I did a minimal test and it worked!
In the test the systemd unit files were modified like this
--- a/examples/systemd/rest-server.service
+++ b/examples/systemd/rest-server.service
@@ -11,7 +11,7 @@ Type=simple
# You may prefer to use a different user or group on your system.
User=www-data
Group=www-data
-ExecStart=/usr/local/bin/rest-server --path /path/to/backups
+ExecStart=/usr/local/bin/rest-server --path /usr/local/backups --no-auth
Restart=always
RestartSec=5
@@ -25,7 +25,7 @@ RestartSec=5
# IMPORTANT!
# The following line must be customised to your individual requirements.
-ReadWritePaths=/path/to/backups
+ReadWritePaths=/usr/local/backups
# Makes created files group-readable, but inaccessible by others
UMask=027
@@ -51,7 +51,7 @@ ProtectProc=invisible
ProtectHostname=true
RemoveIPC=true
RestrictNamespaces=true
-RestrictAddressFamilies=AF_INET AF_INET6
+RestrictAddressFamilies=none
RestrictSUIDSGID=true
RestrictRealtime=true
# if your service crashes with "code=killed, status=31/SYS", you probably tried to run linux_i386 (32bit) binary on a amd64 host
diff --git a/examples/systemd/rest-server.socket b/examples/systemd/rest-server.socket
index ba3262a..24990c7 100644
--- a/examples/systemd/rest-server.socket
+++ b/examples/systemd/rest-server.socket
@@ -1,5 +1,5 @@
[Socket]
-ListenStream = 8080
+ListenStream = 127.0.0.1:8080
[Install]
WantedBy = sockets.target
Test
restic initrestic backuprestic snapshots
[test@localhost ~]$ restic -r rest:http://127.0.0.1:8080/ init
enter password for new repository:
enter password again:
created restic repository ddb72c517c at rest:http://127.0.0.1:8080/
Please note that knowledge of your password is required to access
the repository. Losing your password means that your data is
irrecoverably lost.
[test@localhost ~]$ restic -r rest:http://127.0.0.1:8080/ --verbose backup ~/mydata
open repository
enter password for repository:
repository ddb72c51 opened (version 2, compression level auto)
created new cache in /var/home/test/.cache/restic
lock repository
no parent snapshot found, will read all files
load index files
start scan on [/var/home/test/mydata]
start backup on [/var/home/test/mydata]
scan finished in 0.217s: 1 files, 6 B
Files: 1 new, 0 changed, 0 unmodified
Dirs: 4 new, 0 changed, 0 unmodified
Data Blobs: 1 new
Tree Blobs: 5 new
Added to the repository: 2.310 KiB (1.928 KiB stored)
processed 1 files, 6 B in 0:00
snapshot 2be041f9 saved
[test@localhost ~]$ restic -r rest:http://127.0.0.1:8080/ --verbose snapshots
enter password for repository:
repository ddb72c51 opened (version 2, compression level auto)
ID Time Host Tags Paths
-----------------------------------------------------------------------------------------
2be041f9 2023-07-07 05:23:58 localhost.localdomain /var/home/test/mydata
-----------------------------------------------------------------------------------------
1 snapshots
[test@localhost ~]$
I created a git branch
that could become a PR