Post AcURLstIhVph7j71nc by bignose@fosstodon.org
(DIR) More posts by bignose@fosstodon.org
(DIR) Post #AcUOUFWU8iqnlmjnkW by mjg59@nondeterministic.computer
2023-12-05T05:16:26Z
0 likes, 0 repeats
Is there really no Linux incremental backup solution that includes encryption in the way Time Machine does and no I do not want three rsyncs in a trenchcoat thank you
(DIR) Post #AcUOcnRVuVn5HqUJaC by bignose@fosstodon.org
2023-12-05T05:18:15Z
0 likes, 0 repeats
@mjg59 > includes encryption in the way Time Machine doesFor those who don't know what that implies can you be explicit about what the requirements are?
(DIR) Post #AcUOmqhKf9cUHJgFEW by chetwisniewski@securitycafe.ca
2023-12-05T05:19:43Z
0 likes, 0 repeats
@mjg59 borg is multiplatform and does encryption, transfer, differentials, pretty much everything. https://www.borgbackup.org/
(DIR) Post #AcUOwbbDebD6LYTPCS by dschier@fosstodon.org
2023-12-05T05:20:44Z
0 likes, 0 repeats
@mjg59 maybe duplicity or it’s better known frontend DejaDup? Using it for ages now.
(DIR) Post #AcUPBbpv3RYhQSVHEG by izaya@social.shadowkat.net
2023-12-05T05:25:54.622649Z
0 likes, 0 repeats
@mjg59 restic?
(DIR) Post #AcUPGi5RF9jaG6C8I4 by irenes@mastodon.social
2023-12-05T05:21:38Z
0 likes, 0 repeats
@mjg59 mm. not that we're aware of. if you figure it out let us know.
(DIR) Post #AcUPR9fHYzqGgcwOUC by davedave@aus.social
2023-12-05T05:22:37Z
0 likes, 0 repeats
@mjg59 Old company used Duplicity(?) straight to Glacier for 80c a month. Setup was a few scripts and cron jobs.edit: it's also Rsync in a trenchcoat
(DIR) Post #AcUPb5in50fHLtJtTc by sandyarmstrong@hachyderm.io
2023-12-05T05:24:15Z
0 likes, 0 repeats
@mjg59 *opens mouth, reads to end, shuts mouth*
(DIR) Post #AcUPkLbtNKCvEiVUPo by nabijaczleweli@101010.pl
2023-12-05T05:24:56Z
0 likes, 0 repeats
@mjg59 presumably zfs snapshots/sends fail this as well?
(DIR) Post #AcUPvCgmsr0YkmyOyu by stark@mastodon.mit.edu
2023-12-05T05:29:08Z
0 likes, 0 repeats
@mjg59 last I heard https://restic.net/ was the state of the art.
(DIR) Post #AcUQ4USACrYkSEYr9k by liw@toot.liw.fi
2023-12-05T05:30:16Z
0 likes, 0 repeats
@mjg59 I'm curious: how does Time Machine do it?(I'm working on an encrypting backup program for Linux, although development isn't going quickly.)
(DIR) Post #AcUQEvHZJMWKYja1y4 by raineer@frontrange.co
2023-12-05T05:30:12Z
0 likes, 0 repeats
@mjg59 I sympathize with your use case and can only offer Restic. Not sure if it meets all your goals. https://restic.net
(DIR) Post #AcUQRRMLsJQrWHmo9w by shac@ioc.exchange
2023-12-05T05:36:34Z
0 likes, 0 repeats
@mjg59 This is the first time I’ve ever seen someone say something positive about Time Machine’s backup format.
(DIR) Post #AcUQcSwoJLQFd964JM by backerman@infosec.exchange
2023-12-05T05:37:38Z
0 likes, 0 repeats
@mjg59 Backend or frontend? For the former, sanoid/syncoid can do that if you’re using ZFS.
