A backup on the same machine is not a backup
After rebuilding the infrastructure, I had to set up the backup schema from scratch.
The 3-2-1 rule: three copies of data, on two different storage types, with one stored off-site. Not three folders on one disk — physically separate devices in physically separate places. Sounds obvious. Followed less often than it should be.
I have a Synology DS224+ — a home NAS, sitting in Cheboksary. Nine VMs running on a physical host in Moscow. Distance: 600-700 km.
The task was straightforward: get the Moscow host to back up to the Cheboksary NAS as if they were sitting next to each other.
Both devices need to be on the same private network — the one I built last week on headscale. Registered the NAS on the network, the Moscow host saw it as a local address and mounted it as a regular network share. Proxmox doesn't know the NAS is in another city. Didn't ask.
One delay: the NAS had an old version of Tailscale that couldn't talk to the updated headscale — the handshake protocol changed. The way it always goes with home equipment you only think about when you need it. Updated, reconnected — everything worked.
Set up the job: every night at 3:00 AM, nine VMs, compressed, retention — 7 daily, 4 weekly, 2 monthly. First run: tonight.
Now the data and its backups are physically separated. The Moscow host can die — the data in Cheboksary stays.
→ A backup on the same machine as the data is not a backup — it's a second copy at the first point of failure → A private network erases geography: two devices in different cities work as one local network → Version incompatibility is the first thing to check when two devices on the same stack can't talk to each other
Let's go.