Hi there, new here and need some guidance on how to do things right for my Home NAS.
Questions:
How to correctly backup encrypted pool that contains App pool?
How to correctly restore an backup from a encrypted pool to a new encrypted empty pool?
Basically I have 2 pools in my system.
SSD Pool
Encrypted with a passphrase
Just 1 nvme SSD
App pool
Datasets with app data containing often accessed data (thumbnails, logs etc., so I minimize access to my HDD and make everything faster)
HDD Pool
Encrypted with a passphrase
2 HDDs in Mirror
Hold all “big data” like photo libraries, file backup and SMB shares
Since my SSD pool has just one drive I want to make regular backups of its state to not loose all my apps in event of failure (I have just one nvme).
How to create backup for a encrypted pool so I can then replicate them to new SSD in case of failure? and how to do the replication back.
Currently:
I have setup replication task of my whole SSD pool to my HDD pool/Backup dataset. Works fine however when I tries to replicate the data to an encrypted pool I got error that basically said that I can not replicate the files directly to encryption root, so can not move ix-apps to SSD/ but can move my Apps dateset content to SSD/Apps, which seem unlogical to me.
Anyway for all my apps I setup separate datasets for each storage in my “Apps/AppName/datasetname”, but even I did setup datasets for each storage I notice more data is outside of my Apps dataset: size of Apps dataset is 10gb but the SSD root dataset size is 20gb might be some snapshots? because I didn’t find any files using “ls”, I don’t want to store the SSD pool snapshots on it as its just 256gb.
Are you moving from SSD to HDD right?
Just create a dataset into HDD, like bkSDD, and replicate whole content here. Or you still receving error this way?
Without snapshot how you can do replication do you have created one manually?
Yes backup SSD to HDD, I have done it like so, it works there are just some inconveniences (like the original encryption from SSD is persisted but each dataset is its own encryption root, which means you have to unlock each dataset separately.)
What I have issue with is how to then restore this data to a new SSD, since its not possible to replicate something to the root (encryption root) of encrypted pool, you have to replicate it into sub-dataset (also issues like the replicated dataset will not have the correct encryption root = pool root), but this might not be an issue if there is no data outside my Apps folder (where I store all app datasets) but I am afraid there are some data stored by the system in the root of the pool (as it is the system dataset also) so maybe some system data maybe some hidden ix-apps data? Or is it not the case?
Regarding snapshots you are correct, am not familiar with how the snapshots works exactly I was hoping I can create the snapshot of a pool SSD and store it directly on the pool HDD since its 254gb disk, storage is scarse and the snapshots take extra space that could be used for the actual data, so this got me confused a little bit.
Honestly i’m not so familiar with encription, don’t wanna say something wrong, better wait someone more expert about that. In my situation, i’m replicating non encrypted datasets, using encription at task level, on a non encrypted pool… As you, need to unlock them every reboot (kinda obv). Other layout not working, so for me seems to be the only way to store data on a different system with a bit of security provided by the data encription (i’m not storing critical or sensitive data, and will be difficult that someone will steal my big Nas, so i avoid encription at all on the main system… But for the backups things are different… Spare disks, different location, small system… Who know what can happen ).
About “hidden” data, or system dataset… Coming from virtualized docker, despite the new GUI, I still feel much comfortable having all apps running on Portainer stacks, nor Portainer backupped as well and all yaml. Just a couple of mb of file, that ensure different way to restore from a disaster situation.
do you have created one manually?
).