Backup
This page documents how VPS'es are backed-up, and where.
The backup strategy relies on the following components:
- backupninja, on top of restic
- rsync.net, via an account held by @OdyX
- A Kobol NAS with lots of Tb, at @OdyX 's place
How-to setup backup on a fresh VM
Let's assume cloud-init has ran correctly, so:
- there's a unique password for
resticin/etc/restic.passwd roothas a password-less ed25519 SSH key, which public part is in/root/.ssh/id_ed25519.pub
You still need to:
- Add the root key to the rsync.net account
1.1. Get the key from the host
sudo cat /root/.ssh/id_ed25519.pub
1.2. From a host from which you have a valid key to access the rsync.net account:
echo "$SSH_PUBKEY" | ssh zh1498@zh1498.rsync.net 'dd of=.ssh/authorized_keys oflag=append conv=notrunc'
- Update
/etc/backup.d/90-rsync-net.resticto make sure the right directories are included / excluded - Store the
RESTIC_PASSWORDas found in/etc/restic.passwdto Bitwarden, in the Flosstools collection. - Run the backup once
sudo backupninja --conffile /etc/backup.d/90-rsync-net.restic --debug --now
It will now run every night at 1h, unless otherwise configured