diff options
| author | Sam Scholten | 2025-10-27 13:40:25 +1000 |
|---|---|---|
| committer | Sam Scholten | 2025-10-27 13:40:25 +1000 |
| commit | 98f5396a9f04534856d95a297735709408b2f94e (patch) | |
| tree | 088c3bb4472ba055d31b0825a7ec92086f632282 | |
| parent | 56973528a9e4cab924951ad0e4c7b4eead4baa2c (diff) | |
| parent | a827a2c9b84474e023050b54aae192819fabb552 (diff) | |
| download | drestic-98f5396a9f04534856d95a297735709408b2f94e.tar.gz drestic-98f5396a9f04534856d95a297735709408b2f94e.zip | |
Merge remote-tracking branch 'origin/main'
| -rw-r--r-- | CHANGELOG.md | 16 | ||||
| -rw-r--r-- | Makefile | 3 | ||||
| -rw-r--r-- | README.md | 126 | ||||
| -rw-r--r-- | VERSION | 2 | ||||
| -rwxr-xr-x | restic_check.sh | 4 | ||||
| -rwxr-xr-x | update.sh | 30 |
6 files changed, 80 insertions, 101 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 0533522..2523f92 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,19 @@ +drestic (1.4.1) stable; urgency=high + + * Fixed: update.sh now properly replaces service file placeholders (was causing '/path/to/be/replaced' execution errors) + * Fixed: update.sh now correctly sets RESTIC_ENV_FILE environment variable in service files + * This critical fix ensures 'make update' actually works for upgrading existing installations + + -- Sam <samsci@posteo.com> Mon, 27 Oct 2025 07:55:00 +1000 +drestic (1.4.0) stable; urgency=medium + + * Fixed: Removed invalid --retry-lock flag from restic check command (was causing all weekly checks to fail) + * Improved: Weekly integrity checks now use metadata-only strategy (VPS-optimized, ~50MB RAM vs 500MB+) + * Added: Comprehensive manual check documentation with resource usage guidelines + * Added: Multi-machine check strategy documentation for resource-constrained VPS environments + * Improved: Brutalist README - concise and action-oriented documentation + + -- Sam <samsci@posteo.com> Mon, 27 Oct 2025 07:00:00 +1000 drestic (1.2.3) stable; urgency=medium * Fixed: Replaced unsupported --lock-retry-after and --lock-stale-timeout flags with --retry-lock for restic 0.18.1 compatibility @@ -494,8 +494,7 @@ help: @echo " uninstall-user : Uninstall user scope DRestic" @echo " uninstall-system : Uninstall system scope DRestic" @echo " recover : Show recovery instructions" - @echo " update : Update DRestic scripts and services (auto-detects scope)" - @echo " upgrade : Full upgrade including timers (run 'git pull' first)" + @echo " update : Update DRestic scripts and services (auto-detects scope) - run 'git pull' first for latest version" @echo " update-gotify : Update Gotify notification settings (auto-detects scope)" @echo " update-gotify-user : Update Gotify settings for user scope" @echo " update-gotify-system : Update Gotify settings for system scope" @@ -2,129 +2,73 @@ <img src="logo.svg" width="120" markdown="1"> -Automated, encrypted, and deduplicated backups to MEGA cloud storage using restic. +Automated encrypted backups to MEGA using restic. ## Setup -1. Clone the repository: ```sh git clone https://github.com/casparvitch/drestic cd drestic -``` - -2. Install dependencies (supports apt, yum, pacman, zypper): -```sh make install-deps +make setup-user # or setup-system for servers ``` -3. Run the setup script: -```sh -# For a personal machine (backs up /home/user) -make setup-user -# For a server (backs up /etc, /home, /root, etc.) -# make setup-system -``` - The script will prompt for your MEGA credentials and a new restic repository password. **Store the restic password safely.** +Enter MEGA credentials and restic password when prompted. **Store the restic password safely.