this post was submitted on 23 Aug 2023
33 points (90.2% liked)

Selfhosted

41317 readers
833 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
 

For those of you running Unraid and backing up their data to Backblaze, how are you doing it?

I’ve been playing a bit with KopiaUI but what is the easiest and most straight forward way?

Bonus points if I can have the same “client/software/utility” backup data from non-servers (Windows, macOS and Linux) in my network to said Unraid server.

I don’t want to complicate the setup with a bunch of dependencies and things that would make the recovery process long and tedious or require in-depth knowledge to use it for the recovery process.

To recap:

Workstations/laptop > back up data with what? > Unraid

Unraid > back up data with what? > Backblaze

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago (1 children)

I'm still working on the amount changed, making sure I'm happy with it before it's completely automated, but I'm working on parsing the results of summary and --dry-run on a precheck, so if oh, 10% of the files would be changed or more than cancel it, send me a notification, and for that I'd run it manually myself. Still fine tuning and not quite happy with it yet.

My first iteration was to cherry pick a few "key" files that would be randomly around my file system. Things that I will probably never ever change. This has been proven to work for a long time and honestly has saved my ass because I did accidently wipe out a few files once and this verified that my backups wouldn't run until I fixed it. It's a bit dumb but it did the trick for me:

#!/bin/bash

# check_file takes in a path to a local file and it's "known good hash"
function check_file {
  actual=($(md5sum "$1"))
  if [[ "$actual" != "$2" ]]; then
    echo "ERROR: $1 did not match it's hash value."
    echo "$actual != $2"
    echo "Possible attack.  Exiting"
    exit 1
  fi
  echo "Validated $1 matches the checksum on file"
}

echo Starting Safety Checks

check_file /mnt/user/myshare/mything b04b917c1f66e52adf2722d35f9b51b6
# about 5 random per share

rclone copy /mnt/user/myshare myremote:/myshare

Like I said, don't judge too much, but for me it's a "poor man's ransomware checker". If any of those have been modified, do not perform a backup, notify me, and shutdown.

[–] lal309 1 points 1 year ago (1 children)

The script I’m building is coming up nicely. I have it checking for error codes, logging to a file and sending discord notifications. Next step is to finish up all the rclone copy’s and syncs I want to do and then trying to encrypt the data client side before uploading to cloud. I’ve seen mention of crypt but can’t find it in the official rclone docs (yet).

[–] [email protected] 1 points 1 year ago (1 children)

crypt is pretty simple honestly, go through prebuild but it's essentially just sitting on top of another remote. So I usually use the convention {remotename}-crypt. It'll simply rename and encrypt anything and then pass it into the remove you already set up. A good way to test it is once you've copied some stuff over with the crypt set up try to mount it using rclone mount and try to read some of your files, it should be fine.

Don't forget to back up (securely, and obviously not on your encrypted share) your rclone config! if those keys are lost than so is your data.

[–] lal309 1 points 1 year ago (1 children)

I don’t need the whole rclone.conf file right? Just the authentication stuff for the underlying remote, the password for crypt and the salt for crypt. If I have that shouldn’t I be able to recreate the access and subsequently the decryption key to be used on some other machine?

[–] [email protected] 1 points 1 year ago

I do, but it's more of a don't forget how it was made thing for me. I encrypted my file and put it on another cloud provider in case I lose it