Add offsite backup for immich photo library to BorgBase (#315)

## Summary - Adds a second borgmatic config (`photos.yaml`) that backs up `/Volumes/photos` (sifaka SMB mount, ~128 GB) to a dedicated BorgBase repo (`immich-photos`), running daily at 4 AM - Separate launchd agent (`mcquack.eblume.borgmatic-photos`) so photo backups run independently from the main backup - Refactors `borgmatic_metrics` script to support multiple repos with a `repo` Prometheus label - Updates Grafana "Borg Backups" dashboard with a `repo` template variable so you can filter/compare repos - Docs updated: `backups.md`, `borgmatic.md` ## Prerequisites (manual) - [x] Create `immich-photos` repo on BorgBase with same SSH key - [ ] Upgrade BorgBase plan to Small ($24/yr) if currently on free tier (128 GB exceeds 10 GB limit) - [ ] After deploy: `borg init` the new repo (borgmatic does this automatically on first run) ## Test plan - [ ] Dry run: `mise run provision-indri -- --check --diff --tags borgmatic,borgmatic_metrics` - [ ] Deploy borgmatic role and verify both configs deployed - [ ] Run `borgmatic --config ~/.config/borgmatic/photos.yaml create --verbosity 1` manually for first backup (will take hours) - [ ] Verify metrics script collects from both repos: `~/.local/bin/borgmatic-metrics && cat /opt/homebrew/var/node_exporter/textfile/borgmatic.prom` - [ ] Sync grafana-config in ArgoCD and verify dashboard repo selector works 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: #315
2026-03-27 19:43:05 -07:00 · 2026-03-27 19:43:05 -07:00 · c78b86c72c
commit c78b86c72c
parent ca0c9354ee
11 changed files with 305 additions and 136 deletions
--- a/docs/reference/storage/backups.md
+++ b/docs/reference/storage/backups.md
@ -37,9 +37,23 @@ Daily automated backups from [[indri]] to [[sifaka|Sifaka]] NAS.
 | immich | immich-pg | [[postgresql|pg.ops.eblu.me:5433]] | pg_dump stream |
 | mealie | — (SQLite) | k8s pod | kubectl exec sqlite3 .backup |

+## Immich Photo Library (Offsite Only)
+
+The [[immich]] photo library lives on [[sifaka]] at `/volume1/photos` (SMB-mounted on [[indri]] as `/Volumes/photos`). Since sifaka is already the local backup target, photos are backed up to BorgBase offsite only — not back to sifaka.
+
+| Property | Value |
+|----------|-------|
+| **Config** | `~/.config/borgmatic/photos.yaml` |
+| **Schedule** | Daily at 4:00 AM (offset from main backup) |
+| **Source** | `/Volumes/photos` (sifaka SMB mount) |
+| **Target** | BorgBase `borgbase-immich-photos` repo |
+| **Size** | ~128 GB |
+
+Uses the same encryption passphrase and SSH key as the main borgmatic config.
+
 ## Sifaka-Native Data

-Some data lives directly on [[sifaka]] rather than being backed up to it (photos via [[immich]], music via [[navidrome]], video via [[jellyfin]]). See [[sifaka]] for data protection details.
+Other data lives directly on [[sifaka]] (music via [[navidrome]], video via [[jellyfin]]). See [[sifaka]] for data protection details.

 ## What Is NOT Backed Up

@ -60,10 +74,11 @@ Some data lives directly on [[sifaka]] rather than being backed up to it (photos

 ## Backup Targets

-| Repository | Location | Label |
-|------------|----------|-------|
-| `/Volumes/backups/borg/` | [[sifaka]] (local NAS) | — |
-| `ssh://u3ugi1x1@u3ugi1x1.repo.borgbase.com/./repo` | BorgBase (offsite) | `borgbase-offsite` |
+| Repository | Location | Label | Backs up |
+|------------|----------|-------|----------|
+| `/Volumes/backups/borg/` | [[sifaka]] (local NAS) | `sifaka-borg-backups` | indri data |
+| `ssh://u3ugi1x1@...repo.borgbase.com/./repo` | BorgBase (offsite) | `borgbase-offsite` | indri data |
+| `ssh://xcrtl5tg@...repo.borgbase.com/./repo` | BorgBase (offsite) | `borgbase-immich-photos` | immich photos |

 ## Monitoring