(DIR) Post #AcUQmVCEnxLPV76AiG by gaveen@hachyderm.io
2023-12-05T05:40:39Z
0 likes, 0 repeats
@mjg59 have heard good things about restic (and rustic), but haven't used them. Timeshift has two modes: BTRFS snapshots and rsync. Looks like Linux Mint is maintaining it these days. https://github.com/linuxmint/timeshift
(DIR) Post #AcUR0uu41Y0RHdTHVI by atoponce@fosstodon.org
2023-12-05T05:45:04Z
0 likes, 0 repeats
@mjg59 No GUI, but ZFS.
(DIR) Post #AcURLstIhVph7j71nc by bignose@fosstodon.org
2023-12-05T05:46:41Z
0 likes, 0 repeats
There are a bunch of #FreeSoftware incremental backup systems that work for GNU+Linux. Encrypted volumes are also standard in this world.Which ones have you tried @mjg59, which ones comes closest to what you want, and how do they fall short, specifically?(I'm not telling mjg any information he doesn't already know; but I'm hoping to save him from a cascade of "have you tried FooBackup?" in the absence of specifically what's lacking.)
(DIR) Post #AcURWI4xuHPY8gWx1s by nekohayo@mastodon.social
2023-12-05T05:50:19Z
0 likes, 0 repeats
@mjg59 I'd be curious to know what you think of https://flathub.org/apps/org.gnome.DejaDup (based on Duplicity) and https://flathub.org/apps/org.gnome.World.PikaBackup (based on Borg).Both are incremental, encrypted, and allow browsing through the timeline of snapshots, local and remote…?
(DIR) Post #AcURh4rdNdFuL4RFdA by siguza@infosec.exchange
2023-12-05T05:50:45Z
0 likes, 0 repeats
@mjg59 Time Machine just deletes your backup history every 3 weeks anyway, I'm sure you're capable of hacking up a script to do that yourself.
(DIR) Post #AcUSz6mD6lFbRA3z4i by anotherandrew@mastodon.social
2023-12-05T06:06:58Z
0 likes, 0 repeats
@mjg59 what’s wrong with duplicity? Basically rdiff + gpg with your choice of storage backend
(DIR) Post #AcUT89EFMOQ3eHUHWS by mjg59@nondeterministic.computer
2023-12-05T06:08:50Z
0 likes, 0 repeats
@anotherandrew I should really have included "And has nothing to do with gpg" in my list there
(DIR) Post #AcUTJLqAoJ7TwsZMzQ by mjg59@nondeterministic.computer
2023-12-05T06:10:58Z
0 likes, 0 repeats
@anotherandrew (If I'm backing stuff up I want to be able to recover even in the event of disaster, so how do I back up my private gpg key?)
(DIR) Post #AcUTZQztPCIIZjmi3c by anotherandrew@mastodon.social
2023-12-05T06:13:36Z
0 likes, 0 repeats
@mjg59 that’s what key servers are for, or at worst a paper copy of the ascii armored password-protected key, no? (Quite possible I’m not understanding your definition of disaster)
(DIR) Post #AcUTqQCjbfEz2UtKlc by maxthyme@mastodon.social
2023-12-05T06:16:29Z
0 likes, 0 repeats
@mjg59 *retrieves trenchcoat* Sorry dudes, yeah, they're onto us... better luck next time.
(DIR) Post #AcUUFDmgvAGFl6XFhY by PacoVelobs@mamot.fr
2023-12-05T06:21:03Z
0 likes, 0 repeats
@mjg59Doesn't restic bring this to the game?
(DIR) Post #AcUVPIywYESmjFddke by mjg59@nondeterministic.computer
2023-12-05T06:33:55Z
0 likes, 0 repeats
@pndc At this point in my life I don't think there's any way that introducing ZFS results in an improvement
(DIR) Post #AcUVWrHDRV9n7RmqCu by mjg59@nondeterministic.computer
2023-12-05T06:35:16Z
0 likes, 0 repeats
@anotherandrew I need a separate secure storage location for the paper copy because storing it with the backup server defeats the point, and now life is massively more complicated. Just using a decent KDF is fine for this use-case.
