7/26/2023 0 Comments Backblaze restore entire diskWe’re going to use pass to save encryptedĬopies of the application key and other restic settings on the host machine Type of Access must be set to Read and Write.Ĭopy the applicationKey that’s shown after you click Create New Key, you’ll need it later:Ĭopy the application key for later. In the Allow access to Bucket(s) dropdown select only the bucket you just created. Create an application key for the B2 bucketĪnd click the Add a New Application Key button: This means each machine’s access canīe revoked individually if that machine is compromised or is no longer using the repo. When sharing a single restic repo between multiple hosts I create a separateĪpplication key (in Backblaze) and a separate RESTIC_PASSWORD (using the To avoid locking I run all my maintenance commands from one host. SSH keys, log ins to my Bitwarden account, etc). Shared sensitive files that I have on both of these machines anyway (my GPG and Think the security risk is acceptable: these machines have a lot of files inĬommon so the deduplication might be significant. That data will actually be stored in the restic repository. If the desktop and laptop both contain copies of the same file only one copy of This is more storageĮfficient because restic will deduplicate files across the two different hosts: My main desktop and laptop do share the same repo however. Restic check then other machines can’t back up to (or run maintenanceĬommands on) the same repo at the same time. If one machine is running certain maintenance commands like restic prune or Using separate repos alsoĪvoids locking: machines can back up to the same repo simultaneously but Most of the time I create a separate B2 bucket and restic repo for each machineīecause it’s more secure: when machines share a restic repo they haveįull read write access to each other’s backups. Or each computer can back up to its own separate repo. When backing up multiple computers they can all back up to the same restic repo I find it simpler to create a separate bucket for each restic repo.Ī B2 account is limited to 100 buckets so if you have a lot of repos you might To subpaths of buckets so different hosts don’t have access to each other’s backups. This would allow a single B2 bucket to contain multiple restic repositories atĭifferent paths, and I think B2 application keys can be given access restricted Just add a path to the end of your RESTIC_REPOSITORY like this: b2:bucketname:path/to/repo. Name with no path ( b2:restic-seanh-laptop-79539).Īlternatively you could create the restic repository in a subdirectory within the bucket. That’s why my RESTIC_REPOSITORY environment variable contains just a bucket I create one restic repository in each B2 bucket, at the root of the bucket. One-to-one mapping between buckets and repositories You can leave B2’s default encryption disabled: restic will encrypt your files for you. Hence the random numbers at the end of the bucket name. Navigate to the B2 Cloud Storage Buckets page,īucket names must be unique across all of B2, including the names of other user’s buckets! Before you can back anything up to B2 you
0 Comments
Leave a Reply. |