https://blogs.law.harvard.edu/tech/rss https://this-is-fine.io/tags/restic/ Recent content in Restic on Fuchsbau https://this-is-fine.io/tags/restic/ https://source.unsplash.com/2000x1322/?fox 1440 Hugo 0.125.4 de-DE Wed, 20 May 2026 22:26:12 UT https://this-is-fine.io/posts/20260520-mastodon-to-snac/ Wed, 20 May 2026 10:00:00 UT ff0x https://this-is-fine.io/posts/20260520-mastodon-to-snac/ The lab used to run Mastodon on Kubernetes: PostgreSQL, a Redis-compatible cache, and S3-shaped media storage on top of the usual edge stack. That worked, but it was heavy for a small personal instance — more moving parts than the workload justified. The fediverse home at this-is-fine.social now runs snac instead: a minimal ActivityPub server in portable C, no database, all state on a single filesystem tree, backed up off-cluster with the same VolSync + restic pattern as other stateful apps. Infrastructure https://this-is-fine.io/posts/20251121-volsync-restic-backups/ Fri, 21 Nov 2025 08:00:00 UT ff0x https://this-is-fine.io/posts/20251121-volsync-restic-backups/ Stateful apps need point-in-time copies and a copy off the cluster. The lab uses VolSync with the restic mover: Kubernetes creates a VolumeSnapshot, VolSync runs restic against it, and encrypted data lands in a remote repository. The restic URL and password live in Vault and reach the cluster through External Secrets. VolSync sits in the middle: you already run the CSI snapshot controller and a storage class that supports snapshots (Rook-Ceph block volumes in the lab). VolSync watches a ReplicationSource, triggers on a schedule, and spins up a short-lived mover job. You get off-site copies without shelling into pods to run restic by hand. Infrastructure