james/baktainer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Easily backup your docker databases
27 commits 1 branch 1 tag 319 KiB
Find a file
James Paterni 6e7adc330f
Some checks failed
Build Docker Image / build (push) Failing after 1m1s
Details
CI Pipeline / test (push) Failing after 1m57s
Details
Minimal CI / test (push) Failing after 10s
Details
Build and Push Docker Image / test (push) Failing after 1m18s
Details
Shell-Only CI (No Actions) / test (push) Failing after 53s
Details
Simple CI Pipeline / test (push) Failing after 1s
Details
Run Tests / test (push) Failing after 1m15s
Details
Build Docker Image / notify (push) Failing after 1s
Details
CI Pipeline / build (push) Has been skipped
Details
Minimal CI / build (push) Has been skipped
Details
Build and Push Docker Image / build (push) Has been skipped
Details
Shell-Only CI (No Actions) / build (push) Has been skipped
Details
Simple CI Pipeline / build (push) Has been skipped
Details
CI Pipeline / notify (push) Successful in 1s
Details
Shell-Only CI (No Actions) / notify (push) Successful in 1s
Details
Simple CI Pipeline / notify (push) Successful in 1s
Details
Node+Ruby CI Pipeline / test (push) Failing after 5m41s
Details
Node+Ruby CI Pipeline / build (push) Has been skipped
Details
Node+Ruby CI Pipeline / notify (push) Successful in 1s
Details
Fix working directory errors in Forgejo Actions workflows 
- Remove working-directory defaults that caused chdir errors
- Use explicit 'cd app' commands in all Ruby-related steps
- Fix ci.yml, test.yml, docker.yml, and shell-only.yml workflows
- Update documentation with working directory troubleshooting

The error occurred because working-directory was set before repository
checkout, causing the container to try to start in a non-existent directory.

Resolves: "chdir to cwd (..../app) set in config.json failed: no such file"

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-15 11:40:10 -04:00
.forgejo Fix working directory errors in Forgejo Actions workflows 2025-07-15 11:40:10 -04:00
.github/workflows Add comprehensive RSpec testing infrastructure and enhance CI/CD pipeline 2025-07-13 23:12:59 -04:00
app Enhance dashboard with next backup time, reorganized layout, and pagination 2025-07-15 10:31:09 -04:00
.dockerignore Initial Commit 2025-04-14 09:39:37 -04:00
.gitignore Major architectural overhaul: dependency injection, monitoring, and operational improvements 2025-07-14 22:58:26 -04:00
.tool-versions Initial Commit 2025-04-14 09:39:37 -04:00
API_DOCUMENTATION.md Major architectural overhaul: dependency injection, monitoring, and operational improvements 2025-07-14 22:58:26 -04:00
CLAUDE.md Implement comprehensive security fixes and enhancements 2025-07-14 10:19:18 -04:00
docker-compose.yml Fix health check server by using Puma with Rack directly 2025-07-14 23:15:26 -04:00
Dockerfile Initial Commit 2025-04-14 09:39:37 -04:00
entrypoint.sh Initial Commit 2025-04-14 09:39:37 -04:00
LICENSE Initial commit 2025-04-05 13:58:02 +00:00
README.md Comprehensively update README.md with all implemented features 2025-07-15 08:09:02 -04:00
SECURITY.md Implement comprehensive security fixes and enhancements 2025-07-14 10:19:18 -04:00
TODO.md Major architectural overhaul: dependency injection, monitoring, and operational improvements 2025-07-14 22:58:26 -04:00

README.md

baktainer

Easily backup databases running in docker containers.

