Network reorganization, multiple updates

backup/compose.yml

@@ -1,55 +1,100 @@
 version: "3.8"
 
 services:
-  kopia:
-    image: kopia/kopia:latest
-    container_name: kopia
-    restart: unless-stopped
-    # We explicitly run as root (0:0) to solve the CHDIR issue, 
-    # OR we make sure the host folders match UID 1000.
-    user: "0:0" 
-    command:
-      - server
-      - start
-      - --address=0.0.0.0:51515
-      - --server-username=${KOPIA_SERVER_USER}
-      - --server-password=${KOPIA_SERVER_PASSWORD}
-      - --config-file=/app/config/repository.config
-      - --disable-csrf-token-checks
-      - --insecure
+  # kopia:
+  #   image: kopia/kopia:latest
+  #   container_name: kopia
+  #   restart: unless-stopped
+  #   # We explicitly run as root (0:0) to solve the CHDIR issue, 
+  #   # OR we make sure the host folders match UID 1000.
+  #   user: "0:0" 
+  #   command:
+  #     - server
+  #     - start
+  #     - --address=0.0.0.0:51515
+  #     - --server-username=${KOPIA_SERVER_USER}
+  #     - --server-password=${KOPIA_SERVER_PASSWORD}
+  #     - --config-file=/app/config/repository.config
+  #     - --disable-csrf-token-checks
+  #     - --insecure
+  #   environment:
+  #     - TZ=America/Montreal
+  #     - KOPIA_PASSWORD=${KOPIA_PASSWORD}
+  #     - USER=${KOPIA_USER}
+  #   volumes:
+  #     - /mnt/HoardingCow_docker_data/Kopia/config:/app/config
+  #     - /mnt/HoardingCow_docker_data/Kopia/cache:/app/cache
+  #     - /mnt/HoardingCow_docker_data/Kopia/repository:/repository
+  #     # Required if you want to use the 'Mount' feature later
+  #     - /tmp:/tmp:shared
+  #     # Required for mounting backups as drives
+  #   cap_add:
+  #     - SYS_ADMIN
+  #   devices:
+  #     - /dev/fuse:/dev/fuse
+  #   networks:
+  #     - traefik-net
+  #   labels:
+  #     - "traefik.enable=true"
+  #     # 1. HTTP to HTTPS Redirect
+  #     - "traefik.http.routers.kopia-http.rule=Host(`backup.lazyworkhorse.net`)"
+  #     - "traefik.http.routers.kopia-http.entrypoints=web"
+  #     - "traefik.http.routers.kopia-http.middlewares=redirect-to-https@docker"
+  #     
+  #     # 2. HTTPS Configuration
+  #     - "traefik.http.routers.kopia.rule=Host(`backup.lazyworkhorse.net`)"
+  #     - "traefik.http.routers.kopia.entrypoints=websecure"
+  #     - "traefik.http.routers.kopia.tls=true"
+  #     - "traefik.http.routers.kopia.tls.certresolver=njalla"
+  #     
+  #     # 3. Backend Service Config
+  #     - "traefik.http.services.kopia.loadbalancer.server.port=51515"
+
+  restic-server:
+    image: restic/restic:latest
+    container_name: restic-server
+    restart: always 
+    user: "0:0"
+    command: ["server", "--listen", ":8080", "--repo", "/data", "--tls-cert", "", "--tls-key", ""]
     environment:
       - TZ=America/Montreal
-      - KOPIA_PASSWORD=${KOPIA_PASSWORD}
-      - USER=${KOPIA_USER}
+      - RESTIC_PASSWORD=${RESTIC_PASSWORD}
     volumes:
-      - /mnt/HoardingCow_docker_data/Kopia/config:/app/config
-      - /mnt/HoardingCow_docker_data/Kopia/cache:/app/cache
-      - /mnt/HoardingCow_docker_data/Kopia/repository:/repository
-      # Required if you want to use the 'Mount' feature later
-      - /tmp:/tmp:shared
-      # Required for mounting backups as drives
-    cap_add:
-      - SYS_ADMIN
-    devices:
-      - /dev/fuse:/dev/fuse
+      - /mnt/HoardingCow_docker_data/Restic/data:/data
+      # Mount paths to backup (adjust as needed)
+      - /mnt/HoardingCow_docker_data:/source:ro
     networks:
-      - traefik-net
+      - backup_net
+    labels:
+      - "traefik.enable=false" # Internal only, accessed by restic-browser
+
+  restic-browser:
+    image: embergarage/restic-browser:latest
+    container_name: restic-browser
+    restart: always 
+    environment:
+      - TZ=America/Montreal
+      - RESTIC_REPOSITORY=http://restic-server:8080
+      - RESTIC_PASSWORD=${RESTIC_PASSWORD}
+    networks:
+      - backup_net
     labels:
       - "traefik.enable=true"
       # 1. HTTP to HTTPS Redirect
-      - "traefik.http.routers.kopia-http.rule=Host(`backup.lazyworkhorse.net`)"
-      - "traefik.http.routers.kopia-http.entrypoints=web"
-      - "traefik.http.routers.kopia-http.middlewares=redirect-to-https@docker"
+      - "traefik.http.routers.restic-browser-http.rule=Host(`backup.lazyworkhorse.net`)"
+      - "traefik.http.routers.restic-browser-http.entrypoints=web"
+      - "traefik.http.routers.restic-browser-http.middlewares=redirect-to-https@docker"
       
       # 2. HTTPS Configuration
-      - "traefik.http.routers.kopia.rule=Host(`backup.lazyworkhorse.net`)"
-      - "traefik.http.routers.kopia.entrypoints=websecure"
-      - "traefik.http.routers.kopia.tls=true"
-      - "traefik.http.routers.kopia.tls.certresolver=njalla"
+      - "traefik.http.routers.restic-browser.rule=Host(`backup.lazyworkhorse.net`)"
+      - "traefik.http.routers.restic-browser.entrypoints=websecure"
+      - "traefik.http.routers.restic-browser.tls=true"
+      - "traefik.http.routers.restic-browser.tls.certresolver=njalla"
       
       # 3. Backend Service Config
-      - "traefik.http.services.kopia.loadbalancer.server.port=51515"
+      - "traefik.http.services.restic-browser.loadbalancer.server.port=8000"
 
 networks:
-  traefik-net:
+  backup_net:
     external: true
+    name: backup_net