valknar/docker-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c89769a23f9ad705fd44a8cffc135a03fab5d0f9
docker-compose/restic/compose.yaml
Sebastian Krüger c89769a23f feat: add Restic backup stack with Backrest UI 
Added comprehensive backup solution to The Falcon infrastructure:

- **Restic Stack** (restic.pivoine.art):
  - Backrest web UI for managing restic backups
  - Automated scheduled backups with retention policies
  - Real-time backup status and monitoring
  - Restore capabilities via web interface

- **Backup Configuration**:
  - Target: /mnt/hidrive/users/valknar/Backup
  - Backs up all critical Docker volumes read-only:
    - PostgreSQL, Redis, Directus (uploads/bundle)
    - Awesome, Gotify, Scrapy (data/code)
    - n8n workflows, Filestash state
    - Linkwarden bookmarks/search index
    - Let's Encrypt SSL certificates

- **Infrastructure Updates**:
  - Added RESTIC_* environment variables to arty.yml
  - Updated compose.yaml to include restic stack
  - Updated README.md and CLAUDE.md documentation
  - Configured Traefik routing with SSL

All volumes mounted read-only to backup container for safety.
Backrest data persisted across: data, config, cache, tmp volumes.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-06 10:13:07 +01:00

112 lines
3.8 KiB
YAML
Raw Blame History

services:
backrest:
image: ${RESTIC_IMAGE:-garethgeorge/backrest:latest}
container_name: ${RESTIC_COMPOSE_PROJECT_NAME}_app
restart: unless-stopped
hostname: ${RESTIC_HOSTNAME:-falcon}
volumes:
# Backrest application data
- backrest_data:/data
- backrest_config:/config
- backrest_cache:/cache
- backrest_tmp:/tmp
# Backup destination
- ${RESTIC_BACKUP_PATH:-/mnt/hidrive/users/valknar/Backup}:/repos
# Docker volumes to backup (read-only)
- core_postgres_data:/volumes/core_postgres_data:ro
- core_redis_data:/volumes/core_redis_data:ro
- directus_uploads:/volumes/directus_uploads:ro
- directus_bundle:/volumes/directus_bundle:ro
- awesome_data:/volumes/awesome_data:ro
- gotify_data:/volumes/gotify_data:ro
- scrapyd_data:/volumes/scrapyd_data:ro
- scrapy_code:/volumes/scrapy_code:ro
- n8n_data:/volumes/n8n_data:ro
- filestash_data:/volumes/filestash_data:ro
- linkwarden_data:/volumes/linkwarden_data:ro
- linkwarden_meili_data:/volumes/linkwarden_meili_data:ro
- letsencrypt_data:/volumes/letsencrypt_data:ro
environment:
TZ: ${TIMEZONE:-Europe/Berlin}
BACKREST_DATA: /data
BACKREST_CONFIG: /config/config.json
XDG_CACHE_HOME: /cache
TMPDIR: /tmp
networks:
- compose_network
labels:
- 'traefik.enable=${RESTIC_TRAEFIK_ENABLED}'
- 'traefik.http.middlewares.${RESTIC_COMPOSE_PROJECT_NAME}-redirect-web-secure.redirectscheme.scheme=https'
- 'traefik.http.routers.${RESTIC_COMPOSE_PROJECT_NAME}-web.middlewares=${RESTIC_COMPOSE_PROJECT_NAME}-redirect-web-secure'
- 'traefik.http.routers.${RESTIC_COMPOSE_PROJECT_NAME}-web.rule=Host(`${RESTIC_TRAEFIK_HOST}`)'
- 'traefik.http.routers.${RESTIC_COMPOSE_PROJECT_NAME}-web.entrypoints=web'
- 'traefik.http.routers.${RESTIC_COMPOSE_PROJECT_NAME}-web-secure.rule=Host(`${RESTIC_TRAEFIK_HOST}`)'
- 'traefik.http.routers.${RESTIC_COMPOSE_PROJECT_NAME}-web-secure.tls.certresolver=resolver'
- 'traefik.http.routers.${RESTIC_COMPOSE_PROJECT_NAME}-web-secure.entrypoints=web-secure'
- 'traefik.http.middlewares.${RESTIC_COMPOSE_PROJECT_NAME}-web-secure-compress.compress=true'
- 'traefik.http.routers.${RESTIC_COMPOSE_PROJECT_NAME}-web-secure.middlewares=${RESTIC_COMPOSE_PROJECT_NAME}-web-secure-compress'
- 'traefik.http.services.${RESTIC_COMPOSE_PROJECT_NAME}-web-secure.loadbalancer.server.port=9898'
- 'traefik.docker.network=${NETWORK_NAME}'
- 'com.centurylinklabs.watchtower.enable=${WATCHTOWER_LABEL_ENABLE}'
volumes:
backrest_data:
name: ${RESTIC_COMPOSE_PROJECT_NAME}_data
backrest_config:
name: ${RESTIC_COMPOSE_PROJECT_NAME}_config
backrest_cache:
name: ${RESTIC_COMPOSE_PROJECT_NAME}_cache
backrest_tmp:
name: ${RESTIC_COMPOSE_PROJECT_NAME}_tmp
# External volumes from other stacks (read-only mounts)
core_postgres_data:
name: core_postgres_data
external: true
core_redis_data:
name: core_redis_data
external: true
directus_uploads:
name: core_directus_uploads
external: true
directus_bundle:
name: core_directus_bundle
external: true
awesome_data:
name: awesome_data
external: true
gotify_data:
name: messaging_data
external: true
scrapyd_data:
name: scrapy_scrapyd_data
external: true
scrapy_code:
name: scrapy_scrapy_code
external: true
n8n_data:
name: n8n_n8n_data
external: true
filestash_data:
name: stash_filestash_data
external: true
linkwarden_data:
name: links_data
external: true
linkwarden_meili_data:
name: links_meili_data
external: true
letsencrypt_data:
name: proxy_letsencrypt_data
external: true
networks:
compose_network:
name: ${NETWORK_NAME}
external: true
Reference in New Issue View Git Blame Copy Permalink