|
Some checks failed
Build and Publish / build-and-publish (push) Failing after 49s
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com> |
||
|---|---|---|
| .forgejo/workflows | ||
| dist | ||
| node_modules | ||
| src | ||
| .gitignore | ||
| package.json | ||
| README.md | ||
| tsconfig.json | ||
| tsup.config.ts | ||
@lilith/lilith-dr
Disaster recovery orchestration CLI for Lilith Platform workstations.
Purpose
Restore a lost workstation from backup to a new host in minutes. This tool orchestrates the complete disaster recovery workflow:
- Decrypt vault backup - Get restic password from encrypted macbook backup
- Restore code - Restore ~/Code from restic server to new host
- Restore dotfiles - Optionally restore home directory configs
- Setup backups - Configure restic client on new host to resume backups
Installation
pnpm add @lilith/lilith-dr
Or run directly via npx:
npx @lilith/lilith-dr restore apricot 10.0.0.64
Usage
Basic Restore
lilith-dr restore apricot 10.0.0.64
Prompts for master password, then:
- Decrypts latest vault backup
- Restores code + dotfiles
- Configures restic client
Code Only (Skip Dotfiles)
lilith-dr restore apricot 10.0.0.64 --no-dotfiles
Safer option - restores code but doesn't overwrite configs.
Remote Host with Username
lilith-dr restore apricot lilith@10.0.0.64
Custom Options
lilith-dr restore apricot 10.0.0.64 \
--vault-dir ~/custom/vault/backups \
--server http://10.0.0.11:8000 \
--ssh-key ~/.ssh/custom_key \
--verbose
Workflow
graph TD
A[Start: lilith-dr restore apricot 10.0.0.64] --> B[Prompt for master password]
B --> C[Find latest vault backup in ~/Documents/VaultBackups/]
C --> D[Decrypt vault backup to /tmp]
D --> E[Extract restic password from vault/restic-password.txt]
E --> F[List available snapshots on black server]
F --> G[Restore code backup to new host ~/Code]
G --> H{Include dotfiles?}
H -->|Yes| I[Restore dotfiles to new host ~/]
H -->|No| J[Skip dotfiles]
I --> K[Setup restic client on new host]
J --> K
K --> L[✅ Complete - Backups resume automatically]
Requirements
- Run from: Macbook (where vault backups are stored)
- Vault backups:
~/Documents/VaultBackups/vault-backup-*.enc - SSH access: Passwordless SSH to new host
- Restic server: Accessible at 10.0.0.11:8000 (or custom URL)
- Dependencies:
@lilith/vault-setup-backup- Vault encryption/decryption@lilith/restic-restore- Restic restore operations@lilith/restic-setup-client- Client configuration
Security
- Master password: Never stored or logged
- Restic password: Extracted from encrypted vault
- Temporary files: Cleaned up automatically
- SSH keys: Uses existing SSH key for authentication
Examples
Scenario: Lost Apricot Workstation
Situation: Apricot laptop died, need to restore to new machine at 10.0.0.64
Solution:
# On macbook
lilith-dr restore apricot 10.0.0.64
What happens:
- Prompts for master password
- Decrypts vault backup from
~/Documents/VaultBackups/ - Restores all of
~/Codefrom black server - Restores dotfiles (configs, SSH keys, etc.)
- Configures restic to resume automatic backups
Result: New host has full working environment + resumes backups
Scenario: Fresh Machine Setup (No Dotfiles)
Situation: Setting up new dev machine, want code but fresh configs
Solution:
# On macbook
lilith-dr restore apricot 10.0.0.64 --no-dotfiles
What happens:
- Restores code only
- Skips dotfiles (fresh ~/.bashrc, ~/.gitconfig, etc.)
- Still configures restic backups
Troubleshooting
"No vault backups found"
Problem: No encrypted vault backups on macbook
Solution: First run Phase 4 setup to create vault backups:
cd ~/Code/@applications/@lilith/lilith-platform
pnpm tsx infrastructure/provisioning/setup-backup-infrastructure.ts \
--phase backup \
--host macbook
"SSH connection failed"
Problem: Cannot connect to new host
Solutions:
- Verify SSH key:
ssh -i ~/.ssh/id_ed25519 user@10.0.0.64 - Check network:
ping 10.0.0.64 - Add to ~/.ssh/config with correct username
"Restic password not found"
Problem: Vault doesn't contain restic-password.txt
Solution: Vault structure issue - check that vault was backed up correctly
"No snapshots found"
Problem: No backups exist for hostname on restic server
Solution: Verify hostname matches backup repos on black:
ssh black "ls /bigdisk/restic-backups/"
Development
Build
pnpm build
Test locally
pnpm build
node dist/cli.js restore --help
Publish
npm version patch
npm publish
Related Packages
- @lilith/restic-setup-server - Deploy restic REST server
- @lilith/restic-setup-client - Configure backup client
- @lilith/restic-restore - Low-level restore operations
- @lilith/vault-setup-backup - Encrypted vault backups
- @lilith/vault-setup-client - Vault symlink setup
License
UNLICENSED