this post was submitted on 25 Feb 2025
58 points (95.3% liked)

Selfhosted

42996 readers
434 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
58
Encrypted backups to the cloud (feddit.org)
submitted 3 days ago by Linsensuppe@feddit.org to c/selfhosted@lemmy.world
29 comments fedilink hide all child comments
 

How would or do you backup your home server? I don't have enough physical storage (for now) at home to store some backups, so I want to upload it to the cloud. Of course I want the backup to be encrypted, but I don't want to enter the password every time by server does a backup. I am currently using borg on my PC and do it manually. How do I create a encrypted backup without entering the key manually? Do I hardcode it somewhere? Don't really like that. I am also fine with trying other backup software.

you are viewing a single comment's thread
view the rest of the comments
[–] chameleon@fedia.io 17 points 3 days ago

Borg or the like with 'hardcoded' plaintext/regularly full-disk-encrypted key is acceptable. Someone that has your unencrypted private key sitting on your server has almost certainly already obtained access to the entire set of data you're backing up, with the backup key itself only meaningfully guarding access to older backups.

The more important thing is to securely keep extra copies in case the server fails. I keep mine in a group in my password manager, one per repo.