docker.recipes

Restic + REST Server + Prometheus

intermediate

Fast and secure backup program with REST server.

Overview

Restic REST Server is a dedicated HTTP server that provides a REST API backend for the Restic backup tool, enabling centralized backup storage over HTTP/HTTPS. Originally developed to offer a lightweight alternative to cloud storage backends, restic-rest-server allows organizations to maintain complete control over their backup infrastructure while providing the same deduplication and encryption benefits as cloud-based solutions. This stack combines restic-rest-server with Prometheus monitoring and Grafana visualization to create a comprehensive backup solution with full operational visibility. The integration leverages restic-rest-server's built-in Prometheus metrics endpoint to track backup operations, repository health, and storage utilization in real-time. This monitoring-enabled backup infrastructure is ideal for organizations that need reliable backup services with detailed operational insights, providing both the security of on-premises storage and the observability required for enterprise backup management.

Key Features

  • Built-in Prometheus metrics endpoint for backup operation monitoring
  • Client-side AES-256 encryption with user-controlled keys
  • Content-defined chunking for optimal deduplication ratios
  • RESTful API supporting all Restic backup operations
  • Real-time backup performance visualization through Grafana dashboards
  • Repository integrity verification and corruption detection
  • Multi-client support with concurrent backup operations
  • Incremental backup tracking with detailed storage analytics

Common Use Cases

  • 1Centralized backup server for multiple Linux servers with monitoring dashboards
  • 2Docker container backup solution with operational metrics for DevOps teams
  • 3Small business backup infrastructure replacing expensive commercial solutions
  • 4Homelab backup system with professional-grade monitoring capabilities
  • 5Development environment backup with detailed storage utilization tracking
  • 6Branch office backup consolidation with central monitoring oversight
  • 7Cloud exit strategy for organizations moving backup storage in-house

Prerequisites

  • Minimum 1GB RAM for optimal Restic deduplication performance
  • Docker and Docker Compose installed on the host system
  • Available ports 3000, 8000, and 9090 for service access
  • Sufficient disk space for backup repository growth and time-series data
  • Basic understanding of Restic backup concepts and repository initialization
  • Network connectivity from backup clients to port 8000 on the Docker host

For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms

docker-compose.yml

docker-compose.yml
1services: 
2  restic-rest-server: 
3    image: restic/rest-server:latest
4    environment: 
5      - OPTIONS=--prometheus --no-auth
6    volumes: 
7      - restic-data:/data
8    ports: 
9      - "8000:8000"
10    networks: 
11      - restic-network
12    restart: unless-stopped
13
14  prometheus: 
15    image: prom/prometheus:latest
16    command: 
17      - --config.file=/etc/prometheus/prometheus.yml
18      - --storage.tsdb.path=/prometheus
19    volumes: 
20      - ./prometheus.yml:/etc/prometheus/prometheus.yml:ro
21      - prometheus-data:/prometheus
22    ports: 
23      - "9090:9090"
24    networks: 
25      - restic-network
26    restart: unless-stopped
27
28  grafana: 
29    image: grafana/grafana:latest
30    environment: 
31      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
32    volumes: 
33      - grafana-data:/var/lib/grafana
34    ports: 
35      - "3000:3000"
36    depends_on: 
37      - prometheus
38    networks: 
39      - restic-network
40    restart: unless-stopped
41
42volumes: 
43  restic-data: 
44  prometheus-data: 
45  grafana-data: 
46
47networks: 
48  restic-network: 
49    driver: bridge

.env Template

.env
1# Restic REST Server
2GRAFANA_PASSWORD=secure_grafana_password
3
4# Initialize repo:
5# restic -r rest:http://localhost:8000/myrepo init

Usage Notes

  1. 1REST server at http://localhost:8000
  2. 2Prometheus at http://localhost:9090
  3. 3Grafana at http://localhost:3000
  4. 4Initialize repo before use
  5. 5AES-256 encryption

