93 lines
3.1 KiB
Markdown
93 lines
3.1 KiB
Markdown
# Borg Backup Scope for KalliLabcore
|
|
|
|
This file defines the target state for replacing Backrest with Borg in this homelab.
|
|
|
|
## Goal
|
|
|
|
Use Borg as the single backup system for:
|
|
|
|
- critical file-backed application data
|
|
- secrets, keys, and reverse-proxy state
|
|
- database dumps generated before each Borg backup
|
|
|
|
Do not back up raw live database storage directories as the primary recovery artifact.
|
|
|
|
## Strategy
|
|
|
|
1. A pre-backup dump script runs on the host and writes fresh dumps to `/mnt/user/backups/borg/dumps/latest`.
|
|
2. Borg backs up `/local/borg-dumps` plus the critical mounted paths below.
|
|
3. Borg retention handles history; the dump directory itself keeps only the latest artifacts.
|
|
|
|
The inclusion of `/local/secrets` is intentional: Borg is expected to cover disaster recovery for selected secret material as part of the current homelab restore strategy.
|
|
|
|
## Service Inventory
|
|
|
|
| Service | Recovery Method | What Borg Should Capture |
|
|
| --- | --- | --- |
|
|
| Vaultwarden | file data | `/local/appdata/vaultwarden` |
|
|
| Paperless | DB dump + file data | `/local/borg-dumps`, `/local/appdata/paperless-ngx/data`, `/local/paperless/media`, `/local/paperless/export`, `/local/paperless/consume` |
|
|
| Immich | DB dump + file data | `/local/borg-dumps`, `/local/immich/upload`, `/local/immich/external` |
|
|
| Gitea | file data (SQLite inside `/data`) | `/local/gitea/data` |
|
|
| Mealie | DB dump + file data | `/local/borg-dumps`, `/local/appdata/mealie/data` |
|
|
| Mail-archiver | shared Postgres dump + data protection keys | `/local/borg-dumps`, `/local/appdata/mailarchiver/data-protection-keys` |
|
|
| Authelia | shared Postgres dump + config + secrets | `/local/borg-dumps`, `/local/appdata/authelia/config`, `/local/secrets` |
|
|
| Traefik | file data | `/local/appdata/traefik` |
|
|
| Homepage | file data | `/local/appdata/homepage` |
|
|
| ntfy | file data | `/local/appdata/ntfy` |
|
|
| Paperless-GPT | file data | `/local/appdata/paperless-gpt` |
|
|
| Tailscale | file data | `/local/appdata/tailscale` |
|
|
| AdGuard | config only | `/local/appdata/adguard/conf` |
|
|
| Borg UI | self-backup | `/local/appdata/borg-ui/data` |
|
|
| Komodo | config/cache only, optional | `/local/appdata/komodo/periphery`, `/local/appdata/komodo/core` |
|
|
|
|
## Database Dumps Required
|
|
|
|
### Shared PostgreSQL (`postgresql17`)
|
|
|
|
- `mailarchiver`
|
|
- `paperless`
|
|
- `authelia`
|
|
|
|
### Dedicated PostgreSQL
|
|
|
|
- `mealie`
|
|
- `immich`
|
|
|
|
### Other Databases
|
|
|
|
- Komodo MongoDB
|
|
|
|
## Explicitly Not Backed Up as Raw Live DB Files
|
|
|
|
- `/mnt/user/appdata/postgresql17`
|
|
- `/mnt/user/appdata/mealie/postgres`
|
|
- `/mnt/user/appdata/immich_postgres`
|
|
- `/mnt/user/appdata/komodo/mongo`
|
|
- `/mnt/user/appdata/redis`
|
|
- `/mnt/user/appdata/scrutiny/influxdb`
|
|
|
|
## Low-Priority / Rebuildable
|
|
|
|
These are not part of the first-class Borg scope:
|
|
|
|
- Plex metadata and cache
|
|
- AdGuard query log
|
|
- code-server extensions cache
|
|
- uptime-kuma
|
|
- scrutiny metrics history
|
|
- dozzle, glances, speedtest
|
|
- filebrowser app state
|
|
- portainer
|
|
|
|
## Suggested Retention
|
|
|
|
- daily: 7
|
|
- weekly: 4
|
|
- monthly: 6
|
|
|
|
## Repository Recommendation
|
|
|
|
Recommended primary Borg repository: `critical-infra`
|
|
|
|
Primary sources are listed in `all-important-sources.txt`.
|