this post was submitted on 24 Aug 2024
15 points (100.0% liked)

Self Hosted - Self-hosting your services.

11444 readers
20 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules

Important

Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!

Cross-posting

If you see a rule-breaker please DM the mods!

founded 3 years ago
MODERATORS
 

I just setup my first automated and encrypted backup with borg. It's got me thinking about other chaotic events, and how to respond accordingly. I figured now is a good time to document my infrastructure: hardware, network, a files. This way if something bad happens, like my house burns down, I or a family member has instructions for how to quickly recover data and services. Examples:

  1. If my website goes down, with my nextcloud on it, what steps do I need to take to recover the data and restore service?
  2. If my harddrive fails, how do I access lost data and reimplement redundancy after a replacement is stood up?
  3. If someone important to me needs to access encrypted files, how can that access that data and get access to the passwords/encryption keys?
  4. If my phone bricks, how to recover 2fa codes?

So I'd like to have a physical printing copy that tries to cover these emergency scenarios. Of course, I'll have digital copy around as well.

I'm focusing more on digital assets, like encryption keys, personal files and media, cloud service access, accessing inaccessible machines, how to restart/recover from self hosted service if its down, etc. I understand how much wider this document can be to include physical assets, so to start I want to start with digital infrastructure.

So my big questions: what scenarios should be documented in this disaster recovery document? What should I prepare for? The nice correlary of this is that documenting a recovery plan will force me to actually stand up the backups/redundancy needed to recover.

top 1 comments
sorted by: hot top controversial new old
[–] jet@hackertalks.com 3 points 2 months ago

Assume you're incapacitated, and somebody gets access to your recovery document. What information do they need to do what you would want them to do. Make sure all of the information is there, and all the steps are written out

https://github.com/cyphar/paperback If having your secrets written out is a little too risky, you might consider a distributed secret sharing approach. So multiple people you trust would have to coordinate to recover the archive