restserver

package module
v0.12.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 9, 2023 License: BSD-2-Clause Imports: 25 Imported by: 5

README

Rest Server

Status badge for CI tests Go Report Card GoDoc License Powered by

Rest Server is a high performance HTTP server that implements restic's REST backend API. It provides secure and efficient way to backup data remotely, using restic backup client via the rest: URL.

Requirements

Rest Server requires Go 1.17 or higher to build. The only tested compiler is the official Go compiler. Building server with gccgo may work, but is not supported.

The required version of restic backup client to use with rest-server is v0.7.1 or higher.

Build

For building the rest-server binary run CGO_ENABLED=0 go build -o rest-server ./cmd/rest-server

Usage

To learn how to use restic backup client with REST backend, please consult restic manual.

$ rest-server --help

Run a REST server for use with restic

Usage:
  rest-server [flags]

Flags:
      --append-only            enable append only mode
      --cpu-profile string     write CPU profile to file
      --debug                  output debug messages
  -h, --help                   help for rest-server
      --htpasswd-file string   location of .htpasswd file (default: "<data directory>/.htpasswd")
      --listen string          listen address (default ":8000")
      --log filename           write HTTP requests in the combined log format to the specified filename
      --max-size int           the maximum size of the repository in bytes
      --no-auth                disable .htpasswd authentication
      --no-verify-upload       do not verify the integrity of uploaded data. DO NOT enable unless the rest-server runs on a very low-power device
      --path string            data directory (default "/tmp/restic")
      --private-repos          users can only access their private repo
      --prometheus             enable Prometheus metrics
      --prometheus-no-auth     disable auth for Prometheus /metrics endpoint
      --tls                    turn on TLS support
      --tls-cert string        TLS certificate path
      --tls-key string         TLS key path
  -v, --version                version for rest-server

By default the server persists backup data in the OS temporary directory (/tmp/restic on Linux/BSD and others, in %TEMP%\\restic in Windows, etc). If rest-server is launched using the default path, all backups will be lost. To start the server with a custom persistence directory and with authentication disabled:

rest-server --path /user/home/backup --no-auth

To authenticate users (for access to the rest-server), the server supports using a .htpasswd file to specify users. By default, the server looks for this file at the root of the persistence directory, but this can be changed using the --htpasswd-file option. You can create such a file by executing the following command (note that you need the htpasswd program from Apache's http-tools). In order to append new user to the file, just omit the -c argument. Only bcrypt and SHA encryption methods are supported, so use -B (very secure) or -s (insecure by today's standards) when adding/changing passwords.

htpasswd -B -c .htpasswd username

If you want to disable authentication, you must add the --no-auth flag. If this flag is not specified and the .htpasswd cannot be opened, rest-server will refuse to start.

NOTE: In older versions of rest-server (up to 0.9.7), this flag does not exist and the server disables authentication if .htpasswd is missing or cannot be opened.

By default the server uses HTTP protocol. This is not very secure since with Basic Authentication, user name and passwords will be sent in clear text in every request. In order to enable TLS support just add the --tls argument and add a private and public key at the root of your persistence directory. You may also specify private and public keys by --tls-cert and --tls-key.

Signed certificate is normally required by the restic backend, but if you just want to test the feature you can generate password-less unsigned keys with the following command:

openssl req -newkey rsa:2048 -nodes -x509 -keyout private_key -out public_key -days 365 -addext "subjectAltName = IP:127.0.0.1,DNS:yourdomain.com"

Omit the IP:127.0.0.1 if you don't need your server be accessed via SSH Tunnels. No need to change default values in the openssl dialog, hitting enter every time is sufficient. To access this server via restic use --cacert public_key, meaning with a self-signed certificate you have to distribute your public_key file to every restic client.

The --append-only mode allows creation of new backups but prevents deletion and modification of existing backups. This can be useful when backing up systems that have a potential of being hacked.

To prevent your users from accessing each others' repositories, you may use the --private-repos flag which grants access only when a subdirectory with the same name as the user is specified in the repository URL. For example, user "foo" using the repository URLs rest:https://foo:pass@host:8000/foo or rest:https://foo:pass@host:8000/foo/ would be granted access, but the same user using repository URLs rest:https://foo:pass@host:8000/ or rest:https://foo:pass@host:8000/foobar/ would be denied access. Users can also create their own subrepositories, like /foo/bar/.

Rest Server uses exactly the same directory structure as local backend, so you should be able to access it both locally and via HTTP, even simultaneously.

Systemd

There's an example systemd service file included with the source, so you can get Rest Server up & running as a proper Systemd service in no time. Before installing, adapt paths and options to your environment.

Docker

Rest Server works well inside a container, images are published to Docker Hub.

Start server

You can run the server with any container runtime, like Docker:

    docker pull restic/rest-server:latest
    docker run -p 8000:8000 -v /my/data:/data --name rest_server restic/rest-server

Note that:

  • contrary to the defaults of rest-server, the persistent data volume is located to /data.
  • By default, the image uses authentication. To turn it off, set environment variable DISABLE_AUTHENTICATION to any value.
  • By default, the image loads the .htpasswd file from the persistent data volume (i.e. from /data/.htpasswd). To change the location of this file, set the environment variable PASSWORD_FILE to the path of the .htpasswd file. Please note that this path must be accessible from inside the container and should be persisted. This is normally done by bind-mounting a path into the container or with another docker volume.
  • It's suggested to set a container name to more easily manage users (--name parameter to docker run).
  • You can set environment variable OPTIONS to any extra flags you'd like to pass to rest-server.
Customize the image

The published image is built from the Dockerfile available on this repository, which you may use as a basis for building your own customized images.

    git clone https://github.com/restic/rest-server.git 
    cd rest-server
    docker build -t restic/rest-server:latest .
Manage users
Add user
docker exec -it rest_server create_user myuser

or

docker exec -it rest_server create_user myuser mypassword
Delete user
docker exec -it rest_server delete_user myuser

Prometheus support and Grafana dashboard

The server can be started with --prometheus to expose Prometheus metrics at /metrics. If authentication is enabled, this endpoint requires authentication for the 'metrics' user, but this can be overridden with the --prometheus-no-auth flag.

This repository contains an example full stack Docker Compose setup with a Grafana dashboard in examples/compose-with-grafana/.

Why use Rest Server?

Compared to the SFTP backend, the REST backend has better performance, especially so if you can skip additional crypto overhead by using plain HTTP transport (restic already properly encrypts all data it sends, so using HTTPS is mostly about authentication).

But, even if you use HTTPS transport, the REST protocol should be faster and more scalable, due to some inefficiencies of the SFTP protocol (everything needs to be transferred in chunks of 32 KiB at most, each packet needs to be acknowledged by the server).

One important safety feature that Rest Server adds is the optional ability to run in append-only mode. This prevents an attacker from wiping your server backups when access is gained to the server being backed up.

Finally, the Rest Server implementation is really simple and as such could be used on the low-end devices, no problem. Also, in some cases, for example behind corporate firewalls, HTTP/S might be the only protocol allowed. Here too REST backend might be the perfect option for your backup needs.

Contributors

Contributors are welcome, just open a new issue / pull request.

Documentation

Index

Constants

View Source 
const CheckInterval = 30 * time.Second

CheckInterval represents how often we check for changes in htpasswd file.

View Source 
const MaxFolderDepth = 2

MaxFolderDepth is the maxDepth param passed to splitURLPath. A max depth of 2 mean that we accept folders like: '/', '/foo' and '/foo/bar' TODO: Move to a Server option

View Source 
const PasswordCacheDuration = time.Minute

PasswordCacheDuration represents how long authentication credentials are cached in memory after they were successfully verified. This allows avoiding repeatedly verifying the same authentication credentials.

Variables

This section is empty.

Functions

func NewHandler added in v0.9.8 

func NewHandler(server *Server) (http.Handler, error)

NewHandler returns the master HTTP multiplexer/router.

Types

type HtpasswdFile 

type HtpasswdFile struct {
	// contains filtered or unexported fields
}

HtpasswdFile is a map for usernames to passwords.

func NewHtpasswdFromFile 

func NewHtpasswdFromFile(path string) (*HtpasswdFile, error)

NewHtpasswdFromFile reads the users and passwords from a htpasswd file and returns them. If an error is encountered, it is returned, together with a nil-Pointer for the HtpasswdFile.

func (*HtpasswdFile) Reload added in v0.9.6 

func (h *HtpasswdFile) Reload() error

Reload reloads the htpasswd file. If the reload fails, the Users map is not changed and the error is returned.

func (*HtpasswdFile) ReloadCheck added in v0.9.6 

func (h *HtpasswdFile) ReloadCheck() error

ReloadCheck checks at most once per CheckInterval if the file changed and will reload the file if it did. It logs errors and successful reloads, and returns an error if any was encountered.

func (*HtpasswdFile) Validate 

func (h *HtpasswdFile) Validate(user string, password string) bool

Validate returns true if password matches the stored password for user. If no password for user is stored, or the password is wrong, false is returned.

type Server added in v0.9.8 

type Server struct {
	Path             string
	HtpasswdPath     string
	Listen           string
	Log              string
	CPUProfile       string
	TLSKey           string
	TLSCert          string
	TLS              bool
	NoAuth           bool
	AppendOnly       bool
	PrivateRepos     bool
	Prometheus       bool
	PrometheusNoAuth bool
	Debug            bool
	MaxRepoSize      int64
	PanicOnError     bool
	NoVerifyUpload   bool
	// contains filtered or unexported fields
}

Server encapsulates the rest-server's settings and repo management logic

func (*Server) ServeHTTP added in v0.11.0 

func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request)

ServeHTTP makes this server an http.Handler. It handlers the administrative part of the request (figuring out the filesystem location, performing authentication, etc) and then passes it on to repo.Handler for actual REST API processing.

Source Files

View all Source files

Directories

Path Synopsis
cmd
rest-server

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.