Serph91P · Serph91P · Jan 24, 2026 · Jan 24, 2026 · Jan 24, 2026 · Jan 24, 2026
diff --git a/.env.example b/.env.example
@@ -1,4 +1,5 @@
-# Docker Backup Manager - Environment Configuration
+# DockerVault - Environment Configuration
+# Copy this file to .env and adjust values as needed
 
 # ==========================================
 # General Settings
@@ -11,26 +12,9 @@ PORT=8080
 TZ=Europe/Berlin
 
 # Path where backups are stored on the host
+# This gets mounted to /backups in the container
 BACKUP_PATH=./backups
 
-# ==========================================
-# Docker Settings
-# ==========================================
-
-# Docker Group ID - find with: getent group docker | cut -d: -f3
-# This is required for the container to access the Docker socket
-DOCKER_GID=999
-
-# ==========================================
-# Retention Settings
-# ==========================================
-
-# Default retention period in days
-DEFAULT_RETENTION_DAYS=30
-
-# Default number of backups to keep
-DEFAULT_RETENTION_COUNT=10
-
 # ==========================================
 # Komodo Integration (Optional)
 # ==========================================
@@ -43,19 +27,3 @@ KOMODO_API_URL=
 
 # Komodo API Key
 KOMODO_API_KEY=
-
-# Komodo WebSocket URL (optional, derived from API URL if not set)
-KOMODO_WS_URL=
-
-# ==========================================
-# Advanced Settings
-# ==========================================
-
-# Maximum parallel backup jobs
-MAX_PARALLEL_BACKUPS=2
-
-# Compression level (1-9, higher = more compression but slower)
-COMPRESSION_LEVEL=6
-
-# CORS origins (comma-separated)
-CORS_ORIGINS=http://localhost:8080,http://localhost:5173
diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
@@ -0,0 +1,106 @@
+---
+description: "Main repository instructions for DockerVault - Docker Volume Backup solution"
+---
+
+# DockerVault Development Guidelines
+
+DockerVault is an automated Docker backup solution with a modern web interface, built with Python FastAPI backend and React TypeScript frontend.
+
+## Project Architecture
+
+- **Backend**: Python FastAPI with SQLAlchemy, Docker SDK, APScheduler for task scheduling
+- **Frontend**: React 19 + TypeScript, Vite build system, TailwindCSS styling
+- **Database**: SQLite with async support via aiosqlite
+- **Infrastructure**: Docker containerized, nginx for frontend serving
+- **Storage**: Local Docker volumes with remote backup support (S3, FTP, WebDAV)
+
+## Development Standards
+
+### Code Quality
+- Follow language-specific guidelines in [instructions/](./instructions/) directory
+- Maintain consistent naming conventions across frontend and backend
+- Write comprehensive tests for both API endpoints and React components
+- Use TypeScript strict mode for frontend type safety
+- Follow Python PEP 8 standards with type hints
+
+### Architecture Principles
+- Keep backend and frontend loosely coupled via REST API
+- Use WebSocket for real-time backup progress updates
+- Implement proper error handling and user feedback
+- Design for scalability with async patterns
+- Follow Docker best practices for containerization
+
+### Security
+- Never commit sensitive configuration or credentials
+- Use environment variables for all configuration
+- Implement proper input validation on both frontend and backend
+- Follow security best practices for Docker containers
+- Use non-root users in containers
+
+### Testing Strategy
+- Unit tests for backend services and utilities
+- Integration tests for API endpoints
+- Component tests for React components
+- End-to-end tests for critical backup workflows
+- Maintain test coverage above 80%
+
+### Documentation
+- Keep README.md updated with setup and usage instructions
+- Document API endpoints with OpenAPI/Swagger
+- Add inline documentation for complex business logic
+- Update deployment guides for any infrastructure changes
+
+## Specific Guidelines
+
+### Backup System
+- Implement robust error handling for backup operations
+- Provide clear progress indicators and status messages
+- Support resumable operations where possible
+- Log all backup activities with appropriate detail levels
+
+### Docker Integration
+- Use Docker SDK for container and volume management
+- Implement proper cleanup for failed operations
+- Handle Docker daemon connection errors gracefully
+- Support both local and remote Docker endpoints
+
+### File Operations
+- Use async file I/O patterns for better performance
+- Implement proper stream processing for large files
+- Handle disk space issues and quota limits
+- Support compression and encryption options
+
+### User Interface
+- Provide intuitive backup configuration workflows
+- Display real-time status and progress information
+- Implement responsive design for various screen sizes
+- Use consistent icons and terminology throughout
+
+## Pre-Commit Checklist (MANDATORY)
+
+**ALWAYS run these checks before EVERY commit:**
+
+### Backend (Python)
+```bash
+cd backend
+python -m ruff check app/
+python -m ruff format --check app/
+# If format check fails, run:
+python -m ruff format app/
+```
+
+### Frontend (TypeScript/React)
+```bash
+cd frontend
+npx tsc --noEmit
+npx eslint src/
+```
+
+**Do NOT commit without passing all linting checks!**
+
+When implementing new features, consider:
+1. Impact on existing backup processes
+2. Resource usage and performance implications
+3. User experience and workflow efficiency
+4. Error scenarios and recovery procedures
+5. Documentation and help text requirements
diff --git a/.github/instructions/code-review.instructions.md b/.github/instructions/code-review.instructions.md
@@ -0,0 +1,193 @@
+---
+applyTo: "**/*"
+description: "Code review standards and GitHub review guidelines for DockerVault"
+---
+
+# Code Review Guidelines
+
+## General Code Review Principles
+
+- Focus on code correctness, readability, and maintainability
