this post was submitted on 26 Nov 2023
8 points (90.0% liked)

Self-Hosted Main

515 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

For now my server doesn't have very important data most of it are your "Linux isos" I can just download again and I'm thinking of starting to move my file and photos to the server but in afraid. What if I get a ransomwarei don't realize and all my backups get encrypted too? Or if the backups are corrupted and my disks breaks? But also I'm afraid about cloud because I've seen some posts about people getting their google accounts closed without notice for breaking TOS (maybe they did something wrong maybe not).

top 50 comments
sorted by: hot top controversial new old
[–] Malossi167@alien.top 4 points 1 year ago (2 children)

It is impossible to fully eliminate the risk but with a decent backup system in place it is somewhat unlikely to lose all of your data.

The 321rule should be used as a baseline. Your local backup should be snapshotted and somewhat hardened against ransomware (pull backups instead of pushing them, do not mount the backup volume to other machines). Cold backups also help.

Can I construct scenarios in which I lose all my stuff? Sure. But in those, we are either in deep shit anyway (CME, some big astroid) or it is pretty unlikely (targeted hacking)

[–] gargravarr2112@alien.top 1 points 1 year ago

This. With a proper backup strategy, you are reducing the probability of a catastrophic sequence of events. It becomes P(some unlikely event) x P(some other unlikely event) x ... Etc. for as many events you can think of and/or can afford to mitigate.

As you say, the risk will never be zero. And even the best-laid plans can fail - the Gitlab incident a few years back saw five layers of backups and disaster preparedness fail.

Really, all you can do is backup your data using standard methods, and TEST THE RESTORE before you need to rely on it!

[–] Cybasura@alien.top 1 points 1 year ago (3 children)

I'm too poor for a 321 lol

[–] gerardit04@alien.top 1 points 1 year ago
[–] Malossi167@alien.top 1 points 1 year ago

My backups are tiered. Some stuff gets no backup at all, some gets even more than 3.And I tend to reuse HDDs that got replaced in my main machine due to size for my backups. Power consumption hardly matters when it only runs for a few minutes a day.

load more comments (1 replies)
[–] hadrabap@alien.top 4 points 1 year ago

I'm more scared of online services being discontinued and/or being getting vendor locked and forced to pay ransom on a regular basis. Therefore, I host and back up everything on my own.

[–] Treczoks@lemm.ee 3 points 1 year ago

A) Make backups B) take them offline.

[–] bobj33@alien.top 3 points 1 year ago (1 children)

Aren't you scared about loosing your data?

No. I still have files from 1991. I've got files that have migrated from floppy disk to hard drive to QIC-80 tape to PD (Phase Change) optical disk to CD-RW to DVD+RW and now back to hard drives.

What if I get a ransomwarei don't realize and all my backups get encrypted too?

Then you need to detect the ransomware before you backup. I use rsync --dry-run and look at what WOULD change before I run it for real. If I see thousands of files change that I did not expect then I would not run the backup and investigate what changed before running the rsync command for real.

Or if the backups are corrupted

I have 3 copies of my data. Local file server, local backup, remote file server.

I also run rsnapshot on /home every hour to another drive in the machine. I also run snapraid sync to dual parity drives in the system once a day.

I generate and compare stored file checksums twice a year across all 3 copies to detect any corruption. Over 300TB I have about 1 failed checksum every 2 years.

and my disks breaks?

If one of my disks breaks I buy a new one and restore from backups.

But also I'm afraid about cloud

I don't use any cloud services because I don't trust them.

load more comments (1 replies)
[–] qwertyvonkb@alien.top 3 points 1 year ago (1 children)

Follow the 3-2-1 principle and there is less reasons being scared of loosing data.

load more comments (1 replies)

I backup to Backblaze b2. I encrypt myself using rclone. Costing me $1-2/mo for about 100Gb that I'm currently using.

API key I use for automated backups is pretty much limited to write only and files are set to hidden when deleted, so not much risk, just an annoyance, if the key were stolen and they defaced my backups.

Once a year I might go delete some history to reduce my usage.

I lean towards scripts to automate setting up a system, so I don't do full system backups. Downloaded video I also mostly skip using mirrored storage. In the event of a real disaster, its an acceptable loss.

