Restic backup script for Vaultwarden
Note: Related posts:
- How To Install Restic REST Server On Synology NAS for the server setup (you can also use other backends)
- Our
docker-compose-based Vaultwarden setup: Simple 5-minute MySQL Vaultwarden setup using docker-compose
Configuring the backup script
First, generate the encryption password using
pwgen 30 > .restic_password
Make sure to back up this password separately or ALL YOUR DATA WILL BE LOST!
Now create backup.sh in the same directory as docker-compose.yml:
#!/bin/bash
export NAME=$(basename $(pwd))
export RESTIC_REPOSITORY=rest:http://restic:[email protected]:16383/$NAME
export RESTIC_PASSWORD_FILE=.restic_password
if [ ! -f "${RESTIC_PASSWORD_FILE}" ]; then
echo "Please create .restic_password with the backup encryption password AND BACKUP THAT PASSWORD SEPARATELY!!!"
exit 1
fi
echo "Initing repo, please ignore any 'already exists' errors"
if [ ! -f ".restic_inited" ]; then
# Run the restic init command
restic init
if [ $? -eq 0 ]; then # if init successful
# Create the initialization file
touch ".restic_inited"
echo "Restic initialized"
fi
fi
# Backup
source .env
docker-compose exec -T mariadb mysqldump -uroot -p${MARIADB_ROOT_PASSWORD} --all-databases | restic --verbose backup --stdin --stdin-filename="mariadb.sql"
# Backup files
restic --verbose backup vw_data backup.sh --exclude vw_data/icon_cache
Automatically starting the backup script
See How To Create A Systemd Backup Timer & Service In 10 Seconds
TL;DR: In the directory where backup.sh resides, run
wget -qO- https://techoverflow.net/scripts/create-backup-service.sh | sudo bash /dev/stdin