snackpot.yml etc. - add borgmatic backup container

templates/docker-compose/docker-compose.yml

@@ -17,6 +17,7 @@ volumes:
   minidlna_state:
   minidlna_data:
   mopidy_data:
+  borgmatic-cache:
 
 networks:
   # This is for proxied containers
@@ -95,6 +96,7 @@ services:
       - web.env
     depends_on:
       - nextcloud
+      - letsencrypt-companion
     networks:
       - proxy-tier
       - default
@@ -193,6 +195,67 @@ services:
         ipv4_address: 192.168.0.243
     restart: always
 
+  # a dummy container to start the main services as deps
+  # This allows the borgmatic image to be excluded when run as:
+  #      docker-compose up main-services
+  main-services: 
+    image: alpine:latest # a small dumy image 
+    command: sh -c "sleep infinity"
+    depends_on:
+      - nextcloud
+      - nextcloud_cron
+      - web
+      - jellyfin
+      - minidlna
+      - upmpdcli
+      
+  borgmatic:
+    build: ./borgmatic
+    restart: 'no' # This container is only run when required
+    depends_on: # These containers need to be up for dumps
+      - postgres
+    networks:
+      # Networks for DB access for backups
+      - default
+    volumes:
+      # Backup mount
+      - /mnt/c/backup/nick:/mnt/borg-repository
+      # Volumes to back up
+      - certs:/mnt/source/certs:ro
+      - nextcloud_data:/mnt/source/nextcloud_data:ro
+      - vhost.d:/mnt/source/vhost.d:ro
+      - html:/mnt/source/html:ro
+      - jellyfin_config:/mnt/source/jellyfin_config:ro
+      - minidlna_state:/mnt/source/minidlna_state:ro
+      - minidlna_data:/mnt/source/minidlna_data:ro
+      # System volumes
+      - /etc/timezone:/etc/timezone:ro             # timezone
+      - /etc/localtime:/etc/localtime:ro           # localtime
+      - borgmatic-cache:/root/.cache/borg  # non-volatile borg chunk cache
+      # Config volumes
+      - ./volumes/borgmatic-config:/etc/borgmatic.d/:ro # config.yaml, crontab.txt, mstmp.env
+      - ./volumes/borg-config:/root/.config/borg/ # borg encryption keys, other config written here
+      - ./volumes/borg-ssh-config:/root/.ssh/ # ssh keys; sshd writes knownhosts etc here
+
+    environment:
+      POSTGRES_USER: nextcloud
+      POSTGRES_DB: nextcloud
+      POSTGRES_HOST: postgres
+      BORG_ARCHIVE: nick
+      MAIL_RELAY_HOST: mail.noodlefactory.co.uk
+      MAIL_PORT: 25
+      MAIL_AUTH_METHOD: login
+      MAIL_STARTTLS: 'on'
+      MAIL_USER: nc.noodlefactory.co.uk
+      MAIL_FROM: borgmatic@snackpot.noodlefactory.co.uk
+      MAIL_TO: nick@noodlefactory.co.uk
+      MAIL_SUBJECT: Borgmatic Backup
+      # MAIL_PASSWORD is set via volumes/borgmatic-config/msmtp.env, created via ansible
+    env_file:
+      - ./borgmatic.env
+      # FIXME create backup service
+    
+
       # Next three services adapted from
 # https://github.com/deisi/audiostation/blob/master/docker-compose.yml
 # and https://github.com/IVData/dockerfiles/blob/master/mopidy-multiroom/docker-compose.yml