How would you Setup a backup strategy with local, onsite and offsite backups?
I am currently thinking about changing my backup Habits and i am evaluating to use restic for that Scenario.
Would you guys prefere to have some machine local backup, sync that to some onsite and from there to some offsite storage?
Or are you directly backing up to some onsite or offsite storage?
I do have one Windows pc, one Windows Laptop, one Ubuntu Laptop, 2xArchlinux RaspberryPies (one for onsite and for offsite storage)
What do you guys think?
I was about to write the points that I think constitutes a good backup strategy, but it’s rather extensive so I will not bore you with it.
For what you have described I presume that by “local” you mean your original copy of the data (on the systems you want to back up), since i fail to see how “local” and “onsite” backups would otherwise be different.
In that scenario and with what you describe I would go with two separate backup repositories, one onsite and one offsite.
Whether to put the two clients’ backups in one and the same repository or having a repository for each client depends on what data you have, how common it is, etc. If they’re totally separate clients not sharing much data there’s not much in terms of deduplication, and since there’s no ACL in the repo (just multiple keys so you can revoke a key if a system gets compromised) it might then be better to keep them separated to avoid an attacker getting access to the other system’s data in case of a breach.
But if they’re quite common in terms of data on them, then it might make more sense to put them in the same repo, both for deduplication and because an attacker would have most of the data anyway.
Those are my initial thoughts on a simple strategy.
I run restic twice. One to a location in the house and again to a remote location. The scanning seems efficient enough that it isn’t a big deal.
The other approach would be to backup locally and then use rsync/rclone to sync the local backup to the remote location. I don’t do that myself because I make my local backup bigger with items that are less critical so I don’t waste network bandwidth on them. For example, I don’t send DVD rips remotely. They are a pain to recreate, but I still have the disks.
I also have a slight aversion to the rsync approach because it is agnostic to restic’s file format so it isn’t clear if an interrupted transfer will still be valid.
To clearify this:
local - on the machine itself (protect against accidently delete)
onsite - different machine, same room/lan (protect against broken machine)
offsite - different machine, somewhere else (protect against burning houses, somehow…)
Could you Elaborate on this a bit? So you would have two Jobs running, one for onsite and one for offsite? Or would you create one backup onsite and then sync that somehow somewhere else?
I would do it like @wscott - one separate backup per location, I would not sync.
I’m not sure I see much of a point in having that local backup. It will cost you a lot of disk space, just to protected against accidental deletes, which you hopefully only do very rarely, and when you do will have two other backups to restore from.
You are right with that. Normally i don’t delete accidently, even though my Name might Point in a different direction