For a server to be backed up to Megaphone Tech's standards, all of the following must be true:
- The backup must happen at least daily.
- The backup must be tested (and testable) to ensure its validity.
- The backup must be encrypted in transit and at rest.
- If the backup resides on a server outside of our control, the data must be encrypted such that those controlling the server can not read the data.
- At least one copy of the backup must be in a separate geographical location from the original data.
- Databases must be backed up using a database dump tool and stored in a backed-up area of the filesystem.
- The backup should be monitored for both successes and failure. Alerts should be generated for failed backups, and for backups that don't run.
To accomplish this, we use a modified copy of backupninja to manage the backups. It reports into our centralized Icinga2 monitoring.
The preferred back-end for backups is borgbackup, which provides for validity testing and client-side encryption.
- Assign the server to a group with the