135 lines
4.2 KiB
YAML
135 lines
4.2 KiB
YAML
version: '3.9'
|
|
# See: https://github.com/kopia/kopia
|
|
# Website: https://kopia.io/
|
|
# Inspired: https://github.com/kopia/kopia/blob/master/tools/docker/docker-compose.yml
|
|
|
|
# ##############
|
|
# ### CONFIG ###
|
|
################
|
|
x-config:
|
|
- &common-env
|
|
PUID: ${UID:-1000} #0
|
|
PGID: ${GROUPS:-1000} #0
|
|
TZ: Europe/Paris
|
|
- &repo-credentials
|
|
USER: ${KOPIA_REPOSITORY_USER:-kopia}
|
|
KOPIA_PASSWORD: ${KOPIA_REPOSITORY_PASSWORD:-9VRyJAhyMJxC5d3AQzPUCTGzGY5}
|
|
# For login web-ui: http://IP:51515 ( see KOPIA_WEBUI_USER/KOPIA_WEBUI_PASS )
|
|
<<: {KOPIA_S3_BUCKET: $KOPIA_S3_BUCKET, KOPIA_S3_PATH: $KOPIA_S3_PATH, KOPIA_S3_KEY: $KOPIA_S3_KEY, KOPIA_S3_SECRET: $KOPIA_S3_SECRET, KOPIA_S3_ENDPOINT: $KOPIA_S3_ENDPOINT, KOPIA_RCLONE_PATH: $KOPIA_RCLONE_PATH }
|
|
x-traefik:
|
|
- &traefik-labels
|
|
traefik.enable: "true"
|
|
traefik.http.routers.kopia.tls: "true"
|
|
traefik.http.routers.kopia.rule: Host(`${DOMAIN:-kopia.mondomaine.fr}`)
|
|
traefik.http.routers.kopia.entrypoints: ${DOMAIN_ENTRY:-websecure} # websecure
|
|
traefik.http.routers.kopia.tls.certResolver: ${DOMAIN_TLS_METHOD:-letest} # leprod
|
|
traefik.http.services.kopia.loadbalancer.server.port: 51515 # internal port used by the image
|
|
traefik.http.routers.kopia.middlewares: iplimit
|
|
x-volumes:
|
|
- &kopia_data_tobackup
|
|
kopia_data_tobackup:
|
|
external: false
|
|
- &kopia_data_tomount
|
|
kopia_data_tomount:
|
|
external: false
|
|
- &kopia_data_logs
|
|
kopia_data_logs:
|
|
external: false
|
|
- &kopia_config
|
|
kopia_config:
|
|
external: false
|
|
- &kopia_config_rclone
|
|
kopia_config_rclone:
|
|
external: false
|
|
- &kopia_s3
|
|
kopia_s3:
|
|
driver: rclone
|
|
driver_opts: &kopia_s3_opts
|
|
type: s3
|
|
s3-provider: Other
|
|
s3-endpoint: ${S3_ENDPOINT:-https://eu2.contabostorage.com}
|
|
s3-access_key_id: ${S3_KEY:-XXX}
|
|
s3-secret_access_key: ${S3_PASS:-XXX}
|
|
path: ${S3_BUCKET_NAME:-kopia_conf} # bucket_name
|
|
allow-other: 'true'
|
|
- &data_s3
|
|
data_s3:
|
|
<<: *kopia_s3
|
|
driver_opts:
|
|
<<: *kopia_s3_opts
|
|
path: ${S3_BUCKET_NAME:-mydata} # bucket_name
|
|
|
|
# ###############
|
|
# ### VOLUMES ###
|
|
# ###############
|
|
|
|
volumes:
|
|
<<: [
|
|
# *kopia_data_tobackup,
|
|
# *kopia_data_tomount,
|
|
*kopia_data_logs,
|
|
# *kopia_config,
|
|
# *kopia_config_rclone,
|
|
# *kopia_s3,
|
|
# *data_s3,
|
|
]
|
|
|
|
# ###############
|
|
# ### NETWORK ###
|
|
# ###############
|
|
|
|
#networks:
|
|
# web_public:
|
|
# name: ${PUBLIC_NET:-web_public}
|
|
# external: ${EXTERN_NET:-true}
|
|
|
|
services:
|
|
kopia:
|
|
image: kopia/kopia:latest
|
|
container_name: Kopia
|
|
#hostname: Hostname
|
|
# #############
|
|
# SETUP EXPOSE:METHOD
|
|
# #############
|
|
# 1.PORT METHOD
|
|
ports: [51515:51515]
|
|
# ..OR 2.TRAEFIK METHOD
|
|
#networks: [web_public]
|
|
#labels: *traefik-labels
|
|
#deploy: { labels: *traefik-labels }
|
|
# #############
|
|
# SETUP WEB-GUI
|
|
# #############
|
|
command:
|
|
- server
|
|
- start
|
|
- --disable-csrf-token-checks
|
|
- --insecure
|
|
- --address=0.0.0.0:51515
|
|
- --server-username=${KOPIA_WEBUI_USER:-admin}
|
|
- --server-password=${KOPIA_WEBUI_PASS:-admin}
|
|
# ######################
|
|
# SETUP REPO-CREDENTIALS
|
|
# ######################
|
|
environment:
|
|
<<: [ *common-env, *repo-credentials ]
|
|
# ######################
|
|
# ALLOW: MOUNT WITH FUSE
|
|
# ######################
|
|
privileged: true # buggy: { cap_add: [SYS_ADMIN] security_opt: [apparmor:unconfined] }
|
|
devices: [/dev/fuse:/dev/fuse:rwm]
|
|
# ##################
|
|
# MOUNT: DATA/CONFIG
|
|
# ##################
|
|
volumes:
|
|
# DATA
|
|
- ${DATA_TO_BACKUP:-/}:/data:ro
|
|
- ${DATA_TO_MOUNT:-./tmp_mount}:/tmp:shared
|
|
- kopia_data_logs:/app/logs
|
|
# CONFIG
|
|
- ${REPO_SETTINGS:-./config/repo}:/app/config
|
|
- ${RCLONE_SETTINGS:-./config/rclone}:/app/rclone # /root/.config/rclone
|
|
# REMOTE DATA?: (via rclone-docker-volume )
|
|
#- data_s3:/data:ro
|
|
restart: unless-stopped
|