+- Provide constructive feedback with specific suggestions
+- Consider the bigger picture: architecture, design patterns, and consistency
+- Review for security vulnerabilities and performance implications
+- Check that tests are adequate and meaningful
+- Ensure documentation is updated when necessary
+
+## What to Look For
+
+### Code Quality
+
+- Adherence to project coding standards and style guides
+- Proper error handling and edge case coverage
+- Clear and descriptive variable and function names
+- Appropriate code organization and separation of concerns
+- Elimination of code duplication and dead code
+- Proper use of design patterns and architectural principles
+
+### Functionality
+
+- Code does what it's supposed to do
+- Business logic is correct and complete
+- Edge cases and error scenarios are handled
+- Input validation is comprehensive
+- Output formats match specifications
+- Integration points work correctly
+
+### Security
+
+- Input sanitization and validation
+- Proper authentication and authorization
+- No hardcoded secrets or sensitive data
+- Secure handling of file operations and paths
+- Proper use of environment variables
+- Adherence to security best practices
+
+### Performance
+
+- Efficient algorithms and data structures
+- Appropriate use of caching and optimization
+- Proper resource management and cleanup
+- Async patterns used correctly
+- No obvious performance bottlenecks
+- Reasonable memory usage patterns
+
+### Testing
+
+- Adequate test coverage for new functionality
+- Tests are meaningful and test the right things
+- Test data is appropriate and realistic
+- Mocking is used appropriately
+- Tests are maintainable and not brittle
+- Edge cases and error scenarios are tested
+
+## Language-Specific Review Points
+
+### Python Backend Reviews
+
+- Type hints are used consistently
+- Async/await patterns are used properly
+- Database operations use proper transaction handling
+- API endpoints follow REST conventions
+- Error responses are consistent and informative
+- Docker SDK usage is efficient and safe
+
+### React Frontend Reviews
+
+- Components follow React best practices
+- State management is appropriate (local vs global)
+- TypeScript types are comprehensive and accurate
+- Accessibility considerations are addressed
+- Performance optimizations are appropriate
+- Error boundaries handle failures gracefully
+
+### Docker Reviews
+
+- Dockerfile follows multi-stage build practices
+- Security best practices are implemented
+- Image size is optimized
+- Resource limits are appropriate
+- Health checks are implemented
+- Environment configuration is externalized
+
+## Review Process
+
+### Before Submitting a PR
+
+- Self-review your code thoroughly
+- Ensure all tests pass and coverage is adequate
+- Update documentation as needed
+- Write a clear PR description with context
+- Link to relevant issues or requirements
+- Consider the impact on existing functionality
+
+### Conducting a Review
+
+- Understand the context and requirements
+- Review the code changes line by line
+- Test the changes locally when appropriate
+- Provide specific, actionable feedback
+- Suggest alternatives when requesting changes
+- Acknowledge good practices and improvements
+
+### Review Comments
+
+- Use clear, respectful language
+- Explain the reasoning behind suggestions
+- Provide code examples when helpful
+- Use appropriate prefixes (nit, optional, blocking)
+- Focus on the code, not the person
+- Ask questions to understand intent when unclear
+
+### GitHub Review Features
+
+- Use GitHub's suggestion feature for small changes
+- Mark conversations as resolved after addressing
+- Use appropriate review status (Comment, Approve, Request Changes)
+- Add reviewers with relevant expertise
+- Use draft PRs for work-in-progress reviews
+- Link PRs to issues and project boards
+
+## DockerVault-Specific Review Areas
+
+### Backup Operations
+
+- Proper error handling for backup failures
+- Progress tracking and user feedback
+- Resource cleanup after operations
+- Validation of backup integrity
+- Proper handling of large files and volumes
+- Scheduling and automation logic
+
+### Docker Integration
+
+- Safe Docker socket access
+- Proper container lifecycle management
+- Volume mounting and permissions
+- Network configuration and security
+- Resource limits and monitoring
+- Error handling for Docker daemon issues
+
+### User Interface
+
+- Consistent user experience across features
+- Proper loading states and error messages
+- Accessibility and responsive design
+- Real-time updates and WebSocket handling
+- Form validation and user feedback
+- Navigation and routing logic
+
+### Configuration Management
+
+- Environment variable usage
+- Configuration validation
+- Default values and documentation
+- Security of sensitive configuration
+- Deployment and environment differences
+- Migration and upgrade procedures
+
+## Common Issues to Watch For
+
+- Hardcoded configuration values
+- Missing error handling or overly broad exception catching
+- Security vulnerabilities (path traversal, injection, etc.)
+- Performance issues (N+1 queries, inefficient algorithms)
+- Inconsistent code style or naming conventions
+- Missing or inadequate tests
+- Outdated or missing documentation
+- Breaking changes without proper versioning
+- Resource leaks or improper cleanup
+- Race conditions in concurrent code
+
+## Review Checklist
+
+- [ ] Code follows project style and conventions
+- [ ] Functionality is correct and complete
+- [ ] Error handling is comprehensive
+- [ ] Security best practices are followed
+- [ ] Performance considerations are addressed
+- [ ] Tests are adequate and meaningful
+- [ ] Documentation is updated as needed
+- [ ] No breaking changes without proper communication
+- [ ] Configuration is externalized appropriately
+- [ ] Resource usage is reasonable and monitored