I have the situation below and I would like your help and thoughts please
I manage a client’s VPS and I have root access to it. The customer doesn’t have root access, just to be sure nothing bad happens, they only have an admin user in HestiaCP. Now the client needs to be able to copy (via scp) all of the .tar files from /backup, but they they’re not able because of permissions. I wouldn’t want to handle root access to them, so I’m looking for alternative solutions.
What would you suggest?
By reading this topic here, I understand that I first need to copy/move all *.tar files from /backup/ to the user’s folder and they copy them from there. Maybe there is a better way?
To get you some more context… The above is needed in order for the client to delete the backup files after getting a copy, because of space issues on the VPS. It’s not an option neither to upgrade the VPS nor to get an external storage (like Hetzner StorageBox).
That way, /home/user/tmp/user.2026-01-30_05-15-10.tar doesn’t take additional space. The client can download it and then delete it, while the original file will still remain at /backup/user.2026-01-30_05-15-10.tar.
The client can download the backup file from the Control Panel. In the Backup section, hover over the backup file and click the first icon to download it (this method can be slow, especially for large backup files).
You could modify v-backup-user script to add a trigger:
Edit v-backup-user and add this at the end:
if [[ -x "$HESTIA/data/users/$user/backup.sh" ]]; then
bash "$HESTIA/data/users/$user/backup.sh" "$user" "$HOMEDIR" "$BACKUP" "$user.$backup_new_date.tar"
fi
In context:
# Logging
$BIN/v-log-action "$user" "Info" "Backup" "Backup created (Archive: $backup_new_date.tar)."
$BIN/v-log-action "system" "Info" "Backup" "Backup created (User: $user, Archive: $backup_new_date.tar)."
log_event "$OK" "$ARGUMENTS"
if [[ -x "$HESTIA/data/users/$user/backup.sh" ]]; then
bash "$HESTIA/data/users/$user/backup.sh" "$user" "$HOMEDIR" "$BACKUP" "$user.$backup_new_date.tar"
fi
exit
Create a file backup.sh inside the user directory /usr/local/hestia/data/users/USER/ with the commands you need.
Thank you very much for the valuable contribution! I got some time during the weekend to evaluate the code. This is my understanding so far:
When v-backup-user is run, check and run if exists the file $HESTIA/data/users/$user/backup.sh
The result of the backup.sh script will be to copy the backup file of $user to the directory $user_home/$user/tmp/ and then use the command v-delete-user-backup to delete the backup from /backup
Unfortunately this solution will not work in my specific use case because… If for example I have masteruser, user1 and user2 on the server, and I put the backup.sh in $HESTIA/data/users/masteruser/backup.sh I will only get the backup of masteruser in /home/masteruser/tmp and not the backup files of user1 and user2. So my client (using the account masteruser) will be able to download only their backup file and not the rest of the backup files in /backup. I do want my client (masteruser) to be able to get all of the users’ backup files.
If my understanding is correct, then I would need to modify the code as below, to achieve my goal (which is for masteruser to have ALL users’ backup files inside an accessible folder like for example /home/masteruser/tmp)
Edit v-backup-user and add this at the end:
if [[ -x "$HESTIA/data/users/$user/backup.sh" ]]; then
bash "/home/masteruser/backup.sh" "$user" "$HOMEDIR" "$BACKUP" "$user.$backup_new_date.tar"
fi
Place the file in /home/masteruser/backup.sh (hard-coded location so it runs for each and every user) and add this code to it:
user="masteruser" # Hadcode the username
user_home="$2"
backup_dir="$3"
backup_file="$4"
origin="$backup_dir/$backup_file"
destination="$user_home/$user/tmp/" # So all backup files will go to /home/masteruser/tmp
cp -l "$origin" "$destination" && chown $user:$user "$destination"*.tar && /usr/local/hestia/bin/v-delete-user-backup "$user" "$backup_file" # Only delete the backup if the previous commands are successful
Or maybe just add only the following line in v-backup-user ?
Although it’s a great idea to use v-delete-user-backup so that HestiaCP knows about the deletion of the backup file, I usually try not to modify stock Hestia files (like v-backup-user). So how about I used root’s crontab with a script that would use o FOR loop to go through the /backup folder and for every .tar file:
Identify the user and backup file and place in variables
Copy the backup file to /home/masteruser/tmp
chown masteruser:masteruser to the file
Run v-delete-user-backup with arguments identified in step 1
I would need to time the crontab correctly, to run the script long after the backup of all users has completed.
I thought that each user should have their own backups in their own directory, but I see that this is not the case, a single user must access the backups of all users.
As the copy will be performed for all the users and the destination is always the same, I would use directly the second option you posted:
I understand it, both options have cons and pros but in this case I would modify v-backup-user, it’s cleaner and it always run exactly when the backup has finished. You can also create a script to modify v-backup-user on Hestia updates using the hook script.
After an update, at the end, Hestia checks whether this script exists /etc/hestiacp/hooks/post_install.sh and if it exists, it runs it.
❯ grep -A1 post_install postinst
if [ -e "/etc/hestiacp/hooks/post_install.sh" ]; then
/etc/hestiacp/hooks/post_install.sh
fi
So you could add there the script to modify what you need.
