CyberPanel Backups v2 Proposal

I appreciate your concerns, though they apply to Restic and any other tool that is used by Cyberpanel.

For what it’s worth, I found both Restic and Rustic to be very easy to use, with Rustic being better because it handles incremental backups properly, is faster, has a good resume mechanism etc…

I really don’t think it would be a very difficult job to integrate into Cyberpanel - I managed to build most of the CLI stuff in the PRs that I had submitted. It was just the HTML interface (Django etc…?) that I couldn’t figure out.

I hope you’ll be able to make it work - it’s a primary request for many people!

Honestly nick I was just checking rustic I was not able to find doc links on their repo.

Plus the main concern is how to restore those rustic backups if customer loose complete access to server as these are password protected repos plus it is still really slow for large files.

These were the biggest constraints and still feels the same constraint applies.

One more thing I like to add is that for backups on the active server (server which is not yet crashed), rustic/restic works.

But incase server crashes from some reason then rustic/restic wont work, because most people won’t save the password that is required to unlock repo, thus the remote repos become useless.

Another important bottleneck is still the speed. :frowning:

I believe you can use restic and Rustic without any sort of password. But that’s a non-argument anyway - the same thing applies to mysql and cyberpanel itself.

And so long as you have access to the Rustic backup repo, you can restore it to anywhere, such as a new server.

I don’t see why it would be really slow for large files - it should be faster for them than smaller ones. Plus you can configure different compression levels, or turn it off altogether. Again, in my testing long ago (and it surely has improved since then), creating and restore backups was 2-3x faster with the compression on than with it off.

Also, incremental backups are, obviously, far faster to create and restore than a full backup and take up incomparably less storage space, which allows for setting a schedule like every 30 minutes, which is more secure/reliable than infrequent large backups.

I’m quite certain that any of your concerns could be easily alleviated with some combination of reading the cli docs/help command, experimenting, and just asking the dev for help.

For me, the current backup restore works very well. I use it for moving server’s as well as the occasional restore. The simplicity of it means I can rely on it working quickly and efficiently without passwords keys etc. Sometimes simplicity is good.

Picking the location of the restore file would be very useful rather than having to use the set /home/backup.

Individual restore options, database, email, files etc would be very useful.

For rustic which docs are you using? As far as I am aware can’t create repo without password, correct me If I am wrong?

I haven’t used Rustic in 6 months, but I recall being able to type something like rustic --help to see all docs. And, again, the dev is very responsive so you could ask questions in the Github repo if anything isn’t clear. I think he’d be particularly eager to respond and help if you said you were trying to integrate it into an open source control panel.

I think it would be better to get in touch as we are in really initial stage now. Let see how it goes, but if it works the same as restic, my hand would be tied as to avoid using it.

Here’s how to access the docs/cli options

What do you mean by “but if it works the same as restic, my hand would be tied as to avoid using it”?

As for creating a repo without a password, I’m not sure. I suspect it is possible, but maybe not. However I’m quite confident that the dev would quickly add such a possibility if it were requested.

But, again, it’s a non-issue to me… There’s already passwords for accessing a server, using cyberpanel, accessing mysql, and for using any other service in existence. If someone can’t figure out passwords, that’s their problem, not cyberpanel. But, again, I’m quite sure it would be possible to set up backups without any passwords) other than the pw required to access whatever rclone-compatible data store is being used

Moreover, restic - which is already used by cyberpanel - has the same password mechanism, which im pretty sure you’ve just been storing in a plaintext file somewhere on the server, just as you do for the mysql password.

Edit: I’ve created issues in Rustic to request being able to create repos without a password and without encryption. We’ll see what the dev says.

I also use Linode as host and they do offer S3 compatible storage - would be nice it we could use any S3 compatible storage.

The more options the users has, the better, that way we are not locked to whatever is provided. You could even make it a “paid” addon feature.

With failed email notifications as well - imagine you think your stuff is backing up and month later you check that an important backup has failed and you are not even aware. That would drive clients to not use your product.

1 Like

First of all:

Website backup - if anyone of you have not tried Akeeba Backup (Wordpress or Joomla) you should check it and see how things are done there.
In the pro version, you can choose to backup to a variety of external storage. You can schedule however you like - and decide if you want to do the whole website incl database or just the database+++

I would also like to suggest Nextcloud as a possible target for storage/backup.

As Nextcloud does WebDAV, that would be a good general option to add.

Rustic Dev confirmed it can be used without password - just enter a blank string. Allow empty passwords · Issue #433 · rustic-rs/rustic · GitHub

Again, it really seems like the ideal tool for the job. It would work well with the existing restic mechanism, while resolving all the problems with restic. And, as shown here, the dev is very responsive (replied in well under an hour) and eager for collaboration.

Dear Nick,

I hope this message finds you well. I wanted to share some important information with you about the command currently being used by CyberPanel to create restic backups.

The command in use is as follows:

bash

restic -r /home/cyberpanel.net/incbackup backup /home/cyberpanel.net/meta.xml --password-file /home/cyberpanel.net/cyberpanel.net --exclude /home/cyberpanel.net/incbackup --exclude /home/cyberpanel.net/backup

I’d like to draw your attention to the --password-file /home/cyberpanel.net/cyberpanel.net argument which is used both during backup creation and restoration. This password is essential, even for remote backups such as AWS.

It is worth noting that for SFTP and other normal backups, passwords are not required to restore or access backup files. However, in the case of restoring incremental backups, it is crucial to have this password.

In the event that a user is unaware of the password file and their server crashes, they may be unable to restore their backups. To address this issue, we can take one of two approaches: firstly, we can educate the user about the importance of the password and encourage them to save it locally. Secondly, we can explore alternative backup tools that do not require a password.

It’s important to note that the restic/rustic password is distinct from other passwords such as SSH or MySQL. If a server crashes, the backups become the most critical aspect of recovery, and without the restic/rustic password, the backups are useless.

However, there may be workarounds available, such as using different backup tools. Additionally, we can take proactive steps by ensuring users are aware of the importance of saving passwords in a safe location.

Please let me know if you have any questions or concerns. Thank you for your time.

Best regards,

1 Like

OK, now that makes things interesting. Lets explore.

2 Likes

I’m lieked the way things go here. :sunglasses::rocket:

I only know one thing, the cyberpanel will be one of the main ones very soon. Even a giant like hostinger/weblink has already joined. You guys have a great job. :clap::clap:

Thanks for the nice and detailed response! My point about passwords was that we already use and manage numerous passwords per server, and likely dozens or hundreds through life. So a backup password really isn’t a big deal.

Anyway, Rustic doesn’t require one like Restic does, so there’s no concern. It’s just one of many ways in which it is a far superior tool, so I’m glad that you’ll give it some serious consideration now! Let me know if you have any other questions.

Perhaps an option in the backup schedule to auto-add websites from a certain package. At this moment you need to hand-pick the sites to backup. Maybe add a toggle there to select the package to use as site-list.

That way you keep the backup settings at the backup settings. Would that make sense?

OK Nick, I was just out with the team during the week-end.

I am gonna do some boiler plate code to see how we can get rustic going.

We will start with the installation of it, then backups and see how we can make use of it.

By the way thanks for the input in this regards so far.

PS: Attaching the picture of where our team spent the weekend.

4 Likes

Looks like a beautiful place! I hope you guys had a great time.

Let me know if you have any questions while testing Rustic!