• 0 Posts
  • 1 Comment
Joined 9 months ago
cake
Cake day: October 17th, 2025

help-circle
  • You’ve made a great start. How much further you go depends on your needs and threat model.

    Rsync is ok as a start but there are dedicated backup tools that will give you access to your files at any point in time. This is important if you delete a file and later need it back after an rsync has already run and deleted it remotely too.

    Rsync will not encrypt your backups. If a burglar takes your Pi will they have easy access to all your files too?

    With rsync+ssh you are also vulnerable to either yourself (more likely) or a rogue process on your own machine deleting the files over ssh (e.g. ransomware attack).

    The answer to that is append-only backups. A backup tool like restic has a backend you can host that does exactly this:

    The --append-only mode allows creation of new backups but prevents deletion and modification of existing backups. This can be useful when backing up systems that have a potential of being hacked.

    https://github.com/restic/rest-server

    Take a look at restic to see what else you gain from switching to a dedicated tool versus rsync:

    https://github.com/restic/restic#design-principles

    There are others too such as borg.