I currently create restic backups by running the following commands manually (on Linux - specifically Ubuntu 22.04 with the latest restic 0.14.0):
restic cache --cleanup
restic backup -r "${REPO}" --password-file "${PASSWORD_FILE}" --files-from "${INCLUDE_FILE}" --exclude-file "${EXCLUDE_FILE}"
Where:
${REPO}
: Full path to backup location. This is always a USB drive mounted under the same filesystem (at /media/username/drive-id
).
${PASSWORD_FILE}
: Plain text file containing the password for this repository, so I don’t have to type it (this is on a desktop that only allows local logins, and I’m the only user, so I’m not too worried about storing the password in this way).
${INCLUDE_FILE}
: Plain text file with one directory per line, containing all the directories I want to backup (I selectively do this as I have some very large directories that I don’t want backed up, such as my Steam games). I use this file with other backup systems such as Borg and tar so that I only have to configure the list in one place.
${EXCLUDE_FILE}
: Same as include file, except these are sub-directories which I want to exclude (e.g. I might include /home/user/stuff
but exclude /home/user/stuff/big-directory
).
This works fine and I’ve been running it for a couple of years, occasionally restoring data without any issues. However, I want to forget and prune (i.e. remove from my backups) any snapshots that are older than 90 days. This is really important for me as I have sensitive data on my desktop and if I receive a request to delete it I need to know that it will be gone from my backups within a given time period.
At the moment I run the following commands to forget (mark for deletion), prune (delete) and check (just in case anything goes wrong):
restic forget -r "${REPO}" --password-file "${PASSWORD_FILE}" --keep-within 90d --prune --verbose
restic check -r "${REPO}" --password-file "${PASSWORD_FILE}"
I usually see some output from the above commands as I backup several times a week, and therefore there should always be something to remove. However, if I run restic snapshots
(same repository and password file) there are lots of entries which are more than 90 days old, e.g.
552a4e83 2019-09-06 10:15:03 morbius
95e55626 2022-06-27 19:03:37 mondas
7fd6fe15 2022-09-21 18:43:09 mondas
The morbius snapshots I can understand as they are a different host (my desktop is mondas
), however I can’t see why there are entries for my desktop host that are more than 90 days old.
The other strange behaviour is that there is a 90 day gap between where I would expect the snapshots to end and the next set of snapshots. For example, in the above output 7fd6fe15
is within the 90 day window today, so I would expect it to be listed. There’s then a gap of approximately 90 days before 95e55626
, and from that date backwards there are snapshots going back as far as 2019.
Is there something else I need to add to ensure that all snapshots older than 90 days are removed? I want to do this across all hosts, because I no longer have access to morbius
and therefore can never run restic with that hostname.