Hello,

I am looking for recommendations for a service provider of immutable backup that has options for a homelab user.

My research has led me to services with expensive options, or no pricing at all unless you ask for a quote.

Thank you

  • @[email protected]
    link
    fedilink
    English
    11
    edit-2
    5 months ago

    How immutable do you need?

    S3 offers a flag that prevents modification or deletion for a set period, and afaik basically every S3-compatible provider offers that.

    I use that along with a lifecycle rule to maintain my backup buckets on iDrive.

    If you need a ‘you cannot touch this and the provider has no way of allowing it’ then you’re talking specialized corporate talk-to-a-sales-person-for-a-quote, as you found out.

    Edit: if you don’t need cloud, there’s options for WORM media from the humble BluRay to fancy SSDs that don’t allow deletion.

    • @[email protected]OP
      link
      fedilink
      English
      35 months ago

      My goal is that if for whatever reason, my homelab is compromised, I will be able to at least restore my important data.

      If i can modify the data on the other end, but cannot from my proxmox, then its fine.

      I would like a offsite solution in the future, but for now it’s going to be a cloud for data blob only.

      • @solrize
        link
        English
        25 months ago

        Borg backup?

          • Max
            link
            English
            25 months ago

            Borg append only seems like the way to do this easily

    • @[email protected]OP
      link
      fedilink
      English
      45 months ago

      Thanks, from another link in this thread, Borg seems to have wrapper options as a complement to its features.

  • ubergeek77
    link
    fedilink
    English
    75 months ago

    I use Backblaze B2, but stored in an encrypted Restic container, set up using this guide:

    https://helgeklein.com/blog/restic-encrypted-offsite-backup-with-ransomware-protection-for-your-homeserver/

    Restic has been great for automating backups, and even letting me mount the encrypted storage to grab individual files. I like doing it this way since I don’t have to trust Backblaze isn’t reading my data - I know for sure that they can’t.

    Performance of storage that is both remote and encrypted is about what you would expect, but I don’t need access to the data unless something bad happens.

    • @[email protected]OP
      link
      fedilink
      English
      15 months ago

      Thats a great link, it lists a lot of options and gives a good explanation on how to setup the author’s choices.

      • @[email protected]
        link
        fedilink
        English
        35 months ago

        I use backblaze storage with Kopia, which supports using object lock. Every time a backup is made the objects for it are locked for a configurable amount of time. I use 30 days, so an attacker would have to compromise my backup software for a month before being able to erase my backups.

        • @[email protected]OP
          link
          fedilink
          English
          15 months ago

          I like the thought of having timed backups to keep the costs lower by pruning the olds backups.

          • @[email protected]
            link
            fedilink
            English
            25 months ago

            Also only differences are stored, so if your files don’t change much each backup costs very little. I keep hundreds of backups for the previous year of changes, and it uses less than double the amount of storage the files take up. You can also enable compression, which I do, so it’s even smaller.

  • @talkingpumpkin
    link
    English
    25 months ago

    How much data are we talking about?

    A free mega.nz account should be fine for everything except family fotos and legally obtained music/movies.

  • Shimitar
    link
    fedilink
    English
    25 months ago

    Restic or Borg on your side, a safe and remote destination on the other side.

    use restic, with backrest web GUI, and cannot be happier.

    As for remote site, I use a remote machine I rent, but there are plenty of providers around, shop a bit… Or find a friend for reciprocal backup?

    • @[email protected]OP
      link
      fedilink
      English
      15 months ago

      My plan is to build a second server that I will leave at my inlaws’ house and use that, but for now, I will rent a cloud while this happens.