I’m planning on setting up a nas/home server (primarily storage with some jellyfin and nextcloud and such mixed in) and since it is primarily for data storage I’d like to follow the data preservation rules of 3-2-1 backups. 3 copies on 2 mediums with 1 offsite - well actually I’m more trying to go for a 2-1 with 2 copies and one offsite, but that’s besides the point. Now I’m wondering how to do the offsite backup properly.

My main goal would be to have an automatic system that does full system backups at a reasonable rate (I assume daily would be a bit much considering it’s gonna be a few TB worth of HDDs which aren’t exactly fast, but maybe weekly?) and then have 2-3 of those backups offsite at once as a sort of version control, if possible.

This has two components, the local upload system and the offsite storage provider. First the local system:

What is good software to encrypt the data before/while it’s uploaded?

While I’d preferably upload the data to a provider I trust, accidents happen, and since they don’t need to access the data, I’d prefer them not being able to, maliciously or not, so what is a good way to encrypt the data before it leaves my system?

What is a good way to upload the data?

After it has been encrypted, it needs to be sent. Is there any good software that can upload backups automatically on regular intervals? Maybe something that also handles the encryption part on the way?

Then there’s the offsite storage provider. Personally I’d appreciate as many suggestions as possible, as there is of course no one size fits all, so if you’ve got good experiences with any, please do send their names. I’m basically just looking for network attached drives. I send my data to them, I leave it there and trust it stays there, and in case too many drives in my system fail for RAID-Z to handle, so 2, I’d like to be able to get the data off there after I’ve replaced my drives. That’s all I really need from them.

For reference, this is gonna be my first NAS/Server/Anything of this sort. I realize it’s mostly a regular computer and am familiar enough with Linux, so I can handle that basic stuff, but for the things you wouldn’t do with a normal computer I am quite unfamiliar, so if any questions here seem dumb, I apologize. Thank you in advance for any information!

  • Onomatopoeia@lemmy.cafeEnglish
    7·
    27 days ago

    As others have said, use tools like borg and restic.

    Shop around for cloud storage with good pricing for your use-case. Many charge for different usage patterns, like restoring data or uploading.

    Check out storj.io, I like their pricing - they charge for downloading/restore (IIRC), and I figure that’s a cost I can live with if I need to restore.

    Otherwise I keep 3 local copies of data:

    1 is live, and backed up to storj.io

    2 is mirrored from 1 every other week

    3 is mirrored from 1 every other week, opposite 2

    This works for my use-case, where I’m concerned about local failures and mistakes (and don’t trust my local stores enough to use a backup tool), but my data doesn’t change a lot in a week. If I were to lose 1 week of changes, it would be a minor issue. And I’m trusting my cloud backup to be good (I do test it quarterly, and do a single file restore test monthly).

    This isn’t an ideal (or even recommended approach), just works with the storages I currently have, and my level of trust of them.

  • irmadlad@lemmy.worldEnglish
    61·
    27 days ago

    so if any questions here seem dumb

    Not dumb. I say the same, but I have a severe inferiority complex and imposter syndrome. Most artists do.

    1 local backup 1 cloud back up 1 offsite backup to my tiny house at the lake.

    I use Synchthing.

    • qjkxbmwvz@startrek.websiteEnglish
      2·
      27 days ago

      Same — rsync to a pi 3 with a (single) ZFS drive at family’s house. Retain some daily/weekly/monthly snapshots.

      I have a (free) VPS with static IPv4 which is how I connect everything.

      Both the VPS and the remote site have limited network speed (I think 50Mbps for VPS), so the initial sync was done sneakernet (well…“airplane net”). Nightly rsync is no problem bandwidth-wise, and is mostly just any new videos I’ve uploaded to my local Immich instance.

  • iknowitwheniseeit@lemmynsfw.comEnglish
    5·
    26 days ago

    I just use restic.

    I’m pretty sure it uses checksums to verify data on the backup target, so it doesn’t need to copy all of the data there.

  • harsh3466@lemmy.mlEnglish
    31·
    27 days ago

    Right now I sneaker net it. I stash a luks encrypted drive in my locker at work and bring it home once a week or so to update the backup.

    At some point I’m going to set up a RPI at a friend’s house, but that’s down the road a bit.

  • bandwidthcrisis@lemmy.worldEnglish
    3·
    27 days ago

    I use rsync.net

    It’s not the lowest price, but I like the flexibility of access.

    For instance, I was able to run rclone on their servers to do a direct copy from OneDrive to rsync.net, 400Gb without having to go through my connection.

    I can mount backups with sshfs if I want to, including the daily zfs snapshots.

  • piefood@feddit.onlineEnglish
    1·
    27 days ago

    I use LUKS and backup to a usb-drive that I have at home. I rsync those backups to my work once a week. Not everyone can backup to their office, but as others have said, backing up to a friend/family member’s house is doable. The nice thing about rsync is that you can limit the bandwidth, so that even though it takes longer, it doesn’t saturate their internet connection.

  • q7mJI7tk1@lemmy.worldEnglish
    1·
    27 days ago

    I spend my days working on a MacBook, and have several old external USB drives duplicating my important files, live, off my server (Unraid) via Resilio to my MacBook (yes I know syncthing exists, but Resilio is easier). My off-site backups are to a Hetzner Storage Box using Duplicacy which is amazing and supports encrypted snapshots (a cheap GUI alternative to Borgbackup).

    So for me, Resilio and Duplicacy.

  • d00phy@lemmy.worldEnglish
    3·
    27 days ago

    My dad and I each have Synology NAS. We do a hyper sync backup from one to the other. I back up to his and vice versa. I also use syncthing to backup my plex media so he can mount it locally on his plex server.

  • cron@feddit.orgEnglish
    3·
    27 days ago

    RClone to a cloud storage (hetzner in my case). Rclone is easy to configure and offers full encryption, even for the file names.

    As the data is only uploaded once, a daily backup uploads only the added or changed files.

    Just as a side note: make sure you can retrieve your data even in case your main system fails. Make sure you have all the passwords/crypto keys available.

  • pinguin@fault.suEnglish
    1·
    26 days ago

    I tend to just store all my backups off-site in multiple geographically distant locations, seems to work well