With hard drive capacity growing by leaps and bounds it is not uncommon for most people to have computers with several hundred Gigabytes worth of internal storage. While drives have gotten much more reliable the importance of good backups have only increased with more and more of our data being stored on our computers. Digital photos, movies, music, financial documents, e-mails, all live on our computers and could easily be deleted, or corrupted by user error, application faults, or a physical failure of a part in your computer.
Backups prevent:
- Data loss from computer error. (Operating System or Application Crash)
- Data loss from drive failure.
- Data loss from user error. (Accidental deletion, alteration, etc)
- Data loss from disaster. (House burns down, computer lost or stolen)
It is important to note that RAID systems ONLY address drive failures and should NOT be thought of as a backup solution.
My Goals:
I really like Time Machine. Apple did an AMAZING job with that application and bundled with the Time Capsule you get a really robust, high-capacity versioned backup solution that solves 90% of the problems that backups are supposed to solve. If you periodically copy your Time Machine backup to an external hard drive and store that at a friend’s house or in a safe deposit box or at the office, then you get 100% of the backup goals in a neat little package. You can even restore a Time Machine backup from the OS X restore CD. Slick.
Since I don’t run OS X I have to engineer a solution myself. I want a system that allows me to produce versioned backups on the network without much interaction. It must be encrypted on disk as my laptop’s /home is encrypted and storing the backup unencrypted would be a super-easy attack vector. Ideally the storage would be swappable so I can have 2 drives and swap it with an off-site drive periodically and so I could fairly easily restore the data to a new drive when the drive in my laptop (or the backup drive) scorches itself.
My Solution:
- USB 2.0 hard drive with dm-crypt whole-drive encryption
- rdiff-backup over ssh
- cron(8) and some custom scripts
I have an old IBM ThinkPad R42 laptop that I’m not using for anything anymore so I tossed Ubuntu 9.10 on it and plugged it into the network. (I would use my server but I do not have any USB 2.0 ports on that machine currently.) I connected a 250GB USB hard drive to the ThinkPad and encrypted a partition using dm-crypt to store the backups and meta-data.
I then setup ssh on the ThinkPad to trust my ssh key from my laptop and I setup sudo(8) to allow my user to run rdiff-backup without entering my password. Combined with my backup.sh script, i can fire off a backup in the background from cron(8) that doesn’t really affect the performance of my laptop over the network.
I am a big fan of jwz and this is how he does backups.
Tags: backups, linux, software, technology