I have autocron jobs that sync various server directories to a daily backup (on the same server), then sync that backup once a week to the weekly backup, and once a month take a tarball snapshot of the weekly backup.
Every once in a while I plug in a HDD on USB and take a Borg backup of the monthly dir. Borg does compression and deduplication (and encryption if you want to). I should be doing this also once a week but sometimes I’m lazy and leave a few weeks between them.
I think you can get a free subdomain and dynamic DNS service at desec.io, with this you should be able to keep the domain updated with your IP and point it at your home server. But you need to have a public IP from your ISP and not to be behind NAT.
Anither option is to use a Tailscale Funnel. You will have to use a .ts.net subdomain with them and they terminate TLS and re-encrypt for you. On the other hand it’s completely free, you get NAT traversal, an encrypted tunnel, and you don’t have to maintain the IP even if it’s dynamic.
If you ever decide to host your own, via VPS or sth consider checking docker-mailserver and watchtower. First takes care of the mail stuff and the second updates your containers frequently so you will not have to manually update to new versions of the container (for security patches etc.).
When you use deduplication on the backup side you can do backups every minute without needing much storage. When the backup programm looks at the filesystem to determine which file has changed, the CPU only need to process the changed files.
For my personal devices i do daily backups. There is not enough change every day.
not only hosting lots of sleazebags, but also having tons of compromised mail machines, so their machines were, according to what I’d read there, the source of much of the world’s spam, and they wouldn’t fix things.
EasyDNS was recommended by one of the SysAdmin reporters on The Register, a few years ago.
He also recommended Linode & Vultr, back then, too.
This stuff in this comment is just my opinion, and my memory of what trustworthy people were reporting a few years ago.
There is a security risk of using your first name and last name in your email. It’s very easy for malicious people to send you emails specifically addressing you. I have realized it now and I take the extra steps to set up good spam blocking in my email.
I’m using Headscale for something similar. I have a VPS and a server at home. Both are on the same Headscale network. On the home server I set up a Matrix server. On the VPS I set up Caddy as a reverse proxy for the home server with its Headscale IP. It works nicely.
Personal and business are extremely different. In personal, you backup to defend against your own screwups, ransomware and hardware failure. You are much more likely to predict what is changing most and what is most important so it’s easier to know exactly what needs hourly backups and what needs monthly backups. In business you protect against everything in personal + other people’s screwups and malicious users.
If you had to setup backups for business without any further details: 7 daily, 4 weekly, 12 monthly (or as many as you can). You really should discuss this with the affected people though.
If you had to setup backups for personal (and not more than a few users): 7 daily, 1 monthly, 1 yearly.
Keep as much as you can handle if you already paid for backups (on-site hardware and fixed cost remote backups). No point having several terabytes of free backup space but this will be more wear on the hardware.
How much time are you willing to lose? If you lost 1 hour of game saves or the office’s work and therefore 1 hour of labour for you or the whole office would it be OK? The “whole office” part is quite unlikely especially if you set up permissions to reduce the amount of damage people can do. It’s most likely to be 1 file or folder.
You generally don’t need to keep hourly snapshots for more than a couple days since if it’s important enough to need the last hours copy, it will probably be noticed within 2 days. Hourly snapshots can also be very expensive.
You almost always want daily snapshots for a week. If you can hold them for longer, then do it since they are useful to restoring screwups that went unnoticed for a while and are very useful for auditing. However, keeping a lot of daily snapshots in a high-churn environment gets expensive quickly especially when backing up Windows VMs.
Weekly and monthly snapshots largely cover auditing and malicious users where something was deleted or changed and nobody noticed for a long time. Prioritise keeping daily snapshots over weekly snapshots, and weekly snapshots over monthly snapshots.
Yearly snapshots are more for archival and restoring that folder which nobody touched forever and was deleted to save space.
The numbers above assume a backup system which keeps anything older than 1 month in full and maybe even a week in full (a total duplicate). This is generally done in case of corruption. Keeping daily snapshots for 1 year as increments is very cheap but you risk losing everything due to bitrot. If you are depending on incrementals for long periods of time, you need regular scrubs and redundancy.
When referring to snapshots I am referring to snapshots stored on the backup storage, not production. Snapshots on the same storage as your production are only useful for non-hardware issues and some ransomware issues. You snapshots must exist on a seperate server and storage. Your snapshots must also be replicated off-site minus hourly snapshots unless you absolutely cannot afford to lose the last hour (billing/transaction details).
I’m probably the overkill case because I have AD+vC and a ton of VMs.
RPO 24H for main desktop and critical VMs like vCenter, domain controllers, DHCP, DNS, Unifi controller, etc.
Twice a week for laptops and remote desktop target VMs
Once a week for everything else.
Backups are kept: (may be plus or minus a bit)
Daily backups for a week
Weekly backups for a month
Monthly backups for a year
Yearly backups for 2-3y
The software I have (Synology Active Backup) captures data using incremental backups where possible, but if it loses its incremental marker (system restore in windows, change-block tracking in VMware, rsync for file servers), it will generate a full backup and deduplicate (iirc).
From the many times this has saved me from various bad things happening for various reasons, I want to say the RTO is about 2-6h for a VM to restore and 18 for a desktop to restore from the point at which I decide to go back to a backup.
Right now my main limitation is my poor quad core Synology is running a little hot on the CPU front, so some of those have farther apart RPOs than I’d like.
How often depends on how much work it is to recreate, or the consequences of loosing data.
Some systems do not have real data locally, get a backup every week. Most get a nightly backup. Some with a high rate of change , get a lunch/middle of the workday run.
Some have hourly backups/snapshots, where recreating data is impossible. CriticL databases have hourly + transaction log streaming offsite.
How long to keep a history depends on how likely an error can go unnoticed but minimum 14 days. Most have 10 dailes + 5 weeky + 6 monthly + 1 yearly.
If you have paper recipes and can recreate data lost easily. Daily seems fine.
I mean I think it really depends on the type of website you’re trying to host. A static blog would use way less bandwidth than a media server for example. Traffic would have the same effect too, where 1 concurrent visitor to a blog would probably be fine but 10,000 would be a problem.
Sounds like a connection would work with that setup but it would depend on what you are planning on hosting. Anything that is sensitive to latency would probably not work well. Static sites should be fine though.
selfhosted
Active
This magazine is from a federated server and may be incomplete. Browse more on the original instance.