(DIR) Post #AcUVrCo76NjhgdsQ3U by ianthetechie@fosstodon.org
2023-12-05T06:39:19Z
0 likes, 0 repeats
@mjg59 ZFS snapshots on an encrypted pool? Or tarsnap if you want it offsite?
(DIR) Post #AcUWQZCLqRZXGa4jA0 by ljrk@todon.eu
2023-12-05T06:45:47Z
0 likes, 0 repeats
@mjg59 @anotherandrew Hack GPG to use the output of the KDF as its random input /sI'm also with Borg (since v2) or Restic tho.
(DIR) Post #AcUXvj3tK2nqmyXWsq by diwesser@mastodon.social
2023-12-05T07:02:41Z
0 likes, 0 repeats
@mjg59 honest question because I'd like to know. What's wrong with something based on rsync?
(DIR) Post #AcUY4S2A07s4aGtHnM by leftpaddotpy@hachyderm.io
2023-12-05T07:03:44Z
0 likes, 0 repeats
@mjg59 i would be remiss amid the quality replies that already exist to neglect pointing out zfs raw send and how it can back up data sets encrypted with different keys than the source, in a way that the target can't see into them
(DIR) Post #AcUYPu9wcsMPtYlHZw by maakuth@naapurinpoika.com
2023-12-05T07:08:06Z
0 likes, 0 repeats
@mjg59 how about restic? Hardly any rsyncs under that trenchcoat, I swear!https://restic.readthedocs.io/en/stable/
(DIR) Post #AcUbEs0SaeSvtXkssK by warthog9@social.afront.org
2023-12-05T07:39:20Z
0 likes, 0 repeats
@mjg59 so I ran at that in two passes, borg/borgmatic for primary backups, and Nextcloud for basically continuous syncing of things. I've been happy with that for several years now
(DIR) Post #AcUbO49MoGH4AEJ2tU by tcely@fosstodon.org
2023-12-05T07:41:26Z
0 likes, 0 repeats
Restic is pretty good for backups.@mjg59
(DIR) Post #AcUcNZ6iKGlnqBOGdU by alexziemianski@mstdn.ca
2023-12-05T07:52:28Z
0 likes, 0 repeats
@mjg59 I once used Syncthing to sync my photos from my linux pc and phone and tablet and netbook to an at-home server on a raspberry pi. I found it hard to use, as a 'restore data at device a' was a hassle and manually done.Proxmox has a backup server that does incremental backups and saves data to a server. I haven't tried it yet.
(DIR) Post #AcUchk2NOjcfWzyy3c by garrett@mastodon.xyz
2023-12-05T07:47:20Z
0 likes, 0 repeats
@nekohayo @mjg59 Pika is the way.It has an excellent interface where you don't have to know it's using Borg underneath. It supports network storage & can use local disks too.You can view snapshots in your file manager and copy individual files out if you want, just like Time Machine. (It does a fuse mount and opens it in your file manager, but you don't have to know that; it does all this in the background.)Every snapshot is standalone (so you can prune) & it's tons faster than Duplicity.
(DIR) Post #AcUchl3paoNehnfdxo by mjg59@nondeterministic.computer
2023-12-05T07:56:05Z
0 likes, 0 repeats
@garrett @nekohayo The front end UI is a little wordy but this looks promising!
(DIR) Post #AcUgYzKJaCTsA1SEr2 by FSMaxB@mastodon.cloud
2023-12-05T08:39:20Z
0 likes, 0 repeats
@mjg59 Borg backup and restic are two.There's also pika backup, which is a GUI frontend for Borg.Of the tools mentioned above, I have only used borg directly. Have been using it successfully for years at this point.
