I’m trying to plan a better backup solution for my home server. Right now I’m using Duplicati to back up my 3 external drives, but the backup is staying on-site and on the same kind of media as the original. So, what does your backup setup and workflow look like? Discs at a friend’s house? Cloud backup at a commercial provider? Magnetic tape in an underground bunker?
You must log in or register to comment.
“3! 2! 1!” Is just what I say when doing some potentially deleterious action after rsyncing a few key directories to a separate volume
I dump my encrypted data to someone who probably practices 3-2-1 rule (which is Backblaze for me). I mean, these guys back up data for a living.
A usb stick and an old hard drive from 2009. The crackhead way of dealing with backups.
- Primary ZFS pool with automatic snapshots
- Provides 3+ copies of the files via snapshots (3)
- Secondary ZFS pool at a different location replicates the primary
- Provides more copies of the files (3)
- Provides second media (2)
- Is off-site (1)
Does this make sense?
I don’t think this meets the definition of 3-2-1. Which isn’t a problem if it meets your requirements. Hell, I do something similar for my stuff. I have my primary NAS backed up to a secondary NAS. Both have BTRFS snapshots enabled, but the secondary has a longer retention period for snapshots. (One month vs one week). Then I have my secondary NAS mirrored to a NAS at my friends house for an offsite backup.
This is more of a 4-1-1 format.
But 3-2-1 is supposed to be:
-
Three total copies of the data. Snapshots don’t count here, but the live data does.
-
On two different types of media. I.e. one backup on HDD and another on optical media or tape.
-
With at least one backup stored off site.
I’ve always understood 2 as 2 physically different media - i.e., copies in different folders or partitions of the same disk is not enough to protect against failure of that disk, but a copy on a different disk does. Ideally 2 physically different systems, so failure/fire in the primary system won’t corrupt/damage the backup.
Used to be that HDDs were expensive and using them as backup media would have been economically crazy, so most systems evolved backup media to be slower and cheaper. The main thing is that having /home/user/critical, /home/user/critical-backup, and /home/user/critical-backup2 satisfies 3 copies, but not 2 media.
Hm I wonder why snapshots wouldn’t satisfy 3. Copies on the same disk like /file, /backup1/file, /backup2/file should satisfy 3. Why wouldn’t snapshots be equivalent if 3 doesn’t guard against filesystem or hardware failure? Just thinking and curious to see opinion.
If I’m reading your example right, I don’t think that would satisfy three either. Three copies of the data on the same filesystem or even the same system doesn’t satisfy the “three backups” rule. Because the only thing you’re really protecting against is maybe user error. I.e. accidental deletion or modification. You’re not protecting against filesystem corruption or system failure.
For a (little bit hyperbolic) example, if you put the system that has your live data on it through a wood chipper, could you use one of the other copies to recover your critical data? If yes, it counts. If no, it doesn’t.
Snapshots have the same issue, because at the root a snapshot is just an additional copy of the data. There’s additional automation, deduplication, and other features baked into the snapshot process but it’s basically just a fancy copy function.
Edit: all of the above is also why the saying “RAID is not a backup” holds true.
Right so I guess the question of 3 is whether it means 3 backups or 3 copies. If we take it literally - 3 copies, then it does protect from user error only. If 3 backups, it protects against hardware failure too.
E: Seagate calls them copies and explicitly says the implementer can choose how the copies are distributed across the 2 media. The woodchipper scenario would be handled by the 2 media requirement.
-
- Primary ZFS pool with automatic snapshots
my backup is staring longingly at LTO drives and wishing they would magically be affordable.
DO NOT follow my lead, my backup solution is scuffed at best.
3:
I have:
- RAID1 array w/ 2 drives
- Photos on the device that took them
- Photos on a random old hard drive pulled from an ancient apple mac.
2:
I’ve got a hard drive and flash memory?
1:
Don’t have this at all, the closest is that my phone is off-site half of the day.
Real selfhosters know
I rawdog storage. I RAID0 and forget. huehue.
Toss in another drive for RAID5. That way you can at least have some redundancy…
It’s not important data. Why would I spend another $200+ for another 20TB drive to have redundancy for 1 and 0 I don’t care about…
Fair point.
4-2-1-1 for me I guess 🫣 or 4-2-2?
