Hiddenden/Knowledge-Base
2
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

first version of the knowledge base :)

Browse Source
This commit is contained in:
Latte
2026-03-14 11:41:54 +01:00
commit 27965301ad
47 changed files with 4356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
30 - Systems/homelab/backup-architecture.md Normal file
View File

@@ -0,0 +1,64 @@
---
title: Backup Architecture
description: Reference backup architecture for self-hosted services, data, and infrastructure components
tags:
- backup
- architecture
- self-hosting
category: systems
created: 2026-03-14
updated: 2026-03-14
---
# Backup Architecture
## Summary
A backup architecture defines what is protected, where copies live, and how recovery is validated. In self-hosted environments, the architecture must account for application data, infrastructure configuration, and the operational steps needed to restore service safely.
## Why it matters
Many backup failures are architectural rather than tool-specific. Storing copies on the wrong system, skipping configuration, or never testing restores can make an otherwise successful backup job useless during an incident.
## Core concepts
- Multiple copies across different failure domains
- Separation of live storage, backup storage, and off-site retention
- Consistent backups for databases and stateful services
- Restore validation as part of the architecture
## Practical usage
A practical backup architecture usually includes:
- Host or VM backups for infrastructure nodes
- File or repository backups for application data
- Separate backup of configuration, Compose files, and DNS or proxy settings
- Off-site encrypted copy of critical repositories
Example model:
```text
Primary workloads -> Local backup repository -> Off-site encrypted copy
Infrastructure config -> Git + encrypted secret store -> off-site mirror
```
## Best practices
- Back up both data and the metadata needed to use it
- Keep at least one copy outside the main site or storage domain
- Use backup tooling that supports verification and restore inspection
- Make restore order and dependency assumptions explicit
## Pitfalls
- Treating snapshots as the only backup mechanism
- Backing up encrypted data without preserving key recovery paths
- Assuming application consistency without database-aware handling
- Skipping restore drills for high-value services
## References
- [restic documentation](https://restic.readthedocs.io/en/latest/)
- [BorgBackup documentation](https://borgbackup.readthedocs.io/en/stable/)
- [Proxmox VE Backup and Restore](https://pve.proxmox.com/pve-docs/chapter-vzdump.html)