Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
rethinking_my_backup_strategy [01.01.2021 22:12] – [self-made collection of other tools] Pascal Suter | rethinking_my_backup_strategy [01.01.2021 23:23] – [First POC - Burp + rsync] Pascal Suter | ||
---|---|---|---|
Line 73: | Line 73: | ||
* i have found [[https:// | * i have found [[https:// | ||
+ | ===== First POC - Burp + rsync ===== | ||
+ | with all the arguments above considered, I decided to proceed a burp based solution and just add off-site capabilities to burp. Here is the targeted setup: | ||
+ | * " | ||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
+ | * one needs to make sure that all the necessary paths mentioned in '' | ||
+ | * " | ||
+ | * clients run the burp client and use client-side encryption with a strong password. the following additional core settings are used: | ||
+ | * '' | ||
+ | * '' | ||
+ | * a script on the burp server uses '' | ||
+ | * on the offsite server, a script is called (somehow, haven' | ||
+ | to try it all out i used a bunch of [[ubuntu test docker image | ubuntu test docker containers]] | ||
+ | |||
+ | docker network create burp | ||
+ | to create the custom network | ||
+ | docker run --net burp --name burpsrv -ti ubuntu-test: | ||
+ | to create the container for the burp server, and similar commands for the other servers. | ||
+ | |||
+ | for testing i ran the burp server with this command line: | ||
+ | burp -v -F -c / | ||
+ | |||
+ | which outputs any logs directly to stdout and keeps the daemon in the foreground. | ||
+ | |||
+ | ==== offsite backup file encryption ==== | ||
+ | since all files are encrypted on the client side before they are sent to the backup server, we don't have to encrypt them again when uploading them from the backup server to the offsite backup. this basically removes all the challenges mentioned in the "self made" backup |