Before I start this simple blog post you should be aware that:

Now that has been said, let's start with the super basics. Do you know Tarsnap is? No? Ok, let's get you started.

  1. Install ACTS and tarsnap.

    # pkg install acts


    # cd /usr/ports/sysutils/acts && make install clean
  2. Go sign up for an account and deposit $5.

  3. Generate a key for backup. The key is specific to this machine. Give the machine parameter a name that is recognizable to you.

    # tarsnap-keygen --keyfile /root/tarsnap.key --user --machine
    Enter tarsnap account password:
  4. Backup /root/tarsnap.key. I'll wait for you to put a copy somewhere safe. Put it in your Keypass, 1Password, print it off and put it in a safe, or whatever you normally do here. (You do keep a copy of these important things in meatspace, right?)

  5. Configure what you want it to backup. Here's one of mine:

    # vi /usr/local/etc/acts.conf
    backuptargets="etc home root usr/local/etc usr/local/www"
  6. Setup a cron entry so this happens daily.

    15      23      *       *       *       root    /usr/local/bin/acts
  7. Run your first backup.

    # acts
    Creating yearly backup
    Backing up etc...
    Backing up home...
    Backing up root...
    Backing up usr/local/etc...
    Backing up usr/local/www
    acts run took 23 seconds

Ok, whew, that was easy. Now you have a yearly backup. Next run it will generate a monthly, then start doing dailys.

At this point you're done. Your data is safely backed up and even deduplicated.

Want to make a key that can only be used to do backups but cannot be used to delete them? How about advanced techniques for data restoration? Passphrase protecting keys? Curious about implementing more advanced backup strategies? You could read the man pages and scrape the internet for tips, or you can just buy the book that has already done all the hard work for you.

Now go on with your life. Your data is safe from even the NSA.