt + import logic in docker-entrypoint.sh into a prepare_bundle() helper, reused by both the default daemon path and the new run mode. Behavior of existing init and daemon modes is unchanged.
    Downloads
  • v0.8.0 ca688dedcc

    v0.8.0 Stable

    SisyphusMD released this 2026-04-21 16:38:36 -07:00 | 30 commits to main since this release

    Added

    • Non-interactive Restore Commands: Two new subcommands for automated disaster recovery flows (e.g. Kubernetes init containers)
      • archiver snapshot-exists — probes every configured storage target for SNAPSHOT_ID and short-circuits on the first hit; exit codes 0=exists, 1=not found, 2=undetermined, 3=lock held
      • archiver auto-restore — iterates storage targets in order and restores from the first target that has the requested snapshot; env-driven (SNAPSHOT_ID, LOCAL_DIR required; REVISION, STORAGE_TARGET, OVERWRITE, DELETE_EXTRA, HASH_COMPARE, IGNORE_OWNERSHIP, RESTORE_THREADS optional)
    • Shared Restore Library: Extracted duplicacy restore plumbing (storage target resolution, repo init, revision listing, restore) into lib/features/duplicacy-restore.sh, shared by interactive restore, snapshot-exists, and auto-restore

    Fixed

    • archiver healthcheck Exit Code: The dispatcher previously clobbered the healthcheck's exit status to 0, causing Docker healthchecks based on archiver healthcheck to always report healthy. It now propagates the underlying exit code
    Downloads
  • v0.7.1 33c4094864

    v0.7.1 Stable

    SisyphusMD released this 2026-04-14 13:09:37 -07:00 | 32 commits to main since this release

    Added

    • Podman Support: Container detection now recognizes Podman (/run/.containerenv) in addition to Docker (/.dockerenv), removing the need to mount a fake .dockerenv file
    • Host Management Tools: Added systemd and zfsutils-linux packages to the container image
      • systemctl — manage host services from restore scripts (start, stop, mask, unmask, etc.)
      • zfs — take ZFS snapshots before restore operations (requires /dev/zfs mount)
      • Requires SYSTEMCTL_FORCE_BUS=1 env var and D-Bus socket + systemd unit directory mounts
    • Security Hardening: Added cap_drop: ALL with explicit cap_add to compose.yaml and README examples
      • DAC_OVERRIDE — required for writing to directories owned by other UIDs
      • SETGID — required for cron to execute scheduled jobs
      • no-new-privileges:true — recommended security option
    • Socket Documentation: Documented mounting options for Podman socket, systemd D-Bus socket, systemd unit directory, and ZFS device node with per-socket security warnings

    Changed

    • Updated available tools list in example scripts and migration guide to include systemctl and zfs
    Downloads
  • v0.7.0 634fafb326

    v0.7.0 Stable

    SisyphusMD released this 2026-01-22 18:19:07 -08:00 | 38 commits to main since this release

    ⚠️ BREAKING CHANGES

    • Docker-Only Deployment: Direct installation on host systems is no longer supported. See migration guide.

    Added

    • Graceful Stop: Stop command respects backup stage, completing service cleanup before termination
      • New archiver stop --immediate flag for emergency termination
      • Sends summary notification with runtime and error count
    • Docker Compose Graceful Shutdown: Added stop_grace_period: 2m to ensure proper service cleanup when stopping containers
    • Migration Documentation: Comprehensive guides for migrating legacy installations (v0.3.2+) to Docker v0.7.0
      • Legacy to Docker migration guide
      • Configuration editing in Docker
      • Local storage setup
      • SSH key management

    Improved

    • Prune Operation: Now uses -exhaustive flag to remove orphaned chunks from manually deleted snapshots and incomplete backups
    • Notifications: Include hostname and timestamp; respect TZ environment variable
    • Bundle Export: Offers to reuse BUNDLE_PASSWORD environment variable
    • Storage Names: Automatically sanitize storage names with hyphens for Bash compatibility
    • Code Organization: Restructured lib directory into core/features/scripts

    Changed

    • Streamlined documentation for Docker-only workflow
    • SFTP SSH Key Path: Hardcoded to /opt/archiver/keys/id_ed25519 for Docker consistency
      • Removed STORAGE_TARGET_X_SFTP_KEY_FILE configuration variable
      • Migrating users: Old variable in config.sh will be safely ignored

    Removed

    • Legacy/direct installation support and related commands
    Downloads
  • v0.6.5 5abc6c8621

    v0.6.5 Stable

    SisyphusMD released this 2026-01-14 13:15:27 -08:00 | 93 commits to main since this release

    Added

    • Container Tools: Added text editors and network utilities to Docker image
      • nano - Simple text editor for quick file edits
      • vim - Full-featured text editor
      • iputils-ping - Network connectivity testing

    Changed

    • Documentation: Updated README to prioritize archiver logs command over docker logs
    • Examples: Updated service script examples with complete list of available tools
    Downloads