I'm starting this thread as a discussion of how to use Dietpi as platform for a backup server. The purpose is to create a system that is reliable with built-in redundancy across multiple mediums. The end goal is to create a guide for the community. As such this is a work in progress meant to be built by the community. A copy of the OP will be maintained in a Google doc. Discussion will take place in this thread. Changes will be made in the Google doc by the community and if deemed valid updated in the opening post.
https://docs.google.com/document/d/1PxX ... sp=sharing
Dietpi Thread for discussion
To start off let's think about a generalized set up without specific software or complete configuration to fulfill the needs discussed.
- Backups must be maintained across least three separate mediums. One of which should be off-site in case of a disaster.(which means not of the same geographical location as your other backups).
One device running Dietpi as the primary server which contains the software and configuration to backup from many clients (other computers).
The primary Dietpi server configuration should be backed up also.
Ideally the backup servers should not be trusted and considered insecure. This means the data should be encrypted on the server and client-side encryption.
A raid set up will not be used.
Multiplatform client - Windows, Linux, iOS, android
In the event that the primary server fails it should be easy to restore the configuration then restore the backup files from the secondary backup.
in the event that a client fails it should be easy to restore files or from bare-metal.
Before we discuss the software specifics let's make sure we have a solid system in theory. Creating a reliable backup platform is like a chain. The weakest link in the chain has the potential to break the entire system. The strength of the chain is data integrity. Data integrity should been verified between client and server to check if it can be restored. In addition if files are backed up to a secondary server they should also be checked for integrity between the primary and secondary server. That way we know the data integrity is been maintained across the entire chain.
Diagram of dataflow.
client <-> primary server -> secondary servers
Notice the primary server only has write permissions to the secondary server. What way if the primary server or client compromised files cannot be deleted.