DEV.co
Open-Source DevOps · nicotsx

zerobyte

Zerobyte is a self-hosted backup automation tool built on Restic that provides a web UI for scheduling, encrypting, and managing backups across multiple storage backends. It targets self-hosters and small teams seeking centralized backup control with end-to-end encryption and flexible retention policies.

Source: GitHub — github.com/nicotsx/zerobyte
6.7k
GitHub stars
168
Forks
TypeScript
Primary language
AGPL-3.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorynicotsx/zerobyte
Ownernicotsx
Primary languageTypeScript
LicenseAGPL-3.0 — OSI-approved
Stars6.7k
Forks168
Open issues106
Latest releasev0.40.0 (2026-06-22)
Last updated2026-07-07
Sourcehttps://github.com/nicotsx/zerobyte

What zerobyte is

TypeScript-based backup orchestration layer over Restic with Docker deployment, supporting NFS/SMB/WebDAV/SFTP/local sources, multi-protocol scheduling, and webhook integrations. Requires Docker, FUSE, and persistent storage; currently pre-1.0 with active development.

Quickstart

Get the zerobyte source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/nicotsx/zerobyte.gitcd zerobyte# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Self-hosted infrastructure backup

Ideal for small to medium teams running their own servers (TrueNAS, Linux VPS, on-prem) who need centralized backup scheduling without vendor lock-in. Web UI reduces operational friction vs. cron + restic CLI.

Multi-source compliance backups

Suitable for environments requiring auditable, encrypted backups from heterogeneous sources (NFS shares, SMB volumes, WebDAV) with fine-grained retention policies and webhook-driven compliance triggers.

Cost-conscious backup consolidation

Leverages Restic's efficiency (deduplication, compression, incremental snapshots) with operator-managed provisioning, making it cost-effective for backing up large datasets to S3, B2, or on-prem storage.

Implementation considerations

  • Requires Docker, Docker Compose, and persistent local storage (not network-mounted) for `/var/lib/zerobyte`. TrueNAS users must use ZFS datasets, not `/var/lib`.
  • Mandatory configuration: `APP_SECRET` (32+ chars, generate via `openssl rand -hex 32`), `BASE_URL`, and timezone (`TZ`) for accurate scheduling. Docker `cap_add: SYS_ADMIN` and `/dev/fuse` device needed.
  • Network isolation essential: bind to `127.0.0.1:4096` if internet-facing; use SSH tunnel or Cloudflare Tunnel for remote access. `WEBHOOK_ALLOWED_ORIGINS` must be explicitly configured for outbound webhooks.
  • Pre-release stability: expect potential database schema changes, configuration format shifts, or API incompatibilities on version upgrades. Test upgrades in non-production first.
  • Resource tuning: set `GOMAXPROCS` if CPU-bound, adjust compression level, and configure repository bandwidth limits to prevent backup jobs from saturating host resources.

When to avoid it — and what to weigh

  • Production-critical workloads requiring stability guarantee — Project is pre-1.0 (currently 0.40.0) with explicit warning of major breaking changes between releases. Do not adopt if you need long-term API/schema stability or SLA-backed support.
  • Managed SaaS backup requirement — Zerobyte is self-hosted only. If you need vendor-managed infrastructure, redundancy across regions, or zero operational overhead, use commercial alternatives (Backblaze, Carbonite, Veeam Cloud).
  • Internet-exposed public deployment — README explicitly discourages public internet exposure without additional authentication/tunneling. Not designed for untrusted networks without substantial hardening.
  • High-volume enterprise audit/compliance — Limited adoption signals (6.6K stars, 168 forks, 106 open issues) and pre-release status reduce industry references and formal security audit history needed for regulated sectors (financial, healthcare).

License & commercial use

AGPL-3.0 (GNU Affero General Public License v3.0). Copyleft open-source license requiring source code disclosure of network service modifications or derivative works. No proprietary exceptions listed.

AGPL-3.0 is copyleft and does not restrict commercial use internally (using for your own backups is permitted). However, if you modify Zerobyte and run it as a network service or SaaS, you must provide modified source code to users under AGPL-3.0. Reselling or bundling modified Zerobyte requires AGPL-3.0 compliance. Consult legal counsel if building a commercial service on top. Using unmodified Zerobyte for internal ops is straightforward.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityModerate
DEV.co fitGood
Assessment confidenceHigh
Security considerations

End-to-end encryption via Restic; sensitive data in DB encrypted using APP_SECRET. No independent security audit mentioned. FUSE and SYS_ADMIN capabilities required for container restore operations—verify container isolation on shared hosts. Network policy enforced on webhooks (whitelist approach reduces SSRF risk). Pre-1.0 status means potential unpatched vulnerabilities; monitor GitHub security advisories. No explicit mention of secrets rotation, audit logging, or compliance frameworks (SOC2, ISO27001).

Alternatives to consider

Restic CLI + custom shell scripts

Lower operational overhead, zero dependencies beyond Restic and cron. Trades UI/scheduling convenience for full control and no pre-release risk. Better for experienced DevOps teams.

Proxmox Backup Server (PBS)

Production-ready (v3+), enterprise support, built-in deduplication/compression, and web UI. Tightly integrated with Proxmox/KVM but can backup external systems. Higher barrier to entry; more feature-rich for homelabs and small datacenters.

Veeam Community Edition or Backblaze B2

Veeam: enterprise-grade, stable API, but Windows-centric. Backblaze: managed SaaS, zero ops, but vendor lock-in and less control. Choose if simplicity/support outweigh cost or customization needs.

Software development agency

Build on zerobyte with DEV.co software developers

Zerobyte offers a modern alternative to manual Restic scripts for self-hosted teams. Evaluate our deployment & DevOps services to integrate Zerobyte into your infrastructure securely.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

zerobyte FAQ

Can I use Zerobyte in production today?
Not recommended for mission-critical workloads. Project is pre-1.0 with explicit warnings of breaking changes. Suitable for non-critical backups or isolated testing. Upgrade only after testing on non-prod replica.
What's the difference between Zerobyte and plain Restic?
Zerobyte adds a web UI, job scheduling, multi-source orchestration, webhook triggers, and centralized monitoring. Restic CLI is powerful but requires manual cron/scripting. Zerobyte is a management layer, not a replacement.
Do I need to run Zerobyte on the same server as my data?
Not required. Zerobyte can back up NFS, SMB, WebDAV, or SFTP sources from any network location. However, `/var/lib/zerobyte` must be local storage (not network-mounted) for performance and permission reasons.
Is AGPL-3.0 a problem for my company?
Only if you modify Zerobyte and deploy it as a service to external users or customers. Internal use for backups is fine. If unsure, consult your legal team.

Software development & web development with DEV.co

Adopting zerobyte is usually one piece of a larger software development effort. As a software development agency, DEV.co provides software development services and web development expertise — pairing senior software developers and web developers with your team to design, build, and operate open-source devops software in production.

Ready to centralize your backups?

Zerobyte offers a modern alternative to manual Restic scripts for self-hosted teams. Evaluate our deployment & DevOps services to integrate Zerobyte into your infrastructure securely.