Yeah, I get that... I'd be the same
So... are you shutting down after x minutes, or, NUT's signalling to shutdown when the battery is getting low, which is x minutes. (If you see my point) - if the battery still has plenty of capacity, maybe extend the runtime and that might be enough to ride through at least some outages?
What's an average power outage duration?
I'd look at changing the shutdown command from shutdown to something like rtcwake -s 3600 to restart the server in ... 1 hour?
You will probably need to play with that command a bit, but I use it for my NAS to autostart at certain times of the day.
The main point is that sync (like RAID) isn't a backup. If ransomware got in and started encrypting all your files, how would you know / protect yourself..
There's a lot of focus on 3-2-1 backups, so offsite is good, but consider your G-F-S strategy too - as long as this remote copy isn't your only long-term backup option, then sync might be ok for you
So, syncthing / rsync / etc is fine... but maybe just point it to your monthly / weekly / daily backup folder(s) rather than the main files?
You also had some other suggestions I think, like zfs / btrfs snapshots... which would be a point in time copy of your files.
Or burn the photos to DVD / Bluray and store them at the other location? No power requirements there...
I think most options have been covered here, but I'd like to consider some other bits...
User accounts & file permissions:- if you have >1 account, note that the UserID is internally numbered (starting from 1000, so Bob=1000, Sue=1001) and your file system is probably setup using the numerical UserID... so re-creating the users in a different order would give Sue access to Bob's files and vice versa.
Similarly, backing up /etc /var etc... you should check if any applications (ie databases) need specific chmod and chown settings
Rsync, tar, etc can cover some of this, you just need to check you rebuild users in the correct order.
Maybe Ansible is another approach? So your disaster recovery would be:
When you get this working, it's amazing to watch an entire system being rebuilt
Wake on LAN won't work remotely, so you'd either need to have access to a VPN at their location, or have a 2nd always on device that you can connect to and that could then WoL to your device... or... get a device with an IPMI which you remote into. (All non-VPN forms of remote connection are open to abuse)
I suspect (guess) you're not going to be able to setup a VPN, so perhaps an always on pi is going to be necessary - so maybe it'll be that with drives set to spin down when idle?
OpenMediaVault was my preferred choice until everything went docker on it which was getting too complex for a NAS... so I just created my own, which powers on at certain times of the day and off again when CPU / network IO was low enough.
Data transfer with syncthing is great, but I don't really recommend sync for snapshot backups... (consider your files are all corrupted, it'll happily sync those corruptions) but I have enough space for a few versions of my files, so in theory I can roll back, but it's cetainly not a Grandfather, Father, Son strategy.
I've not seen a list beyond the integrations page - which just lists everything and does not show which are certified or not.
Not sure why you've been down voted - I think the fossify apps are really good.
I even contribute towards their app development
Vivaldi has a CalDav Calendar built in.
If you're open to that possibility, I've been using it on both Windows and Linux laptops and works well with my radicale server.
Ansible is an automation tool to setup systems to a known desirable end state.
TBH, for a single device, it's overkill, but you seem like someone who keeps good notes and has some custom files to copy across.... you could convert your setup note into an Ansible file, and it will also copy over your custom config files.
For Ansible you define the desired outcome and it does "all" (kinda) the work for you... so... say you want Apache, MariaDB and PHP, it doesn't matter if half are installed already, or not, or their dependencies - you just say:
Do an update Install packages: A B C Copy my config files over Start the services Relax
Yep, it'll take 10 times as long to get it working up front, but the day you want to duplicate it / start on a fresh Pi / VM, it's all there for you.
I use it to setup all my Pi Zeros thr same way (they're doing BLE presence detection) and for their regular updates
I've also got some VMs setup that way
But... I tried it on a laptop and as it's a single device I just ended up setting it up manually and now the ansible script is woefully out of date... just some balanced feedback.
Thanks. No need for the setup notes (but thanks for the kind offer), it was more about the experience, but I think you've already answered my question with less surface area (I do have 1 Pi that's internet facing for Radicale)
Have you looked at Ansible? That might also cover what you're trying to do.
If I've understood you correctly, I think you'd need to link 0VDC / GND between both the system PSU and the HDD PSU, otherwise you'll get variable reference voltages for the data lines
Happy for someone else to shoot this idea down in flames, but I think the data is using absolute, not differential voltages
I went with Arch Linux on ARM for a minimal approach - did you try that?
Genuninely interested in your experience of Alpine Linux as I'd not considered it on a Pi (only VMs so far...)
If you're just looking for something to chew up CPU cycles and don't know what to host, consider something like BOINC where you're "self-hosting" (extremely loose term) scientific research, like cancer, new drugs, etc.
If they're sharing it with me, then sure, I'll add it to the folder for that party, holiday, event
Immich would scan it and faces are taken care of and if there's metadata in there, great, if not, dunno if I could be bothered to edit it... maybe date stamp if that was wildly off.
I commented elsewhere here, but E2E encryption is just between the server and the end user (ie a VPN)
You're thinking about encryption at rest, on the storage.
Immich would have to setup a whole new design to be able to store all the metadata on a per-user basis... but... you could have multiple Immich instances if you were to host it for your friends, but I think we're drifting into "why bother" now...
Well... E2E is still feasible, that's your VPN for example.
Encryption at rest is where de-dupe, search, etc, can break.
The scalability problem with FOSS is monetary and motivation.
The successful products need longterm financial security in order to plan and support their peoduct(s) - so, do we start seeing more subscriptions as corp. sponsorship fades away?
And, just like XKCD 2347, FOSS needs to step up and support the components they rely on
That's going to need some more maturity from the developers too: it's a great feeling doing something new and interesting, but - like having a pet - you can't just abandon something when you're bored of it, or too busy, without rehoming your project(s)...
That's where I see the industry needs to improve before they're really ready for the big time.
Why wouldn't this apply?
One day in the future the later version of sudo would become available...?
As far as mitigation is concerned, the only thing you need to do is to confirm that your system's sudo version is at least version 1.9.17p1 or later, which can be done with the command sudo -V. If your version is older than 1.9.17p1, update immediately.
It depends on the sync / backup software
Syncthing uses a stored list of hashes (which is why it takes a long time for the initial scan), then it can monitor filesystem activity for changes to know what to sync.
Rsync compares all source and destination files with some magical high speed algorithm
Then, backup software does... whatever.
Back in the day on FAT filesystems they used the archive bit on each file's metadata, which was (IIRC) set during a backup and reset with any writes to that file. The next backup could then just backup those files.
Your current strategy is ok - just doing an offline backup after a bulk update, maybe it's just making that more robust by automating it...?
I suspect you have quite a large archive as photos don't compress well, and +2TBs won't disappear with dedupe... so, it's mostly about long term archival rather than highly dynamic data changes.
So that +2TB... do you drop those files in amongst everything else, or do you have 2 separate locations ie, "My Photos" + "To Be Organised"?
Maybe only backup "MyPhotos" once a year / quarter (for example), but fully sync "To Be Organised"... then you've reduced risk, and volume of backup data...?