A comprehensive Docker backup and restore tool that connects to remote systems, analyzes Docker environments, and creates complete backups with step-by-step restoration instructions.
- Secure Credential Management: Master password-protected encrypted storage for SSH credentials
- Remote Docker Analysis: Connect to any Docker host via SSH and analyze containers/stacks
- Comprehensive Backups:
- Container configurations and metadata
- Volume data (full backup of all mounted volumes)
- Docker Compose files
- Network configurations
- Interactive CLI: Beautiful terminal interface with menus and progress indicators
- Automatic Restore Instructions: Generates detailed markdown guides for restoring containers
- Stack Support: Detect and backup entire Docker Compose stacks
- Flexible: Backup individual containers or complete stacks
- Python 3.8 or higher
- SSH access to the remote Docker host
- Docker installed on the remote host
- Clone or download this repository:
cd dockerbak- Install dependencies:
pip install -r requirements.txt- Make the script executable:
chmod +x dockerbak.pyRun Dockerbak:
./dockerbak.pyOr with Python:
python3 dockerbak.pyOn your first run, you'll be prompted for:
-
Master Password: This password protects your encrypted credential store. Choose a strong password and remember it - it's never stored anywhere.
-
SSH Connection Details:
- Hostname or IP address
- SSH username
- SSH port (default: 22)
- Authentication method (password or SSH key)
- Your SSH credentials
-
Save Credentials: You can choose to save credentials for future use (recommended)
After the initial setup:
- Enter your master password to unlock the credential store
- Select a saved connection or add a new one
- Choose what to backup from the interactive menu
Credentials are stored encrypted using:
- Fernet symmetric encryption (AES-128)
- PBKDF2 key derivation with 600,000 iterations
- Master password that's never stored, only used to derive encryption keys
- Secure file permissions (600) on credential files
Credential files are stored in ~/.dockerbak/:
credentials.enc- Encrypted credentialssalt- Salt for key derivation
Each backup includes:
-
metadata.json: Complete container configuration
- Image name and version
- Environment variables
- Labels and annotations
- Port mappings
- Restart policies
- Resource limits
- And more...
-
volumes/: Compressed archives of volume data
- Named volumes
- Bind mounts
- Volume metadata
-
networks.json: Network configuration
- Network names
- Network settings
- IP addresses
-
docker-compose.yml: Compose file (if part of a stack)
-
manifest.json: Backup manifest with checksums
-
RESTORE_INSTRUCTIONS.md: Detailed restoration guide
backup_20240115_143022/
├── manifest.json
├── RESTORE_INSTRUCTIONS.md
└── my-container/
├── metadata.json
├── networks.json
├── docker-compose.yml
└── volumes/
├── data_volume.tar.gz
├── data_volume.json
├── config_volume.tar.gz
└── config_volume.json
- Backup individual container: Select one or more containers to backup
- Backup Docker Compose stack: Backup an entire stack with all its containers
- List all containers: View all containers on the remote host
- List all stacks: View all Docker Compose stacks
- Exit: Disconnect and exit
- Select containers/stack to backup
- Choose backup directory (default:
/backups- automatically uses sudo if needed) - Watch the progress as backup proceeds
- Review backup summary with location of restore instructions
After creating a backup, detailed restore instructions are automatically generated in RESTORE_INSTRUCTIONS.md within the backup directory.
The restore instructions include:
- Prerequisites: What you need before restoring
- Network Creation: Commands to recreate Docker networks
- Volume Restoration: Steps to restore volume data
- Container Creation: Complete
docker runcommands ordocker-composedeployment - Verification: How to verify the restoration
- Troubleshooting: Common issues and solutions
# 1. Navigate to backup directory
cd backup_20240115_143022
# 2. Read the instructions
cat RESTORE_INSTRUCTIONS.md
# 3. Follow the step-by-step guide to restore- Master Password: Use a strong, unique master password
- SSH Keys: Prefer SSH key authentication over passwords
- Backup Security: Store backups in secure locations with appropriate permissions
- Credential Rotation: Regularly update stored credentials
- Access Control: Limit who has access to the master password and backups
Problem: Cannot connect to remote host
Solutions:
- Verify hostname/IP is correct
- Check SSH port is accessible (firewall rules)
- Confirm SSH credentials are correct
- Test SSH connection manually:
ssh user@host
Problem: Docker not available on remote host
Solutions:
- Verify Docker is installed:
ssh user@host "docker --version" - Check Docker service is running:
ssh user@host "systemctl status docker" - Ensure user has Docker permissions:
ssh user@host "docker ps"
Problem: Volume backup fails or is incomplete
Solutions:
- Ensure sufficient disk space on remote host (
/tmp) - Check volume permissions
- For large volumes, increase timeout in connection settings
- Verify Docker can access the volume
Problem: Cannot unlock credential store
Solutions:
- Ensure you're using the correct master password
- If password is forgotten, delete
~/.dockerbak/and start fresh (you'll lose saved credentials)
When prompted for backup directory, you can specify any path:
Backup directory: /path/to/custom/backups
Use the checkbox menu to select multiple containers:
- Use arrow keys to navigate
- Press Space to select/deselect
- Press Enter to confirm
To remove saved connections, delete the specific host from:
rm ~/.dockerbak/credentials.enc
rm ~/.dockerbak/saltThen recreate with new credentials on next run.
- Python 3.8+
- 100MB free disk space (plus space for backups)
- Network connectivity to Docker host
- SSH server running
- Docker installed and running
- Sufficient disk space in
/tmpfor temporary files - User with Docker permissions
Contributions are welcome! Please feel free to submit issues or pull requests.
This project is provided as-is for personal and commercial use.
Created with Claude Code
1.0.0
For issues, questions, or suggestions, please create an issue in the repository.