If I have a home server connected to Proton Drive for example, would that be sufficient to back up my data?
The common wisdom about backups is the 3-2-1 backup strategy, which recommends:
- 3 total copies of your data, including your original or “production” data
- 2 different forms of media
- 1 off-site copy
Proton Drive can be a decent off-site backup, but it would be a good idea to make a separate backup of your data on a different form of media like an external hard drive, just in case Proton Drive goes down, or the data there gets corrupted and you need to restore a known good version.
deleted by creator
Since my current data store isn’t massive at the moment, if I have a fire (and I’m home), part of my plan is to grab my NAS on the way out.
But I still have off-site backup (and a local duplicate of my data).
Just always keep in mind that you might not be home and that this might not be your priority in the heat of the moment (no pun intended).
But I still have off-site backup
I also have extensive emergency planning that’s documented and practiced. I know what’s valuable, and what isn’t. Valuable stuff is already protected or planned for, not stuff I need to grab.
If I needed to leave, right now, I’d be out the door in under 5 minutes and have 3 day’s supply of food and water (with a compact cook kit), a week of clothes including cold-weather gear, phone chargers, batteries, flashlights, blankets, spare sunglasses, medicines, first aid kit, a small tool kit, spare glasses, etc, etc. And this list of stuff is documented.
Grabbing my little 5lb NAS is a trivial add-on that was only added to the list once everything else was organized. And it has its own bag, only need the NAS and power supply. I’ve added a handle to it (mostly to make it easy to move around), and everything has large, clear labels (no guessing which power supply goes with what device).
You guys have backups?
I have no extra drive of the capacity of my system. Maybe I should just go with hetzner or backblaze
deleted by creator
You guys have?
Acceptable for what? What do you, personally, consider an acceptable amount of loss, and time and money spent on recovery?
I don’t have any life-or-death critical data, so I have one local backup in case I corrupt my server again. If my house has a fire or flood, or lightning strikes and fries everything, or my stuff gets stolen, that loss is acceptable to me.
Would that be sufficient
No.
3-2-1
Three copies; your working copy, and a cloud copy, and (as an example) on and external HD that you keep at a friend’s house….
On two separate media… so yes cloud can cover that
One off site. So yeah cloud covers that.
Encryption on your off site copies. Yeah I don’t care if they are Linux ISOs or your grandmas recipes. ENCRYPTED
Thanks for coming to my TED talk
And I would argue that all data should be encrypted now, even the working copy. If you have data that’s worth backing up, you probably don’t want it in the hands of criminals or weirdos either.
It’s so easy to set up, just tick a box during os install most times. Then if you do rcline just use an encrypt on top of your remote, make sure your conf is backed up, and you’re golden
If you tick the encryption box during install, you will have to enter the decrypt password at every boot and that means that if the power goes out for long enough (UPS doesn’t keep the server up for hours), I (and my family) will not have access to the self hosted stuff until I’ll be home and this is why I encrypt only the data partition and not the boot one.
You can decrypt via ssh at boot. I used dropbear to accomplish that on my machine
That’s interesting, but that won’t help if I’m away or on vacation on the other side of the world
I may be missing something in your use case. As long as you have the port forwarded you can decrypt from anywhere. Use pub key auth and you’re good to go
You’re just missing the part where I want to be on vacation without the need to find a decent Internet connection to boot my server because the power went off. What’s the plus of encrypting the OS partition too?
Agreed… Yes, and… specific to backups all the encryption….
Your production stuff, yes should be as well
It is sad how many data recovery posts I see
Yep. And even I did it in my post. Notice what is missing?
Test your backups!
I’d say yes for home use that’s perfectly fine.
Lots of people here teach you the 3-2-1 rule. Which is how it’s supposed to be and stick to that if you’re a business or have valuable data… But that’s also not the whole picture.
I think more important than the actual number of backups is to make sure they work. I’ve seen computers where the backup or cloud sync failed and no one noticed. And after the harddisk got damaged they got aware of the fact that the last successful backup ran 9 months ago… Or people started to save things in a different directory and that drive wasn’t part of the backup. Or the backup was encrypted and the key got lost together with the original data.
I personally am a bit cheap on the third backup. I replace that with an old external drive and copy my vacation pictures there every half a year or so. Just don’t store that next to the computer so everything burns down together. I’d say that’s more than enough. And your cloud backup already does 99% of the job. It’s at a (physically) different location and does all the really important tasks (for home use.)
Monitoring if the backup task succeeded is important but that’s tue easy part of ensuring it works.
A backup is only working if it can be restored. If you don’t test that you can restore it in case of disaster, you don’t really know if it’s working.
Correct. What it appears to be and what it is, are often two very different things. And people often underestimate situations like desaster recovery… Everything is fine and dandy on the day you configure the backup job. But once you need it, that day is a desaster and everything has gone wrong. Now you need your plan to work flawlessly. And there are a lot of things that can go wrong, I’ve only highlighted a few of them. And lots of people have been burned by that before. There is only one way to make sure it works, and that is to test the whole procedure. And ideally not just once right after you configured it because things can go wrong later on, too.
