Hey all, i would like to get some feedback on my backup strategy.
I have a debian webserver with a ZFS pool running nextcloud aio, immich and jellyfin. Thinking about adding other services as well but nextcloud and immich are the most important ones. The docker volumes of these services point of course to the zfs pool. My backup strategy would now be to use the internal backup solutions for nextcloud and immich to backup their databases, then stop the docker containers and do a borg backup of the zfs pool. The backups would be stored an extern hard drive (I want to expand on this but for now this is all I can afford). is this a viable approach or do i miss something? Could there be problems in case of a backup with the databases etc? The docker compose files are also stored on another machines together with my server documentation.
You still need some means of outside backup. Figure what you have covers majority of scenarios, so now we are getting into the highly unlikely, but highly impact full like “my house burned down and now I have no data”. Something like B2 (or some other block storage with comparable pricing) is worth exploring.
You also need to consider your usage pattern like whether you may need to retrieve data (some providers charge for bandwith in / out). I would suspect most of the time between your ZFS snapshots and your disk you are covered.
Also, recommend to not leave the disk plugged in at all times for the scenario I mentioned: Your machine is compromised and the attacker encrypts data to ask for ransom; very low probability (I suspect those are mostly against companies), but really doesn’t hurt to prevent against it.