I used Sftpgo as my SFTP server because it is open-source, looks well-maintained and supports deployment via Docker. Hence, the NAS needs to expose an SFTP server for Kopia to connect to. The most convenient way for an instance of Kopia running on a client to send backups to the server is via SFTP. If clients are infected by ransomware, the backups on B2 are safe as clients don't have a direct connection to B2. More importantly, this means that only the server needs to have the credentials needed to access backups on B2. Data transfers on the local network are also much faster. Hence, having a server for primary backups running on the local network avoids these download fees. Retrieving data off the cloud can be expensive due to download fees. Why not have clients back up to B2 directly instead? You may be wondering if the NAS is redundant, given the use of cloud storage for an off-site backup. The NAS also runs Kopia to back up its contents to B2 for an extra layer of redundancy. Kopia has an optional GUI, but I'll be using the command line.Ĭlients will be backing up to the NAS via Kopia. As far as I'm aware, Duplicacy is the only other free tool that supports this feature. Multiple devices can concurrently write to the same destination. This means that it does not need to hold a global lock on the backup destination when performing a backup to prevent simultaneous concurrent backups from other clients from occurring. Notably, Kopia supports lock-free deduplication. Kopia supports B2 (among numerous other cloud storage backends), compression, encryption and data deduplication. Kopia for cross-platform, open-source backups. B2's pricing is competitive: storage is charged at US$0.005 / GB / month, downloads are US$0.01 / GB with the first GB of the day free and uploads are free. I chose B2 for its simplicity, its track record (They're storing over an Exabyte of data) and affordability. You can technically use any cloud storage service for this. B2 offers an API which is supported by many backup tools. I got a Synology DS918+ for this purpose because it supports RAID and uses the BTRFS filesystem which protects against bit rot.īackblaze B2 for cloud storage 1. I used the following for automated backups:Ī NAS that acts as a backup server running on the local network. This allows restoration of individual files to undo mistakes or entire folders to recover from ransomware. However, it doesn't do anything to prevent bit rot, file corruption, accidental deletions, ransomware or a power surge frying the RAID array.īackups store multiple versions of files so you can go back in time. RAID protects against hard drive failure. Although some cloud synchronization services have some form of versioning, retention of old versions is usually limited to a short period like 30 days. However, this also means that any accidental deletions or files being overridden by ransomware gets propagated to all your other devices. They are designed for keeping files on multiple devices synced. Services like Dropbox and Google Drive market themselves as a backup solution. This also has the nice side effect of efficient incremental backups because only the parts of the file that changed need to be stored.īackups are often used interchangeably with cloud synchronization services. This is done by breaking up data into smaller blocks so that if two files are mostly similar, only blocks that represent the differences between both files need to be stored. Data deduplication: avoids storing multiple copies of the same data.This is especially important when backing up to the cloud. Encryption: encryption is the only way to ensure the confidentiality and integrity of your backups.Cloud storage support: backing up to the cloud is an easy way of having an off-site copy of data.This means that backup copies should not be mounted onto the filesystem, as that leaves them vulnerable to being encrypted as well. Ransomware-proof: ransomware is becoming increasingly common. 1 copy of the data is off-site (on the cloud or in a different physical location).Copies should be stored on at least 2 different devices.3 copies of data: a primary copy and 2 backups.Automated: backups are only effective if they happen automatically in the background.ģ-2-1 Rule: backups should follow the 3-2-1 rule.This means I needed something that would work on both Windows and Linux. Cross-platform support: I needed to back up files on my Windows laptop as well as a Synology DS918+ NAS.Step 2: Automating Client Backups to The ServerĪ good backup system should have the following:.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |