I use Traefik as my main reverse proxy as well for the same reason—container niceties. But then I actually also use nginx… inside container images, like for containers that just serve static files for example.
Use the right tool for the job!
I use Traefik as my main reverse proxy as well for the same reason—container niceties. But then I actually also use nginx… inside container images, like for containers that just serve static files for example.
Use the right tool for the job!
I develop a moderately popular open source project and self-host it on Gitea. But I also mirror it on GitHub and accept PRs there. And one PR submitter on GitHub said they preferred to contribute there because that’s where potential employers look for open source activity.
Could employers also look on Gitea/Forgejo? In theory, yes. But some of them literally ask for your GitHub profile on their application forms…
I use Ansible to meet this need. Whenever I want to deploy to one or more remote hosts, I run Ansible locally and it connects via SSH to the remote host(s). There, it can run Docker Compose, configure services, lay down files on the host, restart things, etc.
I can’t comment on that, but actual Docker Compose (as distinct from Podman Compose) works great with Podman.
Maybe…? I’m not familiar with that router software, but it looks plausible to me…
Since this is on a home network, have you also forwarded port 80 from your router to your machine running certbot?
This is one of the reasons I use the DNS challenge instead… Then you don’t have to route all these Let’s Encrypt challenges into your internal network.
Nope! Borg always requires Borg on the remote side. It’s Borg’s biggest strength and weakness versus competing backup systems IMO. Strength, because it can do pretty smart stuff with its own code running on both sides. Weakness, because it means it doesn’t work natively with cloud object storage like S3. It’s a tradeoff like anything else.
Glad to hear it’s (mostly) working out for you! I know you came here looking for best practices with restores, but if you end up coming up with anything yourself, feel free to comment on that Docker borgmatic ticket with requests or ideas. I use the container myself on some systems for the same reasons you do, and I also wouldn’t mind smoother restores!
borgmatic dev here. First of all, if Vorta is working well for you to recover files, then by all means use Vorta! Right tool for the job and all. Having said that, a couple of thoughts on using borgmatic in Docker and recovering files:
borgmatic has a search feature that makes finding a particular file in an archive or across archives pretty easy. So that might be step one in restoring an accidentally deleted file.
Once you’ve found the file and archive to restore, you can either use borgmatic extract
or borgmatic mount
. With extract
, you copy one or more files out of a backup archives. The challenge though is that with borgmatic in a container, by default there’s not an easy way to copy those files into their original locations. However I think the “fix” is to mount your source volumes as read-write instead of (the documented) read-only. That way you can easily copy extracted files back to where they belong.
As for borgmatic mount
, you’ve got a similar challenge and fix. You can presumably mount backup archives (or a whole repository) within the container, but then you need to copy your recovered files out of that mount into their original source volumes. So that probably also means those volumes need to be mounted read-write.
Let me know if you have any questions!
It deduplicates aggressively at the block level. So if your files don’t change much, each additional backup takes very little space. And if a file changes a little, Borg only backs up what’s changed instead of the whole file again.
Borg also has a rich ecosystem of wrappers and tools (borgmatic, Vorta, etc.) that extend its functionality and make it easier to use.
Borg Backup would also fit the bill for backups going forward, especially if OP is still backing up to a local server (as opposed to cloud object storage).
I don’t think Docker’s API and CLI are historically where it’s had problems…
It’s not the “official” way to do it, but you can make systemd run Docker Compose (talking to Podman instead of Docker), which is pretty close to what you’re talking about. And then you don’t have to write stinky systemd INI files for each container.
Yeah, the constant Docker breakage was one of the main reasons I switched to Podman. FYI you can use Docker Compose directly with Podman.
Ooh, lucky you! Maybe it was both the rDNS and the SNDS. Part of the problem IMO is it’s such a black box…
I’ve had similar experiences trying to send mail to Microsoft-hosted email addresses. My current “solution” is to send all outgoing mail directly from my VPS-hosted Mailu server… EXCEPT for Microsoft-destined mail. For those messages, they get transparently relayed from Postfix to a third-party email sending service that Microsoft apparently trusts.
The upshot is I can still use my own Postfix daemon for all mail sent to sane (non-Microsoft) providers.
Many folks use a centralized monitoring solution like Healthchecks to monitor backups across all of their servers. And borgmatic integrates directly with Healthchecks among others.
You mentioned Borg and all of its command-line options, but have you taken a look at borgmatic? It should be much easier to learn and use than Borg, while still retaining Borg’s features. Just note though that borgmatic probably doesn’t hit all of your stated requirements (e.g., no GUI).
You don’t even need a star cert… The DNS challenge works for that use case as well.