| .gitea/workflows | ||
| .vscode | ||
| dummy | ||
| http_notifier | ||
| incus | ||
| scheduler | ||
| .gitignore | ||
| go.mod | ||
| go.sum | ||
| main.go | ||
| README.md | ||
| Taskfile.yml | ||
Incus keeper
This project is covering backup and sync scenarios for Incus instances.
- Backups instances into Restic repository
- Syncs instances to another incus instance
It handles automatic backups
KV
Functions of Sentinel depends on user KV values configured on each instance. Here is what you can configure:
| Key | Default | Purpose |
|---|---|---|
| user.backup | false | true/false, if true, regular backup job into Restic is performed |
| user.sync | false | true/false, if true, regular sync job into Restic is performed |
| user.backup-notify-url | "" | Call this URL when backup is done |
| user.sync-notify-url | "" | Call this URL when sync is done |
| user.backup-schedule | 0 6 * * * | Cron-like line for backup scheduling |
| user.sync-schedule | 0 6 * * * | Cron-like line for sync scheduling |
| user.sync-target-remote | "" | Sync's target host (needs to be configured in Incus) |
| user.sync-target-pool | pool0 | Target's storage pool |
| user.sync-target-instance-suffix | -cold | Instance name suffix at the target side |
It can also backup and sync volumes, here is list of KV fields for them:
| Key | Default | Purpose |
|---|---|---|
| user.backup | false | true/false, if true, regular backup job into Restic is performed |
| user.backup-mode | dir | dir or native, dir backs up directory of the volume, native uses incus export |
| user.sync | false | true/false, if true, regular sync job into Restic is performed |
| user.backup-notify-url | "" | Call this URL when backup is done |
| user.sync-notify-url | "" | Call this URL when sync is done |
| user.backup-schedule | 0 6 * * * | Cron-like line for backup scheduling |
| user.sync-schedule | 0 6 * * * | Cron-like line for sync scheduling |
| user.sync-target-remote | "" | Sync's target host (needs to be configured in Incus) |
| user.sync-target-pool | pool0 | Target's storage pool |
| user.sync-target-volume-suffix | -cold | Volume name suffix at the target side |
Examples
Enabled sync and backup on existing instance:
incus config set <instance name> user.backup=true user.sync=true user.sync-target-remote=<remote_host>
Important notes
Only one backup or sync job can run the same time. There is internal queue of jobs that is picked up one by one. Cli commands sync and backup are independent from this queue.
Restic needs two environment variables to be set:
- RESTIC_PASSWORD
- RESTIC_REPOSITORY
Also its binary needs to be available on the system where sentinel is running.
Sentinel uses Incus's CLI interface, not its API. Currently it can work only on the same machine where Incus is running.
Synced instances have sync and backup flags disabled so if the remote system runs sentinel too it won't interfere with configuration of the main location.
Volumes can be backed up in two ways. The first one is a snapshot and backup of directory where the snapshot is located. The second way is Incus's native export where a binary blob or an archive is exported and stored in Restic repo. In this case it can be imported back with incus import feature.
Volumes are synced including snapshots and refresh is used in case the destination volume exists.