restorable docs
Install

Install with apt or dnf

The recommended install shape. The agent ships as a signed .deb / .rpm from Restorable-operated apt and rpm repositories. One bootstrap command adds the repo, imports the GPG release key, and installs. Upgrades and rollbacks ride the same apt / dnf you already run; no bespoke self-update trust path.

When to pick this path

Your host is a small Linux VM that the agent can own: a dedicated Scaleway DEV1-S, a Hetzner CX11, an OVH VPS, or any comparable machine running Ubuntu 22.04 / 24.04, Debian 12, RHEL 9 family (Rocky / AlmaLinux / RHEL / CentOS Stream 9), or Amazon Linux 2023. Anything outside this matrix: see Manual install.

Run the installer

curl -fsSL https://get.restorable.app | sudo bash

Or, combined with auto-attach if you have an auth key from the dashboard: 

curl -fsSL https://get.restorable.app | sudo bash -s -- \
  --auth-key=rsk_auth_…

Without an auth key, run sudo -u restorable restorable init after install: it prints a code + dashboard URL, you approve, the agent's poll completes.

See Manual install for what each step of that bootstrap does.

What the installer does

  • Parses /etc/os-release. Picks the apt branch for Ubuntu / Debian, the dnf branch for the RHEL 9 family and Amazon Linux 2023. Anything else exits with a link to the manual-install page.
  • Imports get.restorable.app/pub/restorable-release.gpg via gpg --dearmor into /usr/share/keyrings/restorable.gpg (apt) or the dnf keyring (dnf).
  • Writes the repo file. On apt: /etc/apt/sources.list.d/restorable.list with the [signed-by=...] directive pinning the keyring. On dnf: /etc/yum.repos.d/restorable.repo with gpgcheck=1.
  • Runs apt-get install -y restorable or dnf install -y restorable.
  • If --auth-key=… was supplied, runs sudo -u restorable restorable init --auth-key=… to attach to the orchestrator and starts the systemd unit.

What the package installs

  • Binary. /usr/bin/restorable, root:root, mode 0755. FHS /usr/bin (package-managed), not /usr/local/bin (admin-managed).
  • Systemd unit. /lib/systemd/system/restorable.service. Customer overrides via systemd's drop-in directory /etc/systemd/system/restorable.service.d/.
  • Config templates. /var/lib/restorable/config.yaml and /var/lib/restorable/env, both marked conffile (deb) / %config(noreplace) (rpm). Upgrades never overwrite customer edits. Config and runtime state share one root; the systemd unit sets RESTORABLE_HOME=/var/lib/restorable so the agent resolves the install root from the env-twin.
  • System user + group. restorable:restorable, shell /usr/sbin/nologin, home /var/lib/restorable. Preinstall script creates them if missing.
  • State tree. /var/lib/restorable/ mode 0700, owned by restorable. Subdirs (keys, blobs, receipts, events) are created by restorable init on first attach.

Without --auth-key=… the package's installer deliberately does not start the service. Fresh installs run restorable init first (auth-key or interactive), then the unit. With --auth-key=… the installer starts the unit automatically. Upgrades of an already-running agent try-restart (no-op when stopped).

The hardened unit

The unit ships Podman-first: rootless, daemon-less, no privileged group membership. Properties worth knowing:

  • Non-root. The service drops to User=restorable before ExecStart.
  • Scoped writes. ProtectSystem=strict makes the root filesystem read-only from the service's view; ReadWritePaths=/var/lib/restorable is the one exception.
  • Narrow syscall surface. SystemCallArchitectures=native, RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6, PrivateTmp=true.
  • Container runtime reachable. The package Recommends: podman; apt/dnf installs Podman unless the customer already has Docker configured.

Score with systemd-analyze security restorable.service. Target the OK or good range.

Post-install, in one command

Attach with your auth key (the installer does this for you when --auth-key=… is passed):

sudo -u restorable restorable init \
  --orchestrator https://app.restorable.app \
  --auth-key=rsk_auth_…

If you omit --auth-key, init prints an attach URL + short code; open the URL in the dashboard to approve, the agent's poll completes when you do.

The installer auto-starts the systemd unit after a successful attach. To manage manually:

sudo systemctl enable --now restorable.service

Then continue with Add a Postgres source (or the Mongo variant).

Updates

Upgrades go through the distro package manager: 

sudo apt upgrade restorable
# or
sudo dnf upgrade restorable

Pair with unattended-upgrades or dnf-automatic for hands-off patching on your existing cadence. See Updating the agent for the full playbook including rollback.

Uninstall

See Uninstalling. The short version: apt remove / dnf remove stops the service and removes the binary while preserving /var/lib/restorable; apt purge (or manual cleanup on rpm) removes state.