Syncthing might we worth to have a look for your use case.
There were two things that were really nice about CrashPlan in doing this–
Everything was easy to set up. You identified another user who was also using CP, and CP would find that User, then the other user would Allow you to save to their system, and they would setup a backup location on their network for you to save/backup to. The Users are cooperative in making it work, but CP had the facility for making it easy.
You can have a pretty high level of confidence that what you are participating in is secure. Everything is [was] done within CP’s realm, they control the security, they are established, etc.
In the current use of Duplicati to do this, you have to use other sources, for example–to create the secure server. If you (I) am not adept with the other software, I might not get things set up as securely as I would like, and perhaps not even know it! So, if this is going to involve two or more sources, I need to make sure they will play together, and be sure I am not opening up a security hole unwittingly. So far as I know, CP was the only one that was supplying such a turnkey system for doing this very thing. If Duplicati could do something similar, you would be filling an open niche, and probably get a lot more users. Of course, with CP, you could also back up to their cloud,…but if you chose not to use that, you still have a secure off-site backup (for free) with a trusted source (if you presume family is trusted!)
I’m not concerned so much about scheduled backup time, I can just call up my brother-in-law and ask, “When is your computer most likely to be on?” We can also have our computers start up at scheduled times. Once per day would be plenty for me for an off-site backup.
BTW, it doesn’t matter whether you want to synch to the other trusted comuter, or back up to compressed files; the real issue is how to set up the backup channel safely.
I’m no expert but I can’t think of an all-non-tech setup like CP had without also having a central server to coordinate.
That being said, I believe it might be possible to do a one-tech-to-many-non-tech solution where as long as one person can expose a “Duplicati master server” port to they internet, it could then handle coordination of the rest of the clients.
A side benefit is this also allows for centralized and non-run reporting possibilities.
Unfortunately it’s not currently a core design feature so there’s probably a fair (though likely not major) but of coding necessary for such a feature.
Thanks for that thoughtful reply, JonMikeIV. I wouldn’t expect Duplicati to be able to reproduce the exact same thing as CP. The question that follows is what is the easiest substitute that a not very tech-savvy user could do to create a secure setup that allows the same sort of “personal cloud” setup. It sounds from your previous reply that you think combining Duplicati with a Minio server setup would be the best option. Are there other alternatives that are also worth looking into to do this?
The main ones I know of are Duplicati with:
- Minio (easy setup)
- SFTP server (various software options, likely lower resources usage than Minio)
- FTP server (various software options, likely lower resources usage than Minio but less secure than Minio or SFTP unless routed through something like an SSH tunnel, which works great but is one more thing to configure)
In all three cases at least one port will likely need to be manually opened in your internet router and pointed to your machine. This can be easy or hard depending on your router, internal IP configuration (static vs dynamic), and potential machine firewall.
Personally I like SFTP the best, feel Minio is the easiest to configure, and think FTP is too insecure to be considered.
For what it’s worth Bitvise WinSSH (How to Set Up SFTP Server On Windows) on windows will automatically add entries into the Windows Firewall and will also forward a port for you on your router if it supports UPNP. I always manually set up port forwarding but might be worth trying?
In addition to Minio, SFTP, and FTP already mentioned, you can set up WebDAV. It was very easy with my NAS, and you can secure the traffic with TLS/SSL. It still does require a port to be opened on the gateway/router though.
Yeah, WebDAV is pretty easy to set up but can be tricky to get security right. And due to Duplicati fetching file lists in XML from WebDAV I think it’s the least efficient of the bunch (personal opinion, no data to back that up).
So with a NAS or turnkey solution WebDAV is ok (i use it with NextCloud), but for a less tech inclined person doing it from scratch (IIS anyone?) it’s probably safer to go with one of the others.
People wanting to use duplicati to backup to other computers might consider this arrangement:
- duplicati on both computers
- neorouter free to link the computers into a virtual network (this provides the secure channel between them)
- then setup an SMB share or FTP service or something on both computers so that they can be used as a destination for each other.
There may be other ways to do this but this was the simplest that came to mind.
I second this setup, and in fact it is exactly how I’m running Duplicati for reciprocal off-site backups between two PCs
Instead of Neorouter, I’m using Hamachi, but both are similar enough that either one should work.
I’m actually using the “Shared Folder” (SMB share) alternative, which is even simpler than the FTP server one
If anyone wants to set up their backups this way and needs some additional instructions, let me know and I’ll describe in more detail the steps and configurations needed to make it work. It really is not complicated at all.