Hello guys
I am currently evaluating a switch from Synology to TrueNAS. This comes with a lot of questions on how to handle my use cases, but one use case is very important, backups.
Coming from Synology DSM, I am used to HyperBackup. I would set up a local backup task to a local USB HDD, set contents, schedule and an encryption password. The same for a remote backup, basically rsync over SSH, but in a Synology flavor with remote vault application. So the source is unencrypted, but the backup files are encrypted. I then can restore whole folders or single files, in place or somewhere else. The backup is browse-able on the source system or on the destination, but needs the password or key file in both cases.
So, I would like something like this with TrueNAS. I would be using 2 TrueNAS instances in 2 different locations connected by VPN. I am mainly not sure if I am on the right track because snapshots and replica feels kinda off. Sure the snapshot are really nice, even exposing them as Shadow Copies is excellent. The replica part is what I am struggling with.
- How can I encrypt it in the destination, so that the destination has no was to access it with out the key?
- How would partial restores or file level restores locally and from remote work?
- Could I implement backup rotation, like grandfather-father-son, keep monthly backup for years, weekly for months and daily backups for weeks?
- Are the local snapshots and remote replicas secure from malicious alteration?
Maybe snapshots and replicas are not the right way to do this on TrueNAS, maybe I am trying to implement something that should be done completely differently with TrueNAS. It currently just does not fit in my mind, something seems off.
I appreciate any input.