forked from Deuxfleurs/garage
Compare commits
2 commits
main
...
doc/new-pa
Author | SHA1 | Date | |
---|---|---|---|
ced9405119 | |||
c74730aa54 |
3 changed files with 62 additions and 0 deletions
|
@ -12,6 +12,7 @@
|
||||||
- [Configuring a reverse proxy](./cookbook/reverse_proxy.md)
|
- [Configuring a reverse proxy](./cookbook/reverse_proxy.md)
|
||||||
- [Production Deployment](./cookbook/real_world.md)
|
- [Production Deployment](./cookbook/real_world.md)
|
||||||
- [Recovering from failures](./cookbook/recovering.md)
|
- [Recovering from failures](./cookbook/recovering.md)
|
||||||
|
- [Security](./cookbook/security.md)
|
||||||
|
|
||||||
- [Integrations](./connect/index.md)
|
- [Integrations](./connect/index.md)
|
||||||
- [Apps (Nextcloud, Peertube...)](./connect/apps.md)
|
- [Apps (Nextcloud, Peertube...)](./connect/apps.md)
|
||||||
|
|
|
@ -13,6 +13,60 @@ If you still want to use Borg, you can use it with `rclone mount`.
|
||||||
|
|
||||||
## Restic
|
## Restic
|
||||||
|
|
||||||
|
Create your key and bucket:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
garage key new my-key
|
||||||
|
garage bucket create backup
|
||||||
|
garage bucket allow backup --read --write --key my-key
|
||||||
|
```
|
||||||
|
|
||||||
|
Then register your Key ID and Secret key in your environment:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
export AWS_ACCESS_KEY_ID=GKxxx
|
||||||
|
export AWS_SECRET_ACCESS_KEY=xxxx
|
||||||
|
```
|
||||||
|
|
||||||
|
Configure restic from environment too:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
export RESTIC_REPOSITORY="s3:http://localhost:3900/backups"
|
||||||
|
|
||||||
|
echo "Generated password (save it safely): $(openssl rand -base64 32)"
|
||||||
|
export RESTIC_PASSWORD=xxx # copy paste your generated password here
|
||||||
|
```
|
||||||
|
|
||||||
|
Do not forget to save your password safely (in your password manager or print it). It will be needed to decrypt your backups.
|
||||||
|
|
||||||
|
Now you can use restic:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Initialize the bucket, must be run once
|
||||||
|
restic init
|
||||||
|
|
||||||
|
# Backup your PostgreSQL database
|
||||||
|
# (We suppose your PostgreSQL daemon is stopped for all commands)
|
||||||
|
restic backup /var/lib/postgresql
|
||||||
|
|
||||||
|
# Show backup history
|
||||||
|
restic snapshots
|
||||||
|
|
||||||
|
# Backup again your PostgreSQL database, it will be faster as only changes will be uploaded
|
||||||
|
restic backup /var/lib/postgresql
|
||||||
|
|
||||||
|
# Show backup history (again)
|
||||||
|
restic snapshots
|
||||||
|
|
||||||
|
# Restore a backup
|
||||||
|
# (79766175 is the ID of the snapshot you want to restore)
|
||||||
|
mv /var/lib/postgresql /var/lib/postgresql.broken
|
||||||
|
restic restore 79766175 --target /var/lib/postgresql
|
||||||
|
```
|
||||||
|
|
||||||
|
Restic has way more features than the ones presented here.
|
||||||
|
You can discover all of them by accessing its documentation from the link below.
|
||||||
|
|
||||||
*External links:* [Restic Documentation > Amazon S3](https://restic.readthedocs.io/en/stable/030_preparing_a_new_repo.html#amazon-s3)
|
*External links:* [Restic Documentation > Amazon S3](https://restic.readthedocs.io/en/stable/030_preparing_a_new_repo.html#amazon-s3)
|
||||||
|
|
||||||
## Duplicity
|
## Duplicity
|
||||||
|
|
7
doc/book/src/cookbook/security.md
Normal file
7
doc/book/src/cookbook/security.md
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
# Security
|
||||||
|
|
||||||
|
## Security Model
|
||||||
|
|
||||||
|
## Secrets
|
||||||
|
|
||||||
|
## Incident response
|
Loading…
Reference in a new issue