Question Best way to include persistent Docker data in Plesk Backups?

[propz]

Server operating system version

Debian 12

Plesk version and microupdate number

18.0.68

Hi guys,

I managed to self host a couple of Docker Images and it's running fine.
However, I would like Plesk to backup the persistent data from the volume mapping and this seems quite tricky.

This is an exmaple on how I configured my Selfhosted Vaultwarden Server:

1. Create Subdomain: vault.domain.com
2. Create Container for Vaultwarden Server and fill in needed ENV Variables
3. Volume mapping:
   - Host: /var/www/vhosts/domain.com/vault.domain.com/
   - Container: /data
4. Docker Container can't write to the specified folder, so I need to change the folder owner to user id 1000 (AI gave me the answer)
   This is how the permissions look like:
   
   

   drwxr-xr-x  2     1000 psaadm    4096 Apr 23 23:29 attachments
   -rw-r--r--  1     1000 psaadm  806912 Apr 23 23:34 db.sqlite3
   -rw-r--r--  1     1000 psaadm   32768 Apr 23 23:37 db.sqlite3-shm
   -rw-r--r--  1     1000 psaadm   32992 Apr 23 23:37 db.sqlite3-wal
   drwxr-xr-x  2     1000 psaadm    4096 Apr 23 23:47 icon_cache
   -rw-r--r--  1     1000 psaadm     464 Apr 23 23:29 index.html
   -rw-r--r--  1     1000 psaadm    1675 Apr 23 23:29 rsa_key.pem
   drwxr-xr-x  2     1000 psaadm    4096 Apr 23 23:29 sends
   drwxr-xr-x  2     1000 psaadm    4096 Apr 23 23:29 tmp

   
   
5. Map Container port to a free server port without exposing it (e.g. 12345)
6. Configure nginx to work as proxy for the subdomain (turn off apache completely)
   
   

   location / {
       proxy_pass http://localhost:12345; # Proxy requests to your application
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
   }

Done, now I can access vaultwarden via vault.domain.com.
So far so good.

But: the reason why I mapped the volume to the subdomain folder is because I want Plesk to include the persistent data in the normal backup. But that doesn't work because of the changed permissions...

Warning: Subscription "domain.com"
Not all the data from /var/www/vhosts/domain.com was backed up successfully:
  vault.domain.com: Cannot open: Permission denied
  vault.domain.com/db.sqlite3: Cannot stat: Permission denied.
  [...]

So: How can I achieve this?
What's the right way to include the persistent data in the backup?

 

[propz]

Anybody ever wanted to backup persistent docker data? Help me out

 

[propz]

Ok, since I needed a quick solution I changed my approach:
- I created a folder for every container inside the /data folder (root user) and mapped the containers to their specific folder.
- The folders don't have any special permissions, just a default "mkdir foldername" owned by root. The containers are able to work with them.
- Created a script, that backups all the folders with rsync to another server
- Created a cronjob, that executes the script once a day

Here's my script: Backup /data folder to hetzner storage server
In my example I use a hetzner cloud server, so also need to change the ssh port to 23.
If you want to use the script, make sure that you properly configured an auth file for ssh.

The script translates to a simple rsync command, just a little more "sophisticated" and with more options

rsync -az --delete "/source-folder/" "[email protected]:/target-folder/"