From 860f3bafb935e52b42d967eb56eadf1cee60fd2a Mon Sep 17 00:00:00 2001 From: Christopher Jones Date: Tue, 7 Apr 2026 21:11:47 -0400 Subject: [PATCH] Begin documenting backup strategy and implementation. --- design/BackupStrategy.md | 17 +++++++++++++++++ design/{readme.md => network.md} | 0 2 files changed, 17 insertions(+) create mode 100644 design/BackupStrategy.md rename design/{readme.md => network.md} (100%) diff --git a/design/BackupStrategy.md b/design/BackupStrategy.md new file mode 100644 index 0000000..80a1f6f --- /dev/null +++ b/design/BackupStrategy.md @@ -0,0 +1,17 @@ +Backup Strategy + +# Backup Strategy +## Requirements +- All data that are difficult or impossible to reconstruct must be backed up and able to be restored from backup if lost. +- Backups must be automated and must occur without manual interaction with any user. +- Backups must be monitored and tested on a regular basis, to ensure that + 1. Backups actually occur when they are scheduled + 2. Backed-up data can be restored and that the restored data is correct. +- Backups are encrypted for privacy and security. +- All data exist in at least three places: on the device (client or server) where it is used; on a backup device on our home network; and on an off-site device. +## Strategy +- On-site backup for client devices will be provided by the Teal server. The backup tool is Restic, accessible from client devices via SFTP. +- On-site backup for the Teal server itself will be provided by the Cygnus server (Synology). Backup is by Restic over SFTP. +- Off-site backup is not currently implemented. Two different strategies are being considered: + 1. Build a custom ZFS-based NAS and deploy it at 28 Carlisle Rd. This server and the Teal server would provide off-site backup for each other via ZFS send / receive. + 2. Contract with a cloud storage provider for off-backup, probably either Backblaze using Restic over B2 or rsync.net using ZFS send / receive. diff --git a/design/readme.md b/design/network.md similarity index 100% rename from design/readme.md rename to design/network.md