From d286202cc5237759e38a061cb1d8249c8a922dc9 Mon Sep 17 00:00:00 2001
From: guezoloic <loicguezo@gmail.com>
Date: Sun, 3 Aug 2025 08:38:03 +0000
Subject: [PATCH] feat: add backup docker containers

---
 config/docker-compose.yml | 36 +++++++++++++++++++++---------------
 scripts/aws-backup.sh     |  3 +++
 scripts/docker-compose.sh |  3 ---
 3 files changed, 24 insertions(+), 18 deletions(-)

diff --git a/config/docker-compose.yml b/config/docker-compose.yml
index 24bb570..de45b2c 100644
--- a/config/docker-compose.yml
+++ b/config/docker-compose.yml
@@ -1,11 +1,25 @@
 volumes:
   etc_wireguard:
   etc_certs:
-  backup_data:
   # save certifcate
   etc_acme:
 
 services:
+  backup:
+    image: jareware/docker-volume-backup
+    container_name: backup-docker-container
+    restart: unless-stopped
+    environment:
+      AWS_S3_BUCKET_NAME: ${S3_BUCKET}
+      AWS_EXTRA_ARGS: --endpoint ${ENDPOINT}
+      AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}
+      AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY}
+      BACKUP_CRON_EXPRESSION: "0 0 * * *"
+    volumes:
+      - etc_wireguard:/backup/etc_wireguard:ro
+      - etc_certs:/backup/etc_certs:ro
+      - etc_acme:/backup/etc_acme:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
 
   wg-easy:
     image: ghcr.io/wg-easy/wg-easy:15
@@ -18,6 +32,8 @@ services:
     ports:
       - "51820:51820/udp"
       - "51821:51821/tcp"
+    labels:
+      - "docker-volume-backup.stop-during-backup=true"
     restart: unless-stopped
     cap_add:
       - NET_ADMIN
@@ -45,6 +61,8 @@ services:
       - NGINX_PROXY_CONTAINER=nginx-proxy
     depends_on:
       - nginx-proxy
+    labels:
+      - "docker-volume-backup.stop-during-backup=true"
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock:ro
       - etc_certs:/etc/nginx/certs
@@ -61,6 +79,8 @@ services:
     ports:
       - "80:80"
       - "443:443"
+    labels:
+      - "docker-volume-backup.stop-during-backup=true"
     volumes:
       - /var/run/docker.sock:/tmp/docker.sock:ro
       - etc_certs:/etc/nginx/certs
@@ -86,20 +106,6 @@ services:
 #     expose:
 #       - "8008"
 
-  volume-backup:
-    image: offen/docker-volume-backup
-    restart: always
-    container_name: volume-backup
-    environment:
-      BACKUP_NAME: etc_wireguard
-      BACKUP_CRON_EXPRESSION: "0 0 * * *"
-      S3_BUCKET: ${AWS}
-      S3_ENDPOINT: ${ENDPOINT}
-      AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}
-      AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY}
-    volumes:
-      - etc_wireguard:/backup:ro
-      - backup_data:/archive
 
 networks:
   network-container:
diff --git a/scripts/aws-backup.sh b/scripts/aws-backup.sh
index 047bf60..9fa7e7f 100644
--- a/scripts/aws-backup.sh
+++ b/scripts/aws-backup.sh
@@ -22,6 +22,9 @@ if [[ "--install" == $INSTALLED ]]; then
     info_print "AWS configuration."
     aws configure
 
+    create_env_variable AWS_ACCESS_KEY_ID $(aws configure get aws_access_key_id)
+    create_env_variable AWS_SECRET_ACCESS_KEY $(aws configure get aws_secret_access_key)
+
     touch "$BACKUP"
     info_print "$BACKUP created."
 
diff --git a/scripts/docker-compose.sh b/scripts/docker-compose.sh
index 9f01fcc..82d9c89 100644
--- a/scripts/docker-compose.sh
+++ b/scripts/docker-compose.sh
@@ -18,9 +18,6 @@ if [[ "--install" == $INSTALLED ]]; then
 
     source /etc/serverconfig/.env
 
-    export AWS_ACCESS_KEY_ID=$(aws configure get aws_access_key_id)
-    export AWS_SECRET_ACCESS_KEY=$(aws configure get aws_secret_access_key)
-
     if [[ -f "$ETC_DIR/docker-compose.yml" ]]; then
         docker compose -f "$ETC_DIR/docker-compose.yml" up -d --force-recreate && \
         info_print "$ETC_DIR/docker-compose.yml is running." 6;