Sebastian Krüger
c89769a23f
Added comprehensive backup solution to The Falcon infrastructure:
- **Restic Stack** (restic.pivoine.art):
- Backrest web UI for managing restic backups
- Automated scheduled backups with retention policies
- Real-time backup status and monitoring
- Restore capabilities via web interface
- **Backup Configuration**:
- Target: /mnt/hidrive/users/valknar/Backup
- Backs up all critical Docker volumes read-only:
- PostgreSQL, Redis, Directus (uploads/bundle)
- Awesome, Gotify, Scrapy (data/code)
- n8n workflows, Filestash state
- Linkwarden bookmarks/search index
- Let's Encrypt SSL certificates
- **Infrastructure Updates**:
- Added RESTIC_* environment variables to arty.yml
- Updated compose.yaml to include restic stack
- Updated README.md and CLAUDE.md documentation
- Configured Traefik routing with SSL
All volumes mounted read-only to backup container for safety.
Backrest data persisted across: data, config, cache, tmp volumes.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
11 KiB
11 KiB
___ ___ ___ ___ ___ ___
/\ \ /\ \ /\__\ /\ \ /\ \ /\__\
/::\ \ /::\ \ /:/ / /::\ \ /::\ \ /:| _|_
/::\:\__\ /::\:\__\ /:/__/ /:/\:\__\ /:/\:\__\ /::|/\__\
\/\::/ / \/\::/ / \:\ \ \:\ \/__/ \:\/:/ / \/|::/ /
/:/ / /:/ / \:\__\ \:\__\ \::/ / |:/ /
\/__/ \/__/ \/__/ \/__/ \/__/ \/__/
⚡ THE FALCON ⚡
Captain Valknar's Legendary Starship
🌌 SHIP'S LOG
STARDATE: 2025.10.26 LOCATION: Deep Space, Uncharted Territories STATUS: Captain currently engaged in... diplomatic relations with alien civilizations SYSTEMS: All green, automated deployment active
"The Falcon doesn't just traverse the stars — it commands them." — Captain Valknar, moments before jumping to hyperspace
🛸 VESSEL SPECIFICATIONS
The Falcon is a state-of-the-art containerized starship, powered by Docker's quantum drive engines and orchestrated through the legendary Arty navigation system.
🎯 CORE SYSTEMS
| System | Purpose | Access Point |
|---|---|---|
| SEXY | Advanced alien encounter database | sexy.pivoine.art |
| AWSM | Intergalactic discovery catalog | awesome.pivoine.art |
| TRACK | Mission analytics & telemetry | umami.pivoine.art |
| GOTIFY | Subspace communication relay | gotify.pivoine.art |
| SCRAPY | Web scraping reconnaissance cluster | scrapy.pivoine.art |
| N8N | Automated workflow command center | n8n.pivoine.art |
| STASH | Universal file management portal | stash.pivoine.art |
| LINKS | Interstellar bookmark archive | links.pivoine.art |
| RESTIC | Automated backup vault system | restic.pivoine.art |
| PROXY | Shield control dashboard | proxy.pivoine.art |
| VPN | Cloaking device network | vpn.pivoine.art |
⚙️ INFRASTRUCTURE
┌─────────────────────────────────────────────────┐
│ 🛡️ TRAEFIK SHIELD GENERATOR (Proxy) │
│ ├─ Auto-SSL via Let's Encrypt Reactor │
│ ├─ HTTP → HTTPS Phase Shifters │
│ ├─ Load Balancer Stabilizers │
│ ├─ Dashboard Command Center │
│ └─ Sablier Dynamic Scaling Plugin │
├─────────────────────────────────────────────────┤
│ 💾 POSTGRESQL 16 DATA CORE │
│ ├─ Directus Sector Database │
│ ├─ Umami Analytics Vault │
│ ├─ n8n Workflow Engine Database │
│ └─ Linkwarden Bookmark Archive │
├─────────────────────────────────────────────────┤
│ ⚡ REDIS CACHE HYPERDRIVE │
│ └─ Warp-speed data acceleration │
├─────────────────────────────────────────────────┤
│ 🔐 BACKREST BACKUP VAULT (Restic) │
│ ├─ Automated volume snapshots │
│ ├─ Incremental backup engine │
│ └─ HiDrive remote repository │
└─────────────────────────────────────────────────┘
🚀 LAUNCH SEQUENCE
Prerequisites
- Docker Engine v20+ installed
- Docker Compose v2.20+ installed
- Arty navigation system (
npm install -g artyorpnpm add -g arty) - Clearance level: Captain
🔧 Initialize Ship Systems
# Create the ship's neural network
arty net/create
