Hi all, I have my home lab set up as a single git repo. I’ve got all infrastructure as opentofu / ansible configs, and using git crypt to protect secret files (tofu state, ansible secret values, etc).
How would you back up such a system? Keeping it on my self hosted git creates a circular dependency. I’m hesitant to use a private codeberg repo in case I leak secrets. Just wondering what the rest of you are doing.
I would set aside a dedicated device that acts as a sort of “provisioner” and admin node. It can be something like a raspberry pi or desktop computer.
From a backup perspective I would evacuate risk vs cost/effort. If you lost your home would it really matter that you lost some config files?
As others have said, a traditional off site backup will work. How do you plan to perform a restore, though? If you need the self hosted source repo, it won’t be available until the infrastructure is stood to creating another circular dependency.
I’m still in the early stages of exploring this, too. My solution is to run a local filesystem
git cloneof the “main” repo and execute it with a Taskfile that builds a docker image from which it can execute the ansible infrastructure build. It is somewhat manual but I have performed a full rebuild a few times after some Big Mistakes.Back up your git service/repositories to offline storage.
Codeberg and make sure you don’t leak secrets or back it up at your buddies house on his homelab