Yes, absolutely. Ideally there would be an automated check that runs periodically and alerts if things don’t work as expected.
That depends on if you trust them. Also, would this be your only backup?
Fuck the 3-2-1 rule, I cant afford that. I just have my server and that connects each night to another server at my parents and does an incremental backup via kopia.
Or at least, that is my plan, currently i hook up a 10TB HDD from time to time and do a ZFS send… but the offsite backup is coming! For sure!
If it is not that much data though, take a look at Backblaze B2. Using that for a client that has a few 100 GBs and it costs about a euro a month currently. Incremental, encrypted, with kopia. But if it is multiple TB it can get real expensive real fast
Can vouch for kopia, excellent backup tool.
deleted by creator
It’s better than no backup at all, but ideally it shouldn’t be your only backup. Still, having any backup puts you ahead of the vast majority of computer users. If the data is truly of value to you, consider also keeping a second backup within your custody and away from your home.
I rotate two encrypted hard drives between work and home, performing a backup monthly and taking the newest backup to work before bringing home the previous.
My general rule with backups is the standard you pretty much hear everywhere: 3-2-1
3 copies of every file you value 2 different media 1 off site
For example, you can have two copies on one drive and a third in the cloud. That way you prevent accidental deletion, bit rot and house fire.
I dunno about 2 copies on one drive - they’re both at risk of the same drive failing, etc.
Yeah, but if your house burns down copies on different hdd wont matter much. Offsite like cloud will
It really doesnt matter much imo. The obvious best choice here would be three copies on three media in three locations. You can also argue for more. It depends on your threat model. If you have an offsite backup that is reachable from the host machine, a ransomware attack can still devastate you. I have therefore made deaddrops for backups so no machine or user has access to all of them.
This is a tough one. The problem with local only backups is, what if there’s a fire?
I use Amazon Glacier to store my pictures. It’s $0.0036 / GB per month, so I pay less than $2/month for ~535 GB of storage that I’m using right now. There is also a cost for downloading, but if I need it, I’m going to be happy to pay it (and the costs aren’t crazy). Uploads are free.
(The other problem with Glacier is that it’s not really an end-user-friendly experience, nor is it something easily automated. I use SimpleAmazonGlacierUploader, a Java program someone wrote, to do it. You can also upload to S3 and have it archive things to Glacier automatically - I’ve never tried this but it should work.)
I considered getting my brother or a friend to build two storage servers (with RAID5 or something) that we’d each keep at home, and just sync to each other. Good if you have a friend or family member willing to do it (or at least host your offsite box). Down sides: Cost to build it, time to build and maintain it, cost to replace things that break, plus cost for electricity. I’ve been using Glacier for many years, so by now maybe I would have spent less on that theoretical backup system, but I also did not have to worry about it.
Why not S3 Glacier Deep Archive?
0.00099$
I use it for that exact same use case.
Because I didn’t know it existed until now. :) I’ll have to look into that, thanks.
It isn’t cost effective. Go for Back blaze or some other backup service
Thanks - I’m also trying to replace google drive and eventually OneDrive so that I can easily access files across multiple devices (Linux, Win, Android) and sync the files. Proton seems like a good alternative until I have a home server set up, which will likely take me a year or two. I’m starting from zero knowledge and have very little free time to do it lol
I’m going to argue that, yeah, probably, but it depends.
Are you at risk of just losing your personal data, or is this hosting services other people upload shit to?
If you’ve got other people’s photos or documents or passwords or whatever, then no. You need more than one backup, you need to automate testing of your backups, and you need to make damn sure that you can absolutely recover from BOTH sets of backups.
If it’s just your shit, then you do what you’re comfortable with: if you lost your home server and it’s backups, then are you okay with that outcome?
If that’s a ‘no’, then you need more than the one backup, and testing, and automation blah blah blah.
I have the live server data, archives on a different drive in the system, and archives uploaded to the cloud.
About once a week or so I burn the local backup files to a BD-R, chuck that in a media-rated fire safe (an aside: a paper-rated fire safe is not sufficient for plastic disks, so make sure you buy one that actually will keep your backups from being melted otherwise, meh, you didn’t really do anything).
The cloud versions are on a provider that claims 99.99999% durability, which is good enough, and I keep 60 days of backups in the cloud so that I have enough versions to rotate back through.
I also built a 2nd little baby server that’ll grab the backups and do an automated restore and stand up my entire stack once a month, just to verify that the backup archives are actually backups and actually can be downloaded, unarchived, and automatically bring up all the stacks and populate the databases and have everything just appear up and running.
I use backblaze b2 for my storage. I use restic to backup everything to it. It works well and I’ve had it going for YEARS at this point. For things I could never replaced, like photos, I use external drives in addition to B2. Everyone knows that if something happens and we need to leave to just grab the drive that is stuck to the wall and the family photos will be safe.
My though process goes like this, everything backups to my home server. I have snap shots of the data on a normal basis. So if I need to get something back, going to a snap shot is pretty simple. If for some reason my server(s) just stopped existing for some reason I could pull it back from B2. I’ve only had to actually restore from B2 a handful of times and it was worth it.