Hey everyone, During my vacation, I found some time to tackle the offsite backups thing. So let me break it down: - We now have an offsite backup location provided by rsync.net and based in Switzerland. - Access the account data from the vault. - You all should have SSH access already via SSH keys (we have full authorized_keys file access) - All current machines were configured to use this offsite backup. - The offsite backup step runs as a separate backup right after the first one. - The offsite backups were tested and it appears to be working fine on all machines. - Payment-wise everything is managed by SPI directly (no reimbursements required) and I'm currently the rsync.net liaison and point of contact. This should be changed to a generic private mail that we can point to in order to mitigate the bus factor. - We should consider how to do 2FA with rsync.net in a DevOps meeting. - I had to do quite some Ansible gymnastics in order to configure the rsync.net machine as it doesn't have Python and is, in general, a pretty restricted environment so we have a new role next to borg-server called rsync_net. - During all of this I cleaned up a few things surrounding borg and I mostly/fully made it so that we can fairly easily add more different offsite locations. - Giancarlo reviewed my changes. Thanks! I might have forgotten somethings but this is pretty much the most important bit. Enjoy, Sven