Tier 2 for All Apps + Status Dot Update (v0.12.9)

controller/README.md

@@ -4,7 +4,7 @@
 
 A single, lightweight Go container that replaces Portainer + scattered systemd scripts with a unified, Hungarian-language web dashboard for managing Docker Compose stacks, backups, storage, monitoring, and notifications on customer hardware.
 
-**Current version: v0.12.7**
+**Current version: v0.12.9**
 
 ---
 
@@ -177,8 +177,19 @@ self-sufficient backup** — any single tier can fully restore an app.
   automatically. There is no per-app toggle.
 - Each tier includes **everything** needed to restore: DB dumps, config, and user data.
   No tier depends on another tier's data.
+- **Tier 2 is configurable for ALL apps** — not just apps with HDD data. Non-HDD apps
+  back up config + DB dumps to the secondary drive (small but protects against drive failure).
 - The `AppBackupPrefs.Enabled` field in settings.json is legacy and not read by any code.
 
+**Per-app Tier 2 contents by app type:**
+
+| App type | Tier 2 contents | Example |
+|----------|----------------|---------|
+| HDD + DB | Config + DB + User data | Immich, Paperless-ngx |
+| HDD, no DB | Config + User data | — |
+| DB, no HDD | Config + DB | Mealie, Vikunja |
+| Config only | Config | Gokapi, Homepage |
+
 #### Tier 1: Nightly Backup (mandatory, same drive)
 
 The nightly backup has two phases that run sequentially:
@@ -208,13 +219,16 @@ Does NOT protect against drive failure (backup is on the same physical drive).
 
 #### Tier 2: Cross-Drive Backup (opt-in, different device) (`internal/backup/crossdrive.go`)
 
-**Complete backup** to a different physical drive — DB dumps + config + user data.
+**Complete backup** to a different physical drive. Available for **all apps** — apps with HDD
+data back up config + DB + user data; apps without HDD back up config + DB dumps only.
 
 - **Two methods:**
   - **rsync** — Simple mirror with `--delete` (fast, no versioning, **browsable** on disk)
   - **restic** — Versioned, deduplicated, encrypted (shared repo across apps, not browsable)
 - Per-app configuration in settings.json: destination path, method, schedule (daily/weekly/manual)
 - **Pre-backup DB dump:** `DumpStackDB()` runs fresh pg_dump/mariadb-dump before each cross-drive backup; non-fatal on failure (wired via `DBDumper` interface to avoid circular imports)
+- **Empty mounts allowed:** `RunAppBackup` accepts apps with no HDD mounts — the rsync
+  mount loop simply doesn't execute, but DB + config copy still runs
 - **Drive-type-aware validation** (`ValidateDestination`):
 
