How and where should I keep backups of system configurations?
from someacnt@sh.itjust.works to selfhosted@lemmy.world on 08 Apr 00:06
https://sh.itjust.works/post/35732692

Sorry for adding to the massive pile of backup-related question, but I could not figure out how to manage backups from existing answers…

I want to backup my VPS setup (think container-defining files, its volumes, and etc configs), but am unsure where to put it. Does keeping these in the VPS itself make sense? If so, how do I create and manage the backup?

Also, I would need a remote copy - what is the good location for this? I wish I could copy to my laptop, but obviously I cannot do that automatically. Should I pay money for a backup? I want to avoid paying lots of money just for backups. Thanks in advance!

#selfhosted

threaded - newest

pageflight@lemmy.world on 08 Apr 00:12 next collapse

If you haven’t played with Pulumi (for configuring cloud services) and Ansible (for local services, shell commands, apt installs etc) you may enjoy them as a way to capture / re-apply configuration.

just_another_person@lemmy.world on 08 Apr 00:15 next collapse

I’d get familiar with deploying these with some infrastructure-as-code tools, and keep a git repo. Ansible is pretty easy to get started with.

tux0r@feddit.org on 10 Apr 10:06 collapse

Git might be over engineered for this purpose. Maybe SVN?

just_another_person@lemmy.world on 10 Apr 11:27 collapse

You joking?

tux0r@feddit.org on 10 Apr 17:55 collapse

No. Git is inefficient for small numbers of files. Just do a “find | wc” and/or a “du -hs” in your repository folder. SVN exists for a reason.

jeena@piefed.jeena.net on 08 Apr 00:25 next collapse

Most of the time the VPS provider offers some backup solution. It's not only about your configuration files which can easily be recreated, but about all the user data like pictures databases, etc. Which once lost can't be recovered.

Best practice is a 3-2-1 backup: https://www.backblaze.com/blog/the-3-2-1-backup-strategy/

But you could back up your stuff on your laptop if you want, it's not such a bad idea actually. For that you trigger the backup script from your laptop, you can do it automatically there too. This makes sure that the laptop is on while you're doing the backup.

The easiest way is a crown job and a bash file which runs a couple of rsync commands to get specific files and directories from the server via ssh.

A more involved way would be a backup system like restic, which does a lot of things for you but is a bit more involved to set up.

rumba@lemmy.zip on 08 Apr 00:38 next collapse

Ansible if you want to do it the right way.

Or keep all of your configs in one tree and use syncthing on it If you want to phone it in. Turn on versioning call it a night.

someacnt@sh.itjust.works on 08 Apr 11:51 collapse

Thanks! I gotta get my hands on Ansible, was reluctant as I’ve heard it can be complicated. Should see myself!

rumba@lemmy.zip on 08 Apr 13:07 collapse

Ansible’s not all that bad. The alternatives are far more complicated.

Jeff geerling has a bunch of videos on ansible 101.

marauding_gibberish142@lemmy.dbzer0.com on 08 Apr 01:33 next collapse

  1. Create git repo
  2. Put all config in git repo
  3. Create repo on codeberg
  4. Clone git repo to both VPS and laptop

No extra money needed

[deleted] on 08 Apr 01:55 next collapse

.

marauding_gibberish142@lemmy.dbzer0.com on 08 Apr 01:58 next collapse

docs.codeberg.org/…/first-repository/

Follow this, should suffice

[deleted] on 08 Apr 02:02 collapse

.

remotelove@lemmy.ca on 08 Apr 04:21 collapse

That’s what you just got shown: Shove the configgy bits into Git.

You will likely have to find the configs you want to save first.

AustralianSimon@lemmy.world on 08 Apr 08:51 collapse

I was hoping for a guide to capture said configs with a recommended subset. Not instructions for using git.

So no the guides don’t help with that.

I’ll just stick to my mkdocs repo.

fenndev@leminal.space on 08 Apr 02:53 collapse

Please don’t use AI for simple things like this.

The Odin Project has a tutorial on Git Basics and a guide on Setting Up Git. The instructions are roughly the same whether on Github, Codeberg, etc.

Once you have the repository, it’s as simple as:

git add .
git commit -m "Updated config"
git push origin main
Kusimulkku@lemm.ee on 08 Apr 11:37 collapse

Please don’t use AI for simple things like this.

Simple things seems like the best use of AI

tofu@lemmy.nocturnal.garden on 08 Apr 09:00 next collapse

Make sure to not check in secrets in plaintext. git crypt is one way to encrypt secrets before checking them in.

marauding_gibberish142@lemmy.dbzer0.com on 08 Apr 12:00 collapse

I suggest SOPS

keen@lemmy.world on 08 Apr 14:47 collapse

Terraform sensitive variables and AWS secrets manager? ^^

marauding_gibberish142@lemmy.dbzer0.com on 08 Apr 14:52 collapse

I don’t like big corporations so I wouldn’t do that, but sure

someacnt@sh.itjust.works on 08 Apr 11:15 next collapse

Codeberg sounds like a good way! I was concerned about server config being stored on self-hosted forgejo (which is configured by the very server config), turns out that need not be the case.

AustralianSimon@lemmy.world on 08 Apr 01:55 collapse

Edit: Was asking about the config targetting process for git (not how to use git) and was going to ask an AI to do some googling for me.

johntash@eviltoast.org on 08 Apr 02:40 next collapse

Look at tools like kopia and restic. Depending on how much data you have, it should be relatively cheap to back up to backblaze b2.

Nomad@infosec.pub on 08 Apr 14:54 next collapse

Etckeeper

sxan@midwest.social on 08 Apr 15:20 next collapse

Lots of good ideas.

I’m a fan of stow-like tools, but there are advantages to using something like Salt (or similar) if you’re dealing with VPSes that share don’t common configs like firewalls. There’s a lot to learn with things like salt/chef/puppet/attune/ansible, whereas something like yas-bdsm, which is what I’m currently using, is literally just:

  1. Keep your configs in a git repos, in a structure that mirrors your target
  2. Run a command and it creates symlinks for the destination files
  3. Commit your changes and push them somewhere. Or just restic-backup the repos.

The config file formats are irrelevant; there’s no transformation logic to learn. Its greatest feature is its simplicity.

possiblylinux127@lemmy.zip on 08 Apr 20:36 next collapse

Better question: Have you looked into infrastructure as code? (IaaC) you can define everything in a Git repo and then create everything in a repeatable way.

tux0r@feddit.org on 10 Apr 10:05 collapse

I keep my server backups on a dedicated backup server.

CapitalNumbers@lemm.ee on 13 Apr 21:31 collapse

real question though is do you back up your backup server?

tux0r@feddit.org on 14 Apr 09:47 collapse

Not yet.