Here is an article I wrote for using the CLI to backup to Storj Cloud (beta, re-writing sections)

https://backuptutorial.hashnode.dev/creating-secure-backups-with-storj-cloud-storage-and-duplicacy-for-free

Let me know what ya’ll think!

Duplicacy supports storj properly. Via access grant. There is no reason to revert to S3.

1 Like

I’m rechecking to see if I can find it.

Ok, I went back to my account and created new access grant with API.

I got a Satellite address and API key but it’s not working.

This is the format I used:

storj://satellite/bucket/path.

I get the error, “incorrect usage”.

Using Storj as S3 storage actually works so I’m not sure what the advantage of trying to use it natively is.

Not sure why things are flaky on my end. But I created a second API key and now it’s working!

Thanks

With all respect, but expertise, including on this topic, need to be gained before you embark on writing an article on the topic. Otherwise what’s the value of yet another write up on how to connect duplicacy to generic S3?

If you mention storj in the title — it would be useful to explain storage grants, passcodes, relation to S3 credentials and buckets, benefits of decentralized storage, drawbacks of S3 gateway, because stor’s documentation is a bit muddy at the moment.

Or remove storj from the title of your write up and use Amazon S3 endpoint as an example.

Because as of today your well typeset article lacks substance.

I’m rewriting it to implement some of your suggestions.

1 Like

This has been updated and completed. Any feedback is welcome!

1 Like

Awesome! I would be extra nitpicky, but … you did ask for any feedback :slight_smile: So here we go! (please do feel free to disregard most of it, or not :slight_smile:

Nov 15, 2022

Add timestamp when it was edited. People who come back to your blog will appreciate indication that the article written 3 years ago was actually updated last week and is therefore still relevant and no longer stale.

We’ll be using the CLI version for this tutorial and backing up to Storj cloud storage. Duplicacy can backup to any S3 compatible cloud storage.

Remove last sentence. You have already mentioned that it can support a variety of storages. S3 is not even relevant in this context

Download the latest version for your system. Currently the latest version is version 3.1.0 .

You can describe how to get the stable and local versions instead:

curl https://duplicacy.com/latest_cli_version
{"latest":"3.0.1","stable":"2.7.2"}

Rename the file to duplicacy .
Move the file to the /usr/bin directory.

I would symlink the duplicacy, instead of copying, and not into /usr/bin/ but /usr/local/bin

The location where your backup will be stored is called the storage url

URL == Uniform Resource Locator. Storage location cannot be called Locator.

The duplicacy init command is used to initialize the storage location and the backup directory.

Make this a link to documentation for init command

duplicacy init -e 

No need for -e here. Storj storage is already encrypted with the key you provide. No reason to use two levels of encryption, and one more password to manage.

The <storage url> refers to the storage location for your backup job.

Remove “for your backup job”. It sounds like it’s specific to your backup job. it isn’t.

StorJ

STORJ or Storj

Too much advertising for Storj. You can remove it.

  1. Create a new storage bucket. You will also be prompted to create a passphrase.

Talk about what to do with this passphrase (discard it)

dialog box after matching the following:

Why give access to all buckets?

duplicacy restore -storage storjphotos -stats -r 1 *.png

... -r 1 -- '*.png'
  1. Always quote input. You want to pass * to the argument, not expand it in-place.
  2. add --, you never know if people will have - in their pattern.

Generally, great progress. But I would further compress the content to focus on the topic. Remember, “perfection is finally attained not when there is no longer anything to add, but when there is no longer anything to take away.” It was said in relation to airframe design, but is perfectly applicable to blog posts.

BTW, storjlabs redesigning the bucket creation workflow… so I would avoid putting screenshots to the article, it won’t age well. Instead, point to their documentation of how to do that; this will help make the actual points you are making standout better by reducing the size of the article and avoiding important points – the reason you wrote the article – drown in a derivative retelling of existing documentation.

1 Like

Thanks for the feedback. I went through the entire list and made adjustments as suggested.

The only thing I didn’t do is add the curl section yet since I thought it was confusing.

Let me know what you think now!

1 Like

Here is the domain name link:

LGTM. There are some style inconsistencies, such as:

API key is sometimes bolded with copy type, and sometimes code block;


Options are sometimes quoted with - and sometimes without,

missing commas and articles

require a license but the

“require a license, but the”

And general usability things like this one:

There are plenty of unused space on the left and right, and yet, the reader is forced to scroll in a tiny window.

Hi,

I addressed all of your concerns except for the “tiny code” windows that scroll. This is a limitation of the code editor that hashnode uses. I may look into seeing if I can change that at some point.

I fixed everything you noted. I ran this last revision through Grammarly and it can’t find anything wrong from a grammar viewpoint.

Thanks for taking the time for providing value feedback.

Let me know what you think now.

