I’m far from an expert and have never setup borg, but I see some possible problems with that config, though I don’t think I see anything that would cause it fail.
In the environment section of borg, borgmatic, and borgweb, the “BORG_PASSPHRASE” variable is used inconsitently, it either needs to be uncommented in borg or commented out in borgmatic and borgweb.
Networks: having a single “backup_net” network is less than ideal from a security standpoint. Nginx should probably be in it’s own network (an ipvlan or macvlan network) in addition to the backup_net. backup_net should be isolated to the host that are running borg, while any communication into borg should be routed through nginx on its ip.
I’m far from an expert and have never setup borg, but I see some possible problems with that config, though I don’t think I see anything that would cause it fail.
In the environment section of borg, borgmatic, and borgweb, the “BORG_PASSPHRASE” variable is used inconsitently, it either needs to be uncommented in borg or commented out in borgmatic and borgweb.
Networks: having a single “backup_net” network is less than ideal from a security standpoint. Nginx should probably be in it’s own network (an ipvlan or macvlan network) in addition to the backup_net. backup_net should be isolated to the host that are running borg, while any communication into borg should be routed through nginx on its ip.