We’ve all been there. That sinking feeling in your stomach when you realize you just deleted a volume, or your VPS provider has a major outage, and your data is… gone.
In the previous posts, I talked about **Terraform** for building the box and **Ansible** for painting the inside. But those are just blueprints. The soul of your application—the actual data, the database volumes, the user uploads—needs a vault.
That’s why I brought in the final member of what I call the **Kickass Trinity**: Restic.
The FinOps of Peace of Mind
Let’s talk money for a second, because I like my tools cheap and efficient. I use Backblaze B2 as my backend. Why? Because charging $6 for 1 Terabyte of “hot” storage is basically a rounding error in any tech budget.
It’s the ultimate FinOps move: high-performance, redundant storage for the price of a mediocre coffee. Restic plugs into B2 like they were made for each other.
The “Kickass Trinity” Workflow
The beauty of this setup is how it all pairs together.
1. Terraform spawns the server and the B2 buckets.
2. Ansible installs Restic and configures the backup schedules.
3. Restic does the heavy lifting of keeping my data safe.
I don’t have to manually “push” backups. I use Ansible playbooks to automate the snapshots. It’s a pull-and-push choreography that ensures my app volumes are living somewhere else, encrypted and versioned, without me lifting a finger.
Space Efficiency is Not a Luxury
If you’re backing up 1TB of data every night, you’re doing it wrong. Restic is smart. It uses deduplication, meaning it only saves what changed. It’s fast, it’s tiny, and it’s encrypted by default.
Your backup format shouldn’t be a mystery meat `.zip` file. Restic’s snapshot system makes it trivial to see exactly what was backed up and when.
The Only Metric That Matters: Restore Time
A backup is worthless if you can’t restore it while your hair is on fire. Restic doesn’t make you dance. You don’t need a PhD in storage engineering to get your data back.
`restic restore latest –target /`
That’s it. My server melts, Terraform spins a new one, Ansible sets the config, and Restic pours the data back in. Disaster recovery isn’t a weekend-long project anymore; it’s a coffee break.
Conclusion
Disaster recovery isn’t something you should “get around to.” It’s the foundation of being a responsible operator. By pairing the efficiency of Restic with the insane price-point of Backblaze B2, I’ve removed the last bit of friction from my backup strategy.
My config is versioned, my hardware is code, and my data is safe. The Trifecta is complete.
Now, go verify your backups.
