Commit 89c2b1c8 authored by Nick Busey's avatar Nick Busey

Adding Minio

parent 2e049c6d
# HomelabOS Backups
HomelabOS automatically backs itself in a smart, incremental, encrypted way to any S3 compatible storage provider, using [Restic](https://restic.net/).
HomelabOS automatically backs itself in a smart, incremental, encrypted way to any S3 compatible storage provider, using [Restic](https://restic.net/) and [Minio](https://minio.io/).
This is in addition to and separate from the Backup service included within HomelabOS, which backs up your personal computers to the HomelabOS servers.
## Get access to an S3 Bucket
Ideally you want your backups to be offsite, so an S3 bucket is not set up by default for you on your HomlabOS machine. Since we use encrypted backups, you can easily have a friend or enemy host an S3 server for you, and as long as they don't get your backup password, everything will be safe. We recommend generating a very secure password for your backup password.
Ideally you want your backups to be offsite, so really the best case scenario would be to find a friend also running HomelabOS, and trade S3 access with them.
Or you could pay Amazon and use their S3 service, if you're into that sort of thing.
## Set up your own S3
## Use your own S3
We recommend Minio.
This method is not recommended as it is backing up to yourself which is not very useful. The usefulness here comes from Restic's snapshotting. So while this won't give you an offsite backup, it will still provide timed snapshots to access old versions of files.
```
brew install minio/stable/minio
minio server /data
```
Create a bucket called `homelabos`.
View your logs for the Minio service (homelabos_minio_1) and copy the AccessKey and SecretKeys out of the logs. Put these into your `host_vars/myserver` file under the `s3_access_key` and `s3_secret_key` variables. Now login to Minio at `http://minio.{{ domain }}/` with the same access and secret key values and create a bucket called `restic-backups`. Finally run `make update` to copy your new settings up to your HomelabOS server.
Of course keep in mind when self hosting your own S3, you likely want to keep good backups of the S3 data files as well.
## Configure the Backup Service
Set your S3 path and keys in `host_vars/myserver`.
If you use minio for your S3 hosting, your s3_path should look something like `s3:http://192.168.1.212:9000/homelabos/`
Set your S3 keys in `host_vars/myserver`.
Once these are set, HomelabOS will back up all it's core data every night at 4 AM.
## Restoring Backups
Let's say your machine gets wiped, or you want to migrate to a new machine. To restore your most recent backup, simply run `make restore`. Then proceed with the normal install step of running `make` and boom, you have all your data back with a fully working HomelabOS setup.
\ No newline at end of file
Let's say your machine gets wiped, or you want to migrate to a new machine. To restore your most recent backup, simply run `make restore`. Then proceed with the normal install step of running `make` and boom, you have all your data back with a fully working HomelabOS setup.
Alternatively you can work directly with the Restic backups through it's Docker shell. Using either [Portainer](/software/portainer.md) or your server's CLI, once you gain access to the Restic shell, you can run commands like `restic snapshots` to list all your snapshots.
\ No newline at end of file
# Minio
Minio is an S3 storage utility.
## Configuration
Refer to the [Backup Guide](/backups) for configuration details.
## Access
The dashboard is available at [http://minio.{{ domain }}/](http://minio.{{ domain }}/)
\ No newline at end of file
# Monica HQ
Monica helps you organize the social interactions with your loved ones.
## Access
It is available at http://monica.{{ domain }}/
\ No newline at end of file
......@@ -48,8 +48,8 @@ nas_user:
nas_pass:
nas_workgroup:
# S3 Backup Server Information - Docs: https://nickbusey.gitlab.io/HomelabOS/setup/backups/
s3_path:
# Restic S3 Backup Server Information - Docs: https://nickbusey.gitlab.io/HomelabOS/setup/backups/
s3_path: s3:http://minio:9000/restic-backups/
s3_access_key:
s3_secret_key:
s3_backup_password:
......
......@@ -25,6 +25,7 @@ pages:
- Grafana: software/grafana.md
- Home Assistant: software/homeassistant.md
- InfluxDB: software/influxdb.md
- Minio: software/minio.md
- NextCloud: software/nextcloud.md
- Paperless: software/paperless.md
- Portainer: software/portainer.md
......
