question 1: wasting time and disk space with files that already are encrypted?
I have some large encrypted files that I need to back up. The encryption that restic adds seems superfluous, slows down backups (and file scans) and probably also consumes more disk space. Is there any way to tell restic that I trust these files are already protected well enough, so restic can avoid the overhead?
(Duplicati does not re-encrypt files that already are encrypted.)
question 2: is there (local?) restic metadata that I need to back up separately to speed up or otherwise ease up some restore scenario?
(Duplicati uses local databases, which do speed up the processing a lot but give headaches at restoration time.)
Answers afaik, if someone knows better I’d love to see corrections.
No, there is no way to bypass encryption yet.
Well, kinda. Restic uses cache directories on local, if possible. They help scan operations* (if they’re not outdated, you see a small warning in such case). But it’s just “nice to have”, you may skip completely.
*I am not sure if there is any real data kept in them, afaik only indexes etc.
Just to clarify; Your system most likely has AES-NI instructions in its CPU, which means that the encryption overhead is neglible, nothing to worry about or feel is making anything slow.
Also, file scanning doesn’t have anything to do with the encryption - the encryption happens afterwards and doesn’t affect the speed of scanning files.
So, no
Apart from this not being an option in restic as it’s designed, it’s worth pointing out that the encryption in restic is such an integral part that it’s not only used for securing your data. It’s also used e.g. to know if a file in the repository has been modified on disk, e.g. due to corruption in your repository storage. So it has multiple uses and is a core part of restic.
That said, as per what I wrote above, it’s not like you have to consider the encryption to be a problem. The only time that would be somewhat true is if you use restic on a system that doesn’t have AES-NI in the CPU.
One of the big perks of restic is that it’ll actually work when you do a restore, and if not, the check and check-data will actually warn you about a problem so you can address it before disaster strikes.
I spent untold hours, days apart, trying to convince Duplicati 2 to restore some files and it just didn’t wanna. From the forums “It’s possible that full tests do pass but full restore still fails” which is something I experienced myself.
The cache only contains data that is also stored in the repository. There’s no need to keep a copy of the cache folder. Restic will just download the files when necessary.
