this post was submitted on 10 May 2025

176 points (99.4% liked)

Selfhosted

46672 readers

264 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

[email protected]

176

3-2-1 Backups: How do you do the 1 offsite backup? (lemmy.blahaj.zone)

submitted 2 weeks ago* (last edited 2 weeks ago) by [email protected] to c/[email protected]

123 comments fedilink hide all child comments

I'm planning on setting up a nas/home server (primarily storage with some jellyfin and nextcloud and such mixed in) and since it is primarily for data storage I'd like to follow the data preservation rules of 3-2-1 backups. 3 copies on 2 mediums with 1 offsite - well actually I'm more trying to go for a 2-1 with 2 copies and one offsite, but that's besides the point. Now I'm wondering how to do the offsite backup properly.

My main goal would be to have an automatic system that does full system backups at a reasonable rate (I assume daily would be a bit much considering it's gonna be a few TB worth of HDDs which aren't exactly fast, but maybe weekly?) and then have 2-3 of those backups offsite at once as a sort of version control, if possible.

This has two components, the local upload system and the offsite storage provider. First the local system:

What is good software to encrypt the data before/while it's uploaded?

While I'd preferably upload the data to a provider I trust, accidents happen, and since they don't need to access the data, I'd prefer them not being able to, maliciously or not, so what is a good way to encrypt the data before it leaves my system?

What is a good way to upload the data?

After it has been encrypted, it needs to be sent. Is there any good software that can upload backups automatically on regular intervals? Maybe something that also handles the encryption part on the way?

Then there's the offsite storage provider. Personally I'd appreciate as many suggestions as possible, as there is of course no one size fits all, so if you've got good experiences with any, please do send their names. I'm basically just looking for network attached drives. I send my data to them, I leave it there and trust it stays there, and in case too many drives in my system fail for RAID-Z to handle, so 2, I'd like to be able to get the data off there after I've replaced my drives. That's all I really need from them.

For reference, this is gonna be my first NAS/Server/Anything of this sort. I realize it's mostly a regular computer and am familiar enough with Linux, so I can handle that basic stuff, but for the things you wouldn't do with a normal computer I am quite unfamiliar, so if any questions here seem dumb, I apologize. Thank you in advance for any information!

(page 3) 24 comments

sorted by: hot top controversial new old

[–] [email protected] 1 points 1 week ago

My friend has 1G/1G Internet. I have a rsync cron job backing up there 2 times a week.

It has a 8TB NVMe drive that I use bulk data backup and a 2TB os drive for VM stuff.

[–] SreudianFlip 1 points 2 weeks ago

Most of my work is with Macs, and even one server is running macOS, so for those who don't know how it works 'over there', one runs Time Machine which is a versioning system keeping hourlies for a day, dailies for a week, then just weeklies after that. It accommodates using multiple disks, so I have a networked drive that services all the mac computers, and each computer also has a USB drive it connects to. Each drive usually services a couple of computers.

Backups happen automatically without interruption or drama.

I just rotate the USB drives out of the building into a storage unit once a month or so and bring the offsite drives back in to circulation. The timemachine system nags you for missing backup drives if it's been too long, which is great.

It’s not perfect but very reliable and I wish everyone had access to a similar system, it's very easy, apple got this one thing right.

[–] [email protected] 1 points 1 week ago

LTO8 in box elsewhere

The price per terabyte became viable when a drive was on sale for half off at a local retailer.

Works well and it was a fun learning experience.

[–] [email protected] 1 points 1 week ago

I built a near identical server for my parents and just sync my nextcloud folder to theirs using syncthing

[–] [email protected] 1 points 1 week ago

I bring 1 of my backup disks to my inlaws. I go there regularly so it's a matter of swapping them when I'm there.

[–] [email protected] 1 points 1 week ago

I also had been contenplating this for a while. The solution I implemented recently is:

The system itself is a RPI on NixOS. The system can be reproduced from the NixOS configuration. The NixOS configuration is stored on GitHub. Since I can reproduce the sdcard image (and full system) from the configuration I opted to not do any backup of the sdcard/system itself.

I've also opted to not use raid, as I can replace/add a RPI without too much hassle.

The real backups for me are for photos. Those are stored on a M.2 storage. A second (similar) RPI is placed at my dad's place. The rpis run tailscale and syncthing. Syncthing syncs using staggered mode (stores 1 version for the last day/week/year) and the RPI at my dad is untrusted, so the backup files are sent/stored encrypted there.

This setup hasn't run very long yet, so I won't recommend it, but it seems to check quite a lot of boxes for me. Maybe it gives some ideas. I'm also interested what alternative solutions others came up with.

[–] [email protected] 1 points 1 week ago (2 children)

I tend to just store all my backups off-site in multiple geographically distant locations, seems to work well

load more comments (2 replies)

[–] [email protected] 1 points 2 weeks ago

My automated workflow is to package up backup sources into tars (uncompressed), and encrypt with gpg, then ship the tar.gpg off to backblaze b2 and S3 with rclone. I don't trust cloud providers so I use two just in case. I've not really been in the need for full system backups going off site, rather just the things I'd be severely hurting for if my home exploded.

But to your main questions, I like gpg because you have good options for encrypting things safely within bash/ash/sh scripting, and the encryption itself is considered strong.

And, I really like rclone because it covers the main cloud providers and wrangles everything down to an rsync-like experience which also pretty tidy for shell scripting.

[–] [email protected] 1 points 1 week ago

I have a storage VPS and use Borg backup with Borgmatic. In my case, I have multiple systems in different repos on the remote. There are several providers, such as hetzner, borgbase, and rsync.net that offer borg storage, in the event you don't want to manage the server yourself.

[–] [email protected] 1 points 1 week ago* (last edited 1 week ago)

Veeam Backup&Replication with a NFR license for me.
My personal setup:
First backup: Just a back up to a virtual drive stored on my NAS
Offsite backup: Essentially an export of what is available and then creates a full or incremental backup to an external USB drive.
I have two of those. One I keep at home in case my NAS explodes. The second is at my work place.
The off-site only contains my most important pieces of data.
As for frequency: As often as I remember to make one as it requires manual interaction.

Our clients have (depending on their size) the following setups:
2 or more endpoints (excluding exceptions):
Veeam BR Server
First backup to NAS
Second backup (copy of the first) to USB drives (min. of 3. 1 connected, 2 somewhere stored in the business, 3 at home/off-site. Daily rotation)
Optionally a S3 compatible cloud backup.

Bigger customers maybe have mirroring but we have those cases very rarely.

Edit: The backups can be encrypted at all steps (first backup or backup copys)
Edit 2: Veeam B/R is not (F)OSS but very reasonable for the free community edition. Has support for Windows, mac and Linux (some distros, only x64/x86). The NFR license can be aquired relatively easy (from here and they didn't check me in any way.
I like the software as it's very powerful and versatile. Both geared towards Fortune>500 and small shops/deployments.
And the next version will see a full linux version both as a single install and a virtual appliance.
They also have a setup for hardened repositories.

[–] [email protected] -3 points 1 week ago* (last edited 1 week ago)

Amazon AWS Glacier

Edit: I was downvoted for this, but it’s genuinely a more affordable alternative to Backblaze whose finances are questionable.

load more comments