Backups should be automatic - fire and forget. This guide shows you how it is done!
First of - what is restic? It’s a relatively new backup program for Linux and Windows. You can get your copy at the release page or in your repository.
Act 1: The setup
The way restic works we need a “remote” repository. Bare a little with me before typing anything in your console jockey. We will automate this stuff in a moment.
So you can initialize the repo by issuing the following command:
restic init --repo /src/backup
But did you know that restic also reads the environment variable RESTIC_REPOSITORY?
There is also RESTIC_PASSWORD_FILE or RESTIC_PASSWORD if you like your password better hanging around in the ENV.
Here is what we will do - we will create a file called
restic_env e.g. in
export RESTIC_REPOSITORY="/path/to/repo" export RESTIC_PASSWORD_FILE="/etc/restic/pw.txt"
For this to work we need some file that will source this in our current env; this will be our backup script:
#!/usr/bin/env bash # This script is intended to be run by a systemd timer # Exit on failure or pipefail set -e -o pipefail #Set this to any location you like BACKUP_PATHS = "/home" BACKUP_TAG=systemd.timer # How many backups to keep. RETENTION_DAYS=14 RETENTION_WEEKS=16 RETENTION_MONTHS=18 RETENTION_YEARS=3 source /etc/backup/restic_env # Remove locks in case other stale processes kept them in restic unlock & wait $! #Do the backup restic backup \ --verbose --one-file-system \ --tag $BACKUP_TAG \ $BACKUP_PATH & wait $! # Remove old Backups restic forget \ --verbose \ --tag $BACKUP_TAG \ --prune \ --keep-daily $RETENTION_DAYS \ --keep-weekly $RETENTION_WEEKS \ --keep-monthly $RETENTION_MONTHS \ --keep-yearly $RETENTION_YEARS & wait $! # Check if everything is fine restic check & wait $! echo "Backup done!"
It’s prudent to run your first backup with this command manually
chmod +x and give it a try.
Act 2: The Automation
Systemd needs a timer and a unit to fire up our little script like cron did in the golden days - and hey if you are still an old school operator using chron just skip ahead; you know what you are doing - for everybody else here is the timer:
[Unit] Description=Backup on schedule [Timer] OnCalendar=daily Persistent=true [Install] WantedBy=timers.target
And the service file:
[Unit] Description=Backup with restic [Service] Type=simple Nice=10 ExecStart=/etc/backup/restic_backup.sh #$HOME must be set for restic to find /root/.cache/restic/ Environment="HOME=/root"
Act 3 : The Execution
Now all is set and done - to activate you only have to run this one command:
systemctl enable backup.timer --now
You can now use
systemctl list-timers | grep backup to the schedule and check
on the service using
systemctl status backup with
systemctl start backup you can
even start it manually.
To follow up on your backups just use
journalctl -u backup.service
If you have a comment or want to add something just send me an email.