zfs external backup drive with snapshot and encryption
Get device id
$ ls /dev/disk/by-id -alh
...
lrwxrwxrwx 1 root root 10 okt 24 06:06 ata-WDC_WD10EZEX-08M2NA0_WD-WMC3F1471486-part4 -> ../../sda4
...For example, I'm going to use /dev/disk/by-id/ata-WDC_WD10EZEX-08M2NA0_WD-WMC3F1471486-part4
Setup disk encryption with LUKS
setup LuKS
$ sudo apt install cryptsetup
$ cryptsetup luksFormat --cipher aes-xts-plain64 --key-size 512 --iter-time 10000 --use-random -y /dev/disk/by-id/ata-WDC_WD10EZEX-08M2NA0_WD-WMC3F1471486-part4--cipherencryption algorithm--key-sizeencryption key size--iter-timeNumber of millisecond to spend P8KDF passphrase processing--use-randomuse /dev/random-yverify passphrase
Disk device can now be opened.
$ sudo cryptsetup luksOpen /dev/disk/by-id/ata-WDC_WD10EZEX-08M2NA0_WD-WMC3F1471486-part4 luks1Create new zfs pool
$ sudo zpool create ext-backup /dev/mapper/luks1Create initial snapshot
Example i have data set tank/ROOT/home
$ sudo zfs snapshot tank/ROOT/home@ext-backupSend the backup
$ sudo zfs send tank/ROOT/home@ext-backup | pv | sudo zfs recv ext-backup/homeOr with incremental-backup
$ sudo zfs snapshot tank/ROOT/home@ext-backup20180101
$ sudo zfs send -R -i tank/ROOT/home@ext-backup tank/ROOT/home@ext-backup20180101 | sudo zfs recv ext-backup/homA good idea is to set the external drive to be read-only
$ sudo zfs set readonly=on ext-backupSafely close and remove external drive
After finished sending the snapshot, close the disk and export the pool
$ sudo zpool export ext-backup
$ sudo cryptsetup luksClose ext-backupReference:
Last updated
Was this helpful?