From 3e1efc578d34c39492dd1044dbcefb46c5da932a Mon Sep 17 00:00:00 2001 From: Fabian Finke <4998526+fezu54@users.noreply.github.com> Date: Sat, 31 Jan 2026 23:28:53 +0100 Subject: [PATCH 1/5] feat: Use ntfy for notifications 1. Is this also integrated into the proxy setup? Yes, I have now added the necessary configuration (VIRTUAL_HOST, LETSENCRYPT_HOST) so your reverse proxy (nginx) will route traffic to it and letsencrypt-companion will generate an SSL certificate. 2. To which url do I connect? You will connect to: `https://${NTFY_PREFIX}.${DNS_ADDRESS}` * For example, if your domain (DNS_ADDRESS) is example.com and you choose ntfy as your prefix, the URL will be https://ntfy.example.com. Required Action: You need to add the NTFY_PREFIX variable to your .env (or php.env / db.env depending on where you keep your main config, usually a root .env is best for shared vars) file. Example line to add to your environment file: 1 NTFY_PREFIX=ntfy --- backup/Dockerfile | 5 +---- backup/borgmatic.d/config.yaml | 4 ++-- docker-compose.yml | 23 ++++++++++++++++++++--- 3 files changed, 23 insertions(+), 9 deletions(-) diff --git a/backup/Dockerfile b/backup/Dockerfile index e298a7d..96471e0 100644 --- a/backup/Dockerfile +++ b/backup/Dockerfile @@ -6,14 +6,11 @@ ARG RCLONE_VERSION RUN apk add --no-cache \ curl \ unzip -RUN curl -O https://raw.githubusercontent.com/simplepush/send-encrypted/master/simplepush.sh RUN curl -O https://downloads.rclone.org/${RCLONE_VERSION}/rclone-${RCLONE_VERSION}-linux-amd64.zip RUN unzip -j rclone-${RCLONE_VERSION}-linux-amd64.zip -RUN chmod 0700 simplepush.sh RUN chmod 0700 rclone FROM ghcr.io/borgmatic-collective/borgmatic:${BORGMATIC_VERSION} -COPY --from=builder simplepush.sh /usr/local/bin/ COPY --from=builder rclone /usr/local/bin/ -RUN apk add openssl +RUN apk add --no-cache curl openssl diff --git a/backup/borgmatic.d/config.yaml b/backup/borgmatic.d/config.yaml index 7fff8bd..17a9514 100644 --- a/backup/borgmatic.d/config.yaml +++ b/backup/borgmatic.d/config.yaml @@ -22,10 +22,10 @@ after_actions: - echo "Uploading backup..." - rclone sync /mnt/borg-repository nextcloud:nextcloud-backup -P --dry-run - rclone sync /mnt/borg-repository nextcloud:nextcloud-backup -v - - simplepush.sh -t "Backup done" -m "Creation and uploading of backup successful" + - curl -d "Creation and uploading of backup successful" -H "Title: Backup done" ${NTFY_URL}/${NTFY_TOPIC} on_error: - echo "Error while creating a backup." - - simplepush.sh -t "Error creating backup" -m "Creation of backup failed. Check borgmatic logs." + - curl -d "Creation of backup failed. Check borgmatic logs." -H "Title: Error creating backup" ${NTFY_URL}/${NTFY_TOPIC} mariadb_databases: - name: all hostname: db diff --git a/docker-compose.yml b/docker-compose.yml index 2b50235..5b2bf9a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -77,9 +77,8 @@ services: - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} - NEXTCLOUD_DATABASE=nextcloud - MYSQL_PWD=${MYSQL_ROOT_PASSWORD} - - SIMPLEPUSH_KEY - - SIMPLEPUSH_PASSWORD - - SIMPLEPUSH_SALT + - NTFY_TOPIC=${NTFY_TOPIC} + - NTFY_URL=http://ntfy:80 - RCLONE_CONFIG_NEXTCLOUD_TYPE - RCLONE_CONFIG_NEXTCLOUD_PROVIDER - RCLONE_CONFIG_NEXTCLOUD_ACL @@ -106,6 +105,22 @@ services: - backups - default + ntfy: + image: binwiederhier/ntfy + restart: always + command: serve + volumes: + - ntfy_cache:/var/cache/ntfy + - ntfy_config:/etc/ntfy + environment: + - TZ=${TZ} + - VIRTUAL_HOST=${NTFY_PREFIX}.${DNS_ADDRESS} + - LETSENCRYPT_HOST=${NTFY_PREFIX}.