Backup of backup?


I would like to have an on-site backup on my Raspberry PI, and an off-site backup in the cloud.

Problem 1.
I could run backups to various destinations from my laptop, but it doesn’t really scale that well, and it’s generally not what I want.

Problem 2.
Cannot just copy the database to the cloud, because if it were intentionally or otherwise altered, my cloud backup would be worthless as well.

Problem 3.
I cannot just create an off-site backup from a mounted on-site backup, because the Raspberry PI would need to know the passwords - not a very good idea.

Potential solution:
Backing up the entire encrypted repository (so having a nested backup of a backup)
My question is - is there anything that you know of that would make it a bad idea?
I don’t mind that decrypting the backup will require two passwords.

You can also use rclone copy --immutable to sync the repository to cloud storage. These arguments make it “append-only”:

  • copy will not delete extra files that exist in the destination. (Contrast this with sync, which means “make the destination match the source.” copy means “sync anything missing from the destination, but don’t delete extra stuff that the destination has.”)
  • --immutable will not update files that already exist in the destination.

Make sure that you don’t run this while backups are running. --immutable means that partial pack files may be copied to the destination, but will never be updated later when they are complete.

A periodic restic check --read-data against the cloud storage would be prudent to make sure that there aren’t partial pack files or other damage.