Now that uid auto-discover is in (d424473), adding more apps is just naming the container + path — no uid guessing. Four more apps get complete backups of their private data dirs (previously: incomplete on the file side because libreportal can't read sub-UID-owned content from the host). - linkding-service -> /etc/linkding/data (overlaps with sqlite db, same pattern as gitea — dump replays over the captured tree on restore, harmless) - vaultwarden-service -> /data (same overlap pattern) - headscale-service -> /var/lib/headscale (same overlap pattern) - mastodon-service -> /mastodon/public/system (uploads; postgres handled separately by backup.db) Coverage now: nextcloud, bookstack, gitea, owncloud, linkding, vaultwarden, headscale, mastodon. Skipped jellyfin — it has multiple internal sqlite DBs and no backup.db declared; adding just backup.files without backup.db / backup.live wouldn't activate live capture, and adding backup.live blind could yield torn sqlites. That one wants proper DB declaration first. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
64 lines
3.1 KiB
YAML
Executable File
64 lines
3.1 KiB
YAML
Executable File
networks:
|
|
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
external: true
|
|
|
|
services:
|
|
vaultwarden-service: #LIBREPORTAL|SERVICE_TAG_1|vaultwarden-service
|
|
container_name: vaultwarden-service
|
|
image: vaultwarden/server:latest
|
|
restart: unless-stopped
|
|
hostname: vaultwarden
|
|
# GLUETUN_OFF_BEGIN
|
|
ports:
|
|
- "PORTS_DATA_1" #LIBREPORTAL|PORTS_TAG_1|PORTS_DATA_1
|
|
# GLUETUN_OFF_END
|
|
volumes:
|
|
- SOCKET_DATA #LIBREPORTAL|SOCKET_TAG|SOCKET_DATA
|
|
- ./vaultwarden-ssl/:/ssl/
|
|
- ./vaultwarden-data:/data
|
|
environment:
|
|
- LOGIN_RATELIMIT_MAX_BURST=10
|
|
- LOGIN_RATELIMIT_SECONDS=60
|
|
- DOMAIN=https://DOMAINSUBNAME_DATA #LIBREPORTAL|DOMAINSUBNAME_TAG|DOMAINSUBNAME_DATA
|
|
- ADMIN_TOKEN=VAULTWARDEN_ADMIN_TOKEN_DATA #LIBREPORTAL|VAULTWARDEN_ADMIN_TOKEN_TAG|VAULTWARDEN_ADMIN_TOKEN_DATA
|
|
- SIGNUPS_ALLOWED=VAULTWARDEN_SIGNUPS_ALLOWED_DATA #LIBREPORTAL|VAULTWARDEN_SIGNUPS_ALLOWED_TAG|VAULTWARDEN_SIGNUPS_ALLOWED_DATA
|
|
labels:
|
|
libreportal.category: "CATEGORY_DATA" #LIBREPORTAL|CATEGORY_TAG|CATEGORY_DATA
|
|
libreportal.title: "TITLE_DATA" #LIBREPORTAL|TITLE_TAG|TITLE_DATA
|
|
libreportal.backup.db: "sqlite:::vaultwarden-data/db.sqlite3"
|
|
libreportal.backup.files: "vaultwarden-service:/data:vaultwarden-data"
|
|
traefik.enable: TRAEFIK_ENABLE_DATA #LIBREPORTAL|TRAEFIK_ENABLE_TAG|TRAEFIK_ENABLE_DATA
|
|
# TRAEFIK_PORT_1_BEGIN
|
|
traefik.http.routers.vaultwarden-service.entrypoints: web,websecure
|
|
traefik.http.routers.vaultwarden-service.rule: Host(`DOMAINSUBNAME_DATA_1`) #LIBREPORTAL|DOMAINSUBNAME_TAG_1|DOMAINSUBNAME_DATA_1
|
|
traefik.http.routers.vaultwarden-service.tls: true
|
|
traefik.http.routers.vaultwarden-service.tls.certresolver: production
|
|
traefik.http.services.vaultwarden-service.loadbalancer.server.port: PORT_INTERNAL_DATA_1 #LIBREPORTAL|PORT_INTERNAL_TAG_1|PORT_INTERNAL_DATA_1
|
|
traefik.http.routers.vaultwarden-service.middlewares: MIDDLEWARE_DATA_1 #LIBREPORTAL|MIDDLEWARE_TAG_1|MIDDLEWARE_DATA_1
|
|
# TRAEFIK_PORT_1_END
|
|
healthcheck:
|
|
disable: HEALTHCHECK_DATA #LIBREPORTAL|HEALTHCHECK_TAG|HEALTHCHECK_DATA
|
|
# GLUETUN_OFF_BEGIN
|
|
networks:
|
|
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
ipv4_address: IP_DATA_1 #LIBREPORTAL|IP_TAG_1|IP_DATA_1
|
|
# GLUETUN_OFF_END
|
|
# GLUETUN_ON_BEGIN
|
|
# network_mode: "container:gluetun-service"
|
|
# GLUETUN_ON_END
|
|
|
|
# >>> libreportal-monitoring >>>
|
|
#vaultwarden-exporter:
|
|
# container_name: vaultwarden-exporter
|
|
# image: guerzon/vaultwarden_exporter:latest
|
|
# restart: unless-stopped
|
|
# depends_on:
|
|
# - vaultwarden-service
|
|
# environment:
|
|
# - VW_URL=http://vaultwarden-service:PORT_INTERNAL_DATA_1 #LIBREPORTAL|PORT_INTERNAL_TAG_1|PORT_INTERNAL_DATA_1
|
|
# - VW_TOKEN=VAULTWARDEN_ADMIN_TOKEN_DATA #LIBREPORTAL|VAULTWARDEN_ADMIN_TOKEN_TAG|VAULTWARDEN_ADMIN_TOKEN_DATA
|
|
# - VW_LISTEN_ADDR=:PORT_INTERNAL_DATA_2 #LIBREPORTAL|PORT_INTERNAL_TAG_2|PORT_INTERNAL_DATA_2
|
|
# networks:
|
|
# DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
|
|
# <<< libreportal-monitoring <<<
|