First off, I just started using Synology today so forgive me if I have missed something obvious.
My goal is to have encrypted backups on some cloud provider (S3, GCS, B2, etc.) and to be able to periodically restore those backups back to the Synology (or other Linux machines) for verification and disaster recovery. To that end, I've created a shared encrypted folder on my btrfs system, added a few files and enabled hourly snapshots using the Snapshot Replication package.
The Snapshot Replication application only supports replicating to another DSM machines or to another local volume. I have neither, but it is fairly easy for me to write a script to find the scheduled snapshots (
The trouble comes when I try to restore these snapshots on the DSM machine. The only thing I've been successful with is adding the snapshot to the "source" shared folder (with encryption), and and messing around with the
Then I update the
The caveat here is:
1) The snapshot had to come from one of the schedule snapshots or via
2) When I import it back I have to manually create the entry in
3) I can't get it to work if I add the snapshot to a different shared folder.
I'd like to be able to send a snapshot away to a cloud provider, delete the shared folder and then restore from a snapshot into a new folder. I've gotten it to the point where a) the snapshot fails to restore (e.g. if I change the name of the snapshot to a non-timestamp value) and b) to the point where decryption fails with the wrong password.
For a) are there logs where I can see the error message?
For b) I'm not very familiar with eCryptFS but I understand that there are 'key files' involved. Is it possible that I need to come up with a solution for backing these up and putting them back in the correct place somewhere on the DSM system?
My goal is to have encrypted backups on some cloud provider (S3, GCS, B2, etc.) and to be able to periodically restore those backups back to the Synology (or other Linux machines) for verification and disaster recovery. To that end, I've created a shared encrypted folder on my btrfs system, added a few files and enabled hourly snapshots using the Snapshot Replication package.
The Snapshot Replication application only supports replicating to another DSM machines or to another local volume. I have neither, but it is fairly easy for me to write a script to find the scheduled snapshots (
btrfs sub list /volume1/@sharesnap
) and use btrfs send
to upload them to a cloud provider.The trouble comes when I try to restore these snapshots on the DSM machine. The only thing I've been successful with is adding the snapshot to the "source" shared folder (with encryption), and and messing around with the
@[email protected]
to get the snapshot to show up in the UI. At that point I could use the "Clone to a New Name" option to recover the share and decrypt it.
Code:
$ btrfs send -f volume1/tmp/test.file /volume1/@sharesnap/@documents@/GMT-2019.04.24-22.15.02
$ synosharesnapshot delete documents GMT-07-2019.04.24-22.15.02
$ btrfs receive -f volume1/tmp/test.file /volume1/@sharesnap/@documents@
$ btrfs show /volume1/@sharesnap/@documents@/GMT-2019.04.24-22.15.02 | grep UUID
UUID: bf0dddd4-c18e-7445-9d03-ce0453a094c6
Parent UUID: -
Received UUID: b48f7cd8-fd0c-e34e-b4cf-ac9cafca1336
@[email protected]@
file to contain this record:
Code:
echo "
[GMT-07-2019.04.24-22.15.02]
hide=false
take-by=/usr/syno/sbin/synosharesnapshot
schedule_snapshot=true
lock=false
desc=Snapshot added by devoid
ruuid=b48f7cd8-fd0c-e34e-b4cf-ac9cafca1336
snap_size=37797888
" >> /volume1/@sharesnap/@[email protected]
# Also to sync the reported number of snapshots to the actual number (not strictly necessary)
$ synosharesnapshot snapcout sync documents
The caveat here is:
1) The snapshot had to come from one of the schedule snapshots or via
synosharesnapshot create
.2) When I import it back I have to manually create the entry in
@[email protected]
like before.3) I can't get it to work if I add the snapshot to a different shared folder.
I'd like to be able to send a snapshot away to a cloud provider, delete the shared folder and then restore from a snapshot into a new folder. I've gotten it to the point where a) the snapshot fails to restore (e.g. if I change the name of the snapshot to a non-timestamp value) and b) to the point where decryption fails with the wrong password.
For a) are there logs where I can see the error message?
For b) I'm not very familiar with eCryptFS but I understand that there are 'key files' involved. Is it possible that I need to come up with a solution for backing these up and putting them back in the correct place somewhere on the DSM system?