Gondulf/docker-compose.backup.yml

version: '3.8'

# Gondulf Backup Service Configuration
# Usage: podman-compose --profile backup run --rm backup
# Or:    docker-compose --profile backup run --rm backup

services:
  # Backup service (run on-demand)
  backup:
    image: gondulf:latest
    container_name: gondulf_backup
    profiles:
      - backup

    volumes:
      - gondulf_data:/data:ro  # Read-only access to data
      - ./backups:/backups:Z   # Write backups to host

    environment:
      - BACKUP_DIR=/backups
      - DATABASE_PATH=/data/gondulf.db

    networks:
      - gondulf_network

    # Run backup command
    entrypoint: ["/bin/sh", "-c"]
    command:
      - |
        set -e
        echo "Starting database backup..."
        TIMESTAMP=$$(date +%Y%m%d_%H%M%S)
        BACKUP_FILE="/backups/gondulf_backup_$${TIMESTAMP}.db"

        # Use SQLite VACUUM INTO for safe hot backup
        sqlite3 /data/gondulf.db "VACUUM INTO '$${BACKUP_FILE}'"

        # Verify backup integrity
        if sqlite3 "$${BACKUP_FILE}" "PRAGMA integrity_check;" | grep -q "ok"; then
          echo "Backup created successfully: $${BACKUP_FILE}"

          # Compress backup
          gzip "$${BACKUP_FILE}"
          echo "Backup compressed: $${BACKUP_FILE}.gz"

          # Show backup size
          ls -lh "$${BACKUP_FILE}.gz"
        else
          echo "ERROR: Backup integrity check failed"
          rm -f "$${BACKUP_FILE}"
          exit 1
        fi

        echo "Backup complete"

volumes:
  gondulf_data:
    external: true  # Use existing volume from main compose

networks:
  gondulf_network:
    external: true  # Use existing network from main compose