restic and backrest - vincios/rpi-setup GitHub Wiki

Overview

Restic is a cli tool for automated backups. Backrest is a web GUI for Restic.

Note

TODO: Switch to resticprofile?

Install Backrest

You only need to install Backrest, since in already includes Restic.

  1. Download the latest release, and extract it

    $ wget https://github.com/garethgeorge/backrest/releases/latest/download/backrest_Linux_arm64.tar.gz
$ mkdir backrest && tar -xzvf backrest_Linux_arm64.tar.gz -C backrest && rm backrest_Linux_arm64.tar.gz && cd backrest

  2. Update the install.sh script to enable remote access

    $ sed -i 's\BACKREST_PORT=127.0.0.1:9898\BACKREST_PORT=0.0.0.0:9898\g' install.sh

  3. Launch install.sh

    $ ./install.sh

  4. Restic will be available at http://0.0.0.0:9898

Upgrade Backrest

Simply run install steps again.

Automating script 
```bash
#!/bin/bash

# don't start the script name with backrest, is should be deleted by the rm command
rm -rf backrest_*
wget https://github.com/garethgeorge/backrest/releases/latest/download/backrest_Linux_arm64.tar.gz
mkdir backrest
tar -xzvf backrest_Linux_arm64.tar.gz -C backrest
rm backrest_Linux_arm64.tar.gz
cd backrest
sed -i 's\BACKREST_PORT=127.0.0.1:9898\BACKREST_PORT=0.0.0.0:9898\g' install.sh
source install.sh
```

Bonus: SFTP repository

As stated into the restic documentation, to use an SFTP repository, you must enable SSH Key Authentication between the client and the FTP server (you cannot perform an automatic backup if a password is required to login to the server).

The process involves to enable SSH key authentication on the server and add the client's public key into the server's authorized_keys file.

For a Synology NAS, you can follow this HOWTO.

For a QNAP NAS, you can follow this wiki.

Tip

If on your client you have already created the public and private keys (.ssh/id_rsa.pub and .ssh/id_rsa), then you can safely reuse (share) the same public key to multiple servers, i.e. you can skip the ssh-keygen command.

Keep in mind that share the same public key to multiple servers means that if someone stole your private key, then he gains immediate access to all the servers in one go (info). KEEP YOUR PRIVATE KEY SECURE!

Bonus: Other Cloud Storages via rclone

The program rclone can be used to access many other different services and store data there. First, you need to install and configure rclone for each cloud storage.

⚠️ **GitHub.com Fallback** ⚠️