${DNS_ADDRESS} + - LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL} + networks: + - backups + - proxy-tier + proxy: build: ./proxy restart: always @@ -149,6 +164,8 @@ volumes: borg-cache: borg-config: vaultwarden: + ntfy_cache: + ntfy_config: networks: proxy-tier: From 183f11a89c156cc100353b576d43e68cd696a68c Mon Sep 17 00:00:00 2001 From: Fabian Finke <4998526+fezu54@users.noreply.github.com> Date: Sat, 31 Jan 2026 23:48:30 +0100 Subject: [PATCH 2/5] fix: Adjust ntfy proxy configuration --- docker-compose.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 5b2bf9a..696b541 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -114,6 +114,8 @@ services: - ntfy_config:/etc/ntfy environment: - TZ=${TZ} + - NTFY_BASE_URL=https://${NTFY_PREFIX}.${DNS_ADDRESS} + - NTFY_BEHIND_PROXY=true - VIRTUAL_HOST=${NTFY_PREFIX}.${DNS_ADDRESS} - LETSENCRYPT_HOST=${NTFY_PREFIX}.${DNS_ADDRESS} - LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL} From 255e85e3be9764a1cff8401128c0fef350c5547b Mon Sep 17 00:00:00 2001 From: Fabian Finke <4998526+fezu54@users.noreply.github.com> Date: Sun, 1 Feb 2026 22:10:34 +0100 Subject: [PATCH 3/5] fix: Borgmatic conf | feat: Change vhost.d configuration for better IPV6 handling of ACME chanllenge --- backup/borgmatic.d/config.yaml | 25 +++++++++++++------------ docker-compose.yml | 6 +++--- proxy/vhost.d/default | 7 +++++++ 3 files changed, 23 insertions(+), 15 deletions(-) create mode 100644 proxy/vhost.d/default diff --git a/backup/borgmatic.d/config.yaml b/backup/borgmatic.d/config.yaml index 17a9514..1ee993b 100644 --- a/backup/borgmatic.d/config.yaml +++ b/backup/borgmatic.d/config.yaml @@ -14,18 +14,19 @@ checks: - repository - archives check_last: 3 -before_backup: - - echo "Starting a backup job..." -after_backup: - - echo "Backup created..." -after_actions: - - echo "Uploading backup..." - - rclone sync /mnt/borg-repository nextcloud:nextcloud-backup -P --dry-run - - rclone sync /mnt/borg-repository nextcloud:nextcloud-backup -v - - curl -d "Creation and uploading of backup successful" -H "Title: Backup done" ${NTFY_URL}/${NTFY_TOPIC} -on_error: - - echo "Error while creating a backup." - - curl -d "Creation of backup failed. Check borgmatic logs." -H "Title: Error creating backup" ${NTFY_URL}/${NTFY_TOPIC} +hooks: + before_backup: + - echo "Starting a backup job..." + after_backup: + - echo "Backup created..." + after_actions: + - echo "Uploading backup..." + - rclone sync /mnt/borg-repository nextcloud:nextcloud-backup -P --dry-run + - rclone sync /mnt/borg-repository nextcloud:nextcloud-backup -v + - 'curl -d "Creation and uploading of backup successful" -H "Title: Backup done" ${NTFY_URL}/${NTFY_TOPIC}' + on_error: + - echo "Error while creating a backup." + - 'curl -d "Creation of backup failed. Check borgmatic logs." -H "Title: Error creating backup" ${NTFY_URL}/${NTFY_TOPIC}' mariadb_databases: - name: all hostname: db diff --git a/docker-compose.yml b/docker-compose.yml index 696b541..95fda83 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -117,6 +117,7 @@ services: - NTFY_BASE_URL=https://${NTFY_PREFIX}.${DNS_ADDRESS} - NTFY_BEHIND_PROXY=true - VIRTUAL_HOST=${NTFY_PREFIX}.${DNS_ADDRESS} + - VIRTUAL_PORT=80 - LETSENCRYPT_HOST=${NTFY_PREFIX}.${DNS_ADDRESS} - LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL} networks: @@ -134,7 +135,7 @@ services: volumes: - certs:/etc/nginx/certs:ro - acme:/etc/acme.sh - - vhost.d:/etc/nginx/vhost.d + - ./proxy/vhost.d:/etc/nginx/vhost.d - html:/usr/share/nginx/html - /var/run/docker.sock:/tmp/docker.sock:ro environment: @@ -147,7 +148,7 @@ services: restart: always volumes: - certs:/etc/nginx/certs - - vhost.d:/etc/nginx/vhost.d + - ./proxy/vhost.d:/etc/nginx/vhost.d - html:/usr/share/nginx/html - acme:/etc/acme.sh - /var/run/docker.sock:/var/run/docker.sock:ro @@ -161,7 +162,6 @@ volumes: nextcloud: certs: acme: - vhost.d: html: borg-cache: borg-config: diff --git a/proxy/vhost.d/default b/proxy/vhost.d/default new file mode 100644 index 0000000..14daa7e --- /dev/null +++ b/proxy/vhost.d/default @@ -0,0 +1,7 @@ +location ^~ /.well-known/acme-challenge/ { + auth_basic off; + allow all; + root /usr/share/nginx/html; + try_files $uri =404; + break; +} From 98ac1c0ce404f29446a47bb0b6c3d1cf87f9354f Mon Sep 17 00:00:00 2001 From: Fabian Finke <4998526+fezu54@users.noreply.github.com> Date: Sun, 1 Feb 2026 22:17:04 +0100 Subject: [PATCH 4/5] fix: Borgmatic deprecation warnings --- backup/borgmatic.d/config.yaml | 49 ++++++++++++++++++++++++++-------- 1 file changed, 38 insertions(+), 11 deletions(-) diff --git a/backup/borgmatic.d/config.yaml b/backup/borgmatic.d/config.yaml index 1ee993b..a636e07 100644 --- a/backup/borgmatic.d/config.yaml +++ b/backup/borgmatic.d/config.yaml @@ -1,38 +1,65 @@ source_directories: - /mnt/source - /mnt/vaultwarden/attachments + repositories: - - /mnt/borg-repository + - path: /mnt/borg-repository + one_file_system: true archive_name_format: 'backup-{now}' + keep_hourly: 2 keep_daily: 7 keep_weekly: 4 keep_monthly: 12 keep_yearly: 10 + checks: - - repository - - archives + - name: repository + - name: archives + check_last: 3 -hooks: - before_backup: + +commands: + - name: start-backup + before: action + when: + - create + run: - echo "Starting a backup job..." - after_backup: - - echo "Backup created..." - after_actions: + + - name: backup-created + after: action + when: + - create + run: + - echo "Backup created..." + + - name: upload-backup + after: action + when: + - create + - prune + - compact + - check + run: - echo "Uploading backup..." - rclone sync /mnt/borg-repository nextcloud:nextcloud-backup -P --dry-run - rclone sync /mnt/borg-repository nextcloud:nextcloud-backup -v - 'curl -d "Creation and uploading of backup successful" -H "Title: Backup done" ${NTFY_URL}/${NTFY_TOPIC}' - on_error: + + - name: error-notification + after: error + run: - echo "Error while creating a backup." - 'curl -d "Creation of backup failed. Check borgmatic logs." -H "Title: Error creating backup" ${NTFY_URL}/${NTFY_TOPIC}' + mariadb_databases: - name: all hostname: db port: 3306 username: root + sqlite_databases: - name: vaultwarden - path: /mnt/vaultwarden/db.sqlite3 - + path: /mnt/vaultwarden/db.sqlite3 \ No newline at end of file From 2aaaa600f426cf2e1a22488cc1a10e2e9a6ba07b Mon Sep 17 00:00:00 2001 From: Fabian Finke <4998526+fezu54@users.noreply.github.com> Date: Sun, 1 Feb 2026 22:19:04 +0100 Subject: [PATCH 5/5] fix: Borgmatic deprecation warnings --- backup/borgmatic.d/config.yaml | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/backup/borgmatic.d/config.yaml b/backup/borgmatic.d/config.yaml index a636e07..b86c64b 100644 --- a/backup/borgmatic.d/config.yaml +++ b/backup/borgmatic.d/config.yaml @@ -21,22 +21,19 @@ checks: check_last: 3 commands: - - name: start-backup - before: action + - before: action when: - create run: - echo "Starting a backup job..." - - name: backup-created - after: action + - after: action when: - create run: - echo "Backup created..." - - name: upload-backup - after: action + - after: action when: - create - prune @@ -48,8 +45,7 @@ commands: - rclone sync /mnt/borg-repository nextcloud:nextcloud-backup -v - 'curl -d "Creation and uploading of backup successful" -H "Title: Backup done" ${NTFY_URL}/${NTFY_TOPIC}' - - name: error-notification - after: error + - after: error run: - echo "Error while creating a backup." - 'curl -d "Creation of backup failed. Check borgmatic logs." -H "Title: Error creating backup" ${NTFY_URL}/${NTFY_TOPIC}'