Backup files owned by root, but have repo owned by $USER?

For $reasons, I’d like my repo files owned by my “normal” user. But I’d also like to be able to backup all files, even those “normally” requiring root to access.

$reasons include that later I’d like to restic copy to an sftp:// URL and I only want my normal user to have ssh setup - I’d like to avoid having to maintain /root/.ssh also.

Is there some way I’ve missed to backup all files but still have the repo files owned by id?

I see at least these two solutions:

  1. sudo restic -r /restic-repo ... ; sudo chown -R peter: /restic-repo - but that seems like a hack.
  2. Use the approach from Examples / Backing up your system without running restic as root, but with my own user instead of the restic user.

I think 2 has some problems.

  1. I now won’t get updates with apt.
  2. If I allow ~peter/bin/restic to read all file with setcap, I’m essentially giving the peter user access to read all files on the system (without sudo) via a restic backup/restore. I’m not crazy about that.

If I use the restic user for this, my repo will now be owned by restic instead of root which is not much better, if I then afterwards want to restic -r sftp:// ... copy ....

I guess what I’m looking for is:

restic -r ... init --force-file-ownership peter
or
restic -r ... backup --force-file-ownership peter

But realistically I guess sudo restic -r /restic-repo ... ; sudo chown -R peter: /restic-repo will work too, I’m just hoping there’s something I’ve missed.