I just setup my first automated and encrypted backup with borg. It’s got me thinking about other chaotic events, and how to respond accordingly. I figured now is a good time to document my infrastructure: hardware, network, a files. This way if something bad happens, like my house burns down, I or a family member has instructions for how to quickly recover data and services. Examples:
- If my website goes down, with my nextcloud on it, what steps do I need to take to recover the data and restore service?
- If my harddrive fails, how do I access lost data and reimplement redundancy after a replacement is stood up?
- If someone important to me needs to access encrypted files, how can that access that data and get access to the passwords/encryption keys?
- If my phone bricks, how to recover 2fa codes?
So I’d like to have a physical printing copy that tries to cover these emergency scenarios. Of course, I’ll have digital copy around as well.
I’m focusing more on digital assets, like encryption keys, personal files and media, cloud service access, accessing inaccessible machines, how to restart/recover from self hosted service if its down, etc. I understand how much wider this document can be to include physical assets, so to start I want to start with digital infrastructure.
So my big questions: what scenarios should be documented in this disaster recovery document? What should I prepare for? The nice correlary of this is that documenting a recovery plan will force me to actually stand up the backups/redundancy needed to recover.
Assume you’re incapacitated, and somebody gets access to your recovery document. What information do they need to do what you would want them to do. Make sure all of the information is there, and all the steps are written out
https://github.com/cyphar/paperback If having your secrets written out is a little too risky, you might consider a distributed secret sharing approach. So multiple people you trust would have to coordinate to recover the archive