I want to update my backup systems and what I came up with is having each individual computer backed up to a local server. which is then backed up to B2 cloud. My server is truenas scale with ZFS running mirrored pool.
Each user has their own dataset.
So I have the zpool mirror called “tank” which contains datasets:
/tank/myname
/tank/dadname
/tank/momname
in each of those datasets the users store some files. and there will also be a subfolder /kopia/ which holds the repo of backups that will be sent over via either smb or nfs share from each individual computer. Encrypted with different passwords.
Then the entire /tank/ pool will get encrypted and backed up to B2 via kopia instance installed on the server.
The above method is designed for:
simplicity (especially in expanding / contracting the system). If dad wants to delete his repo, I don’t need to start reconfiguring stuff. he can just uninstall kopiaUI from his PC and delete the folder /tank/dadname/kopia
privacy. each user’s data should be as private as possible. I don’t trust backblaze or any other cloud storage solution and want to make sure they do not have access to any file contents.
Is such a setup viable?
Is such a setup reasonable?
I am concerned that using nested databases would cause problems.
As in that scenario the NAS’ kopia instance is going to grab kopia databases, re-encrypt them and then upload those online to B2.
I can foresee this potentially maybe causing balooning HDD space or bandwidth requirements.
Nested backups should generally be avoided unless you have no other choice. If your original backup gets broken for some reason, your backup of the backup will most likely be broken too.
2 independent backup sets. If 1 backup get corrupted there is still a 2nd backup which should be fine.
All backups are encrypted client-side. No unencrypted data is send over the network.
All backups and policies can be managed on the NAS
2 different backup sets allows for different retention policies. You might want to keep e.g. daily snapshots on the NAS but only weekly snapshots on B2.
Downsides:
Dad can’t delete the backup folder on his own. But I’m not sure why that is needed
More space required for the 2 caches on the clients and NAS. But that is generally not an issue as caches can be configured.
Double the network traffic from clients to NAS. Depending on the size of each snapshot this might not be an issue. But if all backups are configured to run parallel and there is lots of new data this can really stress the network and be annoying. Throttling might be necessary.
I was mainly referring to corruption that happens on the client side before files are stored in the repository. I have personally experienced and read (on the kopia and restic forums) about lots of weird errors caused by faulty memory. But corruption could be caused by other things like a bug in kopia (not very likely IMHO) or a user accidently deleting files/folders which are part of the repository.
Even though the above might not be very likely it is this possible. Having 2 separate repositories just feels way safer to me while having very little drawbacks.
Sorry but I don’t understand what you mean by ‘lost disk’. Like stolen? Or faulty? Which database files are you referring to?
I personally have had only 1 issue with kopia that could have been caused by a bug. Kopia was throwing errors when running maintenance. But the repository mysterious ‘healed itself’ after a few weeks.
AFAICT the kopia developers have written lots of automated tests which should make bugs that are affecting the integrity of your backups very unlikely. Nevertheless you should be running kopia snapshot verify
and kopia restore on a regular basis.