[–] WhittledWhale@alien.top 2 points 1 year ago

I loose my data all over the place.

I loose it here, I loose it there, I loose it all over your mother's hair.

As far as losing data, I trust myself and my adherence to 3-2-1 more than I trust a third party solution.

[–] HTTP_404_NotFound@alien.top 2 points 1 year ago

No... I have proper, tested backups.

[–] InfaSyn@alien.top 2 points 1 year ago

321 rule - anything super critical also gets off-sited to the cloud.

[–] he-tried-his-best@alien.top 2 points 1 year ago

Only thing dear to me is my family photos and videos over the years. They’re backed up to two different cloud providers. Everything else is ultimately downloadable.

[–] Tiwenty@alien.top 2 points 1 year ago (1 children)

I used to regularly backup my photos to an external drive, but it'd still be in my house. Recently I just opened a cold object storage bucket at OVH and rclone to it every night. So even if they fail, the chance they fail at the same time as I do is pretty minimal. And I pay like 0.75€ a month for ~400GB

load more comments (1 replies)
[–] speaksoftly_bigstick@alien.top 2 points 1 year ago (3 children)

Not as many years ago as I would prefer given my professional experience, I was running a lot from home. Most of it for myself to learn more (so nothing my home itself was dependent on) but a percentage of it was for storage of pictures, home videos, digitalized documents, emails, etc.

I ran my own exchange server for years (utilizing my own TLD that I bought in 2008).

I was in the process of migrating data from a couple of older hosts to the newer ones I had setup in the garage; basically from two cobbled together Dell T series poweredge servers in my hall closet to a small stack of R series poweredge in a 42u cabinet rack in the garage.

My whole stack was setup across the two hosts including backups from veeam from one to the other and copies.ofnthe backups stored on an external. Due to the size of the backups and where I was on my life financially, anything hosted up in cloud space was just a little out of my budget. Anything I could afford was suspicious at the time.

This too long story ends basically by me not paying attention to what I was doing and ended up destroying the raid on both of the original hosts without having finished moving all my data.

I lost years of emails from my exchange server, all the pictures and home made videos of my daughters life from birth to that point in time, and my backup data.

All from my own mistake(s).

I did everything I was "supposed" to do to keep stuff protected until I messed it up.

My daughter passed away this year in February at 16 years old. I'd give anything to have those pictures and videos back.

My point is, you can plan and execute and throw money at it if you're able. And you'll likely be fortunate enough to never really lose anything that's valuable to you. But even planning and implementing, you can still lose stuff just by oversight and human error.

That's the game, man. 🤷

[–] SceneAcceptable9176@alien.top 2 points 1 year ago

I’m really sorry to hear about your daughter.

[–] gerardit04@alien.top 1 points 1 year ago (1 children)

I'm sorry for your loss. Thats the type of scenario I fear about, I can have the 321 backup but errors happen like not configuring you backup correctly, or destroying the raid... also I dont have a lot of money to buy drives and most of them are refurbished and I dont know if I can trust them.

[–] adamshand@alien.top 1 points 1 year ago

The thing is, these sorts of losses aren't limited to selfhosting. Selfhosting introduces some new risks and reduces some other risks.

Digital data is inherently fragile. It takes active work to preserve it.

That's one of the reasons my wife and I make an actual physical photo book each year of our favourite photos.

[–] anturk@alien.top 1 points 1 year ago (1 children)

I also have been there kinda when i was about 16 years old i guess such a big lesson for me now if i do some extra backups and al kinda backups and shit my friends think i am paranoid.

Well yes i am because i have been there

[–] ManSpeaksInMic@alien.top 1 points 1 year ago

As the saying goes: That you're paranoid does not mean they're not out to get you ... 😃

I have those battle scars too. :(

[–] BakGikHung@alien.top 2 points 1 year ago (1 children)

You SHOULD be scare of losing your data. In fact it's a very likely outcome if you're storing data and you don't know what you're doing. This is true of every electronic storage format. If you're not ready to lose everything, you have periodically practice recovery from backup.

Over the years, i've met tons of novice computer users who tell me "I'm worried my files will get hacked if I store them on dropbox / cloud". I always set them straight: the number one risk for you is losing your own data, not data theft, unless somehow your files contain industrial secrets worth hundreds of millions of USD.

