restic-home-backup

Design, implement, and operate encrypted restic backups for Linux home directories with systemd automation, retention policies, and restore validation. Use when a user asks to back up ~/, set up daily/weekly/monthly backup jobs, harden backup security, or troubleshoot restore/integrity issues.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "restic-home-backup" with this command: npx skills add moep90/restic-home-backup-safe

Restic Home Backup

Define and deliver a production-ready restic backup setup for ~/ with encryption, deduplication, automated scheduling, and restore testing.

Skill contract

  • Name: restic-home-backup
  • Problem solved: Provide reliable, encrypted, versioned backups of a Linux home directory with operational safety and repeatable recovery.
  • Inputs:
    • Backup target type (local disk, sftp, s3, b2, etc.)
    • Repository endpoint/path
    • Secret handling method (env file or password file)
    • Schedule preferences (daily backup, weekly prune, monthly check)
    • Exclude patterns
  • Outputs:
    • Installed and initialized restic repository
    • Backup/prune/check scripts
    • systemd service/timer units
    • Validation evidence (snapshots + test restore)
    • Short operator runbook
  • Safety boundaries (must never violate):
    • Never print secrets or tokens in chat/log output.
    • Never delete snapshots/repositories without explicit user confirmation.
    • Never weaken permissions on credential files (chmod 600 minimum).
    • Never claim backup success without checking command exit status and snapshot listing.
    • Never apply system changes implicitly: require explicit --apply (or explicit user confirmation) before writing to /etc, /usr/local/bin, or /etc/systemd/system.

Workflow

1) Assess and confirm backup contract

Collect the minimum required values before changes:

  • Source path (default /home/<user>)
  • Destination repo and transport
  • Retention policy (for example: 7d/4w/12m)
  • Preferred schedule in local timezone

If any critical value is missing, ask targeted questions.

2) Scaffold backup implementation

Use these resources:

  • scripts/bootstrap_restic_home.sh to generate deterministic setup artifacts. It is PLAN-ONLY by default and requires explicit --apply for system changes. Optional flags control timer enablement, repository initialization, and initial backup run.
  • references/ops-checklist.md for day-2 operations and troubleshooting.

Create:

  • /etc/restic-home.env (root-readable only)
  • /usr/local/bin/restic-home-backup.sh
  • /usr/local/bin/restic-home-prune.sh
  • /usr/local/bin/restic-home-check.sh
  • restic-home-backup.service/.timer
  • restic-home-prune.service/.timer
  • restic-home-check.service/.timer

3) Harden and validate

Run and verify:

  1. restic snapshots
  2. One immediate backup run
  3. One restore smoke test to temporary directory
  4. restic check (or scheduled monthly deep check)

Validate failure behavior:

  • Wrong password
  • Unreachable repository
  • Permission denied on env file

Report exact failing command + short corrective action.

4) Package and publish via ClawHub CLI (when requested)

When user requests publication:

  1. Validate skill quality and structure.
  2. Package skill.
  3. Publish with clawhub CLI.
  4. Verify install from registry in a clean environment.

Keep publish actions explicit and auditable.

Response style requirements

Use descriptive language with concrete operational detail:

  • Name the exact file path, service name, and command.
  • State what changed and how to verify it.
  • End multi-step tasks with explicit completion status.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Automation

Wachete

Wachete integration. Manage data, records, and automate workflows. Use when the user wants to interact with Wachete data.

Registry SourceRecently Updated
1510gora050
Automation

Zonka Feedback

Zonka Feedback integration. Manage data, records, and automate workflows. Use when the user wants to interact with Zonka Feedback data.

Registry SourceRecently Updated
1920gora050
Automation

Platform9

Platform9 integration. Manage data, records, and automate workflows. Use when the user wants to interact with Platform9 data.

Registry SourceRecently Updated
1800gora050
Automation

Turbot Pipes

Turbot Pipes integration. Manage data, records, and automate workflows. Use when the user wants to interact with Turbot Pipes data.

Registry SourceRecently Updated
1130gora050