Pluton tackles a common pain point: managing secure, incremental backups across multiple cloud providers with a unified interface. It combines two battle-tested tools—Restic for incremental encrypted backups and Rclone for cloud storage connectivity—under a single web UI. This makes it a practical choice for users who want to self-host their backup platform and avoid vendor lock-in while benefiting from automation and multi-destination replication.
what pluton is and how it works
Pluton is a TypeScript-based backup management platform designed to be self-hosted. At its core, it orchestrates Restic to perform secure incremental backups and Rclone to handle connectivity with over 70 cloud storage providers. The entire system is wrapped behind a web UI accessible on port 5173 by default.
The architecture relies on Docker Compose for deployment, bundling Pluton as a container that manages persistent data in a Docker volume. This volume stores the database, configuration files, and logs, ensuring data persists beyond container lifecycles. Configuration—including encryption keys and admin credentials—is injected via environment variables, providing a clean separation between code and secrets.
Pluton’s backup capabilities include encrypted incremental backups with Restic, compression, and configurable retention policies. Its integration with Rclone allows backups to be replicated across multiple cloud destinations, facilitating a 3-2-1 backup strategy (three copies, on two different media, one offsite). Users can attach pre- and post-backup scripts to customize workflows, and the system supports notifications via Email, Slack, Discord, or NTFY.
The UI provides real-time progress tracking and manages backup scheduling with auto-retry logic on failure, improving reliability in production environments.
technical strengths and tradeoffs
What sets Pluton apart is how it unifies two powerful open-source tools under a coherent web interface with automation and multi-destination replication baked in. Restic and Rclone are both mature projects, but their CLI-based interfaces can be daunting for many users. Pluton bridges that gap with a TypeScript backend and a web UI, improving usability without sacrificing flexibility.
The codebase leverages Docker Compose, simplifying deployment while isolating dependencies and runtime environment. This approach is pragmatic—Docker Compose is widely used and understood, but it does mean Pluton’s setup assumes familiarity with container management. Users looking for bare-metal or non-Docker setups might find this limiting.
In terms of architecture, using environment variables for encryption keys and credentials is a straightforward solution but requires careful secret management practices in production. The persistent Docker volume ensures data durability, but backing up this volume itself is critical for disaster recovery.
Supporting 70+ storage backends through Rclone is a major plus, offering wide compatibility and flexibility. However, this also introduces complexity—each backend has unique quirks and limits. Pluton handles this gracefully but users need to test their specific cloud provider scenarios.
The inclusion of pre/post backup hooks offers powerful customization, allowing users to extend Pluton’s capabilities with scripts. Real-time progress tracking and auto-retry improve operational visibility and robustness, features often missing from simple backup wrappers.
Overall, the tradeoff is between a polished UI with orchestration and the inherent complexity of coordinating two separate tools with different behavior and error modes. The code quality appears clean and modular, with a clear separation of concerns between UI, backend orchestration, and storage.
quick start with docker-compose
The simplest way to run Pluton is via Docker Compose. Assuming you have Docker and Docker Compose installed, you can use the provided configuration snippet to launch the service:
services:
pluton:
image: plutonhq/pluton:latest
container_name: pluton-backup
restart: unless-stopped
ports:
- "${SERVER_PORT:-5173}:${SERVER_PORT:-5173}"
volumes:
# Main data volume - contains database, config, logs
- pluton-data:/data
# Optional: Mount host directories to backup
# Example: Make user's documents folders Accessible to Pluton
# - /home/user/documents:/mnt/documents:ro #linux
# - /home/user/photos:/mnt/photos:ro #linux
# - C:/Users/username/Documents:/mnt/documents:ro # Windows
# - C:/Users/username/Pictures:/mnt/photos:ro # Windows
# Example: Make a Docker volume (named 'wp-data') Accessible to Pluton
# - /var/lib/docker/volumes/wp-data/_data:/mnt/wordpress:ro
# - C:/ProgramData/docker/volumes/wp-data/_data:/mnt/wordpress:ro # Windows
environment:
# ===== REQUIRED: Security & Authentication =====
# Generate secure random strings (min 12 characters each)
ENCRYPTION_KEY: ${ENCRYPTION_KEY} # Encryption key for restic/rclone Snapshot encryption
USER_NAME: ${USER_NAME} # Admin username for login
USER_PASSWORD: ${USER_PASSWORD} # Admin password for login
# ===== Application Settings =====
APP_TITLE: ${APP_TITLE:-Pluton}
APP_URL: ${APP_URL:-http://localhost:5173}
SERVER_PORT: ${SERVER_PORT:-5173}
MAX_CONCURRENT_BACKUPS: ${MAX_CONCURRENT_BACKUPS:-2}
SESSION_DURATION: ${SESSION_DURATION:-7} # How long frontend login Session lasts in Days
# ===== User Interface Security Settings =====
ALLOW_CUSTOM_RESTORE_PATH: ${ALLOW_CUSTOM_RESTORE_PATH:-false}
volumes:
pluton-data:
You’ll need to set secure values for ENCRYPTION_KEY, USER_NAME, and USER_PASSWORD via environment variables before launching. The example also shows how to mount host folders or Docker volumes as read-only backup sources.
Once running, the web UI is available at http://localhost:5173 or your configured port.
verdict: who should consider pluton
Pluton is well-suited for users looking to self-host a backup platform that combines the security of Restic with the flexibility of Rclone’s storage backends. Its web UI and automation features make it a good fit for small teams or advanced home users who want to centralize backup management without relying on proprietary cloud services.
The tradeoffs include the requirement to manage Docker and environment configurations, which might be a barrier for less technical users. Also, since it wraps two separate tools, there is inherent complexity in troubleshooting backup failures.
If you need a backup solution that supports encrypted incremental backups, multi-destination replication, and integrates with numerous cloud providers, Pluton is worth exploring. It’s not a turn-key appliance but offers a practical, developer-friendly approach to orchestrated backups with real-world operational features.
Related Articles
- Vaultwarden: a resource-efficient Rust implementation of the Bitwarden server API — Vaultwarden is a lightweight, Rust-based server compatible with the Bitwarden API, optimized for self-hosting with low r
- Syncthing: secure, decentralized continuous file synchronization in Go — Syncthing is an open-source Go tool for continuous, secure, decentralized file synchronization across devices, emphasizi
- etcd: a robust distributed key-value store built on Go and Raft — etcd is a distributed key-value store in Go that uses the Raft consensus algorithm for high availability and consistency
- Traefik: dynamic reverse proxy and load balancer for microservices — Traefik is a Go-based reverse proxy and load balancer that automatically configures routes by integrating with orchestra
- Supabase: composable open-source backend-as-a-service built around Postgres — Supabase combines specialized open-source tools around Postgres to offer a Firebase-like backend platform. Its modular a
→ GitHub Repo: plutonhq/pluton ⭐ 330 · TypeScript