I consider myself an experienced computer user and developer, having had various roles that border on sysadmin. I don't trust myself to run my DIY NAS. For the stuff that matters, you should fear complexity as it 's a source of errors. You should doubt yourself at every step. Practice recovery. This is true for everything. I messed up my pfSense router config this weekend, it wouldn't boot. I took the opportunity to practice recovering from backed up config (I should have done that much earlier).

load more comments (1 replies)
[–] brando2131@alien.top 2 points 1 year ago

ZFS (mirrored) two HDDs. If one HDD fails, then replace it and let it rebuild. Use 3 HDDs mirrored if you really think you could get a failure while the array is rebuilding.

Also have two external backups, one you do regularly at home, and another you keep off-site. When you visit that location (be it your parents, siblings, relatives, friends house) swap out your external backup with their off-site to ensure its kept up to date.

Make sure all disks are fully encrypted of course.

[–] ice-h2o@alien.top 2 points 1 year ago

Have multiple copies of the data. Use snapshots, they don’t get encrypted by a ransomware because they are read only and can’t be accessed via samba or nfs. It’s only a problem when the attacker gets root access to your NAS. Use a cloud provider like backblaze and backup your data encrypted. If you are really scared that ransomeware data will overwrite your backups use 3-2-1 and Grandfather-father-son backup strategy. But all this comes at a cost.

Some data are backed up to a local NAS, some of that data is backed up to cloud (not Google or the big ones).

Most of my data aren’t important. Photo library is both local, in the cloud, and most on offsite DVDs.

~45K lossless music files is local and cloud. Those would suck losing, but I could rip them again.

I’ve been considering tape backup again, it’s like 20 years since I used it at home.

[–] shrugal@lemm.ee 2 points 1 year ago* (last edited 1 year ago)

The key is to do regular backups to a different location, and to keep previous versions as read-only backups for a certain timespan. If something happens to the local data you can just restore from the remote backup, and also pick an unmodified previous version in case of a ransomware attack.

E.g. I do a daily encrypted cloud backup of everything that can't just be downloaded again, and the backup provider keeps previous versions for 30 days.

[–] Simplixt@alien.top 2 points 1 year ago (1 children)

My backup strategy:

Data:
- Sycnthing with 1x Copy with my Clients and 1x Copy on my Server accessible via Nextcloud
- Daily Push-Backup with of my Nextcloud-Data-Folder via Kopia to Backblaze
- Daily Pull-Backup of my Nextcloud-Data-Folder via QNAP-NAS in the basement

VM:
- Daily Backup of my VM's to a Proxmox Backup Server running on QNAP-NAS
- Daily Backup of my VM's to BackBlaze (but encrypted before)

Still, I'm not fan of having just one Cloud-Backup. So I think I will also get Hetzner Cloud Storage for Borg Backup additional to Kopia.

Goal:
- Different Hardware (Server, QNAP, etc.)
- Different Backup software (Syncthing, Kopia, Borg)
- Different Backup technique (Push, Pull, Snapshots)
- Different Locations

[–] Silencer306@alien.top 1 points 1 year ago (1 children)

How do you prevent your backups from file corruptions being backed up?

load more comments (1 replies)
[–] EspritFort@alien.top 2 points 1 year ago

For now my server doesn't have very important data most of it are your "Linux isos" I can just download again and I'm thinking of starting to move my file and photos to the server but in afraid. What if I get a ransomwarei don't realize and all my backups get encrypted too? Or if the backups are corrupted and my disks breaks? But also I'm afraid about cloud because I've seen some posts about people getting their google accounts closed without notice for breaking TOS (maybe they did something wrong maybe not).

What you're describing sounds like general anxiety. So if you're asking whether I'm suffering from anxiety, then no :P There are risks in life and precautions you can take against them. I'm just as "scared" about losing data as I am about getting run over by a car, that is to say not at all. Both scenarios are horrible, both can be reduced in risk by employing reasonable countermeasures and behaviors. Beyond that it's out of my control so there's no point in worrying.

The only hazy variable in this kind of contemplation is: Am I knowledgeable enough to properly gauge the risks and know the "reasonable countermeasures"? And if you're asking "Do you know enough?" or "Do you spend enough time learning new things?" then my answer would always be an emphatic "No!" because there's no such thing as enough knowledge and competence.

