Table of Contents

• Introduction
• Getting Started
• Installation
• Usage
  • Basic Usage
  • Advanced Usage
• Contributing
• License
• Kopia
• Restic

gantt
    title Snapshot & Backup
    dateFormat  HH:mm
    axisFormat  %H:%M

    section Machines
    Truenas (h610i)                 :   active, 00:00, 3h
    ArgoCD SyncWindow deny          :   active, 00:00, 6h

    section ZFS
    Scub                            :   01:00, 1h

    section Longhorn Snapshots
    vaultwarden-data                :   00:10, 15m
    davis-data                      :   00:10, 15m
    
    section Longhorn Backups
    vaultwarden-data                :   00:20, 15m
    davis-data                      :   00:20, 15m

    section restic
    vaultwarden-ionos1              :   00:30, 15m
    vaultwarden-ionos2              :   00:30, 15m
    vaultwarden-hetzner             :   00:30, 15m
    vaultwarden-tryrocketcloud (weekly)   :   00:30, 15m
    davis-ionos1                    :   00:30, 15m
    davis-ionos2                    :   00:30, 15m
    davis-hetzner                   :   00:30, 15m
    davis-tryrocketcloud (weekly)           :   00:30, 15m

Storage	Column 2	Column 3
Hetzner Storage Box	Data 1	Data 2
IONOS s3 Object Storage	Data 3	Data 4
Row 3	Data 5	Data 6

Backup Policy

…

How to setup backup

Hetzner Storagebox

…

Ionos Object Storage

…

How to restore backup

…

TLDR;

Strategy: 3-2-1

Retention:

• Short-Term Retention: 30 days
• Medium-Term Retention: 3 months
• Long-Term Retention: 1 year

Locations:

• Hetzner StorageBox (off-site)
• TrueNas (on-site)

Backup Software:

• restic
• BorgBackup

Chekc this

• Hetzner StorageBox (sftp, daily)
  • data
  • database
• TrueNas (sftp, daily)
  • data
  • database
• Longhorn
  • snapshots (on demand)
  • backups (daily)

Hetzner StorageBox

Introduction

https://docs.hetzner.com/de/robot/storage-box

Setup

1. Create backup folder on StorageBox under tryrocket.cloud/<your-app-name> with root account

   ssh -p23 [email protected]
   mkdir -p tryrocket.cloud/<your-app-name>
   

2. Create subaccount on Hetztner UI https://robot.hetzner.com/storage

3. Add ssh key to subaccount

   ssh-copy-id -i /path/to/your/public_key.pub -p 23 -s [email protected]
   

4. Add storagebox to .ssh/config

   Host storagebox
       User uXXXXXX-sub1
       HostName uXXXXXX.your-storagebox.de
       IdentityFile ~/.ssh/id_ed25519
       Port 23
   

5. Test conncection

   ssh storagebox
   

6. Create restic repository

   restic -r sftp:storagebox:/home/backup init
   

ssh-keygen -t ed25519 -f ./vaultwarde.ssh

scp -P 23 authorized_keys [email protected]:/home/<path to subaccount home directory>/.ssh/authorized_keys

7. Test ssh key

   ssh -p23 [email protected] -i ssh-privatekey
   

8. List all snapshots

   restic -r sftp:storagebox:/home/backup snapshots
   

9. Repository size

   restic -r sftp:storagebox:/home/backup stats --mode raw-data
   restic -r sftp:storagebox:/home/backup stats --mode restore-size
   
   

Possible Storage

• https://www.ionos.de/office-loesungen/hidrive-cloud-speicher?ac=OM.PU.PU263K415346T7073a
• https://www.hetzner.com/de/storage/storage-box/
• https://cloud.ionos.de/storage/object-storage#calculator
• https://www.gmx.net/mail/vergleich/

Kopia

Environment variarbles

Supported environment variables

Kopia

KOPIA_CONFIG_PATH KOPIA_PASSWORD

S3

Documentation

• AWS_ACCESS_KEY_ID
• AWS_SECRET_ACCESS_KEY
• AWS_SESSION_TOKEN
• ROOT_CA_PEM_BASE64

Connect to repository

kopia repository connect s3
--endpoint assasc
--bucket ascasc
--prefix kopia/vaultwarden/
--region ascascasc
--access-key ...
--secret-access-key ...

Restic