Backup automatically to local LAN USB disk using restic command

Setting up Restic to backup on a crontab job using a hard disk on USB on the local network.
Comments and suggestions are more than welcome :wink:

There are two servers :
• Server A : where yunohost runs and has an IP= 192.168.1.aa
• Server B: where the hard disk is connected to the USB port.( in my case a iMac computer) has an IP=
Create a user “$YUNOHOST” on server B with a password we shall call $B_YUNOPSSWD in what follows.
On server B, format a hard disk in NTFS format (it can be write/read by linux and macOS using Tuxera NTFS).
I did not try any other file system but FAT32 should work too.
Mount it on /Volumes/bup where “bup” is the disk label on the server B (an iMac in my case).
(This may work in Windows but the terminal commands for Windows are completely different to Unix systems)
0. SERVER A: set up the backup repo on SERVER B by issueing:

sudo restic init --repo sftp:$

Here you enter the password for the repository we call $A_REPO_PSSWD

  1. SERVER A: Create password file in /home/admin/.restic-backup like this:
                       nano /home/admin/
                       export RESTIC_REPOSITORY="sftp:$"
                       export RESTIC_PASSWORD=“$A_REPO_PSSWD”

Here $YUNOHOST is the user login for the server B and the password $A_REPO_PSSWD for the repository on server B (iMac) on /Volumes/bup once you have setup the Restic app properly (see Restic documentation ) .

  1. SERVER A: The Restic app was installed on server A by using “apt-get install restic” NOT as a yunohost app.
    The following script will backup the /home/yunohost.backup/archives folder to the disk on USB of the server B (iMac) under
    Create a script for Restic backup in /home/admin/ like this:

			source /home/admin/.restic-backup
			restic backup -r $RESTIC_REPOSITORY /home/yunohost.backup/archives --tag yunohost
			#restic backup /home/admin/ --tag home
			# any other backups you want

Type Ctl+x —> y-> save

  1. SERVER A: Created a crontab job by copying the “” script to /etc/cron.daily without the .sh extension
sudo	cp /usr/local/sbin/ /etc/cron.daily/restic-backups
  1. SERVER A: Setup of PASSWORDLESS ssh log in to Server B for user $YUNOHOST:
		ssh-keygen -t rsa
		ssh-copy-id -i ~/.ssh/ $
		chmod 600 ~/.ssh/authorized_keys 
		chmod 700 ~/.ssh/

Check by issueing
5. SERVER A: Change owner and permissions on restic-backups script by typing

		chown admin /etc/cron.daily/
		chmod 755

/etc/cron/daily/restic-backups should now run without sudo password required: test it!

B. Setting up regular backup of yunohost (SERVER A) using a script called /usr/local/sbin/

  1. SERVER A:
    This script is from Daily Automated Backups using Restic with many thanks.
		sudo nano /usr/local/sbin/
		# Creates a backup and removes some of the previous backups
		# Put script in /etc/cron.daily/ and make sure it can be executed (o+x)

		# Backups are created with the following prefix
# All backups with the previous prefix are deleted except the following dates
TODAY=`date '+%Y-%m-%d'`
YESTERDAY=`date -d "yesterday" '+%Y-%m-%d'`
DAY_BEFORE_YESTERDAY=`date -d "2 days ago" '+%Y-%m-%d'`
LAST_SUNDAY=`date -d "last Sunday" '+%Y-%m-%d'`
SUNDAY_BEFORE_LAST=`date -d "last Sunday -7 days" '+%Y-%m-%d'`
BEGINNING_OF_MONTH=`date '+%Y-%m-01'`
BEGINNING_OF_LAST_MONTH=`date -d "last month" '+%Y-%m-01'`

yunohost backup create -n $PREFIX$TODAY
cd /home/yunohost.backup/archives
# Remove some archives with exceptions listed above 
echo  "Removing all except these dates :" " $TODAY\|$YESTERDAY\|$DAY_BEFORE_YESTERD$
echo "Removed these :"
echo  |  ls  |  grep -v "$TODAY\|$YESTERDAY\|$DAY_BEFORE_YESTERDAY\|$LAST_SUNDAY\|$$
#Print the list of backups on yunohost 
yunohost backup list
  1. SERVER A: Give ownership to root of
	  	sudo chown root /usr/local/sbin/
  1. SERVER A: Test it running
		sudo /usr/local/sbin/
  1. SERVER A: Setup a cron job to run every hour
    By copying the script to /etc/cron.daily without the .sh extension.

     cp /usr/local/sbin/ /etc/cron.daily/bupyuno

All scripts in /etc/cron.daily have to have no extension. Only (^[a-zA-Z0-9_-]+$) are allowed

  1. Setup passwordless login for SERVER A (yunohost) to connect to SERVER B (iMac):

  2. SERVER A: Enter

       ssh-copy-id -i /root/.ssh/ yunohost@192.168.1.aa

Then try

		ssh yubohost@192.168.1.aa

and it should login directly

  1. SERVER A: And finally check that they are both run by

    sudo run-parts --test --report  /etc/cron.daily/
  2. To restore a snapshot use these commands :
    List the snapshots first:

                source /home/admin/.restic-backup && restic -r $RESTIC_REPOSITORY snapshots 

Restore one of the snapshots to a folder called /restoreYUNO on server A (yunohost):

                  source /home/admin/.restic-backup && restic -r $RESTIC_REPOSITORY restore f815dba5 --target /restoreYUNO

Copy the backup archive to the yunohost archives on server A (yunohost) :

                   cp /restoreYUNO/automatic*  /home/yunohost.backup/archives/

Then restore the backup by using the web admin or the yunohost command in terminal.

1 Like

Cool! Great to see more people using Restic. I think it is a far simpler solution than Borg backup.

I was going to make a tutorial on how to use rest-server with restic, but haven’t done that yet. I think I shall do this now!

1 Like

Thank you @arkadi For information only:
Here is part of my daily report via email from yunohost server …

@arkadi have you done more work on this ??
I have added a few steps and mods to the guide above. Maybe somebody will use it like I do on my Yuno server: it has saved me twice now to restore mattermost and all postings only one day behind!!

1 Like

Well I’ve been running Restic and Rest-server for over a year now. I finished my blog post about rest-server today thanks to the nudge from you.

Feedback welcome.