Configure datastore:
- Name:
backup - Path:
/backup
Configure prune jobs:
- Name:
daily- 7 - Name:
weekly- 4
Configure backup user:
- Username:
backup - Realm:
pbs - Permissions:
Datastore: backup, Role: DatastoreBackup
Configure notifications like in Proxmox VE.
- Hosted on
pve0 - Replicated to
pve1at06:00(after daily backups)
See Terraform definition for container specification.
- Container
pbstousb1storage at01:30with keep last set to7. Recovery for this container must be possible without Proxmox Backup Server running. - All VMs/containers except
pbstopbsstorage at02:00
- Vaultwarden - GCS, already encrypted, don't encrypt again to avoid chicken-egg problem
- Home Assistant - encrypted GCS
- Omada Software Controller - encrypted GCS
- Paperless NGX - encrypted GCS
- Immich (TODO: encrypted GCS)
- Gramps (manual on GCS: TODO: move to encrypted GCS)
Rclone Ansible role configuration for backup on Google Cloud Storage (GCS) and Google Drive.
GCS:
rclone_gcs_configs:
- name: backup
properties:
access_key_id: "REDACTED"
secret_access_key: "REDACTED"
rclone_jobs:
- name: backup
src: "/path/to/source"
dest: "backup:BUCKET_REDACTED/destination_folder"GCS encrypted:
rclone_gcs_configs:
- name: gcs
properties:
access_key_id: "REDACTED"
secret_access_key: "REDACTED"
rclone_crypt_configs:
- name: backup
properties:
remote: "gcs:BUCKET_REDACTED"
password: "REDACTED"
password2: "REDACTED"
rclone_jobs:
- name: backup
src: "/path/to/source"
dest: "backup:/destination_folder"Google Drive:
rclone_drive_configs:
- name: backup
properties:
root_folder_id: "REDACTED"
client_id: "REDACTED"
client_secret: "REDACTED"
token: 'REDACTED'
rclone_jobs:
- name: backup
src: "/path/to/source"
dest: "backup:"