cf7/ittavern.com
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

init - PoC

Browse source
This commit is contained in:
Caffeine Fueled 2025-10-27 20:12:00 +01:00
commit 3484b45045
Signed by: cf7
GPG key ID: CA295D643074C68C
146 changed files with 10657 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

97
items/2023-03-13_long_my-offsite-backup-2023-03.md Normal file
View file

@ -0,0 +1,97 @@
# My Offsite Backup - March 2023
![mob-2303-setup-1.jpg](/images/blog/mob-2303-setup-1.jpg)
While I was on a business trip the other day, I thought about a scenario in which my home would burn down or get robbed. A simple but essential question emerged:
What could I recover?
I already saved backups in the cloud, but I figured that I could not recover my data from it without my private laptop (which I had not with me this time).
At this point, I knew I had to change some things to ensure that my important data was properly backed up.
# The goal
Having a disaster recovery strategy for my most important data that is easy to maintain.
The **offline backup** should be stored **offsite in a secure and trustworthy location**. The data must be saved on at least **two mediums** to **reduce the risk of data loss due to hardware failure**. The data must be **encrypted** to secure my data in case of theft. **The case** should be easily transported and protect the mediums against common risks like shock and water. The **frequency of the offsite backup** should be around every 1-2 weeks.
For more information, please visit my [backup guide](https://ittavern.com/backup-guide/).
One of the main things to consider is: **I must be able to recover everything with just this one offsite backup**.
# The data
I am currently aggregating a ton of data to a local server to make future backups easier. It is spread over multiple devices, which can be a pain in the ass.
For now **I only backup important data** which can be subdivided further into '**frequently**' and '**rarely**' used or changed.
Some **examples of frequently used data** would be: SSH & PGP keys, password & 2FA database, configuration files, notes, and so on.
Some **examples of rarely used data** would be family photos & videos, ebooks, documents, and so on.
At this point, the frequently used data is around **10GB**, and the rarely used data is around **90GB**. This will increase by a factor of two or three after I get everything sorted and stored in one place.
# The Strategy
I've decided to use a **rotational system** in which I have **two identical cases** with storage mediums for the backups. With this setup, I can do the backups at home and switch this case with the recently done backups with the offsite backup and rotate like this repeatedly. It is more expansive, but saves a lot of time, brings more comfort, and even adds more resilience.
I won't go into detail on what **location** I have chosen for my offsite backup, but I can say that I've found someone so kind as to store it for a couple of beers a month.
# The hardware
![mob-2303-setup-1.jpg](/images/blog/mob-2303-setup-1.jpg)
Case:
: waterproof and shock-resistant **case**
: **cable tie**, to keep case closed in case of a fall
: **seal** sticker with ID, makes sure that I know if the case was opened at the offsite location
Content:
: **1TB HDD** in an anti-static bag and silica dehumidifier bags
: **128GB USB Stick**
: **YubiKey** (MFA)
The seal sticker can be removed without any residues, and a re-applied seal looks like this:
![mob-2303-seal.jpg](/images/blog/mob-2303-seal.jpg)
#### Upcoming Improvements
- Swap USB stick with SSD + anti-static bag
- swap the current case with a fire-proof case
- add a recovery manual to the case
# The software
I am already using [borg](https://www.borgbackup.org/) for my cloud backups, so I've also decided to use it for my offsite backups. I can encrypt my data, recover everything or single files only, save space, and can automate many things.
I will write about it in a separate blog post and link it here as soon as I have everything set up correctly. It works for now, but it isn't pretty.
#### Upcoming Improvements
- automate all the things
- document the process
# The routine
![mob-2303-routine.jpg](/images/blog/mob-2303-routine.jpg)
So, there's currently no routine. I've printed a template where I document backups with the case number, seal ID, changes I've made, and so on.
Backups and tests are done manually. It takes some time, but I can make sure that everything works and I will change it in the future.
#### Upcoming Improvements
- combine routine with cloud backups
- create a better documentation
- check backups automatically
- check the health of the hardware
# Conclusion
This backup strategy is relatively new and not battle-tested, but at this point I am happy with it. I can tell you that I sleep better!
I am going to modify the strategy over time and give you all an update every couple of months.
---