valknar/docker-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: document automated backup configuration

Browse Source 
Updated documentation to reflect complete backup setup:

**CLAUDE.md Updates:**
- Added detailed repository configuration (hidrive-backup)
- Documented all 11 backup plans with schedules and retention
- Explained volume mounting strategy with prefixed names
- Added configuration management instructions
- Included maintenance schedule (weekly prune/check)

**README.md Updates:**
- Added "Backup Operations" section with CLI commands
- Documented automated backup schedule (2-8 AM daily)
- Added backup protocol to security section
- Updated mission status with backup system indicator
- Included next backup time and repository status

**compose.yaml Updates:**
- Restored backrest_config volume (needed for proper operation)
- Removed direct config.json mount (causes write conflicts)
- Config copied into volume after container start

All 11 backup plans now documented:
- postgres, redis, directus (uploads/bundle)
- awesome, gotify, scrapy, n8n
- filestash, linkwarden, letsencrypt

Retention policies range from 3-12 months with yearly backups
for critical data (postgres, directus, letsencrypt).

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Sebastian Krüger
2025-11-06 10:40:28 +01:00
parent bed2106cfd
commit fcfe508698
3 changed files with 116 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
CLAUDE.md
View File

@@ -207,22 +207,71 @@ Backrest backup system with restic backend:
- Restore capabilities via web UI
- Data persisted in `backrest_data`, `backrest_config`, `backrest_cache` volumes
**Backup Configuration**:
- **Backup Target**: `/mnt/hidrive/users/valknar/Backup` (mounted to container as `/repos`)
- **Volumes Backed Up** (all mounted read-only to `/volumes/`):
- `core_postgres_data` - PostgreSQL database files
- `core_redis_data` - Redis data
- `directus_uploads` - Directus media files
- `directus_bundle` - Directus extensions
- `awesome_data` - AWSM SQLite database
- `gotify_data` - Gotify notifications
- `scrapyd_data`, `scrapy_code` - Scrapy spider data
- `n8n_data` - n8n workflow configurations
- `filestash_data` - Filestash state
- `linkwarden_data`, `linkwarden_meili_data` - Linkwarden bookmarks and search index
- `letsencrypt_data` - SSL certificates
**Repository Configuration**:
- **Name**: `hidrive-backup`
- **URI**: `/repos` (mounted from `/mnt/hidrive/users/valknar/Backup`)
- **Password**: `falcon-backup-2025`
- **Auto-initialize**: Enabled (creates repository if missing)
- **Auto-unlock**: Enabled (automatically unlocks stuck repositories)
- **Maintenance**:
- Prune: Weekly (Sundays at 2 AM) - removes old snapshots per retention policy
- Check: Weekly (Sundays at 3 AM) - verifies repository integrity
**Important**: The backup destination path must be accessible from the container. For HiDrive, ensure the mount point exists on the host and is properly mounted before starting the backup service.
**Backup Plans** (11 automated daily backups):
1. **postgres-backup** (2 AM daily)
- Path: `/volumes/core_postgres_data`
- Retention: 7 daily, 4 weekly, 6 monthly, 2 yearly
2. **redis-backup** (3 AM daily)
- Path: `/volumes/core_redis_data`
- Retention: 7 daily, 4 weekly, 3 monthly
3. **directus-uploads-backup** (4 AM daily)
- Path: `/volumes/directus_uploads`
- Retention: 7 daily, 4 weekly, 6 monthly, 2 yearly
4. **directus-bundle-backup** (4 AM daily)
- Path: `/volumes/directus_bundle`
- Retention: 7 daily, 4 weekly, 3 monthly
5. **awesome-backup** (5 AM daily)
- Path: `/volumes/awesome_data`
- Retention: 7 daily, 4 weekly, 6 monthly
6. **gotify-backup** (5 AM daily)
- Path: `/volumes/gotify_data`
- Retention: 7 daily, 4 weekly, 3 monthly
7. **scrapy-backup** (6 AM daily)
- Paths: `/volumes/scrapyd_data`, `/volumes/scrapy_code`
- Retention: 7 daily, 4 weekly, 3 monthly
8. **n8n-backup** (6 AM daily)
- Path: `/volumes/n8n_data`
- Retention: 7 daily, 4 weekly, 6 monthly
9. **filestash-backup** (7 AM daily)
- Path: `/volumes/filestash_data`
- Retention: 7 daily, 4 weekly, 3 monthly
10. **linkwarden-backup** (7 AM daily)
- Paths: `/volumes/linkwarden_data`, `/volumes/linkwarden_meili_data`
- Retention: 7 daily, 4 weekly, 6 monthly
11. **letsencrypt-backup** (8 AM daily)
- Path: `/volumes/letsencrypt_data`
- Retention: 7 daily, 4 weekly, 12 monthly, 3 yearly
**Volume Mounting**:
All Docker volumes are mounted read-only to `/volumes/` with prefixed names (e.g., `backup_core_postgres_data`) to avoid naming conflicts with other compose stacks.
**Configuration Management**:
- `config.json` template in repository defines all backup plans
- On first run, copy config into volume: `docker cp restic/config.json restic_app:/config/config.json`
- Config version must be `4` for Backrest 1.10.1 compatibility
- Backrest manages auth automatically (username: `valknar`, password set via web UI on first access)
**Important**: The backup destination path `/mnt/hidrive/users/valknar/Backup` must be accessible from the container. Ensure HiDrive is mounted on the host before starting the backup service.
## Important Environment Variables

