Migrating to Restic for offsite backups.

20201023: UPDATE: Added command to clean the local backup cache.

20200426: UPDATE: Fixed the "pruned oldest snapshots" command.

A couple of years back I did a how-to about using a data backup utility called Duplicity to make offsite backups of Leandra to Backblaze B2. (referrer link) It worked just fine; it was stable, it was easy to script, you knew what it was doing.  But over time it started to show its warts, as everything does.  For starters, it was unusually slow when compared to the implementation of rsync Duplicity uses by itself.  I spent some time digging into it …

Read more...

Making offline backups of a Linux machine using Backblaze.

UPDATE: 20191229 - Added how to rotate out the oldest backups.

As frequent readers may or may not remember, I rebuilt my primary server last year, and in the process set up a fairly hefty RAID-5 array (24 terabytes) to store data.  As one might reasonably expect, backing all of that stuff up is fairly difficult.  I'd need to buy enough external hard drives to fit a copy of everything on there, plus extra space to store incremental backups for some length of time.  Another problem is that both Leandra and the backup drives would be in the same place at …

Read more...

Fully remote backups of websites.

A couple of weeks ago my webhosting provider sent me a polite e-mail to inform me that I was using too much disk space. A cursory examination of their e-mail showed that they were getting upset about the daily backups of my site that I was stashing in a hidden directory, and they really prefer that all files in your home directory be accessible. I ran a quick check and, sure enough, about twenty gigabytes times two weeks of daily backups adds up to a fair amount of disk space. So, the question is, how do I keep backing up …

Read more...

Home IT fail.

As you no doubt have observed I've been conspicuously absent for the past couple of weeks, at least since returning from a long-overdue vacation with Lyssa in lovely Portland, Oregon. Much of my time has been spent at work doing the things that bastards like me get paid to do: run and fix backups, install software, patch systems, run audits, and generally keep things chugging along smoothly for the folks who do everything else. Due to the weather in the DC metroplex taking a turn for the rainy and cold (as it's wont to do every Samhain) my commute has …

Read more...

Leave nothing to chance.

Something that I keep meaning to write about is the topic of practical data backups - how to back your data up in such a way that you won't go bonkers trying to manage it, but if you blow a drive you'll be able to restore something at least. The thing about backups is that they're at once easy to overthink and confuse yourself horribly (which means that you'll never make or use them) and easy to do in such a fashion that they won't be usable when you need them the most. At the enterprise level, there are at least …

Read more...

Better late than never: the weekend in review.

While we didn't get hit by Hurricane Hannah, the DC metroplex certainly felt her wrath late Friday and all day Saturday. I don't want to say that it was raining cats and dogs but not long after waking up on Saturday morning I saw a squadron of squirrels wearing what appeared to be miniature SWAT gear high-tailing it through rain blowing at a forty-five degree angle toward a nondescript white van in the parking lot. Unfortunately, they've moved back in and are busily digging in the coffee and aloe vera plants on the balcony, Lyssa tells me.

I've had a …

Read more...

Just when you thought it was safe to make your data safe...

A common procedure at many companies is to send the backup tapes offsite, on the off chance that if the building burns down or something, the computers will be lost but the data can be restored to replacement hardware and business will pick up apace a day or two later. In the industry, this is referred to as 'disaster mitigation planning'. At smaller companies, either the tapes never get taken offsite (common) or one of the sysadmins takes the tapes home to put them into a safe or strongbox (a bit more common). Larger companies and organizations with more rules …

Read more...

HIPAA doesn't imply that you can trust those in control, now does it?

Joseph Nathaniel Harris, a former branch manager at the San Jose Medical Group in California was sentenced to 21 months in prison and fines in excess of $145kus for stealing medical data. When Harris left his position after allegations that he'd been stealing money and medication from the facility, he is said to have stolen two computers and a DVD-ROM disk containing sensitive information about 187,000 patients, including Social Security numbers, medical histories, and diagnoses. The computers were found to have been sold for cash, but kept the disk containing the patient data. Thankfully none of that data got …

Read more...

Let this be a lesson to everyone...

Always double-check what machine you're working on. And always, always make sure your backups are good!

In the state of Alaska, a sysadmin at the department of revenue accidentally reformatted a hard drive that contained information pertaining to a oil fund account worth roughly $38bus.

Yep - billions of US dollars.

For an encore, rather than restore the data for the account from a backup hard drive, he then reformatted the backup drive on top of that - he probably hit the up arrow, changed the device name, and touched it off again. By this time, any sysadmin worth the name would …

Read more...