This isn’t a howto! Seriously. You should know your data. Which means you should contrive your own policies and procedures for backing up. This is simply the stack I’ve decided best suits my needs.

  • Windows desktops: robocopy batch script. Target is mirrored content on a local server.
  • Windows servers: as above – but to a Linux server (virtual machine) for offsite rsync.
  • Linux desktops: rsync mirroring to local server.
  • Linux servers: rdiff-backup to offsite location.

For my offsite location I am using Amazon Web Services: EC2 as the rdiff-backup target; EBS as tentative storage for the rdiff-backup data; and S3 for periodic snapshots of the EBS volumes.

My EBS store is a, software, RAID6 array made up of 100G volumes. I am also using LUKS to encrypt each volume at the block level.

This stack gives me encrypted, offsite, continental distributed, reverse incremental backups. In my opinion that’s basically the holy grail. The only possible issue will arise if I lost the keys to unlock the LUKS encryption. But that wont happen. LUKS allows for a key file and 8 password style keys. With that flexibility I can guarantee I will always have access / the ability to change keys.