58
README.md
View File

@@ -152,6 +152,32 @@ arty uploads/import
arty env/sync
```
### Backup Operations (RESTIC System)
```bash
# Access backup web interface
# URL: https://restic.pivoine.art
# Username: valknar
# Password: Set on first access
# View backup status
docker logs restic_app | grep scheduled
# Manually trigger backup for a specific plan
docker exec restic_app /backrest backup --plan postgres-backup
# List all snapshots in repository
docker exec restic_app restic -r /repos snapshots
# Restore from backup (via web UI recommended)
# Navigate to restic.pivoine.art → Browse snapshots → Restore files
```
**Automated Backup Schedule:**
- Daily backups: 2 AM - 8 AM (staggered by service)
- Weekly maintenance: Sundays at 2 AM (prune) and 3 AM (check)
- All volumes backed up to: `/mnt/hidrive/users/valknar/Backup`
---
## 🌠 SHIP ARCHITECTURE
@@ -238,6 +264,15 @@ THE FALCON (falcon_network)
├─ HTTP Basic Auth on sensitive endpoints
├─ Rate limiting available (100 req/s)
└─ VPN cloaking device enabled
💾 BACKUP PROTOCOL
├─ Automated daily backups (2-8 AM)
├─ 11 backup plans covering all volumes
├─ Retention: 7 daily, 4 weekly, 3-12 monthly
├─ Encrypted restic repositories
├─ Weekly maintenance (prune & integrity check)
├─ Web UI for monitoring & restore
└─ HiDrive remote storage
```
---
@@ -245,15 +280,20 @@ THE FALCON (falcon_network)
## 📊 MISSION STATUS
```
╔═══════════════════════════════════════╗
║ SHIP'S VITAL SIGNS ║
╠═══════════════════════════════════════╣
║ ✅ Core Systems → OPERATIONAL ║
║ ✅ Shield Generator → ONLINE ║
║ ✅ Database Vault → SECURED ║
║ ✅ Cache Drive → OPTIMIZED ║
🌟 Captain Status → ON ADVENTURE
╚═══════════════════════════════════════╝
╔═══════════════════════════════════════
║ SHIP'S VITAL SIGNS
╠═══════════════════════════════════════
║ ✅ Core Systems → OPERATIONAL ║
║ ✅ Shield Generator → ONLINE ║
║ ✅ Database Vault → SECURED ║
║ ✅ Cache Drive → OPTIMIZED ║
✅ Backup System → AUTOMATED
║ 🌟 Captain Status → ON ADVENTURE ║
╚════════════════════════════════════════╝
Next Backup: Tomorrow 2:00 AM (postgres-backup)
Backup Target: /mnt/hidrive/users/valknar/Backup
Repository Status: Initialized & Ready
```
---

6
restic/compose.yaml
View File

@@ -7,12 +7,10 @@ services:
volumes:
# Backrest application data
- backrest_data:/data
- backrest_config:/config
- backrest_cache:/cache
- backrest_tmp:/tmp
# Configuration file (mount directly to override)
- ./config.json:/config/config.json:rw
# Backup destination
- ${RESTIC_BACKUP_PATH:-/mnt/hidrive/users/valknar/Backup}:/repos
@@ -59,6 +57,8 @@ services:
volumes:
backrest_data:
name: ${RESTIC_COMPOSE_PROJECT_NAME}_data
backrest_config:
name: ${RESTIC_COMPOSE_PROJECT_NAME}_config
backrest_cache:
name: ${RESTIC_COMPOSE_PROJECT_NAME}_cache
backrest_tmp: