So - Crashplan refugee here. I used to use crashplan to back up my home machines, my friends / family machines and I have a server dedicated to being the ‘backup server’.
Previously under Crashplan I’d just enable ‘backup to peer’ and have everyone turn off their peering, and select my backup server as a destination. Everything worked well ( where the definition of ‘well’ for crashplan = crapped out regularly after version 3.x). But more or less it was pretty plug-and-play.
I’m trying to figure out how to do similar with Duplicati.
But similar to What about a manual? " Where’s the manual" i’m having difficulty in even figuring out where to start. That thread asks for 'help understanding where people are getting confused" so here’s mine
I’ve downloaded the rpm (my backup server runs fedora), and the windows installer.
I’ve looked at the ‘getting started’ Article, which starts with 'Let’s begin configuring a backup…"
But I’m not seeing anything on ‘how to create a backup server’. It looks like it’s all geared towards destinations which are providers - S3, OneDrive, etc etc.
I figured I’d have to create myself a WebDAV service on my backup machine (I can do all the port forwarding etc etc) but I’m not seeing anywhere for ‘how to create a backup server of your own’.
Am I missing something, or can someone point me at a ‘how-to’ to ‘roll my own backup service’?
Thanks in advance
Steve.
Duplicati is not a backup server. It is client software only you will need to configure a backup server of your own or purchase something like Amazon S3 or backblaze B2.
Since you mentioned your backup server is running linux you can simply use SFTP to it. Just install openssh-server package if I recall if its not already in place. You just need to create a directory for the backups on fedora and point duplicati to it.
Simple Setup would be under destination for a server inside your network
Storage Type: SFTP
Server and port: 192.168.1.11 22
Path on server:/data/Duplicati/Servernamebeingbackedup
username: username
password: password
minio as a backup destination for windows seems to be easy to setup search this forum I think some instructions are for it.
Yep - you caught us. We weren’t expecting Code42 to do what they did so didn’t have anything prepared for CrashPlan orphans.
You are correct, Duplicati is designed for local or cloud based backups and does not have any P2P (peer-to-peer) functionality built into it at this time. However, your situation sounds very much like mine - lots of family were backup up to my server with CrashPlan.
Since it sounds like you’re using a Linux based server I’d suggest looking at something like this:
Basically, anything you can expose on your server that looks like any of these, will work as a destination:
S3 (such as Minio)
WebDAV (such as OpenCloud or NextCloud)
FTP
SFTP
As a non-centralized tool, Duplicati doesn’t have the kind of reporting most CrashPlan users are used to, so you may also want to check out DupReport:
Lastly, as on OpenSource project anybody is free to contribute to the code base over on GitHub - so if there’s a feature you REALLY want to see, you’re welcome to work on it yourself or entice others to do so with a Bounty.
Setting up Mimio seems like an effort in self-abuse merely to provide a client with ‘somewhere to store blocks’. Since my backup server already has a filesystem which stores blocks nicely, adding a whole 'nother layer of ‘stuff’ infront of it seems a bit… useless.
Suggestions for other methods though, strike me as much more suitable, and I figure I’ll just ring up an ssh port (not your usual 22), forward that from my firewall over to the backup box, configure my ssh to listen on 22 and 2022, then configure Duplicati for sftp, port 2022 (or something) and do it that way. (Since my firewall is also a linux box, I can’t use the regular port 22 for both that machine AND the backup machine, and this way I can also distinguish between regular ssh traffic and the 2022 backup traffic). If I create a shared ‘backup_user’ ID, and give it a known password then I won’t need to worry about family members remembering passwords etc. And yeah, I get that Aunt Susie can then see Cousin Alice’s files - but I’m not desperately worried about family members nickin’ each others stuff.
And no need for any ‘backup server’ software at all…
Thanks for the advice, hopefully it’ll go well.
Steve.
That’s my plan too (SFTP, but Aunt Suzy & Cousin Alice). Though if each backup job has a different encryption password all anybody (including you) would see is a bunch hex named .aes files.
You should make sure that if Susie gets ransomware, hackers, etc, they cannot destroy Alice’s files. Different accounts protect against some of that at least.
Also, @kees-z has done a great job at writing a manual:
Can I suggest that instead of doing port forwards and opening your computer up to abuse from the internet you setup a private VPN service like neorouter free. You just have to run it on both computers and they’ll talk directly to each other privately over a secure connection. Then it will be as if they are both physically next to each other and will see any services each are offering each other as backup destinations.
That works great as long as you trust / have control over both sides of the connection.
One thing I liked about Hamachi is that it had essentially a built in firewall so I could limit access between computers. With NeoRouter it really is a full VPN meaning, for example, if I want to back up my brother’s (different location) machine to mine then we’re both on the same VPN network.
That means if his computer gets infected with something mine is also exposed, and of course the reverse is true. Additionally, we might each have network resources we want for in-house use but not necessarily exposed to each other.
So while a full VPN can be a great (and seemingly simple) way to get backups working between locations, it can have side effects that people aren’t ready for if they’re not prepared…
That is an excellent observation. Yes, NeoRouter does put you right there with the other computers on that same VPN and therefore you have the same risks as you would have from being attached to a physical network with the same set of computers. I was not aware of the firewall in Hamachi. If you have another firewall on your computer then it would serve the same purpose though.
I am utterly unconcerned
Since I’m using sftp and user-based-logins… port forwarding for an auth’d connection to a non-standard duplicati port on a different box is [in my world] probably slightly less problematic than having a machine sitting listening for an openvpn request… using a standard user/pass to a vpn server on my gateway box…
And there’s no way I’m gonna be asking non-techy family people to fire up a vpn before their automated nightly backups happen… Or… leave their VPN up all the time so’s their traffic ( from different parts of the world no-less) end up doing a round-the-world-trip thorugh my machines to get to their janky meme-covered-facebook pages
Someone will argue that “Well, you can have Duplicati run a script to fire up the vpn before it attempts the backup” and then drop it when it’s finished. To which I will say : You’re overthinking this and I’m not gonna script all that junk with all the routing issues and breaking of browser based cookies etc etc that it comes with’.
