ef122ca019
- Add MIGRATION_PLAYBOOK.md with detailed 4-phase migration strategy - Add FUTURE_PROOF_SCALABILITY_PLAN.md with end-state architecture - Add migration_scripts/ with automated migration tools: - Docker Swarm setup and configuration - Traefik v3 reverse proxy deployment - Service migration automation - Backup and validation scripts - Monitoring and security hardening - Add comprehensive discovery results and audit data - Include zero-downtime migration strategy with rollback capabilities This provides a complete world-class migration solution for converting from current infrastructure to Future-Proof Scalability architecture.
25 KiB
25 KiB
COMPREHENSIVE CONTAINER CONFIGURATION AUDIT
==================================================
Total Containers Analyzed: 53 Privileged Containers: 2 Containers with Device Access: 2 Containers with Custom Security: 5
PRIVILEGED CONTAINERS
These containers require special attention during migration:
jonathan-2518f5u_20250824::homeassistant
- Image: ghcr.io/home-assistant/home-assistant:stable
- Host: jonathan-2518f5u_20250824
- Device Access:
- /dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_51600E94-if00-port0 -> /dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_51600E94-if00-port0
- /dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_51600E94-if01-port0 -> /dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_51600E94-if01-port0
fedora_20250824::portainer_agent
- Image: portainer/agent:latest
- Host: fedora_20250824
CONFIGURATION GAPS & RECOMMENDATIONS
HIGH Priority Issues
- fedora_20250824::portainer_agent: Privileged mode without specific device mappings
- Recommendation: Review if privileged access is necessary
MEDIUM Priority Issues
- surface_20250824::appflowy-cloud-minio-1: Bind mount to system directory: /var/snap/docker/common/var-lib-docker/volumes/appflowy-cloud_minio_data/_data
- Recommendation: Verify this mount is necessary and secure
- surface_20250824::appflowy-cloud-redis-1: Bind mount to system directory: /var/snap/docker/common/var-lib-docker/volumes/69e0a0fa40952877d5a108115edcd031cd4078e859b8eee84caa644903cc3f11/_data
- Recommendation: Verify this mount is necessary and secure
- surface_20250824::appflowy-cloud-gotrue-1: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- surface_20250824::appflowy-cloud-admin_frontend-1: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- surface_20250824::appflowy-cloud-postgres-1: Bind mount to system directory: /var/snap/docker/common/var-lib-docker/volumes/appflowy-cloud_postgres_data/_data
- Recommendation: Verify this mount is necessary and secure
- surface_20250824::appflowy-cloud-appflowy_web-1: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- surface_20250824::appflowy-cloud-appflowy_worker-1: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- surface_20250824::appflowy-cloud-appflowy_cloud-1: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- lenovo420_20250824::omni-tools: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- lenovo420_20250824::duckdns: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- lenovo420_20250824::sad_moser: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- lenovo420_20250824::sad_moser: Bind mount to system directory: /var/lib/docker/volumes/890112767db1aca83faf31461b6f2142af9d9b1b5cf0ac172ec2e6600a07c27b/_data
- Recommendation: Verify this mount is necessary and secure
- lenovo420_20250824::sad_moser: Bind mount to system directory: /var/lib/docker/volumes/bbf0315555dbaa76dde0e8f6d666e54db7c8ad42bba6c0a198203945d30d1be5/_data
- Recommendation: Verify this mount is necessary and secure
- lenovo420_20250824::sad_moser: Bind mount to system directory: /var/lib/docker/volumes/c3f792d6fa811027c724a4ed4bbb029b64b8ac0c2c81150baea556f7638f59da/_data
- Recommendation: Verify this mount is necessary and secure
