User:Rbuchberger/restic
Restic is a fast, efficient, secure backup program with support for Linux, macOS, Windows, and a few other Operating Systems.
Important features:
- Snapshots are encrypted.
- Snapshots are versioned.
- All data is deduplicated.
- Many backends are supported.
- Multiple hosts can back up to the same repository.
- Available as a standalone binary
Installation
Install restic. Optionally, install a helper; there are several which can be found by searching the AUR.
Configuration
Restic itself does not support configuration files; it is configured entirely through environment variables and command line arguments. Several helpers such as cresticAUR, resticprofileAUR, and rusticAUR have been created, though with a touch of scripting it is not remarkably difficult to do without.
Configuration without a helper
The following is one way you may consider managing restic backups:
- Create configuration files in
/etc/restic
- Create a simple bash script in
/usr/local/sbin
- Create a systemd service & timer to call said script regularly.
This scheme requires no additional packages, is infinitely adaptable, and allows for checking & forgetting/pruning on a regular basis.
/etc/restic
Place any restic environment variables in /etc/restic/env
.
Example /etc/restic/env
export RESTIC_REPOSITORY="b2:my-b2-bucket:/" export RESTIC_PASSWORD="secret_password" export RESTIC_CACHE_DIR="/var/cache/restic" export B2_ACCOUNT_KEY="abc123" export B2_ACCOUNT_ID="abc123"
List directories to be backed up in /etc/restic/include
:
Example /etc/restic/include
/home/ /etc/ /root/ /boot/
Similarly, list patterns to exclude in /etc/restic/exclude
:
Example /etc/restic/exclude
/home/me/downloads **/tmp/ **/node_modules/
Backup script
Write a script to run the backups. Note that backup, check, and forget are operations which take an unknown amount of time and cannot be run concurrently. Deconfliction can be accomplished a number of ways, one of which is shown here:
Example /usr/local/sbin/backup.sh
#! /bin/bash CONFIG_DIR="/etc/restic" . "$CONFIG_DIR"/env backup() { restic backup \ --verbose \ --exclude-caches \ --one-file-system \ --files-from "$CONFIG_DIR/include" \ --exclude-file "$CONFIG_DIR/exclude" } check() { restic check --read-data-subset 2% --verbose } forget() { restic forget \ --verbose \ --keep-last 7 \ --keep-daily 7 \ --keep-weekly 4 \ --keep-monthly 4 \ --prune } # Mondays should_check() { [ "$(date +%u)" = 1 ] } # Monday, every 4 weeks should_forget() { should_check && [ $((10#$(date +%W) % 4)) == 0 ] } daily() { backup || exit 1 should_forget && (forget || exit 1) should_check && (check || exit 1) } case $1 in backup) backup ;; check) check ;; forget) forget ;; daily) daily ;; *) echo "Usage: $1 backup|check|forget|daily" ;; esac
Systemd
Finally, schedule them with a systemd service & timer:
backup.service
[Unit] Description="Daily backup" [Service] ExecStart=/usr/local/sbin/backup.sh daily
backup.timer
[Unit] Description="Scheduled Nightly Backup" [Timer] OnCalendar=03:00:00 WakeSystem=true [Install] WantedBy=basic.target