Nightly restic backups — encrypted, deduplicated, incremental. Retention: 7 daily, 4 weekly, 3 monthly.Documentation Index
Fetch the complete documentation index at: https://docs.augustin.ai/llms.txt
Use this file to discover all available pages before exploring further.
Schedule
All times are local. Runs via crontab on each machine.| Time | Machine | What |
|---|---|---|
| 2:45am | i3 | Stalwart email export (JMAP export of root@augustin.ai to stalwart/data/export/) |
| 3:00am | i3 | Full i3 backup to AWS S3 |
| 4:00am | Pentium | Full Pentium backup to AWS S3 |
Destination
All backups go to a single S3 bucket with per-machine prefixes:| Source | S3 Path |
|---|---|
| i3 | s3:s3.us-west-2.amazonaws.com/augustin-backups/i3 |
| Pentium | s3:s3.us-west-2.amazonaws.com/augustin-backups/pentium |
restic-backup has scoped access to the augustin-backups bucket only. Credentials stored in scripts/.aws-env on both machines.
What’s Backed Up
- All of
/home/user/apps(config, data, compose files) - Database dumps created before backup runs:
- Matrix/Synapse:
docker exec matrix-db pg_dumpall→matrix/matrix-db-dump.sql - Miniflux:
docker exec miniflux-db pg_dumpall→reader/miniflux-db-dump.sql
- Matrix/Synapse:
- Stalwart email export (JMAP) →
stalwart/data/export/ - Tarball of all
.envfiles →env-backup.tar.gz
Scripts
scripts/backup-i3.sh— dumps databases, collects .env files, runs restic to S3, prunesscripts/backup-pentium.sh— collects .env files, runs restic to S3, prunesstalwart/backup-email.sh— exports Stalwart email account via JMAP CLI
Bootstrap Secrets
Stored in Apple Passwords — everything needed to restore from scratch:- Restic repository password
- AWS credentials for
restic-backupIAM user - GitHub SSH key