- lenovo420_20250824::sad_moser: Bind mount to system directory: /var/lib/docker/volumes/dc913ee5a837413a55bc0b6c5493c487c2ce112938a37df929731421b22b43d2/_data
- Recommendation: Verify this mount is necessary and secure
- lenovo420_20250824::watchtower-watchtower-1: Bind mount to system directory: /var/run/docker.sock
- Recommendation: Verify this mount is necessary and secure
- lenovo420_20250824::portainer_agent: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- lenovo420_20250824::portainer_agent: Bind mount to system directory: /var/run/docker.sock
- Recommendation: Verify this mount is necessary and secure
- lenovo420_20250824::portainer_agent: Bind mount to system directory: /var/lib/docker/volumes
- Recommendation: Verify this mount is necessary and secure
- jonathan-2518f5u_20250824::watchtower-watchtower-1: Bind mount to system directory: /var/run/docker.sock
- Recommendation: Verify this mount is necessary and secure
- jonathan-2518f5u_20250824::paperless-ai: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- jonathan-2518f5u_20250824::paperless-ai: Bind mount to system directory: /var/lib/docker/volumes/paperless-ai_paperless-ai_data/_data
- Recommendation: Verify this mount is necessary and secure
- jonathan-2518f5u_20250824::mosquitto: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- jonathan-2518f5u_20250824::vaultwarden: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- jonathan-2518f5u_20250824::zwave-js-ui: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- jonathan-2518f5u_20250824::homeway: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- jonathan-2518f5u_20250824::music-assistant: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- jonathan-2518f5u_20250824::music-assistant: Bind mount to system directory: /var/lib/docker/volumes/fb2f38f8fe39ef8c95a4760e037fd74ccee53e79e4e1f8844d447b592ba407ac/_data
- Recommendation: Verify this mount is necessary and secure
- jonathan-2518f5u_20250824::mariadb: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- jonathan-2518f5u_20250824::n8n: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- jonathan-2518f5u_20250824::esphome: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- jonathan-2518f5u_20250824::esphome: Bind mount to system directory: /etc/localtime
- Recommendation: Verify this mount is necessary and secure
- jonathan-2518f5u_20250824::portainer: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- jonathan-2518f5u_20250824::portainer: Bind mount to system directory: /var/run/docker.sock
- Recommendation: Verify this mount is necessary and secure
- jonathan-2518f5u_20250824::paperless-ngx_broker_1: Bind mount to system directory: /var/lib/docker/volumes/paperless-ngx_redisdata/_data
- Recommendation: Verify this mount is necessary and secure
- jonathan-2518f5u_20250824::paperless-ngx_webserver_1: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- fedora_20250824::portainer_agent: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- fedora_20250824::portainer_agent: Bind mount to system directory: /var/lib/docker/volumes
- Recommendation: Verify this mount is necessary and secure
- fedora_20250824::portainer_agent: Bind mount to system directory: /var/run/docker.sock
- Recommendation: Verify this mount is necessary and secure
- audrey_20250824::portainer_agent: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- audrey_20250824::portainer_agent: Bind mount to system directory: /var/lib/docker/volumes
- Recommendation: Verify this mount is necessary and secure
- audrey_20250824::portainer_agent: Bind mount to system directory: /var/run/docker.sock
- Recommendation: Verify this mount is necessary and secure
- audrey_20250824::dozzle: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- audrey_20250824::dozzle: Bind mount to system directory: /var/run/docker.sock
- Recommendation: Verify this mount is necessary and secure
