"restic check" via cron - Best Practise?

tjh · January 19, 2023, 8:13pm

Hi,

I’m wondering what people to do run “restic check” via cron, but only have it output if there’s an error?

At the moment I get full output from every cron run, telling me there’s no problems.

I’ve tested doing “restic check -q” and that gives no output, but I wonder will it give output/let me know via cron email if there is a problem?

Thanks!

rawtaz · January 19, 2023, 9:45pm

You can write a wrapper script that does what you want when the exit code from restic is non-zero (which means everything wasn’t right).

tjh · January 19, 2023, 11:48pm

Thanks @rawtaz

For anyone else who finds this thread, I did this using the very handy little “cronic” script.

You can then run restic with “-v” but you only get output (all of it) if it fails with an error.

My Crontab:

# Copy to locally attached USB Drive                                                                                                                                                                                               
 50 * * * * /usr/bin/cronic restic -v backup --exclude=/var/lib/sonarr --exclude=/var/lib/jellyfin/transcodes --exclude=/var/www/micro/rtorrent/share/users/tim/settings/httprpc/ -r /external/restic_micro /etc /var /home /root/.config/jellyfin

When an error happens:

Cronic detected failure or error output for the command:
restic -v backup --exclude=/var/lib/sonarr --exclude=/var/lib/jellyfin/transcodes --exclude=/var/www/micro/rtorrent/share/users/tim/settings/httprpc/ -r /external/restic_micro /etc /var /home /root/.config/jellyfin

RESULT CODE: 1

ERROR OUTPUT:
unable to create lock in backend: repository is already locked exclusively by PID 3069308 on micro by root (UID 0, GID 0)
lock was created at 2023-01-20 12:49:03 (59.70712531s ago)
storage ID dd3dbc8c
the `unlock` command can be used to remove stale locks

STANDARD OUTPUT:
open repository
lock repository

AlBundy · January 23, 2023, 10:33pm

not sure if it is best practice but my crontab looks loke this

0 1 * * * /opt/restic/restic --repository-file /opt/restic/.restic_repository --password-file /opt/restic/.restic_password backup --one-file-system --exclude-caches --exclude-if-present .nobackup --exclude-file /opt/restic/.restic_excludes --files-from /opt/restic/.restic_includes --quiet
0 4 * * FRI /opt/restic/restic --repository-file /opt/restic/.restic_repository --password-file /opt/restic/.restic_password forget --keep-within-hourly 3d --keep-within-daily 30d --keep-weekly 12 --keep-monthly 12 --keep-yearly 3 --tag "" --prune
0 8 * * FRI /opt/restic/restic --repository-file /opt/restic/.restic_repository --password-file /opt/restic/.restic_password check --read-data

and setup restic as described here Examples — restic 0.15.0 documentation
alle files are owned by user root and users group.
users and other don’t have any permission only x is set on restic binary for users group.

check and forget always sends a mail.

tjh · January 23, 2023, 10:34pm

@AlBundy Yes I think this works fine, you do get output from restic if it encounters an issue, even when running in quiet mode.