My Backup Solution
Intro
Backups are important ok? I know that. You should know that. So, why don't most people do proper backups of their computers?
Because most of the ways to do backups are either inconvenient or useless.
So, here's how the solution I have implemented that makes backups convenient and useful.
The backup tool itself
I use restic because it kicks ass. It works, it's fast, it's space efficient, and it's easy.
You just need to write a short script like this one:
#!/bin/bash -x
# Where to backup?
MOUNTDIR=/backup
BACKUPDIR=$MOUNTDIR/backup-$HOSTNAME
if [ -d $BACKUPDIR ]
then
# Backups are password protected
export RESTIC_PASSWORD=passwordgoeshere
# What to backup
restic -r $BACKUPDIR --verbose backup \
/home/ralsina \
--exclude ~ralsina/.cargo \
--exclude ~ralsina/.local/share/Steam/ \
--exclude ~ralsina/.cache \
--exclude ~ralsina/.config/google-chrome/ \
--exclude ~ralsina/.rustup \
--exclude ~ralsina/.npm \
--exclude ~ralsina/.gitbook \
\
/etc/systemd/system/backup.* \
/usr/local/bin
# Keep at most one backup for the last 7 days that have backups
restic -r $MOUNTDIR/backup-pinky forget --prune --keep-daily=7
# Cleanup
restic -r $MOUNTDIR/backup-pinky prune
# Make really sure things are stored
sync; sync; sync; sync
fi
Backup rule 3-2-1
The 3-2-1 rule:
- 3 copies of the backup data (1 primary, 2 copies)
- 2 different media
- 1 must be offsite
In my case, these are:
- Primary backup is to disk
- Secondary backup is to a disk in another machine (similar script, using sftp)
- Tertiary backup is to a pen drive (different media) I then put in my pocket (offsite).
To perform the primary and secondary backups, it's just two slightly different versions of that script (actually, it's just one script with arguments, left as an exercise for the reader).
The tertiary backup is a bit more complicated, because I wanted it to be convenient
The Convenient Way To Backup to a Removable Drive
My user story was this:
As a person that needs an offsite backup but don't want to transmit all that data, I want to plug a pen drive into the machine and have it AUTOMATICALLY start backing the data into the pen drive.
Then, once the backup is finished, at some point, I can just unplug it and take it with me.
Let's just say that finding a way that works took me a few hours and I am pretty sure my solution is more complicated than it needs to be. But hey, it works, so it's good enough.
This being Linux and the year being 2022 ... this solution involves systemd. And because it's systemd, it's complicated.
Automount
First part is we need to mount the pen drive automatically in a well known location. For this we need two things. An automount service, so systemd will automatically mount something in /backup
:
/etc/systemd/system/backup.automount
[Unit]
Description=Automount Backup
[Automount]
Where=/backup
TimeoutIdleSec=5min
[Install]
WantedBy=multi-user.target
And a mount service so it knows what to mount in /backup
and how:
/etc/systemd/system/backup.mount
[Unit]
Description=Backup
Wants=backup.service
Before=backup.service
[Mount]
What=/dev/disk/by-uuid/74cac511-4d7a-4221-9c0f-e554de12fbf1
Where=/backup
Type=ext4
Options=auto
[Install]
WantedBy=multi-user.target
The interesting parts are:
-
Wants
andBefore
: thatbackup.service
is going to be a systemd service that actually runs the backup script. We want it to run, and to run AFTER the device is mounted. -
Where
andWhat
: Where is the mountpoint, and What is the pen drive's UUID as shown bysudo blkid
Enable and start the automount service, no need to do anything to the mount one.
Then of course we need the backup service itself. Just a "oneshot". When it's started, it runs the backup script:
/etc/systemd/system/backup.service
[Unit]
Description=Backup
Requires=backup.mount
After=backup.mount
[Service]
Type=oneshot
ExecStart=/usr/local/bin/backup.sh
[Install]
WantedBy=multi-user.target
Enable but don't start this service. Since it's "Wanted" by the mount, that means when the device is effectively mounted the backup will start.
OR THAT WOULD IT DO IF THINGS MADE SENSE.
Sadly, the device is only mounted when, after being inserted, something tries to use the mountpoint. So, with these three services installed nothing happens unless, after you plug the pen drive you go and do something like ls /backup
, which triggers the
mount, which triggers the backup script.
So, how does one fix that? No idea. My workaround was to add TWO MORE SERVICES, so that ls /backup
runs every minute.
/etc/systemd/system/backup_try.timer
[Unit]
Description=Try to run backup
[Timer]
OnUnitActiveSec=1min
[Install]
WantedBy=timers.target
/etc/systemd/system/backup_try.service
[Unit]
Description=Trigger Backup
[Service]
Type=oneshot
ExecStart=/bin/ls /backup
[Install]
WantedBy=multi-user.target
And with that, yes, I can just plug the pen drive when I get to the office in the morning and unplug it later, knowing there is a backup in it.