Before I deploy this, I wanted to see if there was any pros or cons. Can (or should) you use the same remote (S3) repo for multiple servers? The data is not the same and can include files and MySQL databases. Can the encryption keys for each server be different or do they all have to be the same?
Hi, and welcome to the forum!
If you don’t have much data that can be deduplicated between the servers, then there’s little value in putting them in the same repository. At the same time, it doesn’t hurt.
You can have separate keys for access to the repository, but each server having a valid key can access all of the data in that repository, which might be something you don’t want. If that’s the case, you should probably make them separate repositories.
It should be noted that it is the access keys to the repositories that you can have multiple of (e.g. one per server, so that you can revoke access to the repository for a given key if for example the corresponding server is compromised). It’s not the actual encryption key, which is of course one and the same for the entire repository.
Please let us know if you have further questions, I’m not sure how much the above helped.
good points. thanks. it’s not a huge deal to separate them into separate repos so I’ll just do that. I’m using DO for S3 storage. Will restic create the necessary folders for me? E.g., if I point restic at
s3://url/backup/hostname, will restic create the
backup/hostname folders for me?
I’m not sure, but I wouldn’t think so. I recall it doesn’t with the SFTP backend, for example. Please try it and report back
For the s3 backend, the backend service will create the dirs for you. Don’t worry