I’m trying to create a backup of the /home filesystem. Basically, I do need the whole filesystem, but not the private ssh keys. So I run something like restic backup /home and I’d like to exclude some files.
--exclude=".ssh" … excludes too much
--exclude=".ssh/*.pub" … probably excludes the wrong files (I’d like to backup the pub keys)
So what I need is a way to specify: Do a backup of everything but skip those files not ending with .pub
when within a .ssh folder. Is this possible somehow?
I don’t think you can do that easily as it is now using just excludes. You could build a list of files and feed it to --files-from* but that will give you a different set of paths when the files change so it’s not ideal. Using excludes isn’t something where I see how you’d do this without hardcoding the private key filenames, except if you try the PR below:
One option, that would be great if you could try, is to use the PR at filter: ability to use negative patterns by vincentbernat · Pull Request #2311 · restic/restic · GitHub . With it I imagine that you could exclude something like !$HOME/.ssh/*.pub, !$HOME/.ssh/config and !$HOME/.ssh/authorized_keys which should let you back up the *.pub, config and authorized_keys files in that folder (note that everything else would be excluded, in case you have more files than those and the private key ones).
It works as expected for me: For all .ssh folders, all files are skipped for the backup with the exception of .pub, config and authorized_keys. They are included in the backup. Exactly what I want.
Now I’d vote for the PR to be included into mainline