I could use some help trying to refine how I have Duplicacy configured based on best practices people have found for the subjects in the title. Posting here after not finding the feedback I need after searching; apologies in advance if I missed this somewhere else.
-
I have several shares on my Unraid server I’m backing up to a cloud service. Are there any recommendation (or examples) people can share on naming backup IDs?
-
I learned that it’s possible to backup under the same ID but without some naming examples I don’t understand when that would be relevant or what’s happening behind the scenes.
-
I’m finding a difference in opinion on encrypting backup data. Other backup applications I’ve read about is clearer on the reasons in doing so because the data being backed up is a 1-to-1 backup. What is the consensus or best practices on the need for encryption?
When originally configuring it seemed like some people aligned to the below and opted to not encrypt as there is some level of password protection on the files.
Summary of what I’ve read
When you configure a storage in Duplicacy, you supply a unique storage name along with a password. This storage password is not necessarily the same as the backup encryption password (used to encrypt the actual data chunks), though it can interact with encryption setups. Here’s what the storage password is used for:
-
Securing Repository Metadata:
The storage password is used to protect the backup repository’s metadata (such as indexes and manifest files). This ensures that only someone who knows the password can perform operations on that repository—like running backups, restores, or prunes. -
Access Control:
It acts as an access control mechanism. By requiring a password, Duplicacy prevents unauthorized users or processes from modifying or accessing the storage. Without the password, you cannot manipulate or view the repository details. -
Consistency Across Operations:
The storage password ensures that all operations performed (backup, copy, check, or prune) are consistent and secure. It’s used internally to verify that you’re working with the correct repository and to maintain the integrity of the backup history. -
Not Directly Encrypting the Backup Data (Unless Combined with Encryption):
While Duplicacy offers backup encryption (which encrypts the actual data stored on the repository), the storage password itself secures the repository’s management and metadata. If you’re not encrypting your backup data, the storage password still protects the backup configuration and operations. However, in setups where backup encryption is used, you will specify an encryption password separately during the backup process.