# restic-manager

restic-manager is a self-hosted, browser-based, single-pane-of-glass
for managing [restic](https://restic.net) backups across a fleet of
Linux and Windows endpoints. It's designed for **small fleets** —
the original target was twelve endpoints — and **one operator**.

## What it does

- Centralised view of every endpoint's last backup, repo size,
  snapshot count, and recent jobs.
- Trigger any restic operation remotely (`backup`, `forget`, `prune`,
  `check`, `unlock`, `snapshots`, `stats`, `diff`, `restore`).
- Per-host backup schedules with source groups (named bundles of
  paths + retention policy).
- Live job log streamed to the browser; downloadable as text or NDJSON.
- Restore wizard with snapshot tree browse + path selection.
- Repo-level health surfacing (size, raw size, last-check, lock
  state) plus a 30/90-day size trend.
- Alerting over webhook, ntfy, or SMTP.
- Cross-platform agent (Linux + Windows).
- Append-only-credential-friendly with a separate admin credential
  for forget/prune.

## What it isn't

- **Not a SaaS.** Single-instance, single-tenant, by design.
- **Not a replacement for restic** — it's a control plane. The agent
  shells out to a real `restic` binary.
- **Not highly available.** SQLite, single process; if you need
  HA backups, you're shopping in the wrong aisle.
- **Not a multi-protocol backup tool.** restic only.

## How it fits together

```
┌──────────────────────────────────────────────┐
│  Server (control plane, Docker)              │
│   - REST + WebSocket API                     │
│   - SQLite store                             │
│   - Embedded HTMX UI                         │
└──────────┬─────────────────────────┬─────────┘
           │ outbound WS              │ HTTP(S)
           │                          │
┌──────────▼──────────┐    ┌──────────▼─────────┐
│  Agent (per host)   │    │  Browser (operator) │
│   - restic wrapper  │    └─────────────────────┘
│   - cron for sched. │
└──────────┬──────────┘
           │ restic
┌──────────▼──────────────────────────────────┐
│  rest-server / S3 / SFTP / local repo       │
│  (the actual backup data — server never     │
│   touches it)                               │
└─────────────────────────────────────────────┘
```

The control plane is a Go binary that runs in Docker. Each endpoint
runs a small Go agent that holds an outbound WebSocket to the
control plane. Backup data flows directly between the agent and the
restic repository — the control plane never sees a snapshot byte.

## Where to start

- [Installing the server](./getting-started/install.md) walks
  through the Docker-based reference deployment.
- [Enrolling your first host](./getting-started/enrolling-hosts.md)
  covers the install scripts and the announce-and-approve flow.
- [Architecture](./concepts/architecture.md) is the right read if
  you want to know why something is the way it is before running
  the install.

## Project status

Pre-1.0 but feature-complete for the original use case. Phases
0–4 are landed (MVP, scheduling, restore, RBAC + OIDC); Phase 5
(this docs site, contributor onboarding, end-to-end CI) is in
flight. See [`tasks.md`](https://gitea.dcglab.co.uk/steve/restic-manager/src/branch/main/tasks.md)
for the live roadmap and [`spec.md`](https://gitea.dcglab.co.uk/steve/restic-manager/src/branch/main/spec.md)
for the canonical design doc.

## License

[PolyForm Noncommercial 1.0.0](https://polyformproject.org/licenses/noncommercial/1.0.0/).
Personal and community deployments welcome; commercial use
requires a separate license.