All apps · 0 apps
vorta
Docker app from b3rrytech's Repository
Overview
DESCRIPTION
This is an Unraid Docker template for Vorta, a GUI for BorgBackup. Vorta is a backup client primarily for macOS and Linux desktops. It integrates the mighty BorgBackup with your desktop environment to protect your data from disk failure, ransomware and theft. BorgBackup is originally a CLI based backup tool, so Vorta was created to lower the threshold and allow more people to use it. This containerized version of Vorta gives you access to the GUI over VNC in a browser.
NOTES
• There are other variables available, if needed. Check the GitHub repository to know more.
• The directories needed to interact with the host and/or any external device, is located under '/' in the root of the container.
• When restoring from an archive back to this host, this container needs to be run as Privileged. It is strongly (!) advised that you only do this during restores and toggle it off during normal use.
• I'm not the author of this Docker container. I only provide the Unraid template. Any issues with the container and the application should be submitted to the official GitHub repository. Use the support thread in the forums for any problems with the template. If possible me, or someone else in the community also might be able to provide some guidance for usage.
Readme
View on GitHubVorta-Docker
Run Vorta from Docker. Currently using Vorta 0.11.5 release with Borg 1.4.4 on jlesage/baseimage-gui:alpine-3.22-v4 image Latest version includes embedded Firefox to view help links in UI. File links in the UI will not work but logs have been redirected and will appear in Docker logs.
Usage
Please note that it is highly recommended to set a hostname when running this container. This results in a consistent hostname for the container and allows the prune functionality to work correctly. If you do not set this, a random hostname will be generated by Docker and you will need to adjust the prune settings in the UI so that it doesn't use the hostname as a filter.
Using docker-compose.yml: (set TZ, USER_ID, and GROUP_ID in .env.)
vorta:
image: ghcr.io/borgbase/vorta-docker:latest
container_name: vorta
hostname: storage-vorta
# cap_add:
# - SYS_ADMIN
# security_opt:
# - apparmor:unconfined
# privileged: true
volumes:
- /volume1/config/vorta:/config
- /volume1:/data:ro
- /volumeUSB1/:/destination
ports:
- 5811:5800
restart: unless-stopped
env_file:
- ./.env
Using rootless Podman:
$ mkdir config
$ podman run -it --rm -v ./config:/config \
-p 5900:5900 \
-e USER_ID=1028 -e GROUP_ID=100 \
--hostname vorta \
--uidmap=0:1:1028 --uidmap=1028:0:1 --uidmap=1029:1029:64507 \
ghcr.io/borgbase/vorta-docker:latest
Mounting an Archive
Mounting an archive requires granting the Docker Container elevated permissions.
It is recommended to only grant these to the container when doing a restore.
First, add the FUSE device to the container using --device /dev/fuse on the command line. This is low risk and can be done at any time.
There are 3 levels of permissions that may need to be granted depending mostly on the kernel version of the underlying OS. See Linux man capabilities(7) for details.
--cap-add SYS_ADMINgrants the Docker container access to mount things devices (among other things)--cap-add SYS_ADMIN --security-opt apparmor=unconfinedgrants slightly more permissions if required.--privilegedmakes the container a root superuser that can do anything. DON'T RUN WITH THIS UNLESS RESTORING
You can mount an archive in Vorta and then exec into your container on the command line with something along the lines of docker exec -it --user app vorta sh to access the mounted directory and archive. It will not be accessible outside the Docker container.
Environment Variables
Some environment variables can be set to customize the behavior of the container and its application. The following list give more details about them.
Environment variables can be set in your docker-compose.yamml via the env_file or environment
keys or by adding one or more arguments -e "<VAR>=<VALUE>" to the docker run command.
