Backing up directories on your VPS with Restic and S3

Sam

Code for this tutorial can be found on GitHub

VPS

Server

S3

Backups

Keeping your data safe is crucial when managing a VPS. In this guide, we'll walk through setting up automated backups using Restic, a modern and secure backup tool that works seamlessly with S3-compatible storage solutions including AWS S3, Cloudflare R2, Backblaze B2 and many others.

Prerequisites

Before we begin, you'll need:

  • A VPS running Linux
  • Root or sudo access
  • S3-compatible storage (like AWS S3, MinIO, or Wasabi)
  • Your S3 credentials (access key and secret key)

Step 1: Installing Restic

First, let's install Restic. Most Linux distributions include it in their package repositories.

For Debian/Ubuntu:

sudo apt update
sudo apt install restic

For CentOS/RHEL:

sudo yum install restic

Step 2: Setting Up Your S3 Bucket

  1. Create a new bucket in your S3-compatible storage service
  2. Note down your:
    • Bucket name
    • Access key
    • Secret key
    • S3 endpoint (if not using AWS S3)

Step 3: Initializing Your Backup Repository

Set up your environment variables:

export AWS_ACCESS_KEY_ID="your-access-key"
export AWS_SECRET_ACCESS_KEY="your-secret-key"

Initialize the repository:

restic -r s3:s3.amazonaws.com/your-bucket-name init

If you're using a different S3-compatible service, modify the endpoint:

restic -r s3:your-endpoint/your-bucket-name init

Step 4: Creating Your First Backup

Now, let's backup a directory:

restic -r s3:s3.amazonaws.com/your-bucket-name backup /path/to/your/directory

You can specify multiple directories:

restic backup /var/www /etc /home/user

Step 5: Setting Up Automated Backups

Create a backup script at /usr/local/bin/backup-script.sh:

#!/bin/bash

# Set your environment variables
export AWS_ACCESS_KEY_ID="your-access-key"
export AWS_SECRET_ACCESS_KEY="your-secret-key"
export RESTIC_REPOSITORY="s3:s3.amazonaws.com/your-bucket-name"
export RESTIC_PASSWORD="your-repository-password"

# Run backup
restic backup /path/to/your/directory

# Clean up old snapshots - keep last 7 daily, 4 weekly, and 6 monthly backups
restic forget --keep-daily 7 --keep-weekly 4 --keep-monthly 6 --prune

Make it executable:

sudo chmod +x /usr/local/bin/backup-script.sh

Create a cron job to run daily backups:

sudo crontab -e

Add this line to run the backup daily at 2 AM:

0 2 * * * /usr/local/bin/backup-script.sh

Step 6: Verifying Your Backups

List all snapshots:

restic snapshots

Check repository integrity:

restic check

Step 7: Restoring Files

To restore a specific directory:

restic restore latest --target /path/to/restore/directory

To restore a specific snapshot:

restic restore <snapshot-id> --target /path/to/restore/directory

Best Practices

  1. Test Your Backups: Regularly verify that you can restore files from your backups
  2. Monitor Space: Keep an eye on your S3 storage usage
  3. Secure Your Password: Store your repository password safely
  4. Version Control: Keep multiple snapshot versions for better recovery options
  5. Documentation: Document your backup configuration and restoration procedures

Troubleshooting

Common Issues and Solutions

  1. Connection Issues

    • Check your S3 credentials
    • Verify your endpoint URL
    • Ensure your firewall allows outbound connections

  2. Permission Errors

    • Verify your S3 bucket permissions
    • Check local file permissions
    • Ensure your backup script has appropriate access

  3. Space Issues

    • Monitor your S3 bucket usage
    • Adjust snapshot retention policies
    • Clean up old snapshots regularly

Conclusion

You now have a robust backup system protecting your VPS data. Remember to regularly test your backups and monitor the backup logs to ensure everything runs smoothly.

Need help or have questions? Our support team is always here to assist you.

Table of Contents