Reasonable Options for Backing Up A NAS in 2021

What are your reasonable options for backing up a 16TB NAS in 2021?

External Hard Drive?

Pros:

  • Interface Portability. You do not need any new software or hardware.
  • Ability to reuse older hardware: Assuming you have a used drive large enough to hold all your backups.

Cons:

  • Interface instability: USB3 drives especially are bad at this. The adapters are usually not designed to handle the multiple hours of uptime necessary to complete backing up multiple terabytes of data.
  • Transfer speeds: Most USB3 drives are not designed for performance. Even custom enclosures with reasonable drives in them usually struggle to keep a sustained write speed of 100MB/s.

Tape?

Pros:

  • Very reliable: Most tapes will probably outlast the drives that created them.

Cons:

  • Expensive: LTO-4 drives are several grand apiece, including used models. LTO-5 or LTO-6 is even more expensive, and LTO-5 or LTO-6 will be needed for most users with a NAS.
Continue reading "Reasonable Options for Backing Up A NAS in 2021"

Matomo: Impressive and Useful

I discussed migrating from Google Analytics and Jetpack to Matomo in a previous post. However, I haven’t used it for a significant amount of time. I am finding it very useful.

There are two ways you can self-host Matomo. As a plugin for WordPress or as an independent web application. The WordPress plugin is the most accessible and most straightforward option for analytics on one WordPress installation. However, if you administer more than one website, the dedicated web application is a better option.

The only real difficulty I ran into was getting GeoIP working. That is due primarily to a lack of Debian packages for the correct PHP extension and no clear subheadings for system managed updates of the GeoIP databases.

#Assuming Matomo installed at /var/www/html/matomo
#Assuming geoipupdate places the databases in /usr/share/GeoIP/
cd /var/www/html/matomo/misc/
for DB in `ls /usr/share/GeoIP/*.mmdb`
do
ln -s /usr/share/GeoIP/$DB ./
done
#All .mmdb databases are now linked to the system databases updated by geoipupdate.

–Robert

Continue reading "Matomo: Impressive and Useful"

Automatically Starting Exactly One ssh-agent

I use SSH keys to protect all of my SSH logins. The following shell code starts only one ssh-agent and adds all ssh-keys to that agent. I recommend adding it to your ~/.bashrc file, so the proper environment variables are set up.

if [ `ps -C ssh-agent | wc -l` -ne 2 ]; then
  ssh-agent -a $HOME/.ssh/agent.sock > $HOME/.ssh/agent.env
  source $HOME/.ssh/agent.env
  for key in $HOME/.ssh/*.pub; do
    pkey=`basename -s .pub $key`
    ssh-add $HOME/.ssh/$pkey
  done
fi
Continue reading "Automatically Starting Exactly One ssh-agent"

Upgrade WordPress’ Password Hashing

WordPress and several other pieces of web software written in PHP are notorious for using old and broken algorithms for securing passwords. If you are using a PHP version of 5.5 or newer, you should get okay security by default. However, even phpass’ developers recommend not using their software if you can use PHP 5.5 or newer. I strongly suggest installing and enabling the PHP Native password hash plugin, especially if your WordPress install was ever run on any of the PHP 5 family. The plugin’s two most significant advantages are it actually gets updated to include new, more robust algorithms, and it automatically migrates passwords to the newer algorithms on login.

Continue reading "Upgrade WordPress’ Password Hashing"