For now my server doesn’t have very important data most of it are your “Linux isos” I can just download again and I’m thinking of starting to move my file and photos to the server but in afraid. What if I get a ransomwarei don’t realize and all my backups get encrypted too? Or if the backups are corrupted and my disks breaks? But also I’m afraid about cloud because I’ve seen some posts about people getting their google accounts closed without notice for breaking TOS (maybe they did something wrong maybe not).
You must log in or register to comment.
It is impossible to fully eliminate the risk but with a decent backup system in place it is somewhat unlikely to lose all of your data.
The 321rule should be used as a baseline. Your local backup should be snapshotted and somewhat hardened against ransomware (pull backups instead of pushing them, do not mount the backup volume to other machines). Cold backups also help.
Can I construct scenarios in which I lose all my stuff? Sure. But in those, we are either in deep shit anyway (CME, some big astroid) or it is pretty unlikely (targeted hacking)
I’m too poor for a 321 lol
How much value does the data have for you?
If it’s of very low value, that it doesn’t even justify the costs of doing proper backups, then it’s not so important to worry about it either.
My backups are tiered. Some stuff gets no backup at all, some gets even more than 3.And I tend to reuse HDDs that got replaced in my main machine due to size for my backups. Power consumption hardly matters when it only runs for a few minutes a day.
me too
This. With a proper backup strategy, you are reducing the probability of a catastrophic sequence of events. It becomes P(some unlikely event) x P(some other unlikely event) x … Etc. for as many events you can think of and/or can afford to mitigate.
As you say, the risk will never be zero. And even the best-laid plans can fail - the Gitlab incident a few years back saw five layers of backups and disaster preparedness fail.
Really, all you can do is backup your data using standard methods, and TEST THE RESTORE before you need to rely on it!
I’m more scared of online services being discontinued and/or being getting vendor locked and forced to pay ransom on a regular basis. Therefore, I host and back up everything on my own.
Follow the 3-2-1 principle and there is less reasons being scared of loosing data.
losing
A) Make backups B) take them offline.
I backup to Backblaze b2. I encrypt myself using rclone. Costing me $1-2/mo for about 100Gb that I’m currently using.
API key I use for automated backups is pretty much limited to write only and files are set to hidden when deleted, so not much risk, just an annoyance, if the key were stolen and they defaced my backups.
Once a year I might go delete some history to reduce my usage.
I lean towards scripts to automate setting up a system, so I don’t do full system backups. Downloaded video I also mostly skip using mirrored storage. In the event of a real disaster, its an acceptable loss.
Aren’t you scared about loosing your data?
No. I still have files from 1991. I’ve got files that have migrated from floppy disk to hard drive to QIC-80 tape to PD (Phase Change) optical disk to CD-RW to DVD+RW and now back to hard drives.
What if I get a ransomwarei don’t realize and all my backups get encrypted too?
Then you need to detect the ransomware before you backup. I use rsync --dry-run and look at what WOULD change before I run it for real. If I see thousands of files change that I did not expect then I would not run the backup and investigate what changed before running the rsync command for real.
Or if the backups are corrupted
I have 3 copies of my data. Local file server, local backup, remote file server.
I also run rsnapshot on /home every hour to another drive in the machine. I also run snapraid sync to dual parity drives in the system once a day.
I generate and compare stored file checksums twice a year across all 3 copies to detect any corruption. Over 300TB I have about 1 failed checksum every 2 years.
and my disks breaks?
If one of my disks breaks I buy a new one and restore from backups.
But also I’m afraid about cloud
I don’t use any cloud services because I don’t trust them.
About rsync --dry-run, let’s say I got a ransonware but its till encrypting the data will it detect the changes?
My backup strategy:
Data:
- Sycnthing with 1x Copy with my Clients and 1x Copy on my Server accessible via Nextcloud
- Daily Push-Backup with of my Nextcloud-Data-Folder via Kopia to Backblaze
- Daily Pull-Backup of my Nextcloud-Data-Folder via QNAP-NAS in the basementVM:
- Daily Backup of my VM’s to a Proxmox Backup Server running on QNAP-NAS
- Daily Backup of my VM’s to BackBlaze (but encrypted before)Still, I’m not fan of having just one Cloud-Backup. So I think I will also get Hetzner Cloud Storage for Borg Backup additional to Kopia.
Goal:
- Different Hardware (Server, QNAP, etc.)
- Different Backup software (Syncthing, Kopia, Borg)
- Different Backup technique (Push, Pull, Snapshots)
- Different LocationsHow do you prevent your backups from file corruptions being backed up?
Versioning is helping, I can go one year back in history.
No… I have proper, tested backups.
Paranoia is the reason I self host. Clouds can kick you out or lose your data at any time.
321 rule - anything super critical also gets off-sited to the cloud.
You SHOULD be scare of losing your data. In fact it’s a very likely outcome if you’re storing data and you don’t know what you’re doing. This is true of every electronic storage format. If you’re not ready to lose everything, you have periodically practice recovery from backup.
Over the years, i’ve met tons of novice computer users who tell me “I’m worried my files will get hacked if I store them on dropbox / cloud”. I always set them straight: the number one risk for you is losing your own data, not data theft, unless somehow your files contain industrial secrets worth hundreds of millions of USD.
I consider myself an experienced computer user and developer, having had various roles that border on sysadmin. I don’t trust myself to run my DIY NAS. For the stuff that matters, you should fear complexity as it 's a source of errors. You should doubt yourself at every step. Practice recovery. This is true for everything. I messed up my pfSense router config this weekend, it wouldn’t boot. I took the opportunity to practice recovering from backed up config (I should have done that much earlier).
lol
Some data are backed up to a local NAS, some of that data is backed up to cloud (not Google or the big ones).
Most of my data aren’t important. Photo library is both local, in the cloud, and most on offsite DVDs.
~45K lossless music files is local and cloud. Those would suck losing, but I could rip them again.
I’ve been considering tape backup again, it’s like 20 years since I used it at home.
ZFS (mirrored) two HDDs. If one HDD fails, then replace it and let it rebuild. Use 3 HDDs mirrored if you really think you could get a failure while the array is rebuilding.
Also have two external backups, one you do regularly at home, and another you keep off-site. When you visit that location (be it your parents, siblings, relatives, friends house) swap out your external backup with their off-site to ensure its kept up to date.
Make sure all disks are fully encrypted of course.
I’m currently using just an external drive to backup too, I use cloud storage for all my personal files, but my systems (I run a lot of servers that would be a pain to rebuild and reconfigure) and all my Linux ISOs are backed up nightly to a large external hard drive. However, I appreciate that I’m not covered for the local disaster scenario if my house was to set on fire, so my plan is to also implement Backblaze cloud backups of my server machine so I could have cloud backups of my backups at least.
you’re chances of being hit by lightning is probably higher than all 3 copies of your data being inaccessible all at the same time for whatever reason.