Extent the project to inspect remote repositories via SFTP

[morlandi]

Nice job @christianwgd 👍

I've being using Restic for some months to save remote backups from a few servers; all backups are scheduled with cron and saved to a remote storage repository via sftp; so far, I'm really satisfied with this setup, but I'ld like to have a visual user interface to keep an eye on the growing snaphots, mainly for supervision purposes.

A local Django-based web application would be my first choice, and that's why I'm here. I do believe your project could be easily adapted to work with remote repositories via sftp as well, and in case I can provide contributions as PRs. I did a quick and dirty test replacing

path = models.FilePathField(
     allow_files=False, allow_folders=True,
     verbose_name=_('Path'), path=settings.LOCAL_BACKUP_PATH
)

with

path = models.CharField(max_length=100, null=False, blank=True)

in the model Repository and the results are promising.

May I ask whether you're still interested in this project, and willing to accept PRs and discuss about possible solutions to extent it, and give advices for best coherence with the original solution ?

[christianwgd]

Hi morlandi,

your welcome! I didn’t change a lot on the project lately, because it simply fits my needs to backup my server software and data. But i remember testing it on my local mac and think this scenario should work out of the box. I try to recall some things from this project in the next days, so i can give advice.

Feel free to contribute.

Christian

Am 07.06.2022 um 13:04 schrieb morlandi @.***>:

Nice job @christianwgd https://github.com/christianwgd 👍

I've being using Restic for some months to save remote backups from a few servers; all backups are scheduled with cron and saved to a remote storage repository via sftp; so far, I'm really satisfied with this setup, but I'ld like to have a visual user interface to keep an eye on the growing snaphots, mainly for supervision purposes.

A local Django-based web application would be my first choice, and that's why I'm here. I do believe your project could be easily adapted to work with remote repositories via sftp as well, and in case I can provide contributions as PRs. I did a quick and dirty test replacing

path = models.FilePathField( allow_files=False, allow_folders=True, verbosename=('Path'), path=settings.LOCAL_BACKUP_PATH ) with

path = models.CharField(max_length=100, null=False, blank=True) in the model Repository and the results are promising.

May I ask whether you're still interested in this project, and willing to accept PRs and discuss about possible solutions to extent it, and give advices for best coherence with the original solution ?

— Reply to this email directly, view it on GitHub https://github.com/christianwgd/django_restic_gui/issues/9, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACG2A3336CFVAG7YDBJLDKLVN4UETANCNFSM5YCQLTMQ. You are receiving this because you were mentioned.

[morlandi]

Thank you @christianwgd ... but be warned that I have a few questions for you 😉

First and foremost: I am attracted by the idea of having a single public web server from which to check all my remote backups, but a little worried about the idea of entering the restic repository passwords in plain text ... any idea on how to make this more secure ? .. or maybe I could just add to the project the capability to accept requests from a specific IP .. after all that would be just a private web site which happens to be reacheable on a public IP for convenience; what do you think ?

I'm really impressed by your way to manage local settings 👏 very cool

[christianwgd]

I’ve never seen the password as a problem, because backup isn’t something i would see in the web. My restic gui server is only reachable from the local network and is password protected. What we can do is encrypting the passwords in the database. And of cause, what you suggested, limiting the access in the local network.

If you would like to access the service from outside your network, we could add some sort of two factor auth, which i did in some cases. There’s a django plugin for that.

The management of the local settings is inspired by the mezzanine cms framework, which i sometimes use, so „not invented here“ ;-)

Am 07.06.2022 um 16:11 schrieb morlandi @.***>:

Thank you @christianwgd https://github.com/christianwgd ... but be warned that I have a few questions for you 😉

First and foremost: I am attracted by the idea of having a single public web server from which to check all my remote backups, but a little worried about the idea of entering the restic repository passwords in plain text ... any idea on how to make this more secure ? .. or maybe I could just add to the project the capability to accept requests from a specific IP .. after all that would be just a private web site which happens to be reacheable on a public IP for convenience; what do you think ?

I'm really impressed by your way to manage local settings 👏 very cool

— Reply to this email directly, view it on GitHub https://github.com/christianwgd/django_restic_gui/issues/9#issuecomment-1148730396, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACG2A34TDOJZTYZ523OSDELVN5J7ZANCNFSM5YCQLTMQ. You are receiving this because you were mentioned.

[christianwgd]

Another option for the passwords would be to use the restic own --password-file option or the corresponding environment variables. But i'm not sure if this is much better, than storing the passwords encrypted in the database.

[christianwgd]

I just added encryption of passwords in the database. The migration file contains also an encryption of existing passwords in your database. This shouldn't matter unless you don't remember them ;-)

[morlandi]

Let's close this issue @christianwgd ... we might want to add encryption to "extra keys", but probably a brand new issue would be more appropriate :wink: