I shit you not, this is the offsite backup solution that I have put together for my work.
It is an old laptop, whose battery doesn’t work any more, and our DroboPro that I have no desire to keep around.
I have duct-taped them (literally) together along with a power bar and a network cable.
Anyone can take it home, plug it in, and everything is automatically backed up from our office to it in an encrypted fashion.
So from a logical arrangement, here’s how it breaks down:
The Drobo has in it eight 1TB drives with single-disk redundancy providing just over 6TiB of usable space.
The Drobo only supports a select few filesystems (NTFS, HFS+ and EXT3 being the big ones), and does NOT support full-volume encryption. I have opted to place EXT3 on it and host it to the laptop running Ubuntu 12.04.
The laptop mounts the Drobo and gets access to six 1TiB sparse files on it. Since the files are sparse, the blue-light storage capacity indicator on the front is still usable.
These files are then loopback mounted as block devices via losetup, using cryptoloop to offer AES encryption of the presented block devices.
ZFS-on-Linux is used to create a ZFS pool that spans the file-backed block devices. This results in a ZFS pool of about 6TiB of usable space whose data on the underlying disks is encrypted in a way that the Drobo won’t complain about.
Some bash shell scripts glue it all together:
One script perpetually calls home as an unprivileged user with two jobs: email me letting know that, for some reason, it had to reconnect, and to establish a port forward so that I can remote into the laptop without requiring that ports be forwarded to it. Because the underlying volumes are encrypted, whenever it reboots I need to manually remote in and enter the password to mount the encrypted volume. Storing the keys on the laptop is exceedingly dumb.
The other script checks that the ZFS pool is mounted properly, and then uses a private key stored on the pool (and thus is encrypted on the disks) to remote back to the office as a user with privileges to pull a backup across the internet. This backup process happens twice a day: once at 0130 and once at 1330 in order to be least obtrusive to internet connection of whoever is hosting this backup solution.
I am a little unhappy with how many layers of obfuscation were required, but it all boils down to working around the Drobo’s restrictions.