Features

  • Database Support: MySQL, PostgreSQL, MongoDB, and SQLite databases
  • Scheduled Backups: Run on a schedule using cron expressions
  • Container Discovery: Define which databases to backup using docker labels
  • Health Monitoring: Web dashboard and REST API for monitoring backup status
  • Notifications: Multi-channel notifications (Slack, Discord, Teams, Email, Webhooks)
  • Backup Rotation: Automatic cleanup based on age, count, or disk space
  • Encryption: AES-256-GCM encryption for backup files
  • Compression: Gzip compression to reduce backup file sizes
  • Performance Monitoring: Real-time metrics and performance alerts
  • Label Validation: Schema-based validation with helpful error messages
  • SSL/TLS Support: Secure Docker API connections
  • High Performance: Multi-threaded backups with dynamic scaling

Installation

⚠️ Security Notice: Baktainer requires Docker socket access which grants significant privileges. Please review SECURITY.md for important security considerations and recommended mitigations.

services:
  baktainer:
    image: jamez001/baktainer:latest
    container_name: baktainer
    restart: unless-stopped
    ports:
      - "8080:8080"  # Health check dashboard
    volumes:
      - ./backups:/backups
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - BT_CRON="0 0 * * *" # Backup every day at midnight
      - BT_DOCKER_URL=unix:///var/run/docker.sock
      - BT_THREADS=4
      - BT_LOG_LEVEL=info
      - BT_HEALTH_SERVER_ENABLED=true  # Enable health check server
      - BT_COMPRESS=true               # Enable compression
      - BT_ROTATION_ENABLED=true       # Enable backup rotation
      - BT_RETENTION_DAYS=30          # Keep backups for 30 days
      # SSL Configuration (if using remote Docker API)
      #- BT_SSL=true
      #- BT_CA=/path/to/ca.pem
      #- BT_CERT=/path/to/cert.pem
      #- BT_KEY=/path/to/key.pem
      # Notification Configuration
      #- BT_NOTIFICATION_CHANNELS=slack,log
      #- BT_SLACK_WEBHOOK_URL=https://hooks.slack.com/...
      #- BT_NOTIFY_FAILURES=true
      # Encryption Configuration
      #- BT_ENCRYPTION_ENABLED=true
      #- BT_ENCRYPTION_KEY=your-hex-key

For enhanced security, consider using a Docker socket proxy. See SECURITY.md for detailed security recommendations.

Environment Variables

Core Configuration

Variable Description Default
BT_CRON Cron expression for scheduling backups 0 0 * * *
BT_THREADS Number of threads to use for backups 4
BT_LOG_LEVEL Log level (debug, info, warn, error) info
BT_DOCKER_URL Docker API URL unix:///var/run/docker.sock
BT_BACKUP_DIR Directory to store backups /backups

Backup Options

Variable Description Default
BT_COMPRESS Enable gzip compression for backups true
BT_ROTATION_ENABLED Enable automatic backup rotation true
BT_RETENTION_DAYS Days to keep backups (0 = unlimited) 30
BT_RETENTION_COUNT Max backups per container (0 = unlimited) 0
BT_MIN_FREE_SPACE_GB Minimum free space in GB 10

Health Monitoring

Variable Description Default
BT_HEALTH_SERVER_ENABLED Enable health check server false
BT_HEALTH_PORT Port for health check server 8080
BT_HEALTH_BIND Bind address for health server 0.0.0.0

SSL/TLS Configuration

Variable Description Default
BT_SSL Enable SSL for Docker connection false
BT_CA Path to CA certificate or certificate data none
BT_CERT Path to client certificate or certificate data none
BT_KEY Path to client key or key data none

Encryption

Variable Description Default
BT_ENCRYPTION_ENABLED Enable AES-256-GCM encryption false
BT_ENCRYPTION_KEY Encryption key (hex or base64) none
BT_ENCRYPTION_KEY_FILE Path to encryption key file none
BT_ENCRYPTION_PASSPHRASE Passphrase for key derivation none

