- Add libreportal.backup.db labels to the MariaDB/Postgres apps (nextcloud, owncloud, bookstack, mastodon, invidious) so they back up live + consistent. - If a declared dump cannot be taken (DB down, wrong path), the backup falls back to stop-snapshot-start for that run instead of snapshotting torn data — a misconfiguration degrades to 'safe with downtime', never to 'unsafe'. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
80 lines
3.1 KiB
YAML
80 lines
3.1 KiB
YAML
networks:
|
|
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
external: true
|
|
|
|
services:
|
|
invidious-service: #LIBREPORTAL|SERVICE_TAG_1|invidious-service
|
|
container_name: invidious-service
|
|
image: quay.io/invidious/invidious:latest
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- invidious-db
|
|
# GLUETUN_OFF_BEGIN
|
|
ports:
|
|
- "PORTS_DATA_1" #LIBREPORTAL|PORTS_TAG_1|PORTS_DATA_1
|
|
# GLUETUN_OFF_END
|
|
environment:
|
|
INVIDIOUS_CONFIG: |
|
|
db:
|
|
dbname: invidious
|
|
user: kemal
|
|
password: kemal
|
|
host: invidious-db
|
|
port: 5432
|
|
check_tables: true
|
|
# external_port:
|
|
# domain:
|
|
# https_only: false
|
|
# statistics_enabled: false
|
|
hmac_key: "INVIDIOUS_HMAC_KEY_DATA" #LIBREPORTAL|INVIDIOUS_HMAC_KEY_TAG|INVIDIOUS_HMAC_KEY_DATA
|
|
healthcheck:
|
|
test: wget -nv --tries=1 --spider http://127.0.0.1:3000/api/v1/comments/jNQXAC9IVRw || exit 1
|
|
interval: 30s
|
|
timeout: 5s
|
|
retries: 2
|
|
disable: HEALTHCHECK_DATA #LIBREPORTAL|HEALTHCHECK_TAG|HEALTHCHECK_DATA
|
|
logging:
|
|
options:
|
|
max-size: "1G"
|
|
max-file: "4"
|
|
volumes:
|
|
- SOCKET_DATA #LIBREPORTAL|SOCKET_TAG|SOCKET_DATA
|
|
labels:
|
|
libreportal.category: "CATEGORY_DATA" #LIBREPORTAL|CATEGORY_TAG|CATEGORY_DATA
|
|
libreportal.title: "TITLE_DATA" #LIBREPORTAL|TITLE_TAG|TITLE_DATA
|
|
libreportal.backup.db: "postgres:invidious-db:postgresdata:"
|
|
traefik.enable: TRAEFIK_ENABLE_DATA #LIBREPORTAL|TRAEFIK_ENABLE_TAG|TRAEFIK_ENABLE_DATA
|
|
# TRAEFIK_PORT_1_BEGIN
|
|
traefik.http.routers.invidious-service.entrypoints: web,websecure
|
|
traefik.http.routers.invidious-service.rule: Host(`DOMAINSUBNAME_DATA_1`) #LIBREPORTAL|DOMAINSUBNAME_TAG_1|DOMAINSUBNAME_DATA_1
|
|
traefik.http.routers.invidious-service.tls: true
|
|
traefik.http.routers.invidious-service.tls.certresolver: production
|
|
traefik.http.services.invidious-service.loadbalancer.server.port: PORT_INTERNAL_DATA_1 #LIBREPORTAL|PORT_INTERNAL_TAG_1|PORT_INTERNAL_DATA_1
|
|
traefik.http.routers.invidious-service.middlewares: MIDDLEWARE_DATA_1 #LIBREPORTAL|MIDDLEWARE_TAG_1|MIDDLEWARE_DATA_1
|
|
# TRAEFIK_PORT_1_END
|
|
traefik.docker.network: DOCKER_NETWORK_DATA #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
# GLUETUN_OFF_BEGIN
|
|
networks:
|
|
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
ipv4_address: IP_DATA_1 #LIBREPORTAL|IP_TAG_1|IP_DATA_1
|
|
# GLUETUN_OFF_END
|
|
# GLUETUN_ON_BEGIN
|
|
# network_mode: "container:gluetun-service"
|
|
# GLUETUN_ON_END
|
|
|
|
invidious-db: #LIBREPORTAL|SERVICE_TAG_2|invidious-db
|
|
container_name: invidious-db
|
|
image: docker.io/library/postgres:14
|
|
restart: unless-stopped
|
|
volumes:
|
|
- ./postgresdata:/var/lib/postgresql/data
|
|
environment:
|
|
POSTGRES_DB: invidious
|
|
POSTGRES_USER: kemal
|
|
POSTGRES_PASSWORD: kemal
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"]
|
|
networks:
|
|
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
ipv4_address: IP_DATA_2 #LIBREPORTAL|IP_TAG_2|IP_DATA_2
|