I'll admit that I've always been terrible about backing up my personal computers. I used to be a frequent user of different file sync and sharing platforms before I became a full-time Linux user. While some of these services work with desktop Linux, I always found them clunky to use, and their necessity disappeared once I started using only one computer daily. Moving away from these platforms left many of my files unprotected, and I recently decided to fix that.
I always enjoy hearing about other people's desktop Linux strategies, so I decided to share my backup strategy in this article. I think many readers are in the same spot as I was: They want an easy-to-use, turnkey backup solution that requires very little maintenance beyond some initial setup. In this article, I'll walk you through the "set it and forget it" backup strategy that works for me.
Choose your software
The first step toward a fully backed up system is to decide on the software to use. There are tons of options: A simple online search for "Linux backup" turns up hundreds of thousands of results. I've met many people who develop their own backup scripts using
rsync or ship filesystem-level snapshots off to backup servers.
When I started thinking about what I wanted in a piece of backup software, I realized there were a few essential criteria. First, it needed a robust command-line interface so that I could integrate it into a regular script. It also had to be easy to use with a very low learning curve. I also wanted it to "just work" without dozens of command-line flags or weird corner cases to consider. Essentially, I wanted a solution that I could stick into a cron job and forget about.
I ended up finding Restic. Restic is a fantastic open source backup application that works smoothly with many different types of cloud and local back-end storage systems. Aside from being very easy to use, Restic has many useful features that anyone would want in a mature backup solution. It automatically detects file changes and allows you to compare previous backup snapshots so that you can restore older versions of a file. It also natively encrypts backups, and I found it very easy to set up and use.
Run your backups
With a robust backup tool selected, I'm ready to set up some processes to run my backups regularly. Restic, which has a simple command-line interface, makes this easy. I have a simple cron job that runs every six hours and calls the script below:
#!/bin/bash set -e source /etc/restic/b2.env export CURRENT_DATE=$(date +%m_%d_%y_%H_%M_%S) restic -r b2:my-repo:/backup --exclude-file=/etc/restic/excludes.txt --verbose backup /home/tony > "/tmp/backup_$CURRENT_DATE" 2>&1 restic -r b2:my-repo:/backup snapshots | tail -n 4 | head -n 2 | cut -f 1 -d ' ' | xargs restic -r b2:my-repo:/backup diff >> "/tmp/backup_$CURRENT_DATE" 2>&1 mail -s "Backup Report $CURRENT_DATE" firstname.lastname@example.org < "/tmp/backup_$CURRENT_DATE" curl -s https://<redacted> rm "/tmp/backup_$CURRENT_DATE"
First, the script performs some setup by sourcing an environment variable file containing credentials to my backend storage system of choice (Backblaze). The script then meets its obvious purpose: It runs the
restic command in verbose mode to perform the backup along with an exclude-file. It outputs the information from the backup into a temporary file. Once the backup is complete,
restic runs a
diff of the most recent backup and the last snapshot and outputs that into the temp file. This lets me see the files that have changed; this really came in handy when building out the list of files to exclude. I would review the backup report, see files I didn't care about, and then exclude them.
Finally, I don't want to log into my laptop and manually look at temp files every day. The script emails the backup report to me so that I can check on it. It also runs a
curl to hit a monitoring web endpoint. This is an extra check: I use a service that expects a "heartbeat" from my backup every day. If it doesn't receive one, I receive an email that my backups are failing. This gives me two confirmations that my backups are working: The report after every backup and an alert if the backup ever fails for longer than a day.
[ Get more advice on healthy backups. Read 5 Linux backup and restore tips from the trenches. ]
I mentioned an exclude-file; this contains a list of files and directories to exclude from backups. This took quite a bit of long-term tuning to get right, as many applications behave poorly and store random cache files all across the filesystem. It took a few days of checking on my backup reports to develop an idea of the applications and directories I want to exclude from backups. If you go this route, you'll also likely spend some time tuning this aspect of your backup strategy.
The last piece of the puzzle is regularly pruning old snapshots. This is very easy, as described in Restic's documentation. This is actually something that I currently perform manually because I wanted to keep an eye on this when I first implemented this backup strategy. However, I expect to integrate this into a regular cron job soon enough. It's just one simple command:
restic -r b2:my-repo:/backup forget --keep-last 7 --prune
One of my favorite parts of the Linux desktop community is the culture of sharing approaches and ideas to problems. There are probably hundreds of articles about backing up Linux desktop machines, and mine is just another idea among many. Restic offers a painless, straightforward backup strategy that works for me. If you have other ideas about backup best practices, please consider joining our Enable Sysadmin community and sharing your thoughts!
[ Free eBook: Manage your Linux environment for success. ]