Best Practices around Kopia server and syncing

I have been playing with Kopia for the last month or so trying to understand how it is supposed to work and how it fits into my use cases. I think I have a strong enough handle to be able to put together what my backup solution will look like.

I have several desktops/laptops, a few VMs, and a server that I want backed up. Since there will probably be a bunch of duplicate files between them, I want all of them to point at the same Kopia repository. To make sure that I don’t need to give out raw access to the file system, I am using the Kopia server, thus hopefully ensuring that it won’t be trivial for anyone to completely trash the repository. I then plan to have an off-site server that I want to sync the repository to for an off-site back-up incase my primary goes down I will still have the other copy of the backups/snapshots.

Does that all sound reasonable? Am I missing anything there?

But I still have a few open questions.

  1. Is it possible to use the WebUI to schedule the sync from primary to off-site server? Or does that sync-to command always need to be a new kopia command, i.e. only realistically doable from a cron/task scheduler?
  2. Should I host the Kopia server in a Docker container or on a VM directly? It seems like the Docker container makes it harder to add in things that can’t be scheduled from the WebUI. In addition, the repo password is sitting in an environment variable. Are there other things to consider?
  3. My off-site server will be running TrueNAS. Is there a better transport layer to use for syncing to across the internet? Or is WebDAV a good option?

Thanks for any insight you can provide!