kind: pipeline
type: docker
name: backup-multiple-configs

# trigger:
#   schedule:
#     - cron: '0 2 * * 0' # This schedules the job to run at 2 AM every Sunday

steps:
  - name: backup-and-encrypt
    image: alpine
    commands:
      - apk add --no-cache openssl tar
      - |
        for dir in vaultwarden homebox koillection Homepage mealie; do
          echo "Processing $dir"
          tar cvf - "/backup/$dir" | openssl enc -aes-256-cbc -salt -out "/backup/${dir}_backup.tar.enc" -k "$ENCRYPTION_KEY" -md sha256
          echo "${dir}_backup.tar.enc created."
        done
      - echo "Listing all backup files:"
      - ls -lah /backup/*.tar.enc
    volumes:
      - name: config_volumes
        path: /backup
    environment:
      ENCRYPTION_KEY:
        from_secret: encryption_key

  - name: upload to s3
    image: amazon/aws-cli
    commands:
      - |
        find /backup -name "*.tar.enc" -exec sh -c 'aws s3 cp "{}" "s3://ronnic-backup/${1#/backup/}"' _ {} \;
    environment:
      AWS_ACCESS_KEY_ID:
        from_secret: aws_access_key_id
      AWS_SECRET_ACCESS_KEY:
        from_secret: aws_secret_access_key
      AWS_DEFAULT_REGION: us-west-1
    volumes:
      - name: config_volumes
        path: /backup

  - name: cleanup
    image: alpine
    commands:
      - rm -f /backup/*.tar.enc

volumes:
  - name: config_volumes
    host:
      path: /home/ronnic/Configs