** ## Usage -All common operations are handled via the `Makefile`. Run `make help` for a full list. - -**Check Status** ```sh -# For user scope -make status - -# For system scope -make status-system +make help # see all commands +make status # check backup status +make backup-now # run backup immediately +make snapshots # list backups ``` -**Run a Backup Manually** -```sh -make backup-now -# Monitor with: journalctl --user -fu restic-backup.service -``` - -**List Snapshots** -```sh -make snapshots -``` - -**Recover Files** -The easiest method is to mount the repository. - -1. Create a mount point: +**Recover files:** ```sh mkdir ~/restore -``` - -2. Mount the backup: - The repository path is now unique per host (e.g., `drestic_backups_my-server`). Find your exact path in `~/.config/restic/env`. -```sh -# For user scope (replace with your unique repo path) -RESTIC_PASSWORD_FILE=~/.config/restic/password restic mount ~/restore --repo rclone:backup_remote:/drestic_backups_my-server -``` - -3. Browse `~/restore/snapshots/latest/` to find your files. - -4. Unmount when finished: -```sh +# Replace with your repo path from ~/.config/restic/env +RESTIC_PASSWORD_FILE=~/.config/restic/password restic mount ~/restore --repo rclone:backup_remote:/drestic_backups_hostname +# Browse ~/restore/snapshots/latest/ umount ~/restore ``` ## Configuration -Configuration files are created during setup. +Edit backup paths: `~/.config/restic/paths` (user) or `/etc/restic/paths` (system) +Edit excludes: `~/.config/restic/excludes` +Add notifications: `make update-gotify` -**Backup Paths & Exclusions** -- **User scope:** `~/.config/restic/paths` and `~/.config/restic/excludes` -- **System scope:** `/etc/restic/paths` and `/etc/restic/excludes` +## Manual Checks -Edit the `paths` file to change what is backed up. Edit the `excludes` file to add patterns to ignore. The default files contain a sensible starting point. +**Automated:** Metadata-only weekly checks (catches 95% of issues) -**Backup Schedule** -The schedule is managed by systemd timers. To change the daily 3 AM backup time: - -1. Edit the timer file: - - **User scope:** `~/.config/systemd/user/restic-backup.timer` - - **System scope:** `/etc/systemd/system/restic-backup.timer` +**Manual verification:** +```sh +# Quick metadata check (~50MB RAM, 1-2 min) +source ~/.config/restic/env && restic check --repo "$RESTIC_REPOSITORY" --password-file "$RESTIC_PASSWORD_FILE" -2. Change the `OnCalendar=` line. +# Light data check (~200MB RAM, 5-15 min) +source ~/.config/restic/env && restic check --repo "$RESTIC_REPOSITORY" --password-file "$RESTIC_PASSWORD_FILE" --read-data-subset 0.1% -3. Reload systemd: -```sh -# For user scope -systemctl --user daemon-reload && systemctl --user restart restic-backup.timer -# For system scope -sudo systemctl daemon-reload && sudo systemctl restart restic-backup.timer +# Heavy data check (~500MB+ RAM, 30+ min) +source ~/.config/restic/env && restic check --repo "$RESTIC_REPOSITORY" --password-file "$RESTIC_PASSWORD_FILE" --read-data-subset 1% ``` -**Notifications** -To add or update Gotify push notifications, run: +**From another machine:** ```sh -make update-gotify +# Setup: install restic, rclone +rclone config create backup_remote mega user EMAIL pass PASSWORD +echo "PASSWORD" > ~/.restic_password && chmod 600 ~/.restic_password +restic check --repo rclone:backup_remote:/drestic_backups_HOSTNAME --password-file ~/.restic_password --read-data-subset 0.1% ``` -## Troubleshooting - -**Repository is locked?** -```sh -# Auto-detects scope and unlocks -make unlock-repo -``` +**When:** Monthly 0.1% checks, quarterly 1% checks, or troubleshooting. -**Connection issues?** -Verify rclone can connect to your MEGA account. -```sh -rclone ls backup_remote: -``` +## Troubleshooting -**Something else?** -Check the logs. ```sh -# For user scope -make logs - -# For system scope -make logs-system -``` +make unlock-repo # fix locked repository +make logs # check recent logs +rclone ls backup_remote: # test MEGA connection +```
