Add FORGET env variable to run restic forget #39

New Issue

Open

opened 2023-11-10 14:45:39 +00:00 by p4u1 · 2 comments

p4u1 commented 2023-11-10 14:45:39 +00:00

Owner

Copy Link

FORGET is a string which should contain a list of flags according to the official documentation

When FORGET is set restic froget $FORGET is run after startup.

`FORGET` is a string which should contain a list of flags according to [the official documentation](https://restic.readthedocs.io/en/stable/060_forget.html#removing-snapshots-according-to-a-policy) When `FORGET` is set `restic froget $FORGET` is run after startup.

👍 1

moritz commented 2023-12-07 17:37:38 +00:00

Owner

Copy Link

What about adding restic froget $FORGET as cronjob if $FORGET is set?

I'm asking myself for a while about a smart pruning strategy without exposing delete permissions to the backupbot and risking the data. I would always recommend to setup the backup remote storage with read and append only permissions without being able to delete snapshots, for the case the backupbot or it's host system got compromised.

Therefore we need extra credentials to access the remote storage for pruning old backups, and keeping these credentials very safe. I don't really see a safe way aside manually pruning the backups in a reasonable interval.
I'm not sure if the backupbot could help us and if we at least prune all backupbot instances at once.

What about adding `restic froget $FORGET` as cronjob if `$FORGET` is set? I'm asking myself for a while about a smart pruning strategy without exposing delete permissions to the backupbot and risking the data. I would always recommend to setup the backup remote storage with read and append only permissions without being able to delete snapshots, for the case the backupbot or it's host system got compromised. Therefore we need extra credentials to access the remote storage for pruning old backups, and keeping these credentials very safe. I don't really see a safe way aside manually pruning the backups in a reasonable interval. I'm not sure if the backupbot could help us and if we at least prune all backupbot instances at once.

dwaxweiler commented 2025-02-06 09:48:55 +00:00

Copy Link

Such a feature would be really useful, especially if you have limited backup storage capacities.

@moritz, you are mentioning manual pruning. How do you do it?

Such a feature would be really useful, especially if you have limited backup storage capacities. @moritz, you are mentioning manual pruning. How do you do it?

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

prom-mon

feature/dockerfile

bb2-classic

feature/selective_paths

list

enable-label

backupbot_revolution

backup_volumes

multi_path

2.3.0+2.3.0-beta

2.2.0+2.2.1-beta

2.1.0+2.2.0-beta

2.0.1+2.1.1-beta

1.0.0+2.0.0-beta

0.2.0+1.0.0

Labels

Clear labels

bug

Something is not working

duplicate

This issue or pull request already exists

enhancement

New feature

help wanted

Need some help

invalid

Something is wrong

question

More information is needed

wontfix

This won't be fixed

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

3wordchant aadil abra-bot ammaratef45 Apfelwurm appletalk arjan basebuilder Brooke carla cas codegod100 coopcloud decentral1se fauno flancian Frando iexos javielico kawaiipunk knoflook lambdabundesverband mac-chaffee marlon mayel mirsal moritz nicksellen notplants p4u1 pau renovate-bot rix sef simon stevensting tobias trav val virtualboys wolcen wykwit xynosis yksflip

No Assignees

3 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/backup-bot-two#39

No description provided.