aboutsummaryrefslogtreecommitdiff
path: root/docs/backups.org
diff options
context:
space:
mode:
Diffstat (limited to 'docs/backups.org')
-rw-r--r--docs/backups.org18
1 files changed, 10 insertions, 8 deletions
diff --git a/docs/backups.org b/docs/backups.org
index 605ba55..f9906f1 100644
--- a/docs/backups.org
+++ b/docs/backups.org
@@ -1,13 +1,15 @@
* General
-Backups are managed with =restic= and are stored directly to a Google Cloud Storage Bucket.
+Backups are managed with =restic= and are stored locally and also on a Google Cloud Storage Bucket. These are two different backups, they are executed at different time, and there should be no assumptions that they are identical.
-Access to the bucket is managed via service account.
+There's a single password for all the repositories, it's managed with =agenix=, and the file is under secrets (=restic_password.age=).
+** Remote backup
+Access to the bucket is managed via service account. Each machine has its own repository.
-Each machine has its own repository.
+The service account key is stored in JSON and also encrypted with =agenix=.
-There's a single password for all the repositories, it's managed with =agenix=, and the file is under secrets (=restic_password.age=). The service account key is stored in JSON and also encrypted with =agenix=.
+| bucket | [[https://console.cloud.google.com/storage/browser/fcuny-infra-backups;tab=objects?forceOnBucketsSortingFiltering=true&hl=en&inv=1&invt=Ab2J4Q&project=fcuny-infra&prefix=&forceOnObjectsSortingFiltering=false][fcuny-infra-backups]] |
+| project | fcuny-infra |
+| service account | [[https://console.cloud.google.com/iam-admin/serviceaccounts/details/118261378048653759345?inv=1&invt=Ab2J-w&project=fcuny-infra&supportedpurview=project][restic]] |
-|-----------------+----------------------|
-| bucket | [[https://console.cloud.google.com/storage/browser/fcuny-backup/vm-synology/data/c1?pageState=(%22StorageObjectListTable%22:(%22f%22:%22%255B%255D%22))&inv=1&invt=Ab1hkA&project=fcuny-backups-464518&supportedpurview=project][fcuny-backup]] |
-| project | fcuny-backups-464518 |
-| service account | [[https://console.cloud.google.com/iam-admin/serviceaccounts?inv=1&invt=Ab1hkA&project=fcuny-backups-464518&supportedpurview=project][restic]] |
+* Managing backups
+The path to the repository and the password file are exported as environment variables, to make it easier to interact with the backups.
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 12:07:24 +0000