Restore backup with restic or decrypt files

NethServer Version: 7.8

I recently had my nethserver’s hd burned. I sent for recovery and found that they were only able to recover 180GB of the more than 500GB that were there. So I’m in a complicated situation. I have the full server backup, however, as it was with RESTIC backup type, I can’t access them directly. They are encrypted.

I’ve been researching and I could see that few are successful in recovering these files … however, I was able to understand by some commands

[root @ docs ~] # / usr / sbin / e-smith / backup-data -b complete_system
Backup: full_system
Backup started at 2020-10-23 15:47:41
Pre backup scripts status: SUCCESS
Fatal: create repository at / mnt / backup-sistema_completo failed: config file already exists

Fatal: wrong password or no key found
Backup failed
Action 'backup-data-restic sistema_completo': FAIL
Backup status: FAIL

it seems that the key / password is missing for the encryption to be undone. the files are still on the HD, and there is a folder called KEYS, where it contains some important information (it seems to me).


then, after much breaking my head, I ask:
1 - Is there a place on the nethserver where I put these files so that it can return the data?

2 - What files do I have to restore from this bkp so that the data can be used again?

Thanks in advance for any help …

restore backup with restic or decrypt files.

1 Like

If you don’t have the config backup I think you cannot restore them. In config file there is restic password.
@giacomo please add a tip in doc and Cockpit to remind to backup config with restic.

Or automate a “put” of configuration file outside the server.

it would be good if he always sent it to the email, and that this email is registered at the beginning of the initial configuration.

I understand @federico.ballarini to recover this file in particular …

“Always” not. Maybe… Timely. Once every x weeks… 12?
And that can be sent “on demand” as part of “backup config and send it to the relay”

This the good and the bad of encryption. :frowning:

The best approach should be display the encryption key inside the UI and also add a warning in the doc.
This is also why the configuration backup should be downloaded once in a while.

Sadly, it’s not possible to put alongside restock backup into the cloud.

Can you try at least to recover partially the hd and grab the config backup?

I feel sorry for that :frowning:

The password for the encryption was placed in /var/lib/nethserver/secrets/restic_*

Hint for documentation: a Checklist for create the perfect “disaster recover toolkit”

180GB of almost 800 that existed was recovered.
I have yet to see these files, to see if at least this one could recover …

but from what they said, it was a Hall recovery. I don’t know what this means … but the recovery was done without the structure of posts and names … that is … unrecognizable names inside any folder … I will have trouble trying to find this backup file configuration …

the tip to show the secret key in the interface is good … since we can prepare ourselves knowing that it is very important … since it is not spoken anywhere in the old interface or in the new (cockpit).


Hello everyone…

After a long time afraid of using the same type of backup on the Nethserver, I did a test today to see how the interface is doing and the options that have changed… And I was pleasantly surprised to learn that we can now see the password for backup encryption. I was very happy. I confess that I even felt a (bad) nostalgia for the time I lost everything… but as I always say, past waters don’t move a mill.

I have already saved the password in a safe place, backed up in other places, and I also sent it to my wife, in case I die in the meantime… I took a screenshot so that there was no doubt about the password as well…

Well… Now I hope you don’t have any problems with that again…