Need some tipps (TrueNAS and Duplicati)

Here is my Setup:
I have 2 locations (ME and MOM)
I have 2 Servers (full access, all ports can be open)
network speed is on both 100down/40up

  • Server 1 is at ME location and is running Proxmox with TrueNAS, more software/containers can be installed. the hardware includes enough ram, cpu and 8TB HDD (and boot/vm ssd)

  • the HDD is set up in truenas as a pool and can be accessed by other devices. Currently 2TB is in use.

  • ME location already has a Wireguard connection if needed.

  • Server 2 is at MOM location and is running nothing. 2 GB RAM, Dual Core Intel old stuff and 6TB HDD (formatted, no data) (and boot/vm ssd)

  • MOM location already has a Wireguard connection if needed.

How would you recommend syncing these locations up?
I want MOM to receive duplicati stuff (encrypted, with trashcan) so incase the hardware is gone, the files are essentially useless.

I’m aware Server 1 stores files and Server 2 stores same files and versions/trashcan while having smaller HDD, this is fine for now and will be replaced in next ~3-4 years.

My thinking is to just make FTP connection (Server 2, install alpine and something), mount the drive in container on Server 1 and mount the TrueNAS share. Then do duplicati magic. Would that work? are there better approaches?

Is there easier approach? I can’t get rid of the 2GB limitation because that would blow the budget up (and power consumption)

How could I solve this? Which software would be the best im proficient in linux, pretty terrible when it comes to networking and efficiency…

The point of this is to have a duplicate of my files. So should one of the locations fail completely, there is a 50% chance versioning/trashcan is lost and ~0% chance any data is lost.
Also i want to be able to access the versioning/trashcan incase of accidental deletion without having to download 2TB of files first.

I’m looking for tipps and possible solution approaches.

Thanks !

Hi ChemialWorkshop and welcome,

I have a similar setup, with a newer QNAP server acting as the MOM device. I also use a bit less storage on the encrypted backup than I do on my main, but that would be totally dependent on what I choose to backup and how frequently that changes, and how many versions. All the things that really consume space (movies) don’t compress at all.

I don’t know what trashcan is and couldn’t find it on a quick search, just fyi, it might be irelevant.

I use the standard aes encryption, should be fine. I’m right now reencrypting everything because my password might have been leaked, and that sucks and took much longer in user-time than expected, becasue I had to be careful to get everything right and double checks and stuff like that. So GPG might be a better choice for encryption to avoid that. But I think that is another story, I didn’t go down that road (yet) because it was less travelled.

I would never use FTP for moving files. I love SSH for that. SSH does the encrypted communication and you can control the level of encryption you want. I would recommend skimming this: encryption - What are ssh-keygen best practices? - Information Security Stack Exchange
Or just using this to generate your keys.
ssh-keygen -t ed25519 -a 100
You can still copy files manually using ‘rsync -e “ssh”’ (default linux stuff), ‘rclone’ (fantastic library, can sync to mostly any cloud drives), or a simple ‘scp’ command.

Duplicati supports SSH. This is what I use.

I would also be careful not to spend to much time on old hardware. I don’t know if ‘time is money’ in your case, but don’t be stupid with your time. I have learned the hard way that I tend to spend way to much time saving nickles, and everything takes much longer than I expect.

PS: I’m actually running unRaid on my QNAP, because I like it. But any linux os will be able to receive SSH communication so anything should work. The remote machine will not be under a lot of pressure, it just a raw storage device, in terms of duplicati backup.

2 Likes

hi, thanks for the reply!

sadly my work pay is below minimum wage so untill that (2-3 years) i have to do with whatever i got

im very familiar with linux, so this shouldnt be a huge issue, the only problem is, this is a remote device, so should i somehow loose access i’ll have to wait 6 months to re-gain it.

i think i’ll put alpine linux on it, either expose the SSH port to the web (thru router) or use my wireguard tunnel from another device on that network.
i think i’ll just use raw SSH without wireguard, less strain on other devices, easier to manage and not super worried about security when using brand new ssh keys…