Backup Life-cycle & Monitoring

🎯 Overview

The backup lifecycle in SERVER-MANAGER is designed to be autonomous, secure, and verifiable. It manages the transition of data from the live VPS filesystem to an encrypted off-site storage repository on Google Drive.

🔄 The Life-cycle Flow

sequenceDiagram
    participant C as Cron Job (VPS)
    participant S as Backup Script
    participant R as Restic Engine
    participant G as Google Drive
    participant M as Mail Server (Relay)

    C->>S: Trigger (Daily/Monthly)
    S->>R: Initiate Snapshot
    R->>R: Scan Filesystem
    R->>R: Deduplicate Data
    R->>G: Upload Unique Blobs (Encrypted)
    alt Success
        R->>S: Return Success
        S->>S: Log Execution
    else Failure
        R->>S: Return Error
        S->>M: Send Alert Email
    end

📊 Monitoring

• Logs: Daily activities are logged to /var/log/restic-backup.log and monthly activities to /var/log/monthly-backup.log.
• Integrity: Weekly restic check operations verify that the uploaded blobs match the local metadata.
• Alerts: The system uses a Postfix SMTP relay (Configured via Gmail) to send real-time failure alerts to the administrator.

🛡️ Retention Policy

We follow a 12-month retention rule for full backups:

1. Current Month: Latest active snapshot.
2. History: 11 previous monthly snapshots.
3. Cleanup: restic forget --keep-monthly 12 --prune runs after every successful monthly backup.