   | Destination type | Space checks |
@@ -227,12 +241,13 @@ Does NOT protect against drive failure (backup is on the same physical drive).
   backups/rsync/<app>/
     _db/              ← DB dump files (stackName_postgres.sql, etc.)
     _config/          ← compose.yml, app.yaml, .felhom.yml
-    <user data>       ← HDD mount contents (single mount: flat; multi-mount: leaf subfolders)
+    <user data>       ← HDD mount contents (only for apps with HDD data)
   ```
   - DB dump files excluded from user data rsync (`--exclude backups/*.sql.gz/sql/dump`) to avoid duplicating app-internal dumps
   - `_` prefix directories prevent collision with user data
-- **Restic backup paths:** includes HDD mounts + config dir + DB dump dir (deduplication handles overlap)
-- Safety guards: destination ≠ source, path-overlap check, writable check
+  - For non-HDD apps, only `_db/` and `_config/` are present (no user data directory)
+- **Restic backup paths:** includes HDD mounts (if any) + config dir + DB dump dir (deduplication handles overlap)
+- Safety guards: destination ≠ source, path-overlap check (HDD mounts only), writable check
 - **Chained execution:** runs immediately after nightly restic — daily apps every night, weekly apps on Sundays
 - Per-app concurrency lock prevents overlapping runs
 - Status (last_run, duration, size, error) persisted to settings.json
@@ -242,6 +257,7 @@ Does NOT protect against drive failure (backup is on the same physical drive).
 #### Tier 3: Remote Backup (future)
 
 Complete offsite backup for disaster recovery. Not yet implemented.
+Placeholder shown in UI ("3. mentés — Hamarosan").
 
 #### Restore (`internal/backup/restore.go`)
 
@@ -250,18 +266,18 @@ All deployed apps appear in the restore dropdown — every app has restic snapsh
 
 | App type | Config restored | DB restored | User data restored |
 |----------|----------------|------------|-------------------|
-| Has HDD data | ✓ | ✓ | ✓ (always — backup is mandatory) |
-| DB only, no HDD | ✓ | ✓ | n/a |
-| No DB, no HDD | ✓ | — | n/a |
+| Has HDD data | Yes | Yes | Yes (always — backup is mandatory) |
+| DB only, no HDD | Yes | Yes | n/a |
+| No DB, no HDD | Yes | — | n/a |
 
 - **Snapshot API** returns ALL snapshots unfiltered — older snapshots still allow config+DB restore; `RestoreApp` extracts whatever paths are available
 - **Restore type info** shown per-app when selected in dropdown (Hungarian banners):
-  - Has HDD: "Teljes visszaállítás: adatbázis + konfiguráció + felhasználói adatok"
-  - Has DB, no HDD: "Adatbázis és konfiguráció visszaállítása"
-  - No DB, no HDD: "Csak konfiguráció visszaállítása"
+  - Has HDD: "Teljes visszaállitas: adatbazis + konfiguracio + felhasznaloi adatok"
+  - Has DB, no HDD: "Adatbazis es konfiguracio visszaallitasa"
+  - No DB, no HDD: "Csak konfiguracio visszaallitasa"
 - **Execution flow:** stop app → `restic restore <id> --target / --include <path>...` → restart app
 - Running flag prevents concurrent backup/restore operations
-- Snapshot ID validated (8–64 lowercase hex)
+- Snapshot ID validated (8-64 lowercase hex)
 
 **Note:** Restore currently uses Tier 1 (primary restic repo) only. Restoring from Tier 2
 (cross-drive) is a future enhancement.
@@ -274,16 +290,18 @@ Unified per-app status table with expandable rows showing **per-tier** backup st
 
 | Dot color | Meaning |
 |-----------|---------|
-| Green | Fully covered — cross-drive configured and last run OK |
-| Yellow | Warning — no second copy, or last backup failed, or disk space issue |
-| Red | Cross-drive destination blocked or inaccessible |
-| Gray (auto) | No user data — only config/DB backup (automatic) |
+| Green | 2+ tiers configured with successful backups + destination healthy |
+| Yellow | Only 1 tier, or Tier 2 failing, or Tier 2 configured but never run |
+| Red | Tier 2 destination blocked or inaccessible |
 
-**Per-app backup tiers:**
-- **1. mentés** (Tier 1, always present) — Auto badge + "helyi" + last run + contents (e.g., "DB + Konfig + Adatok")
-- **2. mentés** (Tier 2, only for apps with HDD data) — one of:
-  - Configured: method (rsync/restic) + destination + schedule + last run + status + contents + browsable indicator (📁 for rsync) + action buttons
-  - Not configured: "✓ 1. mentés auto" + "⚠ Nincs 2. másolat" + settings link
+Every app starts as yellow (1 tier only). Green requires Tier 2 configured with successful backup.
+
+**Per-app backup tiers (3 rows per app):**
+- **1. mentes** (Tier 1, always present) — Auto badge + "helyi" + last run + contents (e.g., "DB + Konfig + Adatok")
+- **2. mentes** (Tier 2, configurable for ALL apps) — one of:
+  - Configured: method (rsync/restic) + destination + schedule + last run + status + contents + browsable indicator (folder icon for rsync) + action buttons
+  - Not configured: "1. mentes auto" + "Nincs 2. masolat" + settings link
+- **3. mentes** (Tier 3, placeholder) — grayed out "Hamarosan" + "tavoli (offsite)" + future note
 
 **Backup contents per app** (shown per tier):
 - Apps with DB + HDD: "DB + Konfig + Adatok"
@@ -291,6 +309,9 @@ Unified per-app status table with expandable rows showing **per-tier** backup st
 - Apps with HDD, no DB: "Konfig + Adatok"
 - Apps with neither: "Konfig"
 
+**Deploy page** shows cross-drive (Tier 2) configuration form for **all deployed apps**,
+not just those with HDD data. Non-HDD apps can configure destination, method, and schedule.
+
 **Other sections:**
 - Schedule overview with next run times for DB dump, restic, prune
 - Snapshot history table (last 20 snapshots with ID, time, files new/changed, data added)