I use a sliding window of time to determine what to backup, so
maildir fs and database changes don't matter to me. Files can
move, be deleted, whatever. Doesn't matter.
I can't use tar's incremental backups because mail has the potential to move around. That and the basename of the file has the potential to change, i.e. dovecot flags S=, etc. Its not particularly fast, as it maintains a dictionary of file: {md5sum, mtime} objects. I use find to prepare a preliminary list of what to backup depending on that aforementioned sliding window of time. I then md5 those files and compare data to determine if files moved, were deleted, etc. Then i remaster the dictionary. A bit more to it than that but that's the gist.
I have a tiny vps this runs on. Usually takes around 20-30 mins
to process my monthly incrementals. Not an issue for me as the
load induced is very low.
1. I am more concerned about the integrity of the backup, so locking maildir and database changes during the process. I accidentally replied to aki only, but after compiling maildirlock myself it works.2. For the backup I use rsync, to minimize the time of the lock being active. Althogh your script is probably fast, too? Doesn't tar have incremental backups built in? I have never used this feature, if it exists.3. If a file can't be written, I would assume the file system turned read-only, which can happen sometimes, and send an external alert, not log it internallyGesendet: Montag, 31. Juli 2023 um 00:37 Uhr
Von: "Ben Burk via dovecot" <dovecot@dovecot.org>
An: dovecot@dovecot.org
Betreff: Re: mail-crypt long-term support? How to backup?I have a similar setup to you. Mail_crypt enabled, user-keys. Like Aki says, its best to use tar for this. I wrote a script a year or so back to incrementally backup my mailboxes. Curious what others think.
https://gitlab.com/ben.burk/burk.tech_personal/-/raw/master/maildirincbackup.sh
On 7/30/23 00:29, eaerhaerhaehae aehraerhaeha wrote:_______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.orgHello everyone,1. I was wondering whether mail-crypt is intended to be supported in the long run.2. Furthermore, I was wondering about the best way to backup a whole email server with mail-crypt enabled.(3. how do i use dsync with mail-crypt?)Below are my thoughts so far.- doveadm seems to work on each user individually, and it seems that the password is required for this? At least tachtler/dovecot-backup complains about missing the key and password to decrypt the mails, and so does "dsync -f -u a@bc.de backup maildir:bc.de/a"- I was going to just tar /var/mail, but it appears that maildirlock is deprecated and broken, so I would have to shut down dovecot temporarily, in order to maintain file/index integrity, which is not ideal.- Running it in some kind of virtualized environment to be able to take atomic snapshots might work, but I read that the "uuid list", or whatever, is only updated "lazily". Would a shutdown even solve that?- I just saw that replication is going away. Maybe it would not have supported mail-crypt anyway.Thanks for any input._______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org