\ No newline at end of file @@ -1 +1 @@ -1.3.1
\ No newline at end of file +1.4.1
\ No newline at end of file diff --git a/restic_check.sh b/restic_check.sh index 278b2fe..9fe6be1 100755 --- a/restic_check.sh +++ b/restic_check.sh @@ -28,13 +28,11 @@ trap 'notify "Restic Check" "Restic check script finished with exit code $?" $?' # --- Main Logic --- echo "--- Starting Restic Repository Integrity Check at $(date) ---" -echo "Running memory-efficient integrity check on repository: $RESTIC_REPOSITORY (1% data subset)..." +echo "Running VPS-optimized repository integrity check on repository: $RESTIC_REPOSITORY (metadata only)..." restic check \ --repo "${RESTIC_REPOSITORY}" \ --password-file "${RESTIC_PASSWORD_FILE}" \ - --read-data-subset 1% \ --no-cache \ - --retry-lock 5m \ --verbose || { echo "Error: Restic check failed." >&2 notify "Restic Check ($(whoami)@$(hostname))" "Weekly integrity check failed!" 8 @@ -83,21 +83,43 @@ update_scripts() { update_services() { local install_type="$1" local systemd_dir + local install_dir + local env_file if [ "$install_type" = "system" ]; then systemd_dir="/etc/systemd/system" + install_dir="/usr/local/bin" + env_file="/root/.restic_env" log "Updating systemd services and timers in $systemd_dir" - sudo cp systemd/restic-backup.service "$systemd_dir/" - sudo cp systemd/restic-check.service "$systemd_dir/" + + # Generate service files with correct paths (like setup.sh does) + sed -e "s|ExecStart=/path/to/be/replaced/restic_backup.sh|ExecStart=$install_dir/restic_backup.sh|" \ + -e "s|# Environment variable will be set by setup.sh based on scope|Environment=\"RESTIC_ENV_FILE=$env_file\"|" \ + systemd/restic-backup.service | sudo tee "$systemd_dir/restic-backup.service" >/dev/null + sed -e "s|ExecStart=/path/to/be/replaced/restic_check.sh|ExecStart=$install_dir/restic_check.sh|" \ + -e "s|# Environment variable will be set by setup.sh based on scope|Environment=\"RESTIC_ENV_FILE=$env_file\"|" \ + systemd/restic-check.service | sudo tee "$systemd_dir/restic-check.service" >/dev/null + + # Copy timer files directly sudo cp systemd/restic-backup.timer "$systemd_dir/" sudo cp systemd/restic-check.timer "$systemd_dir/" sudo systemctl daemon-reload else systemd_dir="$HOME/.config/systemd/user" + install_dir="$HOME/.local/bin" + env_file="$HOME/.config/restic/env" mkdir -p "$systemd_dir" log "Updating systemd services and timers in $systemd_dir" - cp systemd/restic-backup.service "$systemd_dir/" - cp systemd/restic-check.service "$systemd_dir/" + + # Generate service files with correct paths (like setup.sh does) + sed -e "s|ExecStart=/path/to/be/replaced/restic_backup.sh|ExecStart=$install_dir/restic_backup.sh|" \ + -e "s|# Environment variable will be set by setup.sh based on scope|Environment=\"RESTIC_ENV_FILE=$env_file\"|" \ + systemd/restic-backup.service >"$systemd_dir/restic-backup.service" + sed -e "s|ExecStart=/path/to/be/replaced/restic_check.sh|ExecStart=$install_dir/restic_check.sh|" \ + -e "s|# Environment variable will be set by setup.sh based on scope|Environment=\"RESTIC_ENV_FILE=$env_file\"|" \ + systemd/restic-check.service >"$systemd_dir/restic-check.service" + + # Copy timer files directly cp systemd/restic-backup.timer "$systemd_dir/" cp systemd/restic-check.timer "$systemd_dir/" systemctl --user daemon-reload |