I recently switched to vimwiki for notetaking and wanted to make an encrypted backup of my notes and came up with the following solution. I have since made use of this to backup various other files from my system.
I am not an expert so please feel free to suggest any improvements or corrections.
- Tar - GNU Project - Free Software Foundation
- Cloud storage provider with a Linux sync client, currently I am making use of the free 2GB offered by Dropbox.
First you will need a passphrase to use for your symmetric encryption. Create a text file containing this passphrase in the first line of the file and save it, I save mine as ~/.gnupg/backup-passphrase. It should be a long random string, I used bitwarden to create this and also save a copy of it there.
Once it is saved I changed the permissions of the file using
chmod 600 ~/.gnupg/backup-passphrase
I have created a short bash script which does the following
- Creates an archive of the directory /home/trystan/vimwiki
- Runs this archive through gzip (as text is highly compressible)
- Pipes the output from tar to gpg
- Encrypts the archive with AES-256 using the specified passphrase file
- Saves the encrypted file to a local folder
#!/bin/bash tar -czf - \ /home/trystan/vimwiki | \ gpg --yes --pinentry-mode loopback \ --symmetric --cipher-algo AES-256 \ --passphrase-file /home/trystan/.gnupg/backup-passphrase \ --output /home/trystan/backup/vimwiki.tar.gz.gpg
This script is used to sync my local backup folder to the Dropbox folder.
I use the --checksum option to prevent rsync from copying the file if nothing has changed, as the local file will always have a newer timestamp. This should save bandwidth on uploading the same data.
#!/bin/bash rsync --recursive --checksum /home/trystan/backup /home/trystan/Dropbox
Make sure each script is executable using
chmod +x /path/to/script
Then add the following lines to your crontab replacing the paths to match your scripts.
This will execute the archive and rsync scripts every hour @ :00 and :02
0 * * * * /bin/bash /home/trystan/scripts/backup_vimwiki.sh 2 * * * * /bin/bash /home/trystan/scripts/rsync_dropbox.sh
Using simple command line tools it is fairly easy to back up personal documents onto cloud storage with a trust no one approach. I have several scripts which backup different things, such as my dotfiles, documents folder etc. I would say this method is best suited for smaller files as it requires your documents to be encrypted every hour and there may be a high overhead if you have a very large folder containing video files for example.