From 8a98ddb46c16b8e97e1b5a654e2bb73bdc78e133 Mon Sep 17 00:00:00 2001
From: Franck Cuny <franck@fcuny.net>
Date: Mon, 30 Jun 2025 14:59:29 -0700
Subject: add some docs about backups

---
 docs/backups.org | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 docs/backups.org

(limited to 'docs/backups.org')

diff --git a/docs/backups.org b/docs/backups.org
new file mode 100644
index 0000000..605ba55
--- /dev/null
+++ b/docs/backups.org
@@ -0,0 +1,13 @@
+* General
+Backups are managed with =restic= and are stored directly to a Google Cloud Storage Bucket.
+
+Access to the bucket is managed via service account.
+
+Each machine has its own repository.
+
+There's a single password for all the repositories, it's managed with =agenix=, and the file is under secrets (=restic_password.age=). The service account key is stored in JSON and also encrypted with =agenix=.
+
+|-----------------+----------------------|
+| bucket          | [[https://console.cloud.google.com/storage/browser/fcuny-backup/vm-synology/data/c1?pageState=(%22StorageObjectListTable%22:(%22f%22:%22%255B%255D%22))&inv=1&invt=Ab1hkA&project=fcuny-backups-464518&supportedpurview=project][fcuny-backup]]         |
+| project         | fcuny-backups-464518 |
+| service account | [[https://console.cloud.google.com/iam-admin/serviceaccounts?inv=1&invt=Ab1hkA&project=fcuny-backups-464518&supportedpurview=project][restic]]               |
-- 
cgit v1.2.3