Hetzner storage box supports "rclone serve restic --stdio"

asdffdsa · February 9, 2023, 11:44pm

hello, thanks,

for a repository, what advantage does rclone serve restic --stdio have over sftp?
i assume there is an advantage, else why would hetzner go out of their way to add the command.

over ssh, using help from the terminal, i stumbled upon that fact that hetzner storagebox supports
rclone serve restic --stdio
so far, could not find any reference from docs at hetzner

note: cannot run other rclone commands.
running rclone or rclone version, returns “command not found”

does anyone have any more detailed info and examples?

asdffdsa · February 10, 2023, 4:12pm

so far, i have followed
https://forum.hetzner.com/index.php?thread/30008-storage-box-restic-backend-via-rclone-und-ssh-wie-ansprechen/&postID=293322#post293322

+ export RESTIC_PASSWORD=password
+ RESTIC_PASSWORD=password
+ restic -o 'rclone.program=ssh -p23 u00000@u00000.your-storagebox.de forced-command' -r rclone: init
Fatal: create repository at rclone: failed: error talking HTTP to rclone: exit status 8

betatester77 · February 10, 2023, 5:59pm

I don’t think that this will have any advantages compared to using the sftp backend on the storage box.

asdffdsa · February 10, 2023, 6:10pm

maybe you are right.

from that link i shared, they claim that the advantage is:
rclone serve restic can use --append-only

via google translate
“Rclone can be used on the Storage Box to create backups via Restic and store them in an append-only repository.”

MichaelEischer · February 10, 2023, 8:16pm

The link isn’t publicly accessible.

The --append-only parameter has to be added to the rclone command line. Is that possible? How does the storage box decide which command you are allowed to run? Is it tied to the ssh-key?

asdffdsa · February 10, 2023, 8:26pm

yes, that is correct.
so far, i almost have it working, but keeps failing.
not sure if this is the issue
https://github.com/rclone/rclone/issues/6646

with storagebox, i can create sub accounts.
more than willing to create a test account for you.

via google translate, as the post is in german.
these are the relevant snippets

Rclone can be used on the Storage Box to create backups via Restic and store them in an append-only repository.
For this purpose, an SSH key with a forced command must be stored in the “.ssh/authorized_keys” of the Storage Box. For example:

command="rclone serve restic --stdio --append-only resticRepoDir" ssh-rsa AAAA...

Restic can then be used on the client to create a repo and upload a backup

restic -o rclone.program='ssh -p23 uXXXXX@uXXXXX.your-storagebox.de forced-command' -r rclone: init
restic -o rclone.program='ssh -p23 uXXXXX@uXXXXX.your-storagebox.de forced-command' -r rclone: backup /etc/

If the append-only mode is not needed, it is probably better to use the SFTP mode in Restic itself.