Restic backup script for Vaultwarden

Note: Related posts:

How To Install Restic REST Server On Synology NAS for the server setup (you can also use other backends)
Our docker-compose-based Vaultwarden setup: Simple 5-minute MySQL Vaultwarden setup using docker-compose

Configuring the backup script

First, generate the encryption password using

pwgen 30 > .restic_password

Make sure to back up this password separately or ALL YOUR DATA WILL BE LOST!

Now create backup.sh in the same directory as docker-compose.yml:

#!/bin/bash
export NAME=$(basename $(pwd))
export RESTIC_REPOSITORY=rest:http://restic:abc123@10.1.2.3:16383/$NAME
export RESTIC_PASSWORD_FILE=.restic_password

if [ ! -f "${RESTIC_PASSWORD_FILE}" ]; then
   echo "Please create .restic_password with the backup encryption password AND BACKUP THAT PASSWORD SEPARATELY!!!"
   exit 1
fi
echo "Initing repo, please ignore any 'already exists' errors"
if [ ! -f ".restic_inited" ]; then
    # Run the restic init command
    restic init

    if [ $? -eq 0 ]; then # if init successful
        # Create the initialization file
        touch ".restic_inited"
        echo "Restic initialized"
    fi
fi

# Backup
source .env
docker-compose exec -T mariadb mysqldump -uroot -p${MARIADB_ROOT_PASSWORD} --all-databases | restic --verbose backup --stdin --stdin-filename="mariadb.sql"
# Backup files
restic --verbose backup vw_data backup.sh --exclude vw_data/icon_cache

Automatically starting the backup script

See How To Create A Systemd Backup Timer & Service In 10 Seconds

TL;DR: In the directory where backup.sh resides, run

wget -qO- https://techoverflow.net/scripts/create-backup-service.sh | sudo bash /dev/stdin