Using restic on remote servers reliably

What is the best way to handle backing up remote servers with restic and knowing everything is going well. I am using cron to kick off backups, and on my local linux machine where I use restic, I use a script that uses Healthchecks to notify me if there isn’t a current snapshot in the last 24 hours, but this is a bit of work to setup on every since host, is there something out of the box that is well tested and bulletproof? I have a few remote servers (vps and dedicated) as well as servers on my LAN I am looking for a more reliable way to back things up but most importantly know they are currently backed up. I’ve had some backups going via cron just stop working for unknown reasons.

If you search the timeline you will find quite a few threads in that direction the last few weeks with a lot of info and different opinions and suggestions. There is not one fool proof way of doing this.

Generally I would think about creating a central backup server that initiates the backups. You can then run the same script for backing up multiple hosts and also for reporting failed backups and doing regular repo checks all centrally on that machine in the time when no backups are being made (usually during the day).

I use ssh /w passphrase, so connecting in to the remote hosts is difficult via automation, I can setup a rule to allow a specific process to bypass the passphrase, but I would prefer not to create that hole.

There are a lot of restic wrappers that can do that out of the box: you create a configuration file with pre-commands and post-commands that feed the result of a backup into your own system and you just need to copy the configuration to each host.

The way I do it on my servers is generating a configuration file with an ansible template, and the restic wrapper sends the result to my monitoring platform (currently zabbix & grafana) then you just setup your alerts in your monitoring platform.

It’s been bulletproof for me for the last 6 years :wink:

Can you share your playbook?

Sure, that’s the one over there: Ansible :: resticprofile

Thanks, I’ll check this out, I haven’t got around to using ansible for Restic as I am basically just running it as root to backup /home due to docker container permission issues. On my local machine I use a custom script to send heartbeats to healthcheck so I get emailed if there isn’t a recent snapshot on both my local device and my cloud device. But on the remotes, I’ve been lazy, but I’ve been noticing some of them haven’t been backing up and I really need a better solution, or I need to implement heart beats on the remotes too.