<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> we are using restic for automated backups at work. I like it but it has some drawbacks, namely the speed. </p><p>IIRC there was a similar tool with better performance but I need to look it up.</p><p>I also suspect that the deduplication only works well if the cache is being held at a leash.</p>

<p><span class="h-card" translate="no"><a href="https://mdon.ee/@slyecho" class="u-url mention">@<span>slyecho</span></a></span> (and, to state the obvious, i don&#39;t want to run even more infrastructure just to handle backups)</p>

<p><span class="h-card" translate="no"><a href="https://mdon.ee/@slyecho" class="u-url mention">@<span>slyecho</span></a></span> the machine either has the authorization to delete data or it doesn&#39;t. it doesn&#39;t matter one bit what software it&#39;s running if it&#39;s compromised</p>

<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> I think the appendix-only mode works best in their own server and they suggest to use rclone as an adapter</p>

<p>okay, it looks like this is solved by enabling bucket versioning rather than reducing permissions</p><p>from my testing, restic appears to be fit for purpose (is able to execute basic commands like &quot;list versions&quot; without me waiting for it to do gods know what for several minutes)</p>

<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> did you try borg with pika as frontend yet? it&#39;s pretty nice.</p>

<p><span class="h-card" translate="no"><a href="https://timeloop.cafe/@uep" class="u-url mention">@<span>uep</span></a></span> that looks like a massive pain to use even with rustic; i don&#39;t see restic documenting anything like that at all</p>

<p>restic doesn&#39;t work unless you give it s3:DeleteObject permission on at least a subset of the backup bucket because it needs to delete locks</p><p>obviously the example policy just gives the backup account a blanket permission to delete anything</p>

<p><span class="h-card" translate="no"><a href="https://woem.space/users/aismallard" class="u-url mention">@<span>aismallard</span></a></span> tarsnap is like an order of magnitude more expensive than the underlying S3 costs, it&#39;s ridiculous</p>