Hi all, I’m just getting my feet wet in self hosting and have a plan to start with Nextcloud on a Pi 4 for photo backups, and then try other things for calendar, phone backups, media hosting, etc.
One thing I worry about is losing my data. I have heard “if it’s not backed up in two locations, it’s not backed up.” I’m curious what all of you do for backing up the setup. Remote backup to hard drives in the garage? Pay for cloud backup and encrypt it? Just another backup site over wifi in the house?
I’d be most afraid of losing photos and if there were a house fire or something. So my inital thought was a way of backing up to a server in my detached garage in a weather resistent container, but I want to know what you all think. Thanks for any insight.
Basically:
Small proxmox node (Zimablade) that basically does only operate a Proxmox Backup Server for local clients and fast backup.
Offsite ZFS send to a VPS I operate for that purpose. As well as Proxmox Backup Server for VMs,etc. Basically meant as a fast recovery option. (Layer7)
Offsite S3 storage backup to a different provider from above. Meant for a medium term backup. (Hetzner and IONOS)
Portable HD: I have two different portable HDs. One is hooked up to the Backup server, the other one is in a lock box in my banks safe. The “connected one” does a weekly backup (and is switched off in between). Once in a while (around 6 to 12 weeks, with 12 weeks being the hard maximum) I take the active one to the bank and both drives switch places. That provides a full backup. (WD My Book and Seagate Expansion - the differrnt manufacturers are intentional)
Last line of defence: The real real important things (photos of life events-weddings,etc.- important documents,Password DBs) etc.) get burned on a M-disc Archive blue ray. They are also in the bank safe and at a secure third location. They are more meant for “shit hit the fan and I might not be there anymore,but maybe the kids want these”. Additionally they provide a defence against encryption viruses - write once reas many (WORM) has it’s advantages here.
This is another thing to consider: Have detailed descriptions for others how to retrieve your data in case something happens. I operate a private wiki (on an external server) that also gets saved into the M-Discs that has step by step instructions, as they might need to be followed by someone not that tech adept. (Like my In-Laws in case both my wife and I perish.), have notes in my password DB (Vaultwarden, which has a digital heritage/emergency access function and is also exported), in the vault, and a note in my will notifying people about this.
Edit: And: Test your recovery. Almost every data loss I have witnessed in the last years was a recovery problem. Missing encryption keys, data structure issues, etc. I have seen them all. Personally I try to recover a random file (as in: A script tells me which one) twice a year from every method and try a full recovery of each method at least once six month after introduction. Thst being said: It’s nice to have encrypted backups,but that doesn’t help if you can’t find the keys/the software does no longer exist,etc. Currently a LOT of my clients have the same problem: They use Tandberg RDX for backup, including WORM. Now, Tandberg has gone bust and it’s not that unlikely that yhey won’t be able get another RDX drive in 5 or 10 years. Or 20. Which is the legal requirement for some official files here. Well,fuck. They needed to get additional drives asap when the bankruptcy became official.
Friends have used ancient LTOs and now face the same issues - LTOs are not downwards compatible. (That’s why I use “common” technology. It’s extremely likely that I will be able to find a spare BD drive in 20 years,etc.)
Lots of great advice here but this stands out as a really good bit that a lot of people (including myself) need to consider.
Weekend proooojeeeeeect! 🎵
Thanks a lot. I expanded it a little bit.