Skip to content

Instantly share code, notes, and snippets.

@NahuLD

NahuLD/.ignore

Last active August 1, 2023 17:10
Show Gist options
  • Save NahuLD/ac02dcd45dc97f144866c3412cddcb1a to your computer and use it in GitHub Desktop.
Save NahuLD/ac02dcd45dc97f144866c3412cddcb1a to your computer and use it in GitHub Desktop.
Download ZIP
Restic backup script (S3 compatible Wasabi)
Raw
.ignore
# Empty
# MUST BE LOCATED IN /etc/restic
Raw
.restic_keys
# MUST BE LOCATED IN /etc/restic
export REPOSITORY_NAME="<box-name>"
export AWS_ACCESS_KEY="<s3-id-key>"
export AWS_SECRET_ACCESS_KEY="<s3-access-key>"
export RESTIC_REPOSITORY="s3:https://s3.wasabisys.com/<bucket-name>/${REPOSITORY_NAME}"
export RESTIC_PASSWORD="<box-password>"
Raw
README.md

How to set up

To start our set up, we'll need to have all files in our home directory with wget.

After that, you'll need to create the /etc/restic directory:

$ mkdir /etc/restic

Then, move .ignore and .restic_keys (with all your settings in place) to the newly generated directory:

$ mv .ignore .restic_keys -t /etc/restic

And that's it! You may manually run the restic_backup.sh script for your first snapshot to see if everything is properly done.

$ sudo sh restic_backup.sh

Add cron job for automatic snapshots

Execute sudo crontab -e (NEEDS TO BE RUN AS ROOT!) and add a reference to the back up script:

Beware you may need to change the directory of the script depending on where you have it!

0 12 * * * /home/<username>/restic_backup.sh

Now your script will be executed each day exactly at 12:00.

(check https://crontab.guru/examples.html for a super convenient table)

Raw
restic_backup.sh
#!/bin/bash
# Clean up lock if we are killed.
# If killed by systemd, like $(systemctl stop restic), then it kills the whole cgroup and all it's subprocesses.
# However if we kill this script ourselves, we need this trap that kills all subprocesses manually.
exit_hook() {
echo "In exit_hook(), being killed" >&2
jobs -p | xargs kill
restic unlock
}
trap exit_hook INT TERM
# Get exported env values from this file
. /etc/restic/.restic_keys
# What snapshots to mop.
RETENTION_LAST=1 # Only keep the last "n"
RETENTION_DAYS=14 # Only keep the last "n" daily
RETENTION_WEEKS=16 # Only keep the last "n" weekly
RETENTION_MONTHS=18 # Only keep the last "n" monthly
RETENTION_YEARS=3 # Only keep the last "n" yearly
BACKUP_PATHS="/var/lib/pterodactyl/volumes" # Pterodactyl's default container volumes
BACKUP_EXCLUDES="--exclude-file /etc/restic/.ignore" # In case we want to exclude some files
restic unlock &
wait $!
# Initialize, won't do anything if this has already been run more than once
restic init &
wait $!
restic backup \
--verbose \
--one-file-system \
$BACKUP_EXCLUDES \
$BACKUP_PATHS &
wait $!
# Prune old data
restic forget \
--verbose \
--option b2.connections=$B2_CONNECTIONS \
--prune \
--group-by "paths,tags" \
--keep-last $RETENTION_LAST \
--keep-daily $RETENTION_DAYS \
--keep-weekly $RETENTION_WEEKS \
--keep-monthly $RETENTION_MONTHS \
--keep-yearly $RETENTION_YEARS &
wait $!
echo "Finished, hopefully"
Raw
restic_check.sh
#!/bin/bash
# Clean up lock if we are killed.
# If killed by systemd, like $(systemctl stop restic), then it kills the whole cgroup and all it's subprocesses.
# However if we kill this script ourselves, we need this trap that kills all subprocesses manually.
exit_hook() {
echo "In exit_hook(), being killed" >&2
jobs -p | xargs kill
restic unlock
}
trap exit_hook INT TERM
# Get exported env values from this file
. /etc/restic/.restic_keys
# Check repository for errors.
restic check \
--verbose &
wait $!
echo "Finished! :)"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment