I am an admin at the computing centre of my university.
I have set up an Ubuntu server with rest-server 0.14.0 and created some
restic repositories for our internal hosts.
So far, everything works fine
But now, we want to offer restic as a service for about 50 institutes with
some 1000 hosts.
Adding so many repositories does not scale, way too much manual effort.
My first idea was one repository for each institute. The institute admins
then can use restic backup with host specific tags.
But I forget that restic uses locking and one cannot run more than one
restic backup at the same time (cronjobs!).
Using NFS instead of rest-server is not an option, because of
router-firewalls. We can offer restic only via https.
What about s3? I didn’t see an issue with minio for a long time, with ~8k clients. Although you might want to use a fork of it and apply some IAM policies / a bucket per institute etc. depending on your need.
Is this a rest-server limitation that I don’t know about? Parallel backups should be fine since backing up uses non-exclusive locks, no? What you cannot do is backing up while pruning/forgetting/checking (the operations which use exclusive locks).
And by design you cannot do prune, forget and check without locking because of the exclusive locks like @gurkan mentioned above.
IMO (disregard if you have already considered this); you must do one repository per host by scripting some methodology to derive the repository path name based on a combination of institute identifiers and hostname identifiers (these can be probably handled by your institute admins). Also, the scripting can take Configuration file :: resticprofile templates and generate the configurations for you to manage at scale. Something like ansible will help you push these profiles to all the hosts.
