Is it intentional that restic supports deleting ALL snapshots in one go? From the documentation I suspect this is not intended.
To delete ALL your snapshots from all paths/tags/hosts run this nice little command (without the --dry-run):
restic forget --keep-tag=SomeUnusedTag -vv --dry-run
the --dry-run so you won’t actually delete your snaphots by copy pasting my command… Of cause assuming you have environment with the repo and password.
The docs indicate restic won’t allow deleting all snaphots in one fell swoop, but that only applies to all the other --keep-* commands.
I discovered this because I’m using the very nice resticprofile, and created a parent with forget/retention which only had my --keep-tag=forever line, but that meant it was applied to all those profiles which didn’t have a definition. I suspect a similar thing could happen to users who using scripts try to create a hierarchy of configurations. Fortunately it had only deleted my snapshots for a minor backup, and everythings fine. Though it also makes me more hesitant to prune, in case I mess up again in the future…
See Forgetting all snapshots with a specific tags.
As far as I understood, this is a bug, not a feature.
Good catch! I also think it’s a very dangerous bug. I can reproduce with restic 0.15.2.
But what would be the better behavior?
- An error message if the tag name does not exist in any snapshot?
An error message if the tag name does not exist in any of the otherwise selected snapshot? That would require to first run all other keep policies before getting to the tags.
--keep-tag only in combination with other, stronger
- Add doc to mark the option as dangerous?
I didn’t find an issue for it yet.
@fd0 what do you think? Should I create an issue?
For me it’s also not 100% clear from the doc if a snapshot is kept when it has all tags of
taglist or just any tag of
--keep-tag= keep snapshots with this taglist (can be specified multiple times)
Apparently it’s an “has all” condition for keeping.
I think the sane thing is to disallow only --keep-tag, just like currently it is not allowed to forget without any keep-*.
All the other keeps are time or count based. Thus they fit well with --keep-tag. --keep-tag makes little sense alone, unless you want to erase your repository, in which case rm -rf also works. That was said a bit tongue-in-cheek, but I also think there a point to be made. Normally you want to keep your latest snapshot, --keep-tag goes around that, which, I think, was not intended. Or @fd0 may correct me on the intention.
Oh goodness, i just tried it. I use tags regularly, so this is a big catch for me. Hopefully its patched soon.
I can’t believe I never figured this out because I actually wanted this functionality