oliver/backup-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
backup-server/backup-user/README.md
T
Oliver Walter 1ea0d846bb first commit
2026-06-17 01:54:53 +02:00

120 lines
3.0 KiB
Markdown
Raw Permalink Blame History

# Restic user backup → TrueNAS REST server
User-level backup for personal machines (desktop, laptop).
No `sudo` required — everything runs as your own user.
## Differences from the system-level setup
| | System (`backup/`) | User (`backup-user/`) |
|---|---|---|
| Runs as | root | your user |
| Config | `/etc/restic/` | `~/.config/restic/` |
| Script | `/usr/local/bin/` | `~/.local/bin/` |
| Systemd units | `/etc/systemd/system/` | `~/.config/systemd/user/` |
| Commands | `sudo systemctl` | `systemctl --user` |
| Logs | `journalctl -u` | `journalctl --user -u` |
| Package dump | ✅ (has root) | ❌ (not needed) |
| Boot timer trigger | `OnBootSec` (system boot) | `OnStartupSec` (after login) |
---
## Setup
### 1. Create config directories
```bash
mkdir -p ~/.config/restic
mkdir -p ~/.config/systemd/user
mkdir -p ~/.local/bin
```
### 2. Install and fill in the env file
```bash
cp env.example ~/.config/restic/env
nano ~/.config/restic/env
chmod 600 ~/.config/restic/env
```
Set these values:
- `MACHINE_NAME` — unique name for this machine (e.g. `desktop`, `laptop`)
- `RESTIC_PASSWORD` — generate with `openssl rand -base64 32`
- `BACKUP_PATHS` — adjust to what matters to you (default covers `.config`, `.local/share`, Documents, Pictures, Desktop)
### 3. Install the excludes file
```bash
cp excludes.txt ~/.config/restic/excludes.txt
# Optionally add machine-specific paths to skip
nano ~/.config/restic/excludes.txt
```
### 4. Initialize the repository on the REST server
```bash
source <(set -a && cat ~/.config/restic/env) && restic init
```
### 5. Install the backup script
```bash
cp backup.sh ~/.local/bin/restic-backup.sh
chmod +x ~/.local/bin/restic-backup.sh
```
### 6. Install the systemd user units
```bash
cp restic-backup.service ~/.config/systemd/user/
cp restic-backup.timer ~/.config/systemd/user/
cp restic-backup-boot.timer ~/.config/systemd/user/
systemctl --user daemon-reload
systemctl --user enable --now restic-backup.timer
systemctl --user enable --now restic-backup-boot.timer
```
### 7. Run a first backup to verify
```bash
systemctl --user start restic-backup.service
journalctl --user -u restic-backup.service -f
```
---
## Useful commands
```bash
# Check timer status
systemctl --user status restic-backup.timer restic-backup-boot.timer
# List all snapshots
source <(set -a && cat ~/.config/restic/env) && restic snapshots
# Browse a snapshot interactively
source <(set -a && cat ~/.config/restic/env) && restic mount ~/mnt/restic
# Restore a single directory
source <(set -a && cat ~/.config/restic/env) && \
restic restore latest --target /tmp/restore --include "$HOME/.config/nvim"
# Check repo integrity
source <(set -a && cat ~/.config/restic/env) && restic check
# Watch backup logs live
journalctl --user -u restic-backup.service -f
```
---
## Password recovery
Store a `recovery.txt` on TrueNAS alongside the repo — same as the system setup.
```bash
# On TrueNAS
cp recovery.txt /mnt/pool/backups/recovery-desktop.txt
chmod 600 /mnt/pool/backups/recovery-desktop.txt
```
Reference in New Issue View Git Blame Copy Permalink