.gitignore

@@ -1,4 +1,4 @@
-pc_backup/data/.bash_history
+pc_backup/config/.bash_history
 data_sources_*
 secret_sources_*
 *.egg-info/

pc_backup/start.py

@@ -10,8 +10,7 @@ from typing import Any
 is_windows = os.name == "nt"
 
 
-def read_data_sources(hostname: str, login: str) -> list[Path]:
-    file = Path(f"./data_sources_{hostname}_{login}")
+def read_data_sources(file: Path) -> list[Path]:
     with open(file) as f:
         paths = f.readlines()
         return [Path(p_str.strip()).expanduser() for p_str in paths]
@@ -68,8 +67,7 @@ class Secret:
         return sub_class.from_line(name, *args)
 
     @classmethod
-    def read_sources(cls, hostname: str, login: str) -> list["Secret"]:
-        file = Path(f"./secret_sources_{hostname}_{login}")
+    def read_sources(cls, file: Path) -> list["Secret"]:
         with open(file) as f:
             lines = f.readlines()
             return [cls.from_line(l.strip()) for l in lines]
@@ -122,6 +120,31 @@ class SecretFile(Secret):
         return cls(host_path=path, name=name, mode=0o0400)
 
 
+@dataclass
+class Configuration:
+    secret_sources: list[Secret]
+    data_sources: list[Path]
+    borgmatic_d_path: Path
+    borgmatic_path: Path
+    history_file: Path
+    ssh_auth_sock: Path | None
+
+    @classmethod
+    def read(cls, hostname: str, login: str, config_dir: Path):
+        secret_sources_file = config_dir / f"secret_sources_{hostname}_{login}"
+        data_sources_file = config_dir / f"data_sources_{hostname}_{login}"
+        ssh_auth_sock = os.getenv("SSH_AUTH_SOCK")
+
+        return cls(
+            secret_sources=Secret.read_sources(secret_sources_file),
+            data_sources=read_data_sources(data_sources_file),
+            borgmatic_d_path=config_dir / "borgmatic.d",
+            borgmatic_path=config_dir / "borgmatic",
+            history_file=config_dir / ".bash_history",
+            ssh_auth_sock=Path(ssh_auth_sock) if ssh_auth_sock else None
+        )
+
+
 @dataclass
 class BorgmaticContainer:
     hostname: str
@@ -129,34 +152,31 @@ class BorgmaticContainer:
     name: str
     image: str = "ghcr.io/borgmatic-collective/borgmatic"
 
-    def run(self, data_sources: list[Path], secret_sources: list[Secret]):
+    def run(self, config: Configuration):
         container_name = f"borgmatic_{self.login}"
-        ssh_auth_sock = os.getenv("SSH_AUTH_SOCK")
 
-        data_path = Path.cwd() / "pc_backup" / "data"
-        config_d_path = data_path / "borgmatic.d"
-        config_path = data_path / "borgmatic"
-        history_file = data_path / ".bash_history"
-        history_file.touch()
+        config.history_file.touch()
         volumes = [
-            f"{config_d_path}:/etc/borgmatic.d/",
-            f"{config_path}:/etc/borgmatic/",
-            f"{history_file}:/root/.bash_history",
+            f"{config.borgmatic_d_path}:/etc/borgmatic.d/",
+            f"{config.borgmatic_path}:/etc/borgmatic/",
+            f"{config.history_file}:/root/.bash_history",
             "borg_ssh_dir:/root/.ssh",
             "borg_config:/root/.config/borg",
             "borg_cache:/root/.cache/borg",
             "borgmatic_state:/root/.local/state/borgmatic",
         ]
-        if ssh_auth_sock:
-            volumes += [f"{ssh_auth_sock}:{ssh_auth_sock}:Z"]
+        if config.ssh_auth_sock:
+            volumes += [f"{config.ssh_auth_sock}:{config.ssh_auth_sock}:Z"]
 
-        volumes += [f"{vol}:{self.to_source_path(vol)}:ro" for vol in data_sources]
+        volumes += [
+            f"{vol}:{self.to_source_path(vol)}:ro" for vol in config.data_sources
+        ]
 
         volume_args = [a for vol in volumes for a in ["-v", vol]]
 
         secrets_args = [
             a
-            for s in secret_sources
+            for s in config.secret_sources
             for a in ["--secret", f"{s.name},mode=0{s.mode:o}"]
         ]
 
@@ -252,11 +272,10 @@ class CommandStart(Command):
         self,
         *,
         container: BorgmaticContainer,
-        data_sources: list[Path],
-        secret_sources: list[Secret],
+        config: Configuration,
         **kwargs,
     ):
-        container.run(data_sources, secret_sources)
+        container.run(config)
 
 
 class CommandRm(Command):
@@ -313,10 +332,9 @@ def main():
     login = os.getlogin()
     hostname = socket.gethostname()
 
-    secret_sources = Secret.read_sources(hostname, login)
-    data_sources = read_data_sources(hostname, login)
+    config = Configuration.read(hostname, login, Path.cwd() / "pc_backup" / "config")
 
-    if not secret_sources:
+    if not config.secret_sources:
         print("no secret required ?")
 
     container = BorgmaticContainer.new(hostname, login)
@@ -324,8 +342,9 @@ def main():
     parser = CliArguments.new()
     command = CliArguments.read_command(parser)
     command.run(
-        secret_sources=secret_sources,
-        data_sources=data_sources,
+        config=config,
+        secret_sources=config.secret_sources,
+        data_sources=config.data_sources,
         container=container,
     )
 

start.sh

@@ -1,37 +0,0 @@
-#!/bin/bash
-
-set -eu -o pipefail
-
-function to_volume {
-  echo "-v ${1}:/mnt/source${1}:ro"
-}
-
-HOSTNAME=$(hostname)
-CONTAINER_NAME="borgmatic"
-HISTFILE=./data/.bash_history
-SOURCE_DIR=./data/source
-CREDENTIALS_DIR=./data/credentials
-
-touch ${HISTFILE}
-
-# Some of those volumes seem useless, e.g. : 
-#   * the repository (which can be mounted within the container)
-#   * mounting the data to save on a precise mount point (one could have several..)
-podman run \
-  -h ${HOSTNAME} \
-  --detach \
-  --name ${CONTAINER_NAME} \
-  $(to_volume /home/theenglishway/Documents/cv/) \
-  $(to_volume /home/theenglishway/Documents/formations/5_jours/) \
-  -v ./data/borgmatic.d:/etc/borgmatic.d/ \
-  -v /home/theenglishway/.ssh:/root/.ssh \
-  -v ${CREDENTIALS_DIR}:/credentials:ro \
-  -v ${HISTFILE}:/root/.bash_history \
-  -v borg_config:/root/.config/borg \
-  -v borg_cache:/root/.cache/borg \
-  -v borgmatic_state:/root/.local/state/borgmatic \
-  -v ${SSH_AUTH_SOCK}:${SSH_AUTH_SOCK}:Z \
-  -e SSH_AUTH_SOCK \
-  -e TZ=Europe/Paris \
-  --security-opt=label=disable \
-  ghcr.io/borgmatic-collective/borgmatic