blob: 605ba55c2ae35346e39d9eb4b40767a9f4205e8b (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
|
* General
Backups are managed with =restic= and are stored directly to a Google Cloud Storage Bucket.
Access to the bucket is managed via service account.
Each machine has its own repository.
There's a single password for all the repositories, it's managed with =agenix=, and the file is under secrets (=restic_password.age=). The service account key is stored in JSON and also encrypted with =agenix=.
|-----------------+----------------------|
| bucket | [[https://console.cloud.google.com/storage/browser/fcuny-backup/vm-synology/data/c1?pageState=(%22StorageObjectListTable%22:(%22f%22:%22%255B%255D%22))&inv=1&invt=Ab1hkA&project=fcuny-backups-464518&supportedpurview=project][fcuny-backup]] |
| project | fcuny-backups-464518 |
| service account | [[https://console.cloud.google.com/iam-admin/serviceaccounts?inv=1&invt=Ab1hkA&project=fcuny-backups-464518&supportedpurview=project][restic]] |
|