- audrey_20250824::uptime-kuma: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- audrey_20250824::code-server: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- audrey_20250824::code-server: Bind mount to system directory: /var/run/docker.sock
- Recommendation: Verify this mount is necessary and secure
- omv800.local_20250823::watchtower-watchtower-1: Bind mount to system directory: /var/run/docker.sock
- Recommendation: Verify this mount is necessary and secure
- omv800.local_20250823::unbound: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- omv800.local_20250823::portainer_agent: Bind mount to system directory: /var/lib/docker/volumes
- Recommendation: Verify this mount is necessary and secure
- omv800.local_20250823::portainer_agent: Bind mount to system directory: /var/run/docker.sock
- Recommendation: Verify this mount is necessary and secure
- omv800.local_20250823::immich_redis: Bind mount to system directory: /var/lib/docker/volumes/ea89627ba917b667163aaa37d8ec2f9c1895530fde67be90459db02f6b986a6b/_data
- Recommendation: Verify this mount is necessary and secure
- omv800.local_20250823:
Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- omv800.local_20250823::nextcloud: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- omv800.local_20250823::jellyfin: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- omv800.local_20250823::jellyfin: Bind mount to system directory: /var/lib/docker/volumes/jellyfin-config/_data
- Recommendation: Verify this mount is necessary and secure
- omv800.local_20250823::jellyfin: Bind mount to system directory: /var/lib/docker/volumes/jellyfin-cache/_data
- Recommendation: Verify this mount is necessary and secure
- omv800.local_20250823::nextcloud-redis: Bind mount to system directory: /var/lib/docker/volumes/ec3794dfe53f0e89aa9cb010d05d9803d15b457ca80e10e55bb5d07bfe238475/_data
- Recommendation: Verify this mount is necessary and secure
- omv800.local_20250823::joplin-app-1: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- omv800.local_20250823::joplin-vikunja-1: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- omv800.local_20250823::joplin-vikunja-1: Bind mount to system directory: /var/lib/docker/volumes/vikunja-db/_data
- Recommendation: Verify this mount is necessary and secure
- omv800.local_20250823::paperless-broker-1: Bind mount to system directory: /var/lib/docker/volumes/paperless_redisdata/_data
- Recommendation: Verify this mount is necessary and secure
- omv800.local_20250823::adguardhome: Using :latest tag - should pin to specific version
- Recommendation: Replace with specific version tag
- omv800.local_20250823::paperless-db-1: Bind mount to system directory: /var/lib/docker/volumes/paperless_pgdata/_data
- Recommendation: Verify this mount is necessary and secure
- omv800.local_20250823::immich_machine_learning: Bind mount to system directory: /var/lib/docker/volumes/immich_model-cache/_data
- Recommendation: Verify this mount is necessary and secure
CRITICAL MIGRATION TASKS
appflowy-cloud-minio-1 - Data Backup
- Backup volume: /var/snap/docker/common/var-lib-docker/volumes/appflowy-cloud_minio_data/_data -> /data
appflowy-cloud-minio-1 - Secrets
- Securely migrate sensitive variables: MINIO_ROOT_PASSWORD, MINIO_ACCESS_KEY_FILE, MINIO_SECRET_KEY_FILE, MINIO_ROOT_PASSWORD_FILE, MINIO_KMS_SECRET_KEY_FILE, MINIO_UPDATE_MINISIGN_PUBKEY
appflowy-cloud-minio-1 - Networks
- Create network: appflowy-cloud_default
appflowy-cloud-redis-1 - Data Backup
- Backup volume: /var/snap/docker/common/var-lib-docker/volumes/69e0a0fa40952877d5a108115edcd031cd4078e859b8eee84caa644903cc3f11/_data -> /data
appflowy-cloud-redis-1 - Networks
- Create network: appflowy-cloud_default
appflowy-cloud-gotrue-1 - Secrets
- Securely migrate sensitive variables: GOTRUE_SMTP_PASS, GOTRUE_SAML_PRIVATE_KEY, GOTRUE_JWT_SECRET, GOTRUE_EXTERNAL_GOOGLE_SECRET, GOTRUE_ADMIN_PASSWORD, GOTRUE_EXTERNAL_GITHUB_SECRET, GOTRUE_EXTERNAL_DISCORD_SECRET