[–] kring1@alien.top 2 points 1 year ago

Paranoia is the reason I self host. Clouds can kick you out or lose your data at any time.

[–] dr-avas@alien.top 1 points 1 year ago (1 children)

Immutability! For some reason nobody here mentioned this! There's only one thing which can protect you against ransomware - backup storage with immutability! It can be S3, custom script setting immutable flag, read-only snapshots and so on...

But... You need to make sure, that your backup storage is properly tightened, so even you, as the owner, cannot change immutable data without physical access to the server.

[–] gerardit04@alien.top 1 points 1 year ago

didn't know this could be done, I will check it for my photo backup as they are not gonna change. Thanks

[–] DarkKnyt@alien.top 1 points 1 year ago

I store my documents in a 3 disk raid 5, which is backed up to a brand new NAS red, which is backed up to a 8TB external via Borg, and finally to my 1 TB OneDrive via rclone.

So at this point, no...

[–] AdmiralPoopyDiaper@alien.top 1 points 1 year ago

Piggyback: anyone using LTO for backup/archival in their homelab?

[–] Zeal514@alien.top 1 points 1 year ago

Currently yes. But in the future, no.

[–] jsaumer@alien.top 1 points 1 year ago (1 children)

No. I self host 100%. So, I have two separate storage stacks (truenas) that are always in replication.

load more comments (1 replies)
[–] brando56894@alien.top 1 points 1 year ago

Anything I truly care about losing is in at least two locations. It's like a total of a few hundred gigs. 95% of the content I have I can reacquire in like a week.

But also I'm afraid about cloud because I've seen some posts about people getting their google accounts closed without notice

thats why you dont backup important data with google, apple, microsoft, etc. even paid accounts aren't safe with these companies and it's very difficult to talk with a real person if you need help. you use a company whose sole purpose is for backups. i use backblaze

[–] AlphaKaninchen@alien.top 1 points 1 year ago

Thats why i burn M-Disks, even if i put them in a System with Malware, i can be sure it can't mess with the Data, in die Cloud i use Object Storage with Object Locks...

You can just setup a minio cluster (ideally separated in Hardware and Firewall) and put stuff there with Object Lock if you want to be sure.

I just removed write access from anything I don't want to be overwritten together with rclones --immutable flag. (Its push and pull, because my Laptop is not on all the time so the Laptop pushes when its on and the Server pulles when he is on)

[–] LukasAtLocalhost@alien.top 1 points 1 year ago

My technique is don't do too much so when it breaks you can get it back. Or maybe make a script on GitHub that'll redownload all shit

[–] evoseedbox@alien.top 1 points 1 year ago

Borg incremental and dump in gdrive encrypted

[–] pm_something_u_love@alien.top 1 points 1 year ago

I have my important data stored on a RAID1 for some redundancy, but otherwise it's just snapshotted to an external drive plugged into my server. It's not ideal and I have two plans I really need to get around to implementing.

I have a detatched garage so I am going to set up another machine hidden in the roof space of the garage where I can have "offsite" backups. It won't get found if my house is being burgled (you need a ladder) and it's far enough away that it hopefully survives if my house burns down. My garage already has ethernet cable.

Another option would be storing some stuff at a friends place if you have friends that self host. I've also been meaning on setting a Wireshark tunnel to a friends server and we can borrow a little bit of each others space.

[–] anturk@alien.top 1 points 1 year ago

I have one server home, one off side, encrypted files in the cloud and for the most important stuff i also have cold storage which i also do checksums once a while. If this gets me fucked up i don't know what to do.

[–] ElevenNotes@alien.top 1 points 1 year ago (6 children)

3-2-1-1-0 and you have 99.9999% covered. I replicate all backups between four physical locations, doesn't get more overkill than this. For personal use I even have a backpack with external HDD in it, that syncs the most important data every day.

load more comments (6 replies)
[–] therealSoasa@alien.top 1 points 1 year ago

Meh you don't really lose your data , do you. I mean , we all know where it is.

[–] ratcodes@alien.top 1 points 1 year ago

not scared. it's super unlikely all of your backups will fail at once assuming they're not all the same method attached to the same hardware

load more comments
view more: next ›