Not all data is equal. I backup things i absolutely can not lose and yolo everything else. My love for this hobby does not extend to buying racks of hard drives.
this post was submitted on 26 Feb 2026
2 points (100.0% liked)
Selfhosted
57200 readers
478 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
-
No low-effort posts. This is subjective and will largely be determined by the community member reports.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Same, my unraid server is over 40 tb but I only have ~1.5 tb of critical data, being my immich photos and some files. I have an on site and off site raspberry pi with 4tb nvme SSD for nightly backups
True words of wisdom here from a self hosting perspective.
You'll think I'm crazy, and you're not wrong, but: sneakernet.
Every time I run the numbers on cloud providers, I'm stuck with one conclusion: shit's expensive. Way more expensive than the cost of a few hard drives when calculated over the life expectancy of those drives.
So I use hard drives. I periodically copy everything to external, encrypted drives. Then I put those drives in a safe place off-site.
On top of that, I run much leaner and more frequent backups of more dynamic and important data. I offload those smaller backups to cloud services. Over the years I've picked up a number of lifetime cloud storage subscriptions from not-too-shady companies, mostly from Black Friday sales. I've already gotten my money's worth out of most of them and it doesn't look like they're going to fold anytime soon. There are a lot of shady companies out there so you should be skeptical when you see "lifetime" sales, but every now and then a legit deal pops up.
I will also confess that a lot of my data is not truly backed up at all. If it's something I could realistically recreate or redownload, I don't bother spending much of my own time and money backing it up unless it's, like, really really important to me. Yes, it will be a pain in the ass when shit eventually hits the fan. It's a calculated risk.
I am watching this thread with great interest, hoping to be swayed into something more modern and robust.
What's your recovery needs?
It's ok to take 6 months to backup to a cloud provider, but do you need all your data to be recovered in a short period of time? If so, cloud isn't the solution, you'd need a duplicate set of drives nearby (but not close enough for the same flood, fire, etc.
But, if you're ok waiting for the data to download again (and check the storage provider costs for that specific scenario), then your main factor is how much data changes after that initial 1st upload.
Sorry. Shortly after posting this and the initial QA I left for a trip.
I could definitely wait those time periods for a first backup and a restore, since I assume it'll be a once in 10 year at worst situation. Data changes after the first upload should be show enough to keep up.
No worries, I don't have a time limit on responses 😉
But... I took somethong like ~3 days to get an initial baxkup done.
Then ~3 years later I was at a different provider doing the same thing.
What I did do differently was to split the data into different backup pools (ie photos, music, work, etc) rather than 1 monolithic pool... that'll make a difference.
That does make sense - also matches how I have currently sperated files so it's a valuable idea. Thanks!
I don't. Of my 120tb, I only care about the 4tb of personal data and I push that to a cloud backup. The rest can just be downloaded again.
Do you have logs or software that keeps track of what you need to redownload? A big stress for me with that method is remembering or keeping track of what is lost when I and software can't even see the filesystem anymore.
I don't know of a pre-wrapped utility to do that, but assuming that this is a Linux system, here's a simple bash script that'd do it.
#!/bin/bash
# Set this. Path to a new, not-yet-existing directory that will retain a copy of a list
# of your files. You probably don't actually want this in /tmp, or
# it'll be wiped on reboot.
file_list_location=/tmp/storage-history
# Set this. Path to location with files that you want to monitor.
path_to_monitor=path-to-monitor
# If the file list location doesn't yet exist, create it.
if [[ ! -d "$file_list_location" ]]; then
mkdir "$file_list_location"
git -C "$file_list_location" init
fi
# in case someone's checked out things at a different time
git -C "$file_list_location" checkout master
find "$path_to_monitor"|sort>"$file_list_location/files.txt"
git -C "$file_list_location" add "$file_list_location/files.txt"
git -C "$file_list_location" commit -m "Updated file list for $(date)"
That'll drop a text file at /tmp/storage-history/files.txt with a list of the files at that location, and create a git repo at /tmp/storage-history that will contain a history of that file.
When your drive array kerplodes or something, your files.txt file will probably become empty if the mount goes away, but you'll have a git repository containing a full history of your list of files, so you can go back to a list of the files there as they existed at any historical date.
Run that script nightly out of your crontab or something ($ crontab -e to edit your crontab).
As the script says, you need to choose a file_list_location (not /tmp, since that'll be wiped on reboot), and set path_to_monitor to wherever the tree of files is that you want to keep track of (like, /mnt/file_array or whatever).
You could save a bit of space by adding a line at the end to remove the current files.txt after generating the current git commit if you want. The next run will just regenerate files.txt anyway, and you can just use git to regenerate a copy of the file at for any historical day you want. If you're not familiar with git, $ git log to find the hashref for a given day, $ git checkout <hashref> to move where things were on that day.
EDIT: Moved the git checkout up.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
| Fewer Letters | More Letters |
|---|---|
| Git | Popular version control system, primarily for code |
| HTTP | Hypertext Transfer Protocol, the Web |
| HTTPS | HTTP over SSL |
| NAS | Network-Attached Storage |
| RAID | Redundant Array of Independent Disks for mass storage |
| SSD | Solid State Drive mass storage |
| SSL | Secure Sockets Layer, for transparent encryption |
| VNC | Virtual Network Computing for remote desktop access |
| VPN | Virtual Private Network |
| ZFS | Solaris/Linux filesystem focusing on data integrity |
[Thread #119 for this comm, first seen 26th Feb 2026, 15:51] [FAQ] [Full list] [Contact] [Source code]
Recently helped someone get set up with backblaze B2 using Kopia, which turned out fairly affordable. It compresses and de-duplicates leading to very little storage use, and it encrypts so that Backblaze can't read the data.