appflowy-cloud-gotrue-1 - Networks
- Create network: appflowy-cloud_default
appflowy-cloud-admin_frontend-1 - Networks
- Create network: appflowy-cloud_default
appflowy-cloud-postgres-1 - Data Backup
- Backup volume: /var/snap/docker/common/var-lib-docker/volumes/appflowy-cloud_postgres_data/_data -> /var/lib/postgresql/data
appflowy-cloud-postgres-1 - Secrets
- Securely migrate sensitive variables: POSTGRES_PASSWORD
appflowy-cloud-postgres-1 - Networks
- Create network: appflowy-cloud_default
appflowy-cloud-nginx-1 - Data Backup
- Backup volume: /home/jon/AppFlowy-Cloud/nginx/ssl/certificate.crt -> /etc/nginx/ssl/certificate.crt
- Backup volume: /home/jon/AppFlowy-Cloud/nginx/ssl/private_key.key -> /etc/nginx/ssl/private_key.key
- Backup volume: /home/jon/AppFlowy-Cloud/nginx/nginx.conf -> /etc/nginx/nginx.conf
appflowy-cloud-nginx-1 - Networks
- Create network: appflowy-cloud_default
appflowy-cloud-appflowy_web-1 - Networks
- Create network: appflowy-cloud_default
appflowy-cloud-appflowy_worker-1 - Secrets
- Securely migrate sensitive variables: APPFLOWY_MAILER_SMTP_PASSWORD, APPFLOWY_S3_SECRET_KEY, APPFLOWY_S3_ACCESS_KEY
appflowy-cloud-appflowy_worker-1 - Networks
- Create network: appflowy-cloud_default
appflowy-cloud-appflowy_cloud-1 - Secrets
- Securely migrate sensitive variables: APPFLOWY_MAILER_SMTP_PASSWORD, AI_OPENAI_API_KEY, APPFLOWY_S3_SECRET_KEY, APPFLOWY_S3_ACCESS_KEY, APPFLOWY_GOTRUE_JWT_SECRET
appflowy-cloud-appflowy_cloud-1 - Networks
- Create network: appflowy-cloud_default
omni-tools - Networks
- Create network: omnitools_default
duckdns - Data Backup
- Backup volume: /opt/duckdns/config -> /config
duckdns - Secrets
- Securely migrate sensitive variables: TOKEN
duckdns - Networks
- Create network: duckdns_network
openwakeword - Secrets
- Securely migrate sensitive variables: GPG_KEY
openwakeword - Networks
- Create network: host
sad_moser - Data Backup
sad_moser - Networks
- Create network: bridge
wyoming-whisper - Networks
- Create network: bridge
watchtower-watchtower-1 - Data Backup
- Backup volume: /var/run/docker.sock -> /var/run/docker.sock
- Backup volume: /var/run/docker.sock -> /var/run/docker.sock
- Backup volume: /var/run/docker.sock -> /var/run/docker.sock
watchtower-watchtower-1 - Networks
- Create network: watchtower_default
- Create network: watchtower_default
- Create network: watchtower_default
portainer_agent - Data Backup
- Backup volume: /var/run/docker.sock -> /var/run/docker.sock
- Backup volume: /var/run/docker.sock -> /var/run/docker.sock
- Backup volume: /var/run/docker.sock -> /var/run/docker.sock
- Backup volume: / -> /host
- Backup volume: /var/run/docker.sock -> /var/run/docker.sock
portainer_agent - Networks
- Create network: bridge
- Create network: bridge
- Create network: bridge
- Create network: bridge
e09917f80111_opt_homepage_1 - Data Backup
- Backup volume: /opt/config -> /app/config
paperless-ai - Data Backup
paperless-ai - Networks
- Create network: bridge
mosquitto - Data Backup
- Backup volume: /home/jonathan/mosquitto/config -> /mosquitto/config
- Backup volume: /home/jonathan/mosquitto/data -> /mosquitto/data
- Backup volume: /home/jonathan/mosquitto/log -> /mosquitto/log
mosquitto - Secrets
- Securely migrate sensitive variables: GPG_KEYS
mosquitto - Networks
- Create network: bridge
vaultwarden - Data Backup
- Backup volume: /home/jonathan/vaultwarden/data -> /data
vaultwarden - Networks
- Create network: jonathan_default
zwave-js-ui - Data Backup
- Backup volume: /home/jonathan/zwave-js-ui-store -> /usr/src/app/store
zwave-js-ui - Networks
- Create network: bridge
- Create network: homeassistant_default
zwave-js-ui - Hardware
- Ensure device available: /dev/ttyUSB0
homeway - Data Backup
- Backup volume: /home/jonathan/homeway/config -> /data
homeway - Secrets
- Securely migrate sensitive variables: HOME_ASSISTANT_ACCESS_TOKEN