......@@ -12,21 +12,16 @@ services:
# bitwarden_mssql:
# image: bitwarden/mssql:1.16.0
# container_name: bitwarden-mssql
# restart: always
# volumes:
# - ../mssql/data:/var/opt/mssql/data
# - ../mssql/backups:/etc/bitwarden/mssql/backups
# env_file:
# - mssql.env
# - ../env/mssql.override.env
# - /var/homelabos/bitwarden/mssql/data:/var/opt/mssql/data
# - /var/homelabos/bitwarden/mssql/backups:/etc/bitwarden/mssql/backups
# bitwarden_web:
# image: bitwarden/web:1.22.0
# container_name: bitwarden-web
# restart: always
# volumes:
# - ../web:/etc/bitwarden/web
# - /var/homelabos/bitwarden/web:/etc/bitwarden/web
# labels:
# traefik.frontend.rule: 'Host:warden.example.com;Path: /'
# traefik.enable: 'true'
......@@ -34,10 +29,9 @@ services:
# bitwarden_attachments:
# image: bitwarden/attachments:1.16.0
# container_name: bitwarden-attachments
# restart: always
# volumes:
# - ../core/attachments:/etc/bitwarden/core/attachments
# - /var/homelabos/bitwarden/core/attachments:/etc/bitwarden/core/attachments
# labels:
# traefik.frontend.rule: 'Host:warden.example.com;PathPrefix: /attachments'
# traefik.enable: 'true'
......@@ -45,13 +39,9 @@ services:
# bitwarden_api:
# image: bitwarden/api:1.16.0
# container_name: bitwarden-api
# restart: always
# volumes:
# - ../core:/etc/bitwarden/core
# env_file:
# - global.env
# - ../env/global.override.env
# - /var/homelabos/bitwarden/core:/etc/bitwarden/core
# labels:
# traefik.frontend.rule: 'Host: warden.example.com;PathPrefix: /api'
# traefik.enable: 'true'
......@@ -59,14 +49,10 @@ services:
# bitwarden_identity:
# image: bitwarden/identity:1.16.0
# container_name: bitwarden-identity
# restart: always
# volumes:
# - ../identity:/etc/bitwarden/identity
# - ../core:/etc/bitwarden/core
# env_file:
# - global.env
# - ../env/global.override.env
# - /var/homelabos/bitwarden/identity:/etc/bitwarden/identity
# - /var/homelabos/bitwarden/core:/etc/bitwarden/core
# labels:
# traefik.frontend.rule: 'Host: warden.example.com;PathPrefix: /identity'
# traefik.enable: 'true'
......@@ -74,26 +60,12 @@ services:
# bitwarden_icons:
# image: bitwarden/icons:1.16.0
# container_name: bitwarden-icons
# restart: always
# labels:
# traefik.frontend.rule: 'Host: warden.example.com;PathPrefix: /icons'
# traefik.enable: 'true'
# traefik.port: 80
backups:
image: lobaro/restic-backup-docker:v1.0
environment:
- RESTIC_REPOSITORY={{ s3_path }}
- AWS_ACCESS_KEY_ID={{ s3_access_key }}
- AWS_SECRET_ACCESS_KEY={{ s3_secret_key }}
- RESTIC_PASSWORD={{ s3_backup_password }}
- BACKUP_CRON={{ s3_backup_cron }}
- HOSTNAME={{ domain }}
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/homelabos:/data:ro
convos:
image: nordaaker/convos
restart: always
......@@ -201,7 +173,7 @@ services:
- MYSQL_RANDOM_ROOT_PASSWORD=yes
image: "mariadb:latest"
volumes:
- "/var/homelabos/firefly/db:/var/lib/mysql"
- /var/homelabos/firefly/db:/var/lib/mysql
# freshrss:
# image: linuxserver/freshrss
......@@ -224,7 +196,7 @@ services:
links:
- gitea_db:db
volumes:
- ./gitea:/data
- /var/lab/homelabos/gitea:/data
ports:
- "3030:3000"
- "222:22"
......@@ -332,6 +304,45 @@ services:
# ports:
# - 9117:9117
minio:
image: minio/minio
command: server /data
volumes:
- /var/homelabos/minio/data:/data
- /var/homelabos/minio/config:/root/.minio/
ports:
- 9110:9000
labels:
- "traefik.enable=true"
- "traefik.admin.frontend.rule=Host:minio.{{ domain }}"
- "traefik.admin.protocol={{ protocol }}"
- "traefik.admin.port=9000"
# monicahq:
# image: monicahq/monicahq
# links:
# - monicahq_db
# ports:
# - 8176:80
# env_file: .env
# volumes:
# - /var/homelabos/monica/storage/app/public:/var/www/monica/storage/app/public
# labels:
# - "traefik.enable=true"
# - "traefik.admin.frontend.rule=Host:monica.{{ domain }}"
# - "traefik.admin.protocol={{ protocol }}"
# - "traefik.admin.port=80"
# monicahq_db:
# image: mysql:5.7
# environment:
# - MYSQL_ROOT_PASSWORD=sekret_root_password
# - MYSQL_DATABASE=monica
# - MYSQL_USER=homestead
# - MYSQL_PASSWORD=secret
# volumes:
# - /var/homelabos/monica/mysql:/var/lib/mysql
nextcloud:
image: nextcloud
restart: always
......@@ -481,6 +492,24 @@ services:
# - "traefik.admin.protocol={{ protocol }}"
# - "traefik.admin.port=8989"
# https://nickbusey.gitlab.io/HomelabOS/software/restic/
restic:
image: lobaro/restic-backup-docker:v1.0
environment:
- RESTIC_REPOSITORY={{ s3_path }}
- AWS_ACCESS_KEY_ID={{ s3_access_key }}
- AWS_SECRET_ACCESS_KEY={{ s3_secret_key }}
- RESTIC_PASSWORD={{ s3_backup_password }}
- BACKUP_CRON={{ s3_backup_cron }}
- HOSTNAME={{ domain }}
- RESTIC_JOB_ARGS="--exclude=minio"
- RESTIC_FORGET_ARGS="--prune --keep-last 10 --keep-hourly 24 --keep-daily 7 --keep-weekly 52 --keep-monthly 120 --keep-yearly 100"
links:
- minio
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/homelabos:/data:ro
sonerezh:
image: sonerezh/sonerezh:latest
links:
......@@ -520,19 +549,6 @@ services:
links:
- influxdb
terminal:
image: georgeyord/butterfly-web-terminal
restart: always
environment:
- PASSWORD={{ default_password }}
ports:
- 2233:2233
labels:
- "traefik.enable=true"
- "traefik.admin.frontend.rule=Host:terminal.{{ domain }}"
- "traefik.admin.protocol={{ protocol }}"
- "traefik.admin.port=2233"
traefik:
image: traefik
restart: always
......@@ -545,6 +561,7 @@ services:
- /var/homelabos/traefik/traefik.toml:/etc/traefik/traefik.toml
- /var/homelabos/traefik/acme.json:/etc/traefik/acme.json
# https://nickbusey.gitlab.io/HomelabOS/software/transmission/
transmission:
image: haugene/transmission-openvpn
cap_add:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment