I keep hearing “3-2-1 is enough,” but most setups I see on forums are sloppy: one RAID array, one cloud sync, and the owner never tests restores. Is that actually safe for a home server with photo archives, VMs, and a few self-hosted services?
What I’m thinking as a practical, budget-forward plan: run ZFS on a low-power box with ECC RAM if possible for the main dataset, take frequent local snapshots, use restic or borg to do encrypted, deduplicated backups to a cloud (Backblaze B2 or S3-compatible) plus optionally rsync to a second cloud or an encrypted external drive stored offsite monthly. Automate snapshot pruning, run regular ‘restic check’ and do scheduled restore drills (restore at least one VM and a handful of random files once a quarter). Add a UPS and test boot-from-image restore for the whole server at least twice a year.
Can folks smarter than me point out the fatal flaws here, or suggest simpler alternatives that actually get people restoring successfully? Specifics I’d love: recommended small-hardware builds for a ZFS NAS on a budget, exact backup stacks (restic vs borg vs duplicati vs rclone), how often to verify, and a foolproof way to keep an offsite copy without paying two cloud providers.
I can say that is more than some companies do, yes you need 2 copies of import data in 2 locations. And test the backups work at least monthly.
Where I work we do the same sort of thing, incremental database backups hourly and then shipped to off site s3. A full database backup everyday day and shipped to off site s3, test restores every month to check it works - a full plus incremental.
This gets gets us past all the audits for ISO and cyber essentials and the NHS thing.
What’s your risk tolerance? If every moment of data is irreplaceable, there’s so much more you could be doing
If this is just like… Your data, you’re already doing a paranoid amount
If your data is local and backed up in the cloud, your house could burn down or the cloud could accidentally delete your data. If both those things happen at the same time, I guess you could lose your data. That’s a freak accident. Having another backup of any kind is unreasonable, and a second freak accident is borderline impossible
The first backup is smart, but diminishing returns kick in quick
You’re doing far, far more than the average person. This is way more than enough unless you’re harboring government secrets
My off-site is an old laptop plugged into my sister’s router. I connect to it through tailscale.
3-2-1 is fine. Your idea is robust, and far more than most would do for home systems. My home, for instance, is the gauntlet. If you go down you are either being respun from scratch or shelved. Photos go from phones to a single cold storage device and thats it. The rest is just living in the ecosystem by the seat of its pants.
