Backup VestaCP with Restic [Ubuntu]

Now that my VestaCP install is north of 100GB, backups are becoming more challenging.

To achieve an extra level of security, I started backing up my server to S3 using Restic.

Backup VestaCP with Restic
Backup VestaCP with Restic

Here are the steps I took to achieve this.

1. SSH into your box.
ssh root@IP

2. Install Restic
apt install restic

*if you don’t have AWS CLI installed, here is a handy tutorial

3. Tell your box what credentials to use when connecting to AWS S3 by copy ‘n pasting this into terminal:
export AWS_ACCESS_KEY_ID="########"
export AWS_SECRET_ACCESS_KEY="########"

*Lost on finding your AWS credentials? Here is where to find help

4. Initiate the bucket:
restic -r s3:s3.amazonaws.com/BUCKET init

Enter a password, if you lose that password, you’re no bueno!

5. Begin the backup, this could take a few hours.
restic -r s3:s3.amazonaws.com/BUCKET backup /home --exclude /home/backup

Remember to replace BUCKET with your S3 bucket name. You will want to exclude your backup section.

6. Here is how you can view your snapshots saved to S3:
restic -r s3:s3.amazonaws.com/BUCKET snapshots

7. Need to delete one? Try this:
restic -r s3:s3.amazonaws.com/BUCKET forget #####
Replace # with the snapshot ID

8. Looking to create a cron job? Create a SH script and add it to VestaCP / CRON:

cd home
nano backup-script.sh

Adding this info to your SH file:
# backup-script.sh
export AWS_ACCESS_KEY_ID="####"
export AWS_SECRET_ACCESS_KEY="####"
export RESTIC_REPOSITORY="s3:s3.amazonaws.com/BUCKET"
export RESTIC_PASSWORD="###"

restic -r s3:s3.amazonaws.com/BUCKET backup /home --exclude /home/backup
restic -r s3:s3.amazonaws.com/BUCKET forget -q --prune --keep-hourly 24 --keep-daily 7

I’m telling my backup to keep 1 backup an hour, for 7 days. If you make 3 backups in the past hour, it will delete 2 and save 1, then prune / consolidate chunks / organize the backups so you aren’t charged for extra storage.

9. Now you need to tell Vesta when to run the backup + where to log the process:

Cron Jobs
Cron Jobs

/home/backupscript.sh > /home/backupscript.log 2>&1

I have this set for every day at 2am.

Update, Dec 31st 2018:

Using B2 Backblaze

Some people showed interest in using Backblaze + adding mySQLdump. 

The setup is basically the same as using AWS S3, but instead you use B2 Account ID + Key:

export B2_ACCOUNT_ID="ENTER-UR-ID-NUMBER"
export B2_ACCOUNT_KEY="ENTER-UR-SECRET-KEY"

restic -r b2:BUCKET init

export RESTIC_REPOSITORY="b2:BUCKET"
export RESTIC_PASSWORD="###"

restic -r b2:BUCKET backup /home --exclude /home/backup
restic -r b2:BUCKET forget -q --prune --keep-hourly 24 --keep-daily 7

Adding mySQLdump to the mix

You can dump all of your databases into a single file by using the following command:

mysqldump -u root -p --all-databases > alldb.sql

You may want to use some of these options:

mysqldump -u root -p --opt --all-databases > alldb.sql
mysqldump -u root -p --all-databases --skip-lock-tables > alldb.sql

Import:

mysql -u root -p < alldb.sql

Isaac Adams-Hands

Full Stack Developer, Digital Marketer, and InfoSec enthusiast. He received his Bachelor’s Degree from the University of Western Sydney and his Business Diploma from Georgian College before joining various marketing positions in search portals, e-commerce, higher education, and addiction recovery services.

Follow @ twitter

Related posts

Staying off mailing lists

Just saw an article I would like to read, but I noticed it was set up that you had to give all of your information to the business. Normally, I don’t mind, but this time I found how much I had to give away (personal information) wasn’t worth the skimming I’d most likely do when… Read More

Remove a repository in source list using terminal

List You can remove the repository from the sources list using terminal. Find First you need to find your lists: sudo ls /etc/apt/sources.list.d Command Look for your desire PPA here and then remove the PPA using the following command: sudo rm -i /etc/apt/sources.list.d/PPA_Name.list