10mo ago

community hosted backups

While reading many of the blogs and posts here about self hosting, I notice that self hosters spend a lot of time searching for and migrating between VPS or backup hosting. Being a cheapskate, I have a raspberry pi with a large disk attached and leave it at a relative's house. I'll rsync my backup drive to it nightly. The problem is when something happens, I have to walk them through a reboot or do troubleshooting over the phone or worse, wait until a holiday when we all meet.

What would a solution look like for a bunch of random tech nerds who happen to live near each other to cross host each other's offsite backups? How would you secure it, support it or make it resilient to bad actors? Do you think it could work? What are the drawbacks?

31 comments

Syncthing. Look no further, just check the "untrusted device" so that you don't give unencrypted data to your friend's disk.
- Syncthing is not a backup tool and may very well destroy all your data on its own (though this is rare).
  
  I have local incremental backups and rsync to the remote. Doesn't syncthing have incremental also? You have a good point about syncing a destroyed disk to your offsite backup. I know S3 has some sort of protection, but haven't played with it.
  
  Oh, fair point. Perhaps rclone.org then! :O
- I wasn't aware of the untrusted setting. That sounds like a good option.

Comedy NNTP option here.
It's an established, stable, understood and very very thoroughly debugged and tested protocol/server solution that'll run on a potato and has clients for every OS you've ever heard of, and a bunch you haven't.
Setting up your own little mini-network and sharing groups is fairly trivial and it'll happily shove copies of everyone's data to every server that's on the feed.
Just encrypt your shit, post it, and let the software do the rest.
(I mean, if it's good enough to move 200TB of perfectly legitimate Linux ISOs a day, it'll handle however much data you could possibly be backing up.)
Disclaimer: it's not quite that simple, but I mean, it's pretty close to. Also I'm very much a UNIX boomer and am a big fan of the simplest solution that's got the longest tested history over shiny new shit, so just making that bias clear.

I've done a backup swap with friends a couple times. Security wasn't much of a worry since we connected to each other's boxes over ssh or wireguard or similar and used tools that allowed encryption. The biggest challenge for us was that in my selfhosting friend group we all prefer different protocols so we had to figure out what each of us wanted to use to connect and access filesystems and set that up. The second challenge was ensuring uptime and that the remote access we set up for each other stayed up - and that's what killed the project as we all eventually stopped maintaining the remote access and nobody seemed to care - so if I were to do it again I would make sure all participants have alerts monitoring their shared endpoint.
- This reminds me that I need alerts monitoring set up. ; -)

A lot of technical aspects here, but IMHO the biggest drawback is liability. Do you offer free storage connected to internet to a group of "random tech nerds". Do you trust all of them to use it properly? Are you really sure that none of them will store and distribute illegal stuff with it? Do you know them in person so you can forward the police to them in case they came knocking at your door?
- Perhaps I've been naieve.

I think encrypted backups won't be an issue with this setup. And one would also need to have some friends for this to work.
- I attended some LUGs before covid and could see something like this being facilitated there. It also reminds me of the Reddit meetups that I never partook in.

I would propose creating a distributed hash table for this. But I would never host someone else's data like this, because I'm too afraid they will give me encrypted illegal content and then some obscure law will give me the fault for it. This is just me though.
- That's something that I hadn't considered!

Trunas with Tailscale/headscale/NetBird as far as software and security. As far as hardware, you want storage that is not attached via usb. Either an off the shelf nas solution or a diy nas would work. There are a few YouTubers that touched on this, hardware haven and raidowl I think.
- I have tailscale mostly set up. What's the issue with USB drives? I've got a raspberry pi on the other end with a RO SD card so it won't go bad.
  
  Reliability of connection to the drives, especially during unscheduled power cycles. USB is known for random drops, or not picking the drive up before all your other services have started, and can cause the need for extra troubleshooting. Can run fine… or it could not. This is in reference to storage drives, not OS drives.

I don't have an answer for you, but I'm also interested in this and would like to see the responses

I have exactly the setup you described, a Raspberry Pi with an 8 TB SSD parked at a friend of mine. It connects to my network via Wireguard automatically and just sits there until one of my hosts running Duplicati starts to sync the encrypted backups to it.
Has been running for 2 years now with no issues.

Backups need to be reliable and I just can't rely on a community of volunteers or the availability of family to help.
So yeah I pay for S3 and/or a VPS. I consider it one of the few things worth it to pay a larger hosting company for.

It sucked when Crashplan's home client went under. If you installed the client on two computers with internet access, it would let you set the remote computer as a target. Encryption was done at the source, it had dedupe, versioning. It ate a little ram but it was really nice.

I use Sia for this. It is essentially what you describe, but with a monetary system.
I rent out some of my storage, and use the Siacoin earned to buy storage for backups.
- I'll have to check this out.

Use object storage for media and backups, then use s3 replication to put a copy somewhere else.
- Yes. It's the "put a copy somewhere else" that I'm trying to solve for without a lot of cost and effort. So far, having a remote copy at a relative's is good for being off site and cost, but the amount of time to support it has been less than ideal since the Pi will sometimes become unresponsive for unknown reasons and getting the family member to reboot it "is too hard".
  
  This is kinda the same idea but made for what you originally asked for: https://garagehq.deuxfleurs.fr/
  
  There's not much cost with S3 object. It's just a file system in Linux, and replication is a protocol standard.

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters	More Letters
SSD	Solid State Drive mass storage
SSH	Secure Shell for remote terminal access
VPS	Virtual Private Server (opposed to shared hosting)
ZFS	Solaris/Linux filesystem focusing on data integrity

4 acronyms in this thread; the most compressed thread commented on today has 6 acronyms.

[Thread #948 for this sub, first seen 2nd Sep 2024, 19:35] [FAQ] [Full list] [Contact] [Source code]

You could use kopia for this (but you would need to schedule cron jobs or something similar to do it).
The way this works with kopia... You configure your backups to a particular location, then in-between runs there's a sync command you can use to copy the backup repository to other locations.
Kopia also has the ability to check a repository for bad blobs via its verify function (so you can make sure the backups stored are actually at least X% viable).
Using zerotier or tailscale (for this probably tailscale because of the multithreading) would let you all create a virtual network between the devices that lets them directly talk to each other. That would allow you to use kopia's sync functionality with devices in their homes.

31 comments