Scott.Idem/Cortex-Inara
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7c3291960a64f0617b81c01c4f1f11611144dc62
Cortex-Inara/backup.sh
Scott Idem 576f22216a feat: restic backup of home/ with systemd daily timer 
- backup.sh — backs up home/ (persona data, memory, tasks, crons) to a
  local restic repo; auto-generates password on first run, prunes to
  7d/4w/6m retention; excludes sessions/ and session_data/
- install.py — setup_backup_timer() installs cortex-backup.service +
  cortex-backup.timer (daily 03:00, Persistent=true); skips gracefully
  if restic is not installed

Password lives at ~/.config/cortex/restic-password (chmod 600, not in git).
Repo defaults to ~/backups/cortex-home-restic; override via RESTIC_REPOSITORY.

Per-user encrypted backup is a noted future feature.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-08 19:36:22 -04:00

71 lines
2.7 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# backup.sh — restic backup of Cortex persona/home data
#
# Backs up the home/ directory (all user persona files, memory, tasks, crons).
# Code is in git; this covers everything git intentionally excludes.
#
# Config — override via environment or edit here:
REPO_DIR="${RESTIC_REPOSITORY:-$HOME/backups/cortex-home-restic}"
PASSWORD_FILE="${RESTIC_PASSWORD_FILE:-$HOME/.config/cortex/restic-password}"
SOURCE="$(cd "$(dirname "$0")" && pwd)/home"
# Retention policy
KEEP_DAILY=7
KEEP_WEEKLY=4
KEEP_MONTHLY=6
# ── Preflight ─────────────────────────────────────────────────────────────────
set -euo pipefail
if ! command -v restic &>/dev/null; then
echo "ERROR: restic not found. Install with: sudo pacman -S restic" >&2
exit 1
fi
if [[ ! -d "$SOURCE" ]]; then
echo "ERROR: source directory not found: $SOURCE" >&2
exit 1
fi
# ── Password setup ────────────────────────────────────────────────────────────
if [[ ! -f "$PASSWORD_FILE" ]]; then
mkdir -p "$(dirname "$PASSWORD_FILE")"
chmod 700 "$(dirname "$PASSWORD_FILE")"
python3 -c "import secrets; print(secrets.token_urlsafe(32))" > "$PASSWORD_FILE"
chmod 600 "$PASSWORD_FILE"
echo "Generated new restic password: $PASSWORD_FILE"
echo "IMPORTANT: back this file up separately — you need it to restore."
fi
export RESTIC_REPOSITORY="$REPO_DIR"
export RESTIC_PASSWORD_FILE="$PASSWORD_FILE"
# ── Init repo if needed ───────────────────────────────────────────────────────
if [[ ! -d "$REPO_DIR" ]]; then
echo "Initializing restic repository at $REPO_DIR"
restic init
fi
# ── Backup ────────────────────────────────────────────────────────────────────
echo "Backing up $SOURCE$REPO_DIR"
restic backup "$SOURCE" \
--exclude="**/sessions" \
--exclude="**/session_data" \
--tag "cortex-home"
# ── Prune ─────────────────────────────────────────────────────────────────────
restic forget \
--keep-daily "$KEEP_DAILY" \
--keep-weekly "$KEEP_WEEKLY" \
--keep-monthly "$KEEP_MONTHLY" \
--tag "cortex-home" \
--prune
echo "Backup complete."
restic snapshots --tag cortex-home --last 3
Reference in New Issue View Git Blame Copy Permalink