clawdie/colibri
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 43
colibri/scripts/clawdie-backup.env.example
Sam & Claude 6bf2951fec
Some checks failed
CI / rust (pull_request) Has been cancelled
Details
CI / markdown (pull_request) Has been cancelled
Details
feat(backup): domedog-side pull script for Forgejo+Vault (off-box independence) 
Addresses HOST-MATRIX §4 backup-independence: the Vultr box (Forgejo+Vaultwarden)
is a single point of failure for backups AND secrets. This pulls its dumps to
domedog (already paid, on-tailnet, 51G free) — zero new cost.

- PULL direction: a compromised Vultr can't reach into / destroy the backup history
- verifies integrity (forgejo dump zip + vault sqlite PRAGMA integrity_check)
- encrypts at rest with age (vault dump = secret material; private key stays off-host)
- dated snapshots + retention (versioned, not a single overwritten mirror)
- opt-in Colibri board status (transition a task done/failed = backup health signal)
- config (host + age recipient) lives in ~/.config (gitignored); no hosts/keys in repo

Vultr side stays responsible only for producing consistent dumps (forgejo dump +
sqlite .backup) and exposing them read-only. bash -n clean.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-20 10:52:26 +02:00

25 lines
1.2 KiB
Text
Raw Permalink Blame History

# clawdie-backup-pull config — copy to ~/.config/clawdie-backup/backup.env (chmod 600).
# This file is GITIGNORED on purpose: it holds the source host + the age recipient.
# Keep real hosts/keys out of the repo.
# rsync source = the Vultr box's read-only dumps dir, reached over Tailscale.
# Use a Tailscale name (not a public IP), and a read-only/forced-command SSH key.
BACKUP_SRC="user@vultr-tailnet-name:/var/backups/clawdie/"
# Local snapshot root on domedog (plenty of room; ~1-2 GB per snapshot).
BACKUP_DEST="$HOME/clawdie-backups"
# How many dated snapshots to keep (e.g. 14 daily).
BACKUP_KEEP="14"
# age recipient for encryption-at-rest. Either a public key string:
# BACKUP_AGE_RECIPIENT="age1xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
# or a path to a recipients file (one age pubkey per line):
# BACKUP_AGE_RECIPIENT="$HOME/.config/clawdie-backup/recipients.txt"
# The private key stays OFF this host (operator holds it) so a domedog compromise
# can't decrypt the vault backup.
BACKUP_AGE_RECIPIENT=""
# Optional: report backup health to the Colibri board by transitioning a task.
# COLIBRI_SOCKET="$HOME/.colibri/colibri.sock"
# BACKUP_TASK_ID="<uuid of a scheduled 'backup' task assigned to domedog>"
Reference in a new issue View git blame Copy permalink