# Launch all systems
arty up
# Monitor system status
arty ps
# Access ship's logs (real-time)
arty logs
📡 Individual System Control
# Power down specific systems
arty down
# Restart malfunctioning modules
arty restart
# Pull latest system updates from the mothership
arty pull
# Diagnostic report
arty config
💫 NAVIGATION COMMANDS
Database Operations (SEXY Mission)
# Create database backup before alien encounter
arty db/dump
# Restore database after timeline anomaly
arty db/import
# Export exotic alien artifacts (uploads)
arty uploads/export
# Import artifacts to new timeline
arty uploads/import
Deployment & Sync
# Synchronize .env to remote starbase
arty env/sync
🌠 SHIP ARCHITECTURE
THE FALCON (falcon_network)
│
├─ 🎯 CORE SERVICES
│ ├─ PostgreSQL 16 [Port 5432] → Data Vault
│ └─ Redis 7 [Internal] → Cache Drive
│
├─ 🛡️ SECURITY LAYER
│ ├─ Traefik [80/443] → Shield Generator
│ ├─ Traefik Dashboard [proxy.pivoine.art] → Control Center
│ └─ Sablier [Internal] → Scale-to-Zero Engine
│
├─ 🚀 APPLICATIONS
│ ├─ Directus API [sexy.pivoine.art/api]
│ ├─ SvelteKit Frontend [sexy.pivoine.art]
│ ├─ Awesome Catalog [awesome.pivoine.art]
│ ├─ Umami Analytics [umami.pivoine.art]
│ ├─ Gotify Messenger [gotify.pivoine.art]
│ ├─ Scrapyd Cluster [scrapy.pivoine.art]
│ ├─ n8n Workflows [n8n.pivoine.art]
│ ├─ Filestash Files [stash.pivoine.art]
│ ├─ Linkwarden Marks [links.pivoine.art]
│ ├─ Backrest Backups [restic.pivoine.art]
│ └─ WireGuard VPN [vpn.pivoine.art]
│
└─ 💾 STORAGE VOLUMES
├─ postgres_data → Critical mission data
├─ directus_uploads → Alien encounter evidence
├─ directus_bundle → Custom modules
├─ awesome_data → Discovery catalog
├─ scrapyd_data → Web scraping archives
├─ scrapy_code → Spider project code
├─ n8n_data → Workflow configurations
├─ filestash_data → File manager state
├─ linkwarden_data → Bookmark archives
├─ meili_data → Search index database
├─ backrest_data → Backup system state
├─ backrest_config → Backup configurations
└─ letsencrypt_data → Shield certificates
🎨 TECHNOLOGY STACK
⚠️ PROTOCOLS & SECURITY
🔐 ENCRYPTION STANDARD
├─ All transmissions encrypted via HTTPS
├─ Let's Encrypt quantum certificates
├─ TLS 1.2+ with strong cipher suites only
├─ HSTS enabled (1-year, preload ready)
└─ SNI strict mode enforced
🛡️ SECURITY HEADERS
├─ X-Frame-Options: SAMEORIGIN
├─ X-XSS-Protection enabled
├─ Content-Type-Options: nosniff
├─ Referrer-Policy configured
└─ Permissions-Policy restrictions
🔒 ACCESS CONTROL
├─ Admin credentials in .env vault
├─ Database authentication: scram-sha-256
├─ HTTP Basic Auth on sensitive endpoints
├─ Rate limiting available (100 req/s)
└─ VPN cloaking device enabled
📊 MISSION STATUS
╔═══════════════════════════════════════╗
║ SHIP'S VITAL SIGNS ║
╠═══════════════════════════════════════╣
║ ✅ Core Systems → OPERATIONAL ║
║ ✅ Shield Generator → ONLINE ║
║ ✅ Database Vault → SECURED ║
║ ✅ Cache Drive → OPTIMIZED ║
║ 🌟 Captain Status → ON ADVENTURE ║
╚═══════════════════════════════════════╝
👽 CAPTAIN'S NOTES
Currently out exploring the cosmos and making friends with alien species. You know how it is — one minute you're charting a nebula, the next you're at an intergalactic party.
If systems malfunction, check the logs. If things are really bad, I left a backup captain AI (it's called documentation).
Stay shiny, crew. Valknar out.
📡 TRANSMISSION CHANNELS
- 🌐 Flagship: pivoine.art
- 📧 Subspace Mail: valknar@pivoine.art
- 🚀 Mission Control: sexy.pivoine.art
- 📊 Analytics Bay: umami.pivoine.art
╔═══════════════════════════════════════════════════════════╗
║ ║
║ "In space, no one can hear you `docker compose up`" ║
║ ║
║ — Captain Valknar, The Falcon ║
║ ║
╚═══════════════════════════════════════════════════════════╝
THE FALCON • Fastest ship in the Docker registry • EST. 2025