I’m proud of the end result at the moment

Hopefully this is complete now!

Few more things:

1



There should be a way to set language for the code blocks. Whatever is set now is wrong: it highlights wrong things and all over the place. You probably want something like:

```commandline
text
```

or even
```shell
text
```

2

vs

: “J” seems to have a stroke in the heading

3

Currently the latest version is version 3.1.0 .

“Currently, the latest version is 3.1.0”. Comma and repeated word “version”.

4

  • Objects are automatically encrypted using AES-256-GCM encryption.

Per the whitepaper, storj uses “Our encryption choice is authenticated encryption, with support for both the AES-GCM cipher and the Salsa20 and Poly1305 combination NaCl calls “Secretbox””

5

Since you will use an API key, this is not needed.

No no no no no! You don’t need duplicacy’s encryption, the one that wrap dupicacy encryption keys with a passphrase you provide via -e argument. You absolutely do want to provide the passphrase for the storage grant. See here: Add a storage backend for Storj · gilbertchen/duplicacy@6009f64 · GitHub

I’m surprised it worked for you like that: You are essentially encrypting your storj data with empty passphrase, which is not very unqiue. I’m not sure if duplicacy shall enforce non-trivial passphrases, probably not. But empty passphrase is never secure.

6

The variable key needs to be all lowercase and with double quotes. The value variable needs to be in single quotes.

Why such quote discrimination and enforcement? Also, this directly contradicts examples that follow:

Single vs double quotes have a very well-defined meaning in the shell. Here probably all quotes shall be single.

That said, saving credentials in duplicacy .preferences files may not be ideal. Keychain is much safer, and duplicacy fully supports it.

Completed you suggestions!

Let me know!

We’re getting close!

Duplicacy is a state-of-the-art backup tool with extensive cloud support and client-side encryption.

I think later, when you omit the -e, and initialize the repository without using the encryption you have just advertised, it’s worth pointing out explicitly why.

$ wget https://github.com/gilbertchen/duplicacy/releases/download/v3.1.0/duplicacy_linux_x64_3.1.0

$ mv duplicacy_linux_x64_3.1.0 duplicacy

$ sudo mv duplicacy /usr/local/bin/

You can reduce this further. Either wget -O or rename while mv. Or even wget straight to /usr/local/bin .

chmod +x duplicacy_linux_x64_3.1.0

chmod 755 duplicacy

The first one has no effect — you are nuking everything it did with the second.

Remove the second.

Change the file permissions.

You are not changing ACLs here. You are changing modes.

The storage URL is the location of the backup.

The refers to the storage location for the backup job.

You say it twice in the span of four sentences.

Storj is a cloud provider with decentralized storage built for performance with an open-source architecture.

This sentence reads weird.

Maybe “The Storj cloud provider offers decentralized storage built for performance with an open-source architecture.”

To backup data via Storj,

via → to.

Copy and paste in your API key.

Enter a passphrase.

Why not copy-paste both? Is there a reason for a distinction on the methods to input data? Moreover it’s more important to copy paste the passphrase. Because if you make a mistake in an api key — it won’t work. But if you make a mistake on a passphrase it will work, with wrong passphrase. Something that you will discover come restore time.

The duplicacy set command allows you to store your keys and passphrase in the configuration file to avoid manually inputting them when backing up or restoring files.

Mention keychain. It’s much better way to handle credentials instead of cramming them to the configuration file in the plaintext.

Setting this will allow you to automate your backups with bash scripts and schedule them via cron jobs.

So does storing them in the keychain. And in modern OSes you probably want to use other schedulers that are more flexible, such as systemd, launchd, etc.

duplicacy restore command

The stuff you bold shall be instead links to existing documentation.

See more details about this option here.

Linking in the context will avoid these crutches too, this whole sentence is redundant if you hyperlinked the “restore command” above. (Linking “here” is considered a bad form)

Also, link to a wiki, not a forum post: restore · gilbertchen/duplicacy Wiki · GitHub

s3

Why is the post tagged S3?

Few comments here:

  • Print the article on paper and read it. This will force you to look at it from a different angle and you will see anything that can be improved. It’s very hard to see mistakes on the same medium you made them on — if you could see then you would not have made them :slight_smile:
  • there is a saying in my native language that loosely translates to “renovations are impossible to complete, they can only be ceased”. What I’m trying to say is that if you keep asking for my feedback I’ll be providing it, and ultimately your article will reduce to two links to documentation - storj and duplicacy. At which point those links will also go away and the post will become — “folks, do try duplicacy with storj”, which would be more appropriate for twitter.
  • Think about who is your target audience, and what problem — in the existing documentation, or awareness, or completeness — your post is aiming to solve. This will shape the narrative. Because right now it’s not clear.

I addressed most of these. I appreciate all the time you spent but I’m not expecting you to have to do it all of the time since I know it is time consuming.