Individual Services(3 services)

Copy individual services to mix and match with your existing compose files.

restic-rest-server
restic-rest-server:
  image: restic/rest-server:latest
  environment:
    - OPTIONS=--prometheus --no-auth
  volumes:
    - restic-data:/data
  ports:
    - "8000:8000"
  networks:
    - restic-network
  restart: unless-stopped
prometheus
prometheus:
  image: prom/prometheus:latest
  command:
    - "--config.file=/etc/prometheus/prometheus.yml"
    - "--storage.tsdb.path=/prometheus"
  volumes:
    - ./prometheus.yml:/etc/prometheus/prometheus.yml:ro
    - prometheus-data:/prometheus
  ports:
    - "9090:9090"
  networks:
    - restic-network
  restart: unless-stopped
grafana
grafana:
  image: grafana/grafana:latest
  environment:
    - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
  volumes:
    - grafana-data:/var/lib/grafana
  ports:
    - "3000:3000"
  depends_on:
    - prometheus
  networks:
    - restic-network
  restart: unless-stopped

Quick Start

terminal
1# 1. Create the compose file
2cat > docker-compose.yml << 'EOF'
3services:
4  restic-rest-server:
5    image: restic/rest-server:latest
6    environment:
7      - OPTIONS=--prometheus --no-auth
8    volumes:
9      - restic-data:/data
10    ports:
11      - "8000:8000"
12    networks:
13      - restic-network
14    restart: unless-stopped
15
16  prometheus:
17    image: prom/prometheus:latest
18    command:
19      - --config.file=/etc/prometheus/prometheus.yml
20      - --storage.tsdb.path=/prometheus
21    volumes:
22      - ./prometheus.yml:/etc/prometheus/prometheus.yml:ro
23      - prometheus-data:/prometheus
24    ports:
25      - "9090:9090"
26    networks:
27      - restic-network
28    restart: unless-stopped
29
30  grafana:
31    image: grafana/grafana:latest
32    environment:
33      - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_PASSWORD}
34    volumes:
35      - grafana-data:/var/lib/grafana
36    ports:
37      - "3000:3000"
38    depends_on:
39      - prometheus
40    networks:
41      - restic-network
42    restart: unless-stopped
43
44volumes:
45  restic-data:
46  prometheus-data:
47  grafana-data:
48
49networks:
50  restic-network:
51    driver: bridge
52EOF
53
54# 2. Create the .env file
55cat > .env << 'EOF'
56# Restic REST Server
57GRAFANA_PASSWORD=secure_grafana_password
58
59# Initialize repo:
60# restic -r rest:http://localhost:8000/myrepo init
61EOF
62
63# 3. Start the services
64docker compose up -d
65
66# 4. View logs
67docker compose logs -f

One-Liner

Run this command to download and set up the recipe in one step:

terminal
1curl -fsSL https://docker.recipes/api/recipes/restic-backup-server/run | bash

Troubleshooting

  • Repository does not exist error: Initialize the repository using 'restic -r rest:http://localhost:8000/repo init' before first backup
  • Prometheus metrics not appearing: Verify restic-rest-server started with --prometheus flag and check port 8000/metrics endpoint
  • Grafana shows no data: Confirm prometheus.yml includes restic-rest-server target at restic-rest-server:8000
  • High memory usage during backup: Adjust Restic's --limit-download and --limit-upload flags to reduce concurrent operations
  • Permission denied on volumes: Check Docker volume permissions and ensure containers can write to mounted directories
  • Connection refused from Restic client: Verify restic-rest-server is accessible on port 8000 and network connectivity is established

Community Notes

Loading...
Loading notes...

Download Recipe Kit

Get all files in a ready-to-deploy package

Includes docker-compose.yml, .env template, README, and license

Components

restic-rest-serverprometheusgrafana

Tags

#restic#backup#encryption#deduplication#rest-server

Category

Storage & Backup

Related Recipes

Ad Space