As I previously mentioned I have been working on setting up an securing my backups. This is a task that has got me thinking of how the backups should really be managed.

At first I was thinking of using a software raid under debian in order to secure the data with some fault tolerance but then I had a small discussion with my brother who dissuaded me from going down that path. His reasoning was that my data changes to seldom to really benefit from a true raid. Instead one could utilise a local execution of the command “rsync -ra” or something similar in order to copy the information from one drive to the other.

After some thinking I came to the conclusion that due to the risk of data pollution when connecting the backup to a possibly infected computer it is best to maintain two separate backup drives. One which is exposed through my samba connection and one which is periodically copied from the exposed drive. This may prevent a possible attacker from locking or destroying my data.

With that said, today I set up my exposed drive for backups over samba. To set up a new samba accessible folder one firstly needs to make sure the owner/group of the shared folder is correct and then one could take a stab at adding it to the shares by editing the file “/etc/samba/smb.conf”

[datastore0] # The name data store may be chosen as one see fit
  comment = Exposed data store share
  path = /datastore/d0
  writable = yes
  valid user = myuser

And this my share was public and all was good. At least, I hope so, but who knows.

I have been looking for a way to securely store my backups for a long time but I never actually wanted to take the time to set something up. Now though I have taken some time to set up my backups properly.

By properly managing backups I mean adding at least one level of redundancy and I want to do this automatically using RAID 1. Since my backup server box do not support hardware RAID, I will be using debian software RAID.

In my box, which is a HP Proliant N54L, I will be using two WD RED 2TB disks which will be running in RAID 1 mirror mode.

Configuring the disks for optimal support

It took me a while to get to a point where I was satisfied but I settled with the method described Setting up WD RED for initialising my original disk. That is a single one of the WD RED disks. I used the partitioning scheme GPT just for the sake of it. MBR is ooold 😛

Basic steps were as follows after installing the parted package:

# parted -a optimal /dev/sdb
[parted] mklabel gpt
[parted] print
[parted] mkpart primary ext4 0% 100%
[parted] print
[parted] quit

# mkfs.ext4 /dev/sdb1

The final steps involved editing the “/etc/fstab” file which is pretty straight forward once you check out the format.