From d55fde92b6c0f25596a9aec4d3c89a6d1421e5b3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Kr=C3=BCger?= Date: Sat, 15 Nov 2025 17:05:18 +0100 Subject: [PATCH] feat: move restic (backrest) to core stack MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Add backrest service to core/compose.yaml with CORE_RESTIC_ prefix - Update arty.yml with CORE_RESTIC_* environment variables - Remove restic from compose.yaml includes - Backrest now part of core infrastructure stack 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- arty.yml | 13 ++-- compose.yaml | 1 - core/compose.yaml | 160 +++++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 165 insertions(+), 9 deletions(-) diff --git a/arty.yml b/arty.yml index 997c8b9..fd3fec1 100644 --- a/arty.yml +++ b/arty.yml @@ -19,6 +19,12 @@ envs: CORE_REDIS_PORT: 6379 CORE_REDIS_IMAGE: redis:7-alpine CORE_POSTGRES_IMAGE: postgres:16-alpine + # Backrest (Restic) + CORE_RESTIC_TRAEFIK_ENABLED: true + CORE_RESTIC_IMAGE: garethgeorge/backrest:latest + CORE_RESTIC_TRAEFIK_HOST: restic.pivoine.art + CORE_RESTIC_HOSTNAME: falcon + CORE_RESTIC_BACKUP_PATH: /mnt/hidrive/users/valknar/Backup # Sexy SEXY_TRAEFIK_ENABLED: true SEXY_COMPOSE_PROJECT_NAME: sexy @@ -79,13 +85,6 @@ envs: STASH_TRAEFIK_HOST: stash.pivoine.art STASH_PORT: 8334 STASH_CANARY: true - # Restic - RESTIC_TRAEFIK_ENABLED: true - RESTIC_COMPOSE_PROJECT_NAME: restic - RESTIC_IMAGE: garethgeorge/backrest:latest - RESTIC_TRAEFIK_HOST: restic.pivoine.art - RESTIC_HOSTNAME: falcon - RESTIC_BACKUP_PATH: /mnt/hidrive/users/valknar/Backup # Jellyfin JELLY_TRAEFIK_ENABLED: true JELLY_COMPOSE_PROJECT_NAME: jelly diff --git a/compose.yaml b/compose.yaml index 6346718..2eab140 100644 --- a/compose.yaml +++ b/compose.yaml @@ -4,7 +4,6 @@ include: - sexy/compose.yaml - util/compose.yaml - ai/compose.yaml - - restic/compose.yaml - net/compose.yaml - media/compose.yaml - dev/compose.yaml diff --git a/core/compose.yaml b/core/compose.yaml index 646a196..3842bde 100644 --- a/core/compose.yaml +++ b/core/compose.yaml @@ -46,9 +46,167 @@ services: networks: - compose_network - + + # Backrest - Backup System + backrest: + image: ${CORE_RESTIC_IMAGE:-garethgeorge/backrest:latest} + container_name: ${CORE_COMPOSE_PROJECT_NAME}_backrest + restart: unless-stopped + hostname: ${CORE_RESTIC_HOSTNAME:-falcon} + volumes: + # Backrest application data + - backrest_data:/data + - backrest_config:/config + - backrest_cache:/cache + - backrest_tmp:/tmp + + # Backup destination + - ${CORE_RESTIC_BACKUP_PATH:-/mnt/hidrive/users/valknar/Backup}:/repos + + # Docker volumes to backup (read-only) + - backup_core_postgres_data:/volumes/core_postgres_data:ro + - backup_core_redis_data:/volumes/core_redis_data:ro + - backup_directus_uploads:/volumes/directus_uploads:ro + - backup_directus_bundle:/volumes/directus_bundle:ro + - backup_util_mattermost_config:/volumes/mattermost_config:ro + - backup_util_mattermost_data:/volumes/mattermost_data:ro + - backup_util_mattermost_plugins:/volumes/mattermost_plugins:ro + - backup_util_tandoor_staticfiles:/volumes/tandoor_staticfiles:ro + - backup_util_tandoor_mediafiles:/volumes/tandoor_mediafiles:ro + - backup_n8n_data:/volumes/n8n_data:ro + - backup_filestash_data:/volumes/filestash_data:ro + - backup_util_linkwarden_data:/volumes/linkwarden_data:ro + - backup_util_linkwarden_meili_data:/volumes/linkwarden_meili_data:ro + - backup_letsencrypt_data:/volumes/letsencrypt_data:ro + - backup_util_vaultwarden_data:/volumes/vaultwarden_data:ro + - backup_util_joplin_data:/volumes/joplin_data:ro + - backup_jelly_config:/volumes/jelly_config:ro + - backup_netdata_config:/volumes/netdata_config:ro + - backup_ai_postgres_data:/volumes/ai_postgres_data:ro + - backup_ai_webui_data:/volumes/ai_webui_data:ro + - backup_ai_crawl4ai_data:/volumes/ai_crawl4ai_data:ro + - backup_asciinema_data:/volumes/asciinema_data:ro + - backup_dev_gitea_data:/volumes/dev_gitea_data:ro + - backup_dev_gitea_config:/volumes/dev_gitea_config:ro + - backup_dev_gitea_runner_data:/volumes/dev_gitea_runner_data:ro + - backup_dev_coolify_data:/volumes/dev_coolify_data:ro + + environment: + TZ: ${TIMEZONE:-Europe/Berlin} + BACKREST_DATA: /data + BACKREST_CONFIG: /config/config.json + XDG_CACHE_HOME: /cache + TMPDIR: /tmp + MATTERMOST_WEBHOOK_URL: ${MATTERMOST_WEBHOOK_URL:-} + + networks: + - compose_network + + labels: + - 'traefik.enable=${CORE_RESTIC_TRAEFIK_ENABLED}' + - 'traefik.http.middlewares.