restic is a deduplication backup sofware, designed for ease of use and security. Rclone is a versatile program for syncing data between a huge variety of protocols and cloud providers. What is especially nifty is that restic can use rclone as a backend, and by that extend restic destination into most cloud providers.
Setting up an automated backup from one macine is no problem. This can be done quite easily with
restic -p password_file -r sftp://user@destination/srv/backups init
Backups is then done with
restic -p password_file -r sftp://user@destination/srv/backups backup /srv/backmeup
If a malicious actor has access to the source machine, they will have read and write access to the backup on the destination. To avoid giving the malicious actor write access to already existing backups, we need to ensure that existing backups on the destination never is changed. This is done by making the destination immutable. When data is written, it cannot be changed later.
This can be solved in couple of ways
- Use a immutable backend, in example immutable object storage in the cloud.
- Make any destination immutable by relying all traffic through a secured rclone proxy with the
Design, rely traffic through proxy
source intermediate destination +---------------+ +--------------+ chosen +-----------+ | | SSH | rclone | transport | favorite | | /srv/backmeup | ----> | append only | ----------> | cloud | | | | rely | | storage | +---------------+ +--------------+ +-----------+
Create a SSH key …