Backup

Doing backups for your data is, how to day, critical! But you need to answer a few questions first:

• What do i want to backup?
• Where can i store my backups?

And always remember the 3, 2, 1 rule of backup:

three copies of your data, kept in two locations and one location is off-site.

Also remember that RAID is not backup, because if you delete by error, it's gone. Also remember that SyncThing is not backup, again because if you delete by error, it's gone and what's worst, you have more than one location where you can make the error.

Backup means that your data is copied to a different location where you cannot modify or delete it directly, not by error but not even intentionally.

I have deleted files i shouldn't have, by being fully aware of what i was doing, then cursing myself profusely. I have also deleted stuff by error by typing the wrong command or running the wrong script, then cursing myself again profusely. but i have never lost data to hardware fialure, thanks to using RAID arrays.

In other words: backups are there to protect the data from yourself.

Backing up everything would require a duplicate of your storage. Is it really needed? No it's not.

First of all, i do not backup anything that i could download again.

Also, i don't backup binaries, services or the Operating System itself.

I do backup all personal data like documents, scanned documents, photos taken by me, source code written by me, calendars and contacts and so on.

I also backup all my Gentoo /etc folder, because it's easy to misstep and delete something important while upgrading your system.

Don't store them on the server. I have OpenWRT WiFi Access Points with a USB plug, so i connected a big enough SSD over USB and that's my first backup destination. I have mounted that filesystem via NFS on the server so it's easy and simple.

You will also need a second, off-site backup storage: some cloud system (like gdrive or dropbox) might work, but using your external server could even be a better idea. After all, you already pay for it and 99% of it's storage space is probably wasted anyway.

Of course, if you have your in-laws with good internet connection you might plug a usb-drive there too and use that as well… More the better…

There are tons of backup solutions out there. I wanted a no fuss, jut works practical solution that is encrypted, has been around for long enough to be stable, and has outstanding user feed-backs.

I ended up going with Restic that it's simple, don't get in the way, and its rock solid.

A solid and well proven backup solution, it could be completed with a GUI to manage stuff, but it's not critical to have one.

Restic can backup anything to anywhere, including SSHFS (for remote shares) and most of commercial cloud solutions.

emerge restic

Create new storage repository with:

 restic init --repo /backup/NAS/backup/server-etc

think of a good password.

Then perform backup to the repository:

restic -r /backup/NAS/backup/server-etc --verbose backup /etc

You will need to use the password you thought about before.

Now, save that password in a file under /root folder to be sure nobody can sniff it:

echo password > /root/restic-password

(maybe use a less conspicuous filename!)

Then you want to automate the backup, so add this line to root's crontab (crontab -e):

0 0 * * * restic -r /backup/NAS/backup/server-etc -p /root/restic-password backup /etc

There you go. You need the stored password to automate the backup.

+ put into crontab

For SyncThing to be useful you need to run it as the users group, and you should also ensure SyncThing data and logs are stored on your raid arrays. Edit the /etc/conf.d/syncthing configuration file:

synchting

SYNCTHING_USER="syncthing"
SYNCTHING_GROUP="users"

# Configuration directory
SYNCTHING_HOMEDIR="/data/syncthing/.config/syncthing"

# Log file location
SYNCTHING_LOGFILE="/data/syncthing/syncthing.log"

And create the /data/syncthing folder that will contain default shared folders and logs:

mkdir /data/syncthing

Add it to default runlevel and start it:

rc-update add syncthing default
/etc/init.t/syncthing start

Open your browser to http://127.0.0.1/8384