homeway - Networks
- Create network: host
music-assistant - Data Backup
- Backup volume: /home/jonathan/music_assistant_config -> /config
music-assistant - Secrets
- Securely migrate sensitive variables: GPG_KEY
music-assistant - Networks
- Create network: homeassistant_default
mariadb - Data Backup
- Backup volume: /data/compose/5/mariadb-data -> /var/lib/mysql
mariadb - Secrets
- Securely migrate sensitive variables: MYSQL_PASSWORD, MYSQL_ROOT_PASSWORD
mariadb - Networks
- Create network: homeassistant_default
n8n - Networks
- Create network: bridge
esphome - Data Backup
- Backup volume: /data/compose/1/esphome -> /config
- Backup volume: /etc/localtime -> /etc/localtime
esphome - Secrets
- Securely migrate sensitive variables: GPG_KEY
esphome - Networks
- Create network: homeassistant_default
portainer - Data Backup
- Backup volume: /var/run/docker.sock -> /var/run/docker.sock
- Backup volume: /home/jonathan/portainer/data -> /data
portainer - Networks
- Create network: bridge
homeassistant - Data Backup
- Backup volume: /home/jonathan/homeassistant/config -> /config
homeassistant - Networks
- Create network: homeassistant_default
homeassistant - Hardware
- Ensure device available: /dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_51600E94-if00-port0
- Ensure device available: /dev/serial/by-id/usb-Silicon_Labs_HubZ_Smart_Home_Controller_51600E94-if01-port0
homeassistant - Security
- Review privileged access requirements
paperless-ngx_broker_1 - Data Backup
paperless-ngx_broker_1 - Networks
- Create network: paperless-ngx_paperless
paperless-ngx_webserver_1 - Data Backup
- Backup volume: /mnt/pdfs/export -> /usr/src/paperless/export
- Backup volume: /home/jonathan/paperless-ngx/data -> /usr/src/paperless/data
- Backup volume: /mnt/pdfs/consume -> /usr/src/paperless/consume
- Backup volume: /mnt/pdfs/media -> /usr/src/paperless/media
paperless-ngx_webserver_1 - Secrets
- Securely migrate sensitive variables: PAPERLESS_ADMIN_PASSWORD, GPG_KEY
paperless-ngx_webserver_1 - Networks
- Create network: paperless-ngx_paperless
portainer_agent - Security
- Review privileged access requirements
dozzle - Data Backup
- Backup volume: /var/run/docker.sock -> /var/run/docker.sock
dozzle - Networks
- Create network: monitoring-net
uptime-kuma - Data Backup
- Backup volume: /home/jon/homelab/monitoring/uptime-kuma -> /app/data
uptime-kuma - Networks
- Create network: monitoring-net
code-server - Data Backup
- Backup volume: /home/jon/homelab/monitoring/projects -> /config/workspace
- Backup volume: /var/run/docker.sock -> /var/run/docker.sock
- Backup volume: /home/jon/homelab/monitoring/code-server/config -> /config
code-server - Secrets
- Securely migrate sensitive variables: PASSWORD, SUDO_PASSWORD
code-server - Networks
- Create network: monitoring-net
unbound - Data Backup
- Backup volume: /opt/unbound -> /opt/unbound/etc/unbound
unbound - Networks
- Create network: host
immich_postgres - Data Backup
- Backup volume: /srv/mergerfs/presscloud/immich/postgres -> /var/lib/postgresql/data
immich_postgres - Secrets
- Securely migrate sensitive variables: POSTGRES_PASSWORD
immich_postgres - Networks
- Create network: immich_default
immich_redis - Data Backup
immich_redis - Secrets
- Securely migrate sensitive variables: VALKEY_VERSION, VALKEY_DOWNLOAD_URL, VALKEY_DOWNLOAD_SHA
immich_redis - Networks
- Create network: immich_default
nextcloud-db - Data Backup
- Backup volume: /srv/mergerfs/DataPool/nextcloud/mariadb -> /var/lib/mysql
nextcloud-db - Secrets
- Securely migrate sensitive variables: MYSQL_ROOT_PASSWORD, MYSQL_PASSWORD
nextcloud-db - Networks
- Create network: nextcloud_nextcloud-internal
gitea - Data Backup
- Backup volume: /srv/mergerfs/DataPoolgitea/data -> /data
gitea - Networks
- Create network: gitea_default
joplin-db-1 - Data Backup
- Backup volume: /data/compose/102/data/postgres -> /var/lib/postgresql/data