${CORE_COMPOSE_PROJECT_NAME}-backrest-redirect-web-secure.redirectscheme.scheme=https' + - 'traefik.http.routers.${CORE_COMPOSE_PROJECT_NAME}-backrest-web.middlewares=${CORE_COMPOSE_PROJECT_NAME}-backrest-redirect-web-secure' + - 'traefik.http.routers.${CORE_COMPOSE_PROJECT_NAME}-backrest-web.rule=Host(`${CORE_RESTIC_TRAEFIK_HOST}`)' + - 'traefik.http.routers.${CORE_COMPOSE_PROJECT_NAME}-backrest-web.entrypoints=web' + - 'traefik.http.routers.${CORE_COMPOSE_PROJECT_NAME}-backrest-web-secure.rule=Host(`${CORE_RESTIC_TRAEFIK_HOST}`)' + - 'traefik.http.routers.${CORE_COMPOSE_PROJECT_NAME}-backrest-web-secure.tls.certresolver=resolver' + - 'traefik.http.routers.${CORE_COMPOSE_PROJECT_NAME}-backrest-web-secure.entrypoints=web-secure' + - 'traefik.http.middlewares.${CORE_COMPOSE_PROJECT_NAME}-backrest-web-secure-compress.compress=true' + - 'traefik.http.routers.${CORE_COMPOSE_PROJECT_NAME}-backrest-web-secure.middlewares=${CORE_COMPOSE_PROJECT_NAME}-backrest-web-secure-compress' + - 'traefik.http.services.${CORE_COMPOSE_PROJECT_NAME}-backrest-web-secure.loadbalancer.server.port=9898' + - 'traefik.docker.network=${NETWORK_NAME}' + - 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}' + volumes: postgres_data: name: ${CORE_COMPOSE_PROJECT_NAME}_postgres_data redis_data: name: ${CORE_COMPOSE_PROJECT_NAME}_redis_data + backrest_data: + name: ${CORE_COMPOSE_PROJECT_NAME}_backrest_data + backrest_config: + name: ${CORE_COMPOSE_PROJECT_NAME}_backrest_config + backrest_cache: + name: ${CORE_COMPOSE_PROJECT_NAME}_backrest_cache + backrest_tmp: + name: ${CORE_COMPOSE_PROJECT_NAME}_backrest_tmp + + # External volumes from other stacks (read-only mounts) + backup_core_postgres_data: + name: core_postgres_data + external: true + backup_core_redis_data: + name: core_redis_data + external: true + backup_directus_uploads: + name: core_directus_uploads + external: true + backup_directus_bundle: + name: core_directus_bundle + external: true + backup_util_mattermost_config: + name: util_mattermost_config + external: true + backup_util_mattermost_data: + name: util_mattermost_data + external: true + backup_util_mattermost_plugins: + name: util_mattermost_plugins + external: true + backup_util_tandoor_staticfiles: + name: util_tandoor_staticfiles + external: true + backup_util_tandoor_mediafiles: + name: util_tandoor_mediafiles + external: true + backup_n8n_data: + name: dev_n8n_data + external: true + backup_filestash_data: + name: stash_filestash_data + external: true + backup_util_linkwarden_data: + name: util_linkwarden_data + external: true + backup_util_linkwarden_meili_data: + name: util_linkwarden_meili_data + external: true + backup_letsencrypt_data: + name: net_letsencrypt_data + external: true + backup_util_vaultwarden_data: + name: util_vaultwarden_data + external: true + backup_util_joplin_data: + name: util_joplin_data + external: true + backup_jelly_config: + name: jelly_config + external: true + backup_netdata_config: + name: net_netdata_config + external: true + backup_ai_postgres_data: + name: ai_postgres_data + external: true + backup_ai_webui_data: + name: ai_webui_data + external: true + backup_ai_crawl4ai_data: + name: ai_crawl4ai_data + external: true + backup_asciinema_data: + name: dev_asciinema_data + external: true + backup_dev_gitea_data: + name: dev_gitea_data + external: true + backup_dev_gitea_config: + name: dev_gitea_config + external: true + backup_dev_gitea_runner_data: + name: dev_gitea_runner_data + external: true + backup_dev_coolify_data: + name: dev_coolify_data + external: true