Kopia connects to it directly. To restore, you just install Kopia again and enter the same connection credentials to access the backup repository.
My personal solution is a second NAS off-site, which periodically wakes up and connects to mine via VPN, during that window Kopia is set to update my backups.
Kopia figures out what parts of the filesystem has changed very quickly, and only those changes are transferred over during each update.
The Backblaze option is something I've seriously considered.
Any reason this person didn't go with the $99/year personal backup plan? It says "unlimited" and it is for my household only, but maybe I'm missing something about how difficult it is to setup on Unraid or other NAS software. B2's $6/TB/mo rate would put me at $150/mo which is not great.
They only needed about 500GB.
And personal is for desktop systems. You have to use Backblazes macOS/Windows desktop application, and the setup is not zero-knowledge on Backblazes part. They literally advertise being able to ship you your files on a physical device if need be.
Which some people are ok with, but not what most of us would want.
You can ship encrypted files you know…..?
Yes. That's not mutually exclusive with Backblaze having access to your backups.
Them having access to them is irrelevant if they’re encrypted. What’s the issue?
You can do that with B2. Just use an application to upload that encrypts as it uploads.
The only way to achieve the same on the backup plan (because you have to use their desktop app) is to always have your entire system encrypted and never decrypt anything while the desktop app is performing a backup.
Did you not read what I said? You use their app, which copies files from your system as-is. Ensuring it never grabs a cleartext file is not practical.
That doesn’t mean it’s not encrypted on their servers…..
Also doesn't mean it is. Or in a way where only you can decrypt it.
The chain of custody is unclear either way. You're not in control.
It’s pretty clear actually - all data is encrypted at rest on their servers. They specifically say so.
https://www.backblaze.com/cloud-storage/security
https://www.backblaze.com/blog/how-to-make-strong-encryption-easy-to-use/
No shit. But encryption isn't the same as zero-knowledge. Where by the time they handle the data in any way whatsoever, it's already encrypted, by you.
Do you not know what zero-knowledge means? Or are you so focused on my mentioning they'll ship data to you physically that what I actually said went over your head?
From the page you just linked:
Implement encryption transparently so users don’t have to deal with it
Allow users to change their password without re-encrypting their data
In business environments, allow IT access to data without the user’s password
It's not zero-knowledge!
That’s really not an issue though.
Yeah. It's almost like I literally said that in my second comment.
Which some people are ok with, but not what most of us would want.
What gap in my knowledge are you trying to fill here?
I didn't even mention encryption in my second comment. Just that their backup plan isn't zero-knowledge.
not what most of us want
Strongly disagree.
With what?
That self hosting admins on lemmy probably care about their backups not being accessible to third parties?
I don't think you can claim that they wouldn't.
You can claim that YOU don't mind. But that's a sample size of one. And I'm not denying there are people who don't care.
I just don't think they're the type to be self-hosting in the first place.
And that still doesn't answer why the fuck you set out on this series of "well achuallys"?
It seems to me, you're still looking for something to correct me on.
Define “accessible” here. They’re encrypted …..
Being able to download an encrypted file is not the same as being able to download it and unencrypt it, which they can’t do.
...
Sure they can. How else do they enable providing access to the content without the user password?
The data is secured against unauthorized access, but unlike zero-knowledge setups where the chain of custody is fully within user control, the user is not the only one authorized. And even if you are supposed to be, you cannot ensure that you actually are.
OF-FUCKING-COURSE the physical drives, and network traffic are encrypted. That's how you prevent unauthorized physical access or sniffing of data in-flight. That's nothing special.
But encryption is not some kind of magic thing that just automatically means anyone who shouldn't have access to the data, doesn't.
For that to actually be the case, you need solid opsec and known chain of custody. Ways of doing things that means the data stays encrypted end-to-end.
The personal backup plan doesn't have that.
Where do they provide access to the content without the user password?
...
4
Explain to me how they couldn't. Without simply stating "it's encrypted".
On the B2 plan you can use open source solutions like Kopia, and literally look at the code, to KNOW that data is encrypted on your system with keys only you have, before Backblaze ever sees it.
Explain to me, how the personal plan using their closed source application achieves the same.
Linking to a page where they say "it's secure" is not sufficient. Elaborate. In detail. To at least an equal extent I already have.
So your whole point is that you shouldn't trust one of the biggest cloud backup companies on the planet when they say that your data is encrypted, with no proof that they're telling lies...........and you're asking me to prove that they're telling the truth?
The onus is on you to prove that they're telling lies, not on me to prove what they say is true.
They say this about computer backup on one of the pages I linked earlier:
Computer Backup Encryption
Data is encrypted on your computer—during transmission and while stored. Block unauthorized users from accessing your data by using a Personal Encryption Key (PEK) or use a 2048-bit public/private key to secure a symmetric AES-128 key. Data is transferred via HTTPS. Enhance your protection with two-factor verification via a TOTP (Time-based One Time Password).
Is that all a lie? Based on what?
No.
I'm saying 99.999999999999999999999999999999999999999999999999999999% ≠ 100%
For some people that's close enough. For some of us it's not.
Prove otherwise. I dare you. I'm done putting in effort explaining the obvius to you. Your turn.
So being encrypted before transmission and at rest isn't enough simply because someone at backblaze can send the encrypted files out to you on a HDD........
lol
Nice ragebait.
If you genuinely still think that was my point in its entirety, you are truly obtuse.