joplin-db-1 - Secrets
- Securely migrate sensitive variables: POSTGRES_PASSWORD
joplin-db-1 - Networks
- Create network: joplin_default
nextcloud - Data Backup
- Backup volume: /srv/mergerfs/DataPool/nextcloud/data -> /var/www/html
- Backup volume: /srv/mergerfs/DataPool/nextcloud/config -> /var/www/html/config
- Backup volume: /srv/mergerfs/DataPool/nextcloud/custom_apps -> /var/www/html/custom_apps
- Backup volume: /srv/mergerfs/DataPool/nextcloud/themes -> /var/www/html/themes
nextcloud - Secrets
- Securely migrate sensitive variables: MYSQL_PASSWORD, GPG_KEYS
nextcloud - Networks
- Create network: nextcloud_nextcloud-internal
jellyfin - Data Backup
- Backup volume: /srv/mergerfs/DataPool/Movies -> /media/movies
- Backup volume: /srv/mergerfs/DataPool/tv_shows -> /media/tv_shows
jellyfin - Networks
- Create network: bridge
nextcloud-redis - Data Backup
nextcloud-redis - Networks
- Create network: nextcloud_nextcloud-internal
joplin-app-1 - Secrets
- Securely migrate sensitive variables: POSTGRES_PASSWORD
joplin-app-1 - Networks
- Create network: joplin_default
joplin-vikunja-1 - Data Backup
- Backup volume: /root/data/vikunja -> /app/vikunja/files
joplin-vikunja-1 - Networks
- Create network: bridge
paperless-broker-1 - Data Backup
paperless-broker-1 - Networks
- Create network: paperless_default
adguardhome - Data Backup
- Backup volume: /opt/adguard/conf -> /opt/adguardhome/conf
- Backup volume: /opt/adguard/work -> /opt/adguardhome/work
adguardhome - Networks
- Create network: host
paperless-db-1 - Data Backup
paperless-db-1 - Secrets
- Securely migrate sensitive variables: POSTGRES_PASSWORD
paperless-db-1 - Networks
- Create network: paperless_default
immich_machine_learning - Data Backup
immich_machine_learning - Secrets
- Securely migrate sensitive variables: GPG_KEY
immich_machine_learning - Networks
- Create network: immich_default
REQUIRED NETWORKS
These Docker networks must be created:
- appflowy-cloud_default
- bridge
- duckdns_network
- gitea_default
- homeassistant_default
- host
- immich_default
- jonathan_default
- joplin_default
- monitoring-net
- nextcloud_nextcloud-internal
- omnitools_default
- paperless-ngx_paperless
- paperless_default
- watchtower_default
DATA DIRECTORIES TO BACKUP
These host directories contain persistent data:
- /
- /data/compose/1/esphome
- /data/compose/102/data/postgres
- /data/compose/5/mariadb-data
- /etc/localtime
- /home/jon/AppFlowy-Cloud/nginx/nginx.conf
- /home/jon/AppFlowy-Cloud/nginx/ssl/certificate.crt
- /home/jon/AppFlowy-Cloud/nginx/ssl/private_key.key
- /home/jon/homelab/monitoring/code-server/config
- /home/jon/homelab/monitoring/projects
- /home/jon/homelab/monitoring/uptime-kuma
- /home/jonathan/homeassistant/config
- /home/jonathan/homeway/config
- /home/jonathan/mosquitto/config
- /home/jonathan/mosquitto/data
- /home/jonathan/mosquitto/log
- /home/jonathan/music_assistant_config
- /home/jonathan/paperless-ngx/data
- /home/jonathan/portainer/data
- /home/jonathan/vaultwarden/data
- /home/jonathan/zwave-js-ui-store
- /mnt/pdfs/consume
- /mnt/pdfs/export
- /mnt/pdfs/media
- /opt/adguard/conf
- /opt/adguard/work
- /opt/config
- /opt/duckdns/config
- /opt/unbound
- /root/data/vikunja
- /srv/mergerfs/DataPool/Movies
- /srv/mergerfs/DataPool/nextcloud/config
- /srv/mergerfs/DataPool/nextcloud/custom_apps
- /srv/mergerfs/DataPool/nextcloud/data
- /srv/mergerfs/DataPool/nextcloud/mariadb
- /srv/mergerfs/DataPool/nextcloud/themes
- /srv/mergerfs/DataPool/tv_shows
- /srv/mergerfs/DataPoolgitea/data
- /srv/mergerfs/presscloud/immich/postgres
- /var/run/docker.sock
- /var/snap/docker/common/var-lib-docker/volumes/69e0a0fa40952877d5a108115edcd031cd4078e859b8eee84caa644903cc3f11/_data
- /var/snap/docker/common/var-lib-docker/volumes/appflowy-cloud_minio_data/_data
- /var/snap/docker/common/var-lib-docker/volumes/appflowy-cloud_postgres_data/_data