My backups in 2021
This documents my backup process as of 2021.
Local state minimization
I try to keep my environment as ephemeral (stateless) as possible. All my projects’ are hosted in either SourceHut or GitHub. My configuration files live in SourceHut.
Local, non-ephemeral data is synchronized between hosts using Syncthing. For iOS devices I use Möbius Sync.
Local backup
I have Linux (Debian/Ubuntu), macOS and Windows hosts. My servers do not have a local state, thus my focus are laptops and workstations.
I prefer higher level, system native backup applications for local backups.
For macOS this means using Time Machine. If I were to back up the Windows host, I
would use the Window native backup application. The benefit of system native
applications is that they have more access system state, such as battery
level. On Linux hosts I use restic integrated into systemd
with user
units.
Local backups are done frequently.
Remote backup
I use restic
to push my backups into two different destinations:
Backblaze B2 and Kapsi. From Kapsi, a
Finnish user can get 50+500 gigabytes of storage for 40 euros / year (among
other things).
Since restic
does not support configuration files, I’ve successfully used
crestic to backup my home directory to multiple locations.
How crestic
works is simple: its configuration maps to restic
’s
command-line arguments.
I use the following crestic
configuration on macOS:
[global]
verbose:
[global.backup]
exclude-caches:
one-file-system:
exclude-file: ~/.restic/exclude
[global.forget]
group-by: paths
keep-last: 3
keep-daily: 7
keep-weekly: 5
keep-monthly: 12
keep-yearly: 75
[home@.backup]
tag: full-home
arguments: ~
[@kapsi]
repo: sftp:kapsi:backup/macbookpro
password-command: security find-generic-password -s backup-restic-repository -w
[@b2]
repo: b2:bucket:macbookpro
[@b2.environ]
B2_ACCOUNT_ID: .
B2_ACCOUNT_KEY: .
Using the above configuration file, backups are done to B2 and Kapsi as follows:
$ crestic home@kapsi backup
$ crestic home@b2 backup
Tip: you can create a Backblaze bucket key with a directory prefix to allow different hosts to backup securely into the same bucket.