Skip to content
/ restic-caddy Public
forked from restic/caddy

A plugin for the Caddy web server to act as a backend for restic

License

BSD-2-Clause license
0 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

JensKuehnel/restic-caddy

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
example.Caddyfile
example.Caddyfile
 
 
restic.go
restic.go
 
 
setup.go
setup.go
 
 
setup_test.go
setup_test.go
 
 

Repository files navigation

Caddy restic plugin

This plugin makes it easy to run a restic backup server! This plugin uses restic/rest-server to make your backup repositories reachable over HTTPS.

Using restic's "rest" backend instead of the "sftp" backend is likely to provide faster transfer speeds because it avoids a lot of SFTP's flow control problems, where transfers slow down more than necessary.

The advantage of using this plugin over the bare rest-server command is that Caddy provides HTTPS by managing TLS certificates for you, so you always get a secure access point for your repositories and you don't have to reload the server to renew certificates.

Usage

The restic plugin requires authentication using basicauth because otherwise anyone could access your backups. (Yes, restic backups are encrypted, but people could still delete them, etc.) The examples here are shown in conjunction with the basicauth directive for this reason. Requests to the rest-server endpoints without authentication will be forbidden. Caddy uses HTTPS by default, and it is not safe to use this plugin without HTTPS (TLS). Do not disable TLS.

The underlying rest-server needs a data path within which the restic repositories are stored. By default, it is /tmp/restic, but you should change this to a non-temporary path for storing actual backups.

The syntax of the restic directive is:

restic [base_path [data_path]]

The restic plugin can be used without arguments:

basicauth / user pass
restic

This configures all requests to be processed by rest-server using the default data path. This is useful mostly for testing or experimenting.

basicauth /backups user pass
restic    /backups

This does the same thing, but only for HTTP requests to /backups. The data path is the same.

basicauth /backups user pass
restic    /backups /home/me/backups

This sets the base path of requests to be /backups and the data path on disk to be /home/me/backups. In other words, all requests to /backup will be handled by the rest-server to manage restic repositories within /home/me/backups.

Once your server is running, you can access your backups via HTTPS with restic quite easily:

$ restic --repo "rest:https://user:pass@example.com/repo_name" snapshots

The path to the repository (repo_name) will be relative to the data path you specified in your Caddyfile.

About

A plugin for the Caddy web server to act as a backend for restic

Resources

Readme

License

BSD-2-Clause license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Fixes caddy path changes Latest
Aug 16, 2019

Packages

No packages published

Languages

  • Go 100.0%