Rest-server problems

chrissv · November 1, 2018, 7:11pm

I am using restic successfully all over my mini-network at home, including Raspberry Pis.
I want to use rest-server on my Pi. I downloaded it and the go language, and compiled successfully. Here is what I am using:

rest-server 0.9.7 (v0.9.7-28-ga87d968) compiled with go1.11 on linux/arm

I appear to fire up the rest-server just fine:

=======================================
root@svcrpi:~# rest-server --no-auth --debug
Data directory: /tmp/restic
Authentication disabled
Private repositories disabled
Starting server on :8000

=======================================

In a different window #2 on the same node, and still as root, I try to show the snapshots through the REST interface.

=======================================
root@svcrpi:~# restic -r rest:http://localhost:8000/wd/restic/restic-other snapshots
Fatal: unable to open config file: does not exist
Is there a repository at the following location?
rest:http://localhost:8000/wd/restic/restic-other

=======================================

When I do that command, here’s what appears on window #1 (with the rest-server command):

=======================================
HEAD /wd/restic/restic-other/config

=======================================

Back in window #2, I can do a local restic command pointing at the same restic repo just fine:

=======================================
root@svcrpi:~# restic -r /wd/restic/restic-other snapshots
repository 3edbcbc1 opened successfully, password is correct
ID Time Host Tags Paths

cc9ccbc6 2018-10-22 16:14:17 STEVENLT5 c:
92b2eb7c 2018-10-25 08:10:00 STEVENLT5 c:
26f2ae33 2018-10-31 02:56:39 STEVENLT5 c:\

3 snapshots

=======================================

I believe I am missing something simple. Can anyone help me out?

Thanks - Steven

fd0 · November 1, 2018, 8:04pm

You are: the default base directory for the REST server is /tmp/restic, it prints it during startup:

Data directory: /tmp/restic

I suggest you change the directory to /wd/restic:

# rest-server --no-auth --debug --path /wd/restic

Then you can access the repo like this:

# restic -r rest:http://localhost:8000/restic-other snapshots

chrissv · November 1, 2018, 8:20pm

Thanks! I tried as you said, and it worked.

Just experimenting, I also tried this, and it didn’t work:

rest-server: --path /wd
remote repo reference: rest:http://localhost:8000/restic/restic-other

Does the system restrict nesting of the repo path to one level?

– Steven

fd0 · November 1, 2018, 9:06pm

No, that’s should not be the case. I don’t know why it did not work.

chrissv · November 1, 2018, 11:22pm

Is there any extra logging I can turn in rest-server to help figure out why?

fd0 · November 2, 2018, 10:32am

No, the debug options for the REST server are quite limited. If you like, you can try using rclone instead, which also offers the REST server for restic and has better debugging options: rclone serve restic, see here: https://rclone.org/commands/rclone_serve_restic/

rafael · October 13, 2020, 12:34am

I have been experimenting with this and have attempted to create multiple private rest repositories per user. For example, starting the rest-server like this:

rest-server --path /data --debug --private-repos

Then setting up the users (in this example, named: foo, bar):

# create users and set passwords
htpasswd -B -c /data/.htpasswd foo test
htpasswd -B -c /data/.htpasswd bar test

# create spaces for their repositories
mkdir -p /data/foo
mkdir -p /data/bar

And then using the restic client to create repositories like this:

restic --repo rest:http://bar:test@localhost:8000/bar/bar_stuff -p ./password_file init
Fatal: create repository at rest:http://bar:test@localhost:8000/bar/bar_stuff failed: Fatal: server response unexpected: 404 Not Found (404)

But I don’t think it works like this. It seems like there is a nesting limit and the first path segment in the URL must be the repository name, not the user’s name. Which comes back to what I think the README is saying:

To prevent your users from accessing each others’ repositories, you may use the --private-repos flag which grants access only when a subdirectory with the same name as the user is specified in the repository URL.

I took a look into the server’s source code for routes and my understanding is, this is how it’s designed to work: repository name is the user name. Authentication is per repository, not by the user.

rawtaz · October 13, 2020, 1:02am

You’re right, rest-server isn’t designed to support multiple repositories per user when running in private mode. It was previously possible to do so using an ugly workaround, but this is no longer the case due to the first item you can read in the changelog at https://github.com/restic/rest-server/releases . So at this point in time you cannot do that - you have to use one repository per user in your rest-server.

What problem are you trying to solve by wanting to use several subrepositories per user anyway? Perhaps it’s not needed.

rafael · October 13, 2020, 5:10am

I’m not trying to solve any problem in particular, I was just looking for some backup software to self-host on a remote VPS. Users would be family + myself, so I was trying to give people their own private spaces under one server instance. I think I got tripped up on the wording of “user” in the rest-server README and in the docs. My first thought was that it’s like a user account with a password, and each user can manage his/her own repositories.

Okay, thanks for confirming.

One suggestion I have is brushing up the documentation to make this design more clear for people who might try this in the future. I could also give it a try if nobody else has time.

rawtaz · October 13, 2020, 10:50am

But this is exactly what you can do with rest-server using the private mode. You set up one instance of it, and create multiple user accounts in it, and all your family members will then be able to back up to it with their own repositories stored by the rest-server.

Is it currently unclear to you how to do this? If so, let me know what specific part is unclear when you try to do it, and we’ll make it happen for you.

brianly · November 18, 2021, 3:16am

I arrived here after research because the rest-server readme on GitHub still mentions "Users can also create their own subrepositories, like /foo/bar/". Is it correct to say that the following is correct:

When running without private mode, it’s possible to create subrepositories. Example: /foo/bar and /foo/baz can be created, and even /foo/bar/baz.
When private mode is enabled, the path is mapped to the user and subrepositories are not supported. User foo can only init /foo so attempts to init on /foo/bar or foo/bar/baz will both fail.

I believe this is correct, but I wanted to confirm. I’m happy to write some clearer text for the readme, if what I’m describing is correct.

MichaelEischer · November 18, 2021, 7:33pm

The readme on Github does not refer to rest-server 0.10.0, but a later not yet released version. With --private-repos the only restriction is that the path for user foo must start with foo/. rest-server 0.10.0 does not support subrepositories but the next version will support them again.