Graphic by Custom Code IT promoting Linux backups using Restic and S3. The design features a dark background with icons representing Linux (Tux the penguin), Restic (a cartoon character), and Amazon S3 (red storage icon) connected by plus signs. The text at the bottom reads ‘Linux Backups with Restic & S3’ in bold white letters. The Custom Code IT logo is displayed at the top, represented by curly braces and a gear icon. The graphic highlights a solution for secure and efficient backup management.

Linux Backups with Restic and S3.

Fast, secure, reliable, and low friction backups should be something we all strive for if we're working with files we don't want to lose.

Introduction

Fast, secure, reliable, and low friction backups should be something we all strive for if we're working with files we don't want to lose. For some reason (in my opinion) it seems like we're spoilt for choice when it comes to backup solutions for Windows environments. The same cannot be said for Linux environments; of course, solutions exist but the barrier to entry seems to be higher.

After doing some research and trying different tools, here's what I've found that works for my workflow.

 

Restic

After trying a few different approaches/products and failing to find a solution that I felt confident with, I eventually stumbled upon Restic. The spiel on the homepage of their website sums up the product quite well. It's cross-platform, fairly easy to use, has good documentation, creates secure backups and is easy to restore and verify your backups. Best of all, it's free!

 

Linode

Restic has a fairly comprehensive list of options when it comes to the storage location of your backups (called repositories). In our case, we're going to explore S3-compatible Linode Object Storage. Linode is a popular choice for cloud computing and as such might be something you're already using for your other projects. Their Object Storage is quite affordable and predictable, however, this guide should work with any S3 compatible storage (Amazon S3, MinIO).

 

 

Setup

 

Install Restic

First things first, install Restic on your PC. Check the Restic documentation for the installation instructions on your distro.

Once installed, run the following command to make sure you have it installed:

    restic version

In my case, I am using version 2.12.1

 

Create Restic Repository

Run the following commands to setup your restic repository:

    export AWS_ACCESS_KEY_ID=<LINODE_ACCESS_KEY_ID>
export AWS_SECRET_ACCESS_KEY=<LINODE_SECRET_ACCESS_KEY>
restic -r s3:eu-central-1.linodeobjects.com/yourbucketname init

You will then be prompted to enter a password to protect your repository.

IMPORTANT: Pick a good password, this is what is used to encrypt your backups.

 

Create a Backup

Before we create a backup, we want to check things like what files are being included in the backup and how large the backup will be. Later versions of Restic allow us to perform a dry run on a backup to work this out:

    restic -r s3:eu-central-1.linodeobjects.com/yourbucketname backup /backup/path/ --dry-run -vv

If you're happy with your backup, you can run the command without the dry-run flag:

    restic -r s3:eu-central-1.linodeobjects.com/yourbucketname backup /backup/path/ -vv

 

Exclude files

One thing that makes Restic powerful is the ability to exclude files. For example, if you're a software developer you wouldn't want to include directories like node_modules, vendor, Debug, Bin etc. To avoid this we can create a file to define files/directories to exclude from our backups. Here's a simple example of such a file:

exclude.conf

    **/node_modules
**/.env
**/vendor
Downloads

 

You can use the following command to check this file against your backup path:

    du -ch --exclude-from=/path/to/exclude.conf /backup/path

When you're happy you can add this to your backup command:

    restic -r s3:eu-central-1.linodeobjects.com/yourbucketname backup /backup/path/ --exclude-file=/path/to/exclude.conf -vv


Restore

Restoring from a backup is quite simple too. Again, the existing documentation covers this well.

 

Conclusion

From here there are lots of ways you can extend this solution. You could create a cron job or script to automate the backups, implement it on your servers and target important files/databases, or create multiple repositories for even better data protection/redundancy.

I hope you found this guide helpful. Feel free to reach out through the contact page if you would like to make suggestions or discuss anything further.