| Variable | Description | Default |
|---|---|---|
APP_NAME |
Name of the application. | DockerApp |
USER_ID |
ID of the user the application runs as. See User/Group IDs to better understand when this should be set. | 1000 |
GROUP_ID |
ID of the group the application runs as. See User/Group IDs to better understand when this should be set. | 1000 |
SUP_GROUP_IDS |
Comma-separated list of supplementary group IDs of the application. | (unset) |
UMASK |
Mask that controls how file permissions are set for newly created files. The value of the mask is in octal notation. By default, this variable is not set and the default umask of 022 is used, meaning that newly created files are readable by everyone, but only writable by the owner. See the following online umask calculator: http://wintelguy.com/umask-calc.pl |
(unset) |
TZ |
[TimeZone] of the container. Timezone can also be set by mapping /etc/localtime between the host and the container. |
Etc/UTC |
KEEP_APP_RUNNING |
When set to 1, the application will be automatically restarted if it crashes or if a user quits it. |
0 |
APP_NICENESS |
Priority at which the application should run. A niceness value of -20 is the highest priority and 19 is the lowest priority. By default, niceness is not set, meaning that the default niceness of 0 is used. NOTE: A negative niceness (priority increase) requires additional permissions. In this case, the container should be run with the docker option --cap-add=SYS_NICE. |
(unset) |
TAKE_CONFIG_OWNERSHIP |
When set to 1, owner and group of /config (including all its files and subfolders) are automatically set during container startup to USER_ID and GROUP_ID respectively. |
1 |
CLEAN_TMP_DIR |
When set to 1, all files in the /tmp directory are deleted during the container startup. |
1 |
DISPLAY_WIDTH |
Width (in pixels) of the application's window. | 1280 |
DISPLAY_HEIGHT |
Height (in pixels) of the application's window. | 768 |
SECURE_CONNECTION |
When set to 1, an encrypted connection is used to access the application's GUI (either via a web browser or VNC client). See the Security section for more details. |
0 |
VNC_PASSWORD |
Password needed to connect to the application's GUI. See the VNC Password section for more details. | (unset) |
X11VNC_EXTRA_OPTS |
Extra options to pass to the x11vnc server running in the Docker container. WARNING: For advanced users. Do not use unless you know what you are doing. | (unset) |
ENABLE_CJK_FONT |
When set to 1, open-source computer font WenQuanYi Zen Hei is installed. This font contains a large range of Chinese/Japanese/Korean characters. |
0 |
See also the base container README.md
Discussion and Support
- Open a Github issue
- Unraid Forum
License and Credits
Install Vorta on Unraid in a few clicks.
Find Vorta in Community Apps on your Unraid server, review the template, and click Install. Unraid handles the Docker app or plugin setup from the published template.
Categories
Related apps
Explore more like this
Explore allDetails
ghcr.io/borgbase/vorta-dockerRuntime arguments
- Web UI
http://[IP]:[PORT:5800]- Network
bridge- Shell
sh- Privileged
- false
- Extra Params
--hostname=unraid-vorta
Template configuration
- Target
- 5800
- Default
- 5800
- Value
- 5811
Choose a local source directory. This is Read Only. For multiple sources add another Path.
- Target
- /unraid/data
- Default
- /mnt/user/
- Value
- /mnt/user/
Choose a local destination directory (if needed). For multiple destinations add another Path.
- Target
- /unraid/destination
- Default
- /mnt/user/
- Value
- /mnt/user/
Configurable in the event you want to restore from an archive. Requires the container to be run as Privieged during restore. It's strongly recommended to only toggle Privileged on WHEN/IF you need to restore.
- Target
- /restore/
- Default
- /mnt/user/
- Value
- /mnt/user/
Strongly recommended, but optional. Delete this variable or leave it blank if you don't need a VNC password.
- Target
- VNC_PASSWORD
Title that is used in the browser.
- Target
- APP_NAME
- Default
- Vorta
- Value
- Vorta
List your time zone according to the TZ identifier: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
- Target
- TZ
- Default
- Europe/Berlin
Use an encrypted connection to access the application's GUI over VNC (HTTPS). 0=off, 1=on Default: 0
- Target
- SECURE_CONNECTION
- Default
- 0|1
- Value
- 0
Location for appdata.
- Target
- /config
- Default
- /mnt/user/appdata/vorta
- Value
- /mnt/user/appdata/vorta/
PUID
- Target
- USER_ID
- Default
- 99
- Value
- 99
PGID
- Target
- GROUP_ID
- Default
- 100
- Value
- 100
- Target
- UMASK
- Default
- 000
- Value
- 000
Width (in pixels) of the application's window. Scaling is also available in the VNC webUI settings.
- Target
- DISPLAY_WIDTH
- Default
- 1280
- Value
- 1280
Height (in pixels) of the application's window. Scaling is also available in the VNC webUI settings.
- Target
- DISPLAY_HEIGHT
- Default
- 768
- Value
- 768