Backups need to be tested to ensure they are correct and happening regularly. Multiple copies of the backups should exist, including at least one offsite to protect against my building burning down.
Backups should also be incremental when possible (rather than mirror copies) so an accidental deletion isn't propagated into the backups, making the file irrecoverable.
I have one backup folder `/mnt/backup` on my media server at home that serves as the destination for all my backup sources. All scheduled automatic backups write to their own subfolder inside of it.
![[backup1.svg | a diagram of my setup. servers and computers on the left, pointing to my home server in the middle, pointing to external hard drives on the right]]
I use the tool `rdiff-backup` extensively because it allows me to take incremental backups locally or over SSH. It acts very similar to `rsync` and has no configuration.
I use `offlineimap` to sync my mail to the directory `~/email` on my media server as a Maildir. Since offlineimap is only a syncing tool, the emails need to be copied elsewhere to be backed up. I run `rdiff-backup` from a weekly cron job:
I use Standard Notes to take notes and wrote the tool [standardnotes-fs](https://github.com/tannercollin/standardnotes-fs) to mount my notes as a file system to view and edit them as plain text files.
I self-host a Nextcloud instance to store all my personal documents (non-code projects, tax forms, spreadsheets, etc.). Since it's only a syncing software, the files need to be copied elsewhere to be backed up.
I self-host a Gitea instance to store all my git repositories for code-based projects. My home folder is also a git repo so I can easily sync my config files and password database between servers and machines.
Telegram Messenger is my main app for communication. My parents, most of my friends, and friend groups are on there so I don't want to lose those messages in case Telegram disappears or my account gets banned.
Telegram includes a data export feature, but it can't be automated. Instead I run the deprecated software [telegram-export](https://github.com/expectocode/telegram-export) hourly with cron:
[Signal Messenger](https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms&hl=en_CA&gl=US) automatically exports a copy of my text messages database, and [Aegis](https://play.google.com/store/apps/details?id=com.beemdevelopment.aegis&hl=en_CA&gl=US) allows me to export an encrypted JSON file of my two-factor authentication codes.
I mount my phone's internal storage as a file system on my desktop using [adbfs-rootless](https://github.com/spion/adbfs-rootless). I then rsync the files over to my media server:
Unfortunately this is a manual process because I need to plug my phone in each time. Ideally it would happen automatically while I'm asleep and the phone is charging.
The directory `/backup/files` is a repository for any kind of files I want to keep forever. My phone data, old archives, computer files, Minecraft worlds, files from previous jobs, and so on.
The `tbotbak` user has write access to the `/mnt/backup/remote/tbotbak` directory only. It has its own passwordless SSH key that's only permitted to run the `rdiff-backup --server` command for security.
I wrote a Python script `checkbackup.py` that goes through each backup and compares the timestamp in `backup_check.txt` files to the current time. This makes sure that the cron ran, backups were taken, and transferred over correctly.
I rotate through 2.5" 1 TB hard drives each Saturday when I do a backup. They are quite cheap at [$65 CAD](https://www.memoryexpress.com/Products/MX65194) each so I can have a bunch floating around.
I keep one connected to the server, one in my bag, one offsite, one at my mother's house, and one at my dad's house. Every Saturday I run the script above to take a copy and then swap the drive with the one in my bag. It then gets swapped when I visit my offsite location. Same for when I visit my parents<spanclass="aside"> (I go back home about twice per year)</span>. This means that all hard drives eventually get rotated through with new data and don't sit too long unpowered.
I run the check-summing `btrfs` file system on them in RAID-1 to protect against bitrot. This means I can only use 0.5 TB of storage for my backups, but the data is stored redundantly.
I'm working on a system to automatically back up all my home directories to my media server. I need this to grab Bash histories and code that's work-in-progress. I've been burned by not having this once when a server died.