pgbackweb
PG Back Web is a web-based PostgreSQL backup manager written in Go that handles scheduling, storage (local or S3), and restoration with an intuitive interface. It includes encryption, health checks, webhooks, and supports PostgreSQL 13–18.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | eduardolat/pgbackweb |
| Owner | eduardolat |
| Primary language | Go |
| License | AGPL-3.0 — OSI-approved |
| Stars | 2.6k |
| Forks | 143 |
| Open issues | 98 |
| Latest release | v0.5.1 (2025-10-06) |
| Last updated | 2025-11-21 |
| Source | https://github.com/eduardolat/pgbackweb |
What pgbackweb is
Go application providing a web UI for pg_dump-based PostgreSQL backups with PGP encryption, scheduled job execution, multi-destination support (local filesystem and S3), webhook notifications, and health monitoring. Backed by a PostgreSQL database for metadata and state.
Get the pgbackweb source
Clone the repository and explore it locally.
git clone https://github.com/eduardolat/pgbackweb.gitcd pgbackweb# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Requires a dedicated PostgreSQL instance for PG Back Web metadata; factor into infrastructure cost and HA strategy.
- Encryption key management is manual (PBW_ENCRYPTION_KEY env var); integrate with secrets management (Vault, cloud KMS) to avoid hardcoding.
- S3 credentials and local filesystem permissions must be properly scoped; test restore workflows before production rollout.
- Health checks and webhooks depend on network connectivity; configure monitoring/alerting for webhook delivery failures.
- Password reset requires shell access to the container; establish out-of-band reset procedures for multi-team deployments.
When to avoid it — and what to weigh
- Require commercial support SLA or guaranteed uptime — AGPL-3.0 license is community-driven; no commercial support tier or SLA mentioned. Evaluate internal support capacity.
- Need backup solutions beyond PostgreSQL — Project is PostgreSQL-only (despite roadmap notes about future expansion to 'UFO Backup'). Other databases require alternative tools.
- Strict proprietary licensing for bundled deployments — AGPL-3.0 requires source disclosure in networked use; incompatible with closed-source commercial products without dual licensing.
- Very large-scale or high-frequency backup scenarios — Not explicitly benchmarked for petabyte-scale databases or sub-minute backup intervals; scalability limits unknown.
License & commercial use
AGPL-3.0 (GNU Affero General Public License v3.0). This is a copyleft license requiring that any modified or networked versions disclose source code to users. Internal use is permitted; external service offerings require source availability or separate commercial licensing.
Requires review. AGPL-3.0 is copyleft. Internal commercial use is allowed (no source disclosure required if not modified/networked). Running PG Back Web as a commercial backup service or bundling it in a proprietary product requires either upstream dual licensing or adherence to AGPL-3.0 source disclosure obligations. No commercial license option is documented.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Moderate |
| DEV.co fit | Good |
| Assessment confidence | High |
PGP encryption is used for sensitive data at rest. Encryption key is manually provisioned via environment variable (not ideal for secret rotation). Source code is open (AGPL-3.0), allowing community security review. No documented security audit, penetration test results, or CVE history provided. Authentication method (web UI login) and session management are not detailed. S3 and database credentials are passed as env vars; requires careful handling in container orchestration.
Alternatives to consider
pgBackRest
Mature, battle-tested PostgreSQL backup tool with advanced features (parallel backup, incremental, archive recovery). Command-line focused; no native web UI, but more suitable for large-scale operations.
Barman (Backup and Recovery Manager)
Purpose-built backup management for PostgreSQL with Nagios/Icinga monitoring, WAL archiving, PITR. More complex setup but enterprise-grade; commercial support available via EDB.
Cloud-native managed services (AWS RDS Automated Backups, Azure Database for PostgreSQL)
Offload backup infrastructure entirely if running PostgreSQL on cloud platforms. Simpler operationally; no self-hosted tool needed, but vendor lock-in and cost implications differ.
Build on pgbackweb with DEV.co software developers
Evaluate PG Back Web for your team's backup strategy. Review AGPL-3.0 licensing implications, test restore workflows, and validate encryption key management before production deployment.
Talk to DEV.coRelated on DEV.co
Explore the category and the services that help you build with it.
pgbackweb FAQ
Can I use PG Back Web with a managed PostgreSQL service (RDS, Azure)?
What happens if the encryption key is lost?
Is AGPL-3.0 compatible with my proprietary application?
Does PG Back Web support incremental or continuous backups?
Work with a software development agency
Need help beyond evaluating pgbackweb? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and open-source databases integrations — and maintain them long-term.
Ready to simplify PostgreSQL backups?
Evaluate PG Back Web for your team's backup strategy. Review AGPL-3.0 licensing implications, test restore workflows, and validate encryption key management before production deployment.