What's your backup strategy ?

[ShellCode33]

Hey Maxim, for some time now I've been reading a lot about backups. Considering I'm using arch-secure-boot which comes with a snapper dependency, I've been wondering how that could interact with my backup strategy.

Initially, my plan was as follow:

• Daily incremental backup of my home folder to a remote server (I use restic for that)
• Weekly full backup of my home folder to a remote server (I do that with tar+gpg because I trust them more than restic)
• Daily incremental btrfs backup of all my system to an external drive (if it's plugged in)
• Monthly full system backup to an external drive (by using tar+gpg on a btrfs snapshot, in order to have atomic backups)

I haven't done the last two items yet, I'm not sure I want to trust btrfs for my backups, there are multiple examples on the internet of people having issues with it. However I have to admit that its incremental backup feature using btrfs send | btrfs receive is very appealing.

I'm looking for ideas, what do you do ? Do you use snapper only to boot into a previous state of your system or do you also use btrfs features for your backups ? What's your take on using btrfs as a backup utility ?

PS: sorry for hijacking your issue tracker for something unrelated :-)

[maximbaz]

Hey!

Great question :slightly_smiling_face: I must admit, your approach is a lot more sophisticated than mine :grin:

1. I trust btrfs enough to use it on all my main and backup devices
2. I only use snapper to fix a broken boot, it's just the fastest way to have a "recovery OS" at hand
3. I backup neither entire system nor entire home, just a selected list of folders, very minimal subset to be honest
4. I care mostly about "recovering the latest data" (in case my laptop suddenly breaks) than having an ability to go back in time (unless the folder is tracked in git, of course :wink:).
5. My simple strategy is to have 2 or 3 copies of those folders, with at least one copy being physically located remotely. Current laptop and Github both count as copies, as I don't expect them breaking at the same time.
6. Most often, one copy is synchronized continuously (nextcloud, git push, etc), and another is created manually on a monthly basis.
7. It's on my curiosity list to explore if I can take advantage of btrfs to achieve incremental backups, but to be honest my entire set of folders is so small, that it doesn't really matter.
8. I'm not the one in my family, who is responsible for backing up photos and videos, as you have probably guessed by now :stuck_out_tongue_winking_eye:

Hope I didn't miss anything? :slightly_smiling_face:

[ShellCode33]

Thanks for your insights ! I won't comment on it because it's very personal and depends on your threat model.

Regarding your 3rd point, I didn't mention it but I use SyncThing for that (and I setup my remote server to be "untrusted" so that it is unable to decrypt anything). I think it's a great tool (both for syncing across devices and backing up specific folders as soon as they are being modified), I thought it might be worth mentioning.

[maximbaz]

I am always open to new ideas, even though the choice is personal, it never hurts to hear some interesting points :wink:

I can definitely see that your approach gives you a full system backup (have you ever had to already use it to recover?) and a lot of restore points (this is the first place where I'd want to learn from you, especially if incremental backups and/or btrfs magic can do something interesting here).

Thanks for mentioning the SyncThing tool, looks interesting :+1:

[ShellCode33]

have you ever had to already use it to recover?

No, and I haven't tested it fully yet, but it's on my todo list to test and document how to restore everything properly depending on what has been lost (removed file in the home folder, broken SSD, migrate over a new PC with a new disk, etc).

I think btrfs is great to recover from accidental files removal or to fix a broken kernel, but as I said earlier I'm a bit hesitant to trust it for my system backups. There are many pitfalls to avoid (nodatacow files, reflink, etc.) and I feel like it is not mature enough yet to use it to its full extent (though it might be due to my limited knowledge on it). I'm still planning to use btrfs, because if it works as excepted it will be very easy to restore everything (I'm planning to have a full clone of my PC drive to an external one), but I also still want to use the good old tools in case btrfs stopped working for some reasons or just because I want to use another FS. I think it's not good idea to 100% rely on a specific filesystem for your backups, some of them should be FS agnostic IMO. Considering btrfs has the ability to perform incremental backups, it doesn't take much disk space, therefore I think it's fine to have "duplicate" full backups that don't rely on btrfs

My biggest fear about using btrfs for backups, is that I wonder how I could make sure all my subvolumes are in sync when they are being snapshotted. I have many subvolumes, and let's say I want to perform a full system backup, how can I for example ensure that my root subvolume is in sync with the /var subvolume ? I feel like there's a race condition here that would prevent me from using btrfs for having proper backups. Unless you have a single root subvolume of course, but from what I've read this is not recommended for various reasons