Notifications

Variable Description Default
BT_NOTIFICATION_CHANNELS Comma-separated list of channels log
BT_NOTIFY_SUCCESS Notify on successful backups false
BT_NOTIFY_FAILURES Notify on backup failures true
BT_NOTIFY_WARNINGS Notify on warnings true
BT_NOTIFY_HEALTH Notify on health issues true
BT_SLACK_WEBHOOK_URL Slack webhook URL none
BT_DISCORD_WEBHOOK_URL Discord webhook URL none
BT_TEAMS_WEBHOOK_URL Microsoft Teams webhook URL none
BT_WEBHOOK_URL Generic webhook URL none

Usage

Add labels to your docker containers to specify which databases to backup.

services:
  db:
    image: postgres:17
    container_name: my-db
    restart: unless-stopped
    volumes:
    - db:/var/lib/postgresql/data
    environment:
      POSTGRES_DB: "${DB_BASE:-database}"
      POSTGRES_USER: "${DB_USER:-user}"
      POSTGRES_PASSWORD: "${DB_PASSWORD:-StrongPassword}"
    labels:
      - baktainer.backup=true
      - baktainer.db.engine=postgres
      - baktainer.db.name=my-db
      - baktainer.db.user=user
      - baktainer.db.password=StrongPassword
      - baktainer.name="MyApp"

Docker Labels for Container Configuration

Required Labels

Label Description Required For
baktainer.backup Set to true to enable backup for this container All
baktainer.db.engine Database engine: mysql, postgres, mongodb, sqlite All
baktainer.db.name Name of the database to backup All
baktainer.db.user Username for the database MySQL, PostgreSQL, MongoDB
baktainer.db.password Password for the database MySQL, PostgreSQL, MongoDB

Optional Labels

Label Description Default
baktainer.name Application name for backup files Database name
baktainer.compress Enable compression for this container (true/false) BT_COMPRESS value
baktainer.encrypt Enable encryption for this container (true/false) BT_ENCRYPTION_ENABLED value
baktainer.backup.priority Backup priority: low, normal, high, critical normal
baktainer.backup.retention.days Days to keep backups for this container BT_RETENTION_DAYS value
baktainer.backup.retention.count Max backups to keep for this container BT_RETENTION_COUNT value

Backup Files

The backup files will be stored in the directory specified by the BT_BACKUP_DIR environment variable. The files will be named according to the following format:

/backups/<date>/<db_name>-<timestamp>.sql.gz

Where <date> is the date of the backup ('YY-MM-DD' format) <db_name> is the name provided by baktainer.name, or the name of the database, <timestamp> is the unix timestamp of the backup.

By default, backups are compressed with gzip. To disable compression, set BT_COMPRESS=false or add baktainer.compress=false label to specific containers.

Health Monitoring & Dashboard

Baktainer includes a comprehensive health monitoring system with a web dashboard and REST API.

Accessing the Dashboard

When BT_HEALTH_SERVER_ENABLED=true, visit http://localhost:8080 for:

  • Real-time backup status and metrics
  • Container discovery and configuration
  • Performance monitoring with auto-refresh
  • System health checks and alerts

Health Check Endpoints

Endpoint Description
GET / Interactive monitoring dashboard
GET /health Health check (200 = healthy, 503 = unhealthy)
GET /status Detailed system status and metrics
GET /backups Backup history and statistics
GET /containers Discovered containers with backup labels
GET /config Configuration (credentials sanitized)
GET /metrics Prometheus-format metrics

Prometheus Integration

Use the /metrics endpoint to integrate with monitoring systems:

# Prometheus scrape config
scrape_configs:
  - job_name: 'baktainer'
    static_configs:
      - targets: ['baktainer:8080']
    metrics_path: '/metrics'
    scrape_interval: 30s

Notifications

Configure multi-channel notifications for backup events:

Supported Channels

  • Slack: Set BT_SLACK_WEBHOOK_URL
  • Discord: Set BT_DISCORD_WEBHOOK_URL
  • Microsoft Teams: Set BT_TEAMS_WEBHOOK_URL
  • Generic Webhook: Set BT_WEBHOOK_URL
  • Logs: Always available

