Suggestions for encrypted backup vps strategy

Can I get some suggestions on best practices for backing up and restoring an entire vps? Encrypted so that the data is somewhat secure while it’s sitting on a remote backup storage space.

I read the Virtualmin documentation on migrating to a new server. I believe that it requires installing the OS, then Virtualmin, then setting up the vps the way you want, before restoring the Virtualmin servers to the new vps.

In terms of data encryption, I guess the Virtualmin backup are only zipped. So if someone got a hold of the backup, they could unzip it and then be able to look at the data without too much trouble?

Are there any folks who create an encrypted backup of the entire vps to some remote backup server, say BackBlaze, and then when it’s time to restore, use that BackBlaze backup to restore the entire vps. Thus saving a bunch of time rather than starting from scratch/bare vps?

Specifically, here’s a process that uses gocryptfs to create an encrypted backup:

Your thoughts would be appreciated.

OS type and version Debian 10
Virtualmin version 6.17-3

In my research further into backup, I found a possible solution (still have to see if it restores an entire vps) with hashbackup. Hashbackup encrypts the data in 100Mb chunks of files named arc.0.x, so encryption is by default built-in.

This 2016 article (I couldn’t find a followup restore article) outlines how to use inex.conf to exclude directories in the backup, and the dest.conf to specify the backup destination (quite easily integrates with a Backblaze B2 bucket given the keyid, app key, and bucket name.

I have to find out and test how to restore the entire vps.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.