- cross-posted to:
- self_hosted@lemmy.pastwind.top
- cross-posted to:
- self_hosted@lemmy.pastwind.top
I’ve been using it for a good while now, but figured it’s worth a shoutout incase others don’t know it. one of the few pieces of Go-ware I don’t substantially hate.
I’ve previously slapped together a tiny set of shellscripts for my use of it which you’re welcome to steal from. also recently seen backupninja as something that can use this, but haven’t tried that
I have currently settled on borg for backups personally, combined with some gruesome ssh hackery to let me do pull backups of external machines using ssh tunnelled sockets back to a backup server which is not reachable from the wider internet. These days I might just use tailscale to set up a VPN & pipe the backup straight over that without all the ssh shenanigans but the system I have works. You can also use borg to talk directly to rsync.net at special nerd rates: https://www.rsync.net/products/borg.html Bring your own support!
NB. Last time I looked at this, borg’s cryptography was somewhat suspect. Not actually broken, but definitely not using best practices. Restic is better, but at the time I was looking restic didn’t compress backups so it was a non-starter for me. These days restic does compression as well so is probably the right default choice. Borg2 has a rewritten encryption layer which supposedly fixes all the problems pointed out by cryptographers with Borg1, but it hasn’t hit a release version yet & is still in beta.
Oh, look a Borg CVE has just landed in my Debian security inbox.