Would it be possible to list the available snapshots without using the repo password (maybe just the date of the snapshot)?
I am considering creating a reporting solution that would check if the repo contains a recent snapshot. I would prefer not to have to provide the monitoring solution with the password (in case of vulnerabilities, etc.).
Unfortunately not – the data in the repository is encrypted.
You can add a second key/password to the repo, but I don’t know that you can set access controls…
EDIT: I like @cfbao’s suggestion below. For what you need, that’ll probably work. I was tunnel-visioned into thinking you needed information that required decrypting the metadata.
If file timestamps are reliable on your system, you can probably just check if there’s a recent file in the /snapshots folder.
As far as I understand this is valid only if nobody modifies snapshot after it’s created (so you should tag everything during backup)
I like the idea of looking at the dates in the repository. On first view, the timestamps do not exactly match those reported by “restic snapshots”, but they seem close enough for high level reporting purposes (“was there a recent snapshot?”). It also looks like they are not disturbed by forget/prune.
Btw, relaying on files in
snapshots directory is not guaranteed to be valid:
At least for now this packing of snapshots is not implemented yet.