Two copies at home, synced daily, one of them in an external drive that I like to refer as the emergency grab and run copy lol
One at a family member synced weekly and manually every time I visit.
All of those three copies are always within a 10 kilometer radius in a valley overseen by a volcano so…
One partial copy of the so-critical-would-cry-if-Iost data is synced every few days to a backblaze bucket.
1 backup on a local, Independence disk. 1 backup on a HDD connected to an OpenWRT router at the other end of the house 1 backup on my remote vps.
Restic+backrest
Sftp for remote endpoint
All persistent storage from my dockers are in a folder. All I have to backup everything is backup this one folder along with my docker compose files (in git).
Locally there are zfs snapshots (autosnapshot) and for remote I use borgmatic.
Borg to :
- Local server
- Friends server
- Borgbase
I’ve never heard of Borgmatic before… How’s it work?
@lka1988 @Lem453 Primarily a frontend tool designed to make your life easier, torsion.org/borgmatic , but I tend to avoid macros, frontend scripts, or even GUIs like this. They may obscure Borg-specific configuration details that, hypothetically, could one day hinder your restoration process.
Its an automation software for borg backup to run on a schedule and keep a certain number of backups while deleting old ones etc.
My current plan once new migration is completed:
Primary pool - 1x ZFS (couldn’t afford redundancy but no different to my RPI server). My goal is to get a few more drives and set up a RAIDZ1/2.
Weekly backup of critical data (eg. nextcloud) from primary pool to a secondary pool. Goal here is to get a mirror but will only be one drive for now.
Weekly upload of secondary pool to hetzner storage box via rsync.
Current server
1x backup to secondary drive (rpi) 1x backup to hetzner storage box via rsync
All my video media that’s easier to replace than preserve is on my NAS running openmediavault with mergerfs. If I lose a drive I can always just, you know, torrent the tv show again.
My main PC (everything except the Steam game install directory) is backed up through KopiaUI to a folder on that mergerfs array that contains media that’s difficult/impossible to replace. Daily incremental backups.
That folder is mounted on my PC through DOKAN, which tells Windows OS that it’s a local resource (it does this more thoroughly than just assigning a drive letter to a NAS folder through Windows’ built-in system). The PC, including the “sensitive NAS media” folder, is then backed up to Backblaze’s personal backup service ($99/yr, unlimited size with one-year versioning). The DOKAN step is required for this, since Backblaze doesn’t support mounted NAS drives or non-Windows systems (presumably they don’t want to use space on versioned encrypted backups of hundred-terabyte pirate movie collections).
Oh, and my phone does one-way Syncthing to my PC, thus putting its files on the PC for Kopia and Backblaze to do their thing.
I use immich and nextcloud for the clients (my wife and my parents know that I only take care about that data) and on the server side I use borgmatic which has a local repository on the second drive inside my nuc and a remote repository hosted by hetzner called “storage box” which supports borg native.
Yes the remote is out of my physical access, but borg is fully encrypted and for 4$/3.6€/month for 1TB I feel good.
Before I started with borg and hetzner I had a rsync based backup with an odroid hc1 hosted by my parents, but that doesn’t feel safe. Due to slow network by my parents I had to sync my local backup instead of a second backup from the real data and the monitoring was also very bad.
From my point of view: You have no backup, if it is not automated and you have no monitoring.
Atm main sys is a ZFS RAIDZ1 on 3 SSDs
Weekly-ish backup onto 1TB external HDD.
Sync encrypted important stuff to Cloud.
Syncthing some stuff to smartphone.Wow, a lot of variation in this thread!
I get all my data to my server, then from there I have borgmatic do incremental backups to a backup drive on the same machine (nightly cronjob).
From there I use Rclone to get the encrypted borg backup to Backblaze B2 for cloud storage.
So for 3 2 1, my 3 copies are the original, the local backup, and the cloud backup.
My 2 media are local hard drives and cloud storage (I think it’s fair to consider this a different kind of media).
And my 1 offsite is the cloud backup.
Now I’m dumb and have a fear of screwing something up so I have also started burning M-Discs of my critical data (everything except TV/movie/music stuff I can redownload). Though this was a lot more expensive than I was expecting, because of aforementioned me being dumb I already screwed up two discs (they are write once). I’m also doing two copies of each disc.
Also I have photos/home videos additionally stored in ente, they are super important to me and I wanted a separated copy someone else is looking after.
