Regular and --append-only rest-servers with same storage

TL;DR: Can two rest-servers (one regular and one in --append-only mode) use the same repository at the same time, or is that somehow problematic? Would it be any different from two restic instances using the same repository at the same time?

I have a user. The user has two systems. One of them is his “trusted” main computer under his own physical control, and the other one is a “less trusted” remote virtual machine hosted by a third party.

I want both of these systems to back up to the same repository, as they mostly contain very similar data and after all it’s the user’s data I back up, not individual systems’ data.

I’m thinking of having two rest-servers running, one in regular mode and one in --append-only mode. The “trusted” computer would back up to the regular rest-server and therefore be able to execute forget+prune, and the “less trusted” VM would back up to the --append-only rest-server in order to not be able to modify or delete the repository. The rest-servers would therefore use separate password databases, so that the two systems can’t access the wrong rest-server.

Here’s the possibly weird thing; I’m thinking of having both of these rest-servers reference/use/access the very same directory for the user’s repository. That is, both rest-servers use e.g. /data/restic/username as the effective repository path for the user’s two restics.

This would mean that both the computer and the VM might back up to this repository at the same time, which AFAIK should be fine and just like any other repository that multiple clients back up to at the same time. Also, if the “trusted” computer does forget+prune or any other modifying action, it would use locking as usual, to signal to other users of the repository that something fishy is going on.

Now, I ask for a sanity check:

  • Is this a completely stupid idea for some reason?
  • Am I missing something, or should the fact that the rest-servers just relay reads/writes/etc from the restic clients mean that it’s fine that these two rest-servers use the same repository storage/directory?

Perhaps there’s some small race condition possible, but the time frame for it is probably so small that it’s not a practical problem.

PS: I need a regular rest-server and an --append-only rest-server for other clients as well, so they will both exist regardless of this single user’s two systems. The question is only if I can use them the way I’m thinking for this user’s systems.

I don’t see that this would cause (big) problems. As the rest-server creates newly uploaded files with O_EXCL, different restic clients shouldn’t be able to actively interfere with each other.

Without Atomic file upload and directory sync by MichaelEischer · Pull Request #142 · restic/rest-server · GitHub uploads are not atomic, such that it is possible for one client sees e.g. a partially uploaded index files of another client, which could cause an incomplete file to end up in the client’s cache. However, after deleting such a file everything should work again. And to be precise that problem can also occur when just using a single rest-server instance.