Example Configuration

environment:
  - BT_NOTIFICATION_CHANNELS=slack,log
  - BT_SLACK_WEBHOOK_URL=https://hooks.slack.com/services/YOUR/WEBHOOK/URL
  - BT_NOTIFY_FAILURES=true
  - BT_NOTIFY_SUCCESS=false
  - BT_NOTIFY_WARNINGS=true

Backup Encryption

Secure your backups with AES-256-GCM encryption:

environment:
  - BT_ENCRYPTION_ENABLED=true
  - BT_ENCRYPTION_KEY=your-256-bit-hex-key
  # Or use a key file:
  # - BT_ENCRYPTION_KEY_FILE=/path/to/keyfile
  # Or derive from passphrase:
  # - BT_ENCRYPTION_PASSPHRASE=your-secure-passphrase

Encrypted files use .enc extension and include authentication data for integrity verification.

Backup Rotation & Cleanup

Automatic backup cleanup keeps your storage manageable:

Configuration Options

environment:
  - BT_ROTATION_ENABLED=true      # Enable automatic cleanup
  - BT_RETENTION_DAYS=30          # Keep backups for 30 days
  - BT_RETENTION_COUNT=0          # Max backups per container (0 = unlimited)
  - BT_MIN_FREE_SPACE_GB=10       # Trigger cleanup when free space < 10GB

Per-Container Overrides

labels:
  - baktainer.backup.retention.days=7    # Keep this container's backups for 7 days
  - baktainer.backup.retention.count=5   # Keep max 5 backups for this container

Cleanup Behavior

  • Time-based: Remove backups older than specified days
  • Count-based: Keep only N most recent backups per container
  • Space-based: Automatic cleanup when disk space is low
  • Smart cleanup: Removes empty date directories after cleanup

Testing

The project includes comprehensive test coverage with both unit and integration tests.

Running Tests

# Run all tests
cd app && bundle exec rspec

# Run tests with coverage report
cd app && COVERAGE=true bundle exec rspec

# Run only unit tests
cd app && bundle exec rspec spec/unit/

# Run only integration tests (requires Docker)
cd app && bundle exec rspec spec/integration/

Test Coverage

  • Line Coverage: 94.94% (150/158 lines)
  • Branch Coverage: 71.11% (32/45 branches)
  • Tests cover all database engines, container discovery, error handling, and backup workflows
  • Integration tests validate full backup operations with real Docker containers

Test Commands

# Quick unit tests
bin/test

# All tests with coverage
bin/test --all --coverage

# Integration tests with setup/cleanup
bin/test --integration --setup --cleanup

Development Roadmap

Completed Features

  • Database Support: MySQL, PostgreSQL, MongoDB, and SQLite backups
  • Scheduling: Cron-based backup scheduling
  • Container Discovery: Docker label-based configuration
  • Docker Integration: Support for socket, TCP, SSL/TLS connections
  • Compression: Gzip compression for backup files
  • Health Monitoring: Web dashboard and REST API monitoring
  • Notifications: Multi-channel notifications (Slack, Discord, Teams, Webhooks)
  • Backup Rotation: Automatic cleanup based on age, count, and disk space
  • Encryption: AES-256-GCM encryption for backup files
  • Performance Monitoring: Real-time metrics and alerts
  • Label Validation: Schema-based validation with helpful error messages
  • High Performance: Multi-threaded backups with dynamic scaling
  • Comprehensive Testing: 94.94% line coverage with unit and integration tests

🔄 In Progress

  • Backup streaming for large databases
  • Advanced retry strategies with exponential backoff

📋 Future Enhancements

  • Individual hooks for completed backups
  • Hooks for fully completed backup cycles
  • Configurable timeout limits for each backup
  • Database-specific optimization settings
  • Backup verification and integrity checking
  • Multi-region backup replication
  • Advanced alerting rules and thresholds