(DIR) Post #AcUkmBp4pjHMUwOT5s by federicomena@mstdn.mx
2023-12-05T09:26:23Z
0 likes, 0 repeats
@mjg59 @garrett @nekohayo can confirm; Pika / Borg is very excellent.
(DIR) Post #AcUlrFYAVEMfSaSg0u by popey@ubuntu.social
2023-12-05T09:37:58Z
0 likes, 0 repeats
@mjg59 I switched from rsnapshot (rsync in trenchcoats) to Borg. Loving it. I do hourly backups which take a few mins on each machine, to a central backup server over an encrypted connection. WFM YMMV
(DIR) Post #AcUtKjSP5UBKIAlpaK by Qbitzerre@unbound.social
2023-12-05T11:02:26Z
0 likes, 0 repeats
@mjg59 I don't know what specific functionality of Time Machine you want, but are you familiar with ZFS clone and zfs-autobackup?
(DIR) Post #AcUvJ9HWIlJxiM3JNQ by steeph@todon.eu
2023-12-05T11:23:59Z
0 likes, 0 repeats
@mjg59 In what way does Time Machine include encryption? The best solutions that I know use rsync or do the same things rsync does. I wonder why rsync isn't an option.
(DIR) Post #AcUxYoIIIfxzAG0hFo by RandomDamage@infosec.exchange
2023-12-05T11:49:49Z
0 likes, 0 repeats
@mjg59 you're right.ZFS snapshots are completely different
(DIR) Post #AcV3TjYr4LGslLidv6 by bgardner@mastodon.sdf.org
2023-12-05T12:55:39Z
0 likes, 0 repeats
@mjg59 I've got several years worth of monthly & weekly snapshots stored on untrusted servers with restic. Really happy with performance, encryption and ease of use.I test a restore every month and those work reliably as well.
(DIR) Post #AcV6mZiuAbQbcE5zmq by jernej__s@infosec.exchange
2023-12-05T13:32:21Z
0 likes, 0 repeats
@mjg59 I've been a happy Borg user for many years now.
(DIR) Post #AcV8iQorX4Z0kb2BFo by mfenniak@yyc.bike
2023-12-05T13:54:32Z
0 likes, 0 repeats
@mjg59Restic? Incremental, deduplicating, encrypted... I suppose if "is a command line utility" and "three rsyncs in a trench coat" are close enough to each other, then maybe not. 😂
(DIR) Post #AcVJs1vs117XxN5jm4 by spv@mastodon.spv.sh
2023-12-05T15:58:25Z
0 likes, 0 repeats
@mjg59 what about four rsyncs in a trenchcoat
(DIR) Post #AcVLgkDtiXgjktGo3E by dalias@hachyderm.io
2023-12-05T16:19:51Z
0 likes, 0 repeats
@mjg59 I don't think you'll be happy with the lack of polish and integration, but Bakelite is my take on doing this with the right cryptographic and incrementality properties.
(DIR) Post #AcVfww4xP5qYF45P7o by mic92@toot.matereal.eu
2023-12-05T20:03:30Z
0 likes, 0 repeats
@mjg59 borgbackup.
(DIR) Post #AcWDkqD8nA230dJnuK by SeismoAllegra@mastodon.social
2023-12-06T02:25:18Z
0 likes, 0 repeats
@mjg59 I'm loving the trenchcoat phrase.
(DIR) Post #AdEVy7c3VjW3w09aoS by happyborg@fosstodon.org
2023-12-27T11:17:00Z
0 likes, 0 repeats
@mjg59 thanks for asking this question and reminding me what an oil drum of snakes this topic is.Ashamed to say that after many years of all sorts of multilayer off site backup strategies, starting in the eighties with 1/4" tapes I used to take off-site manually in rotation, all I've been doing for a few years now is rsync to an external drive that I hide away from my laptop.Not sure I can bring myself to open that oil drum again. 🤷♂️