3 min read

Restic on Synology

Restic on Synology

Ever wondered how to backup your NAS so you still have your data when the house burns down? Well, look no further! Restic is an awesome deduplicating backup program (like borgbackup) with the advantage that it doesn't need a special server. Any remote is fine and it supports rclone out of the box. The disadvantage compared to borgbackup is the lack of compression.

In this guide I'll setup a restic docker container on my Synology NAS with an rclone backend for monthly backups, keeping 12 versions. First off, you need to choose which server to backup your data to. I chose JottaCloud because they're based in Europe (feels better privacy wise, even though the data will be encrypted) and they're quite affordable.

On to the setup: If you haven't installed the docker package, do so now. Then login via SSH with the admin account and promote yourself to root with sudo su. Now install rclone locally on your NAS with the following command:

curl https://rclone.org/install.sh | sudo bash

Rclone is not needed on the NAS itself for the docker image to function properly, but we need it to setup the configuration. To configure rclone with your backend of choice type rclone config --config /volume1/docker/rclone.conf and go through the setup. The rclone docs have more information on every backend available. For JottaCloud it will look something like the following (adapted from the rclone docs). Don't forget to generate your login token on the web client. Choose the Jotta device and Archive mountpoint:

No remotes found - make a new one
n) New remote
s) Set configuration password
q) Quit config
n/s/q> n
name> jotta
Type of storage to configure.
Enter a string value. Press Enter for the default ("").
Choose a number from below, or type in your own value
XX / Jottacloud
   \ "jottacloud"
Storage> jottacloud
** See help for jottacloud backend at: https://rclone.org/jottacloud/ **

Edit advanced config? (y/n)
y) Yes
n) No
y/n> n
Remote config

Generate a personal login token here: https://www.jottacloud.com/web/secure
Login Token> <your token here>

Do you want to use a non standard device/mountpoint e.g. for accessing files uploaded using the official Jottacloud client?

y) Yes
n) No
y/n> y
Please select the device to use. Normally this will be Jotta
Choose a number from below, or type in an existing value
 1 > DESKTOP-3H31129
 2 > fla1
 3 > Jotta
Devices> 3
Please select the mountpoint to user. Normally this will be Archive
Choose a number from below, or type in an existing value
 1 > Archive
 2 > Links
 3 > Sync
Mountpoints> 1
type = jottacloud
user = 0xC4KE@gmail.com
token = {........}
device = Jotta
mountpoint = Archive
configVersion = 1
y) Yes this is OK
e) Edit this remote
d) Delete this remote
y/e/d> y

This will create a configuration in a the docker shared folder that can be accessed by the containers. To create the docker container running restic we'll be using the lobaro/restic-backup-docker:latest image. If it is not available for your architecture you might need to build it yourself first. Just create a folder named restic in your home folder and create a docker-compose.yml with your configuration inside. I do this, because the compose files themselves can be easily backed up. Here's mine:

version: '3'

    image: lobaro/restic-backup-docker:latest
    hostname: nas
    restart: always
    privileged: true
      - type: bind
        source: /volume1/homes
        target: /data/homes
        read_only: true
      - type: bind
        source: /volume1/docker/nextcloud
        target: /data/nextcloud
        read_only: true
        # ...
      - /volume1/docker/rclone.conf:/root/.config/rclone/rclone.conf
      - RESTIC_REPOSITORY=rclone:jotta:backup
      - RESTIC_PASSWORD=SecurePassWordResticUsesForEncryption
      - BACKUP_CRON=30 0 3 * * # Backup on the 3rd of every month at 0h30
      - RESTIC_FORGET_ARGS=--prune --keep-last 12
      - MAILX_ARGS=-r 'nas@mydomain.tld' -S smtp='smtp.mymailserver.tld:587' -S smtp-use-starttls -S smtp-auth-user='nas@mydomain.tld' -S smtp-auth-password='SMTPsendPassword' 'nas@mydomain.tld'

Again, for more options see lobaro/restic-backup-docker on Github. Notice the inclusion of the rclone.conf under volumes and the RESTIC_REPOSITORY environment variable with rclone:jotta:backup configuring restic to use the rclone backend with the target jotta we configured before and the backup repository, that will be created automatically on the first run.

Now all you need to do is run docker-compose up -d to start the container. If you want to start a backup run manually, you can use the following command inside the folder with the docker-compose.yml file:

docker-compose exec -d restic /bin/backup

Feel free to drop me an email anytime at blog@stabel.family if you have any questions, suggestions or feedback.