How to verify local data against the restic index

iqktp · March 20, 2024, 4:49pm

Years ago I made a good decision and a bad one. The good one was backing up my data using restic, of course! The bad one was using a filesystem without checksumming (and thus, vulnerable to bitrot). I hopefully solved that problem by moving my data to btrfs. But in the process I found at least two files have bitrotted in the past 5 years. How many more are there?

I’d like to find out by running an integrity check of my local data against restic’s index, without having to download the entire restic repo. I can hash my local data easy. And restic should have hashes for blobs covering every byte in every file. So it seems possible in theory. But how could I actually do it?

moritzdietz · March 20, 2024, 9:24pm

Hi @iqktp and welcome to the restic community!

This seems like a perfect time to run restic check.

There is documentation regarding this here Working with repositories — restic 0.16.4 documentation (the “check” section).
Check restic check --help for more information.

$ restic check --help

The “check” command tests the repository for errors and reports any errors it
finds. It can also be used to read all data and therefore simulate a restore.

By default, the “check” command will always load all data directly from the
repository and not use a local cache.

If you want to check your entire repo for issues, there is no getting around to read in all files from the repo with the --read-data or --read-data-subset flag.

Let us know if this solves/answers your questions

alexweiss · March 20, 2024, 10:06pm

@moritzdietz As far as I understood the question, it was not about checking a repository for integrity but instead about verifying the integrity of local files against a repository content.

@iqktp Check this topic (it is about verifying restored data against the repository): Verifying restore

Ilya · March 26, 2024, 2:03pm

I’m not sure, but restic backup --dry-run --verbose should give you required information.

*Edited: Will be better to run it after full repo integrity check.

alexweiss · March 26, 2024, 6:55pm

@Ilya Please have a look at the topic I linked. There I explained why backup does not help you with checking integrity of local data.

iqktp · August 9, 2024, 2:05am

I’m just now getting around to this. I wanted to try rustic diff, but I can’t get it to work, and there don’t seem to be any docs for B2. The example config just spits out “Matching variant not found” with no other details, whether I use real credentials or fake ones. Am I doing something wrong?

$ rustic --version
rustic 0.7.0

$ curl -L https://raw.githubusercontent.com/rustic-rs/rustic/main/config/services/b2.toml > rustic.toml

$ rustic snapshots --log-level=trace
[INFO] using config ./rustic.toml
error: Matching variant not found

$ cat rustic.toml
# rustic config file to use B2 storage via Apache OpenDAL
[repository]
repository = "opendal:b2" # just specify the opendal service here
password = "<rustic_passwd>"
# or
# password-file = "/home/<username>/etc/secure/rustic_passwd"

# B2 specific options
[repository.options]
# Here, we give the required b2 options, see https://opendal.apache.org/docs/rust/opendal/services/struct.B2.html
application_key_id = "my_id" # B2 application key ID
application_key = "my_key" # B2 application key secret. Can be also set using OPENDAL_APPLICATION_KEY
bucket = "bucket_name" # B2 bucket name
bucket_id = "bucket_id" # B2 bucket ID
# root = "/" # Set a repository root directory if not using the root directory of the bucket

martinleben · August 9, 2024, 11:20am

This is a restic forum. I suggest you ask for rustic-specific help in a rustic forum.

rawtaz · August 9, 2024, 11:52am

This is correct, for rustic questions you should ask in the rustic discussions on GitHub.