Linux on Servicios Rogeliowar

Restic: encrypted backups with deduplication for your Linux server

Mon, 11 May 2026 00:00:00 +0000

I already had backups with rsync and cron, but rsync copies files, not snapshots. If you accidentally delete a file and the backup syncs before you notice, you lose it. Restic solves that and adds something rsync will never provide: AES-256 encryption, deduplication, and snapshots with navigable history.

What makes Restic different
#

Feature	rsync	Restic
AES-256 encryption	No	Yes
Deduplication	No	Yes (block-level)
Navigable snapshots	No	Yes
Multiple backends	No	SFTP, S3, Backblaze, rclone…
Integrity checking	No	`restic check`
Retention policy	Manual	`restic forget --prune`

Deduplication is especially useful for database backups and configuration directories that change little: a Restic repository with 6 months of daily backups usually takes up much less space than 180 full copies.

Incremental synchronization from SMB with smbprotocol on Linux: NTLM authentication and log control

Mon, 04 May 2026 00:00:00 +0000

The Problem
#

Recently I needed to sync an SMB share from a NAS with my Linux server. The obvious solution would be smbclient or mount -t cifs, but I wanted:

Incremental synchronization (only new or modified files)
Detect files deleted from the share
Control NTLM authentication directly from code
Silence the obscene amount of logs that smbprotocol spits out

The Python smbprotocol library solved all of this, but there’s no documentation on how to do it properly. Here’s my solution.

Systemd timers: the modern cron alternative you needed

Mon, 04 May 2026 00:00:00 +0000

Why I Left Cron
#

I’ve been using cron on my servers for years. It’s simple, reliable, and it works. But recently I discovered systemd timers and I’m not going back. The main reason: integrated logs in journald, no .log files scattered around the system, and better control over what happens when the server starts or reboots.

In my specific case, I had a backup that wouldn’t run if the server was off at the scheduled time. With cron, it simply got lost. With systemd timers and Persistent=true, the task runs as soon as the server boots up.

Hardening Linux servers: practical guide

Fri, 01 May 2026 00:00:00 +0000

Server Security Hardening: Essential Steps
#

Having a server exposed to the Internet without minimal security configuration is leaving the door wide open. In this article, I’ve compiled the steps I apply on my own servers to reduce the attack surface without complicating day-to-day management.

SSH: the first line of defense
#

The SSH service is the most attacked entry point on any Linux server. These are the most important settings in /etc/ssh/sshd_config:

WireGuard VPN: Access your home server from anywhere

Thu, 30 Apr 2026 00:00:00 +0000

One of the classic problems with having a server at home is secure remote access. Opening SSH ports directly to the world is a bad idea — you see it in the auth logs: hundreds of attempts per day. The elegant solution is a VPN, and WireGuard is today’s best available option.

Why WireGuard?
#

Compared to OpenVPN or IPSec:

Linux on Servicios Rogeliowar

Restic: encrypted backups with deduplication for your Linux server

What makes Restic different #

Incremental synchronization from SMB with smbprotocol on Linux: NTLM authentication and log control

The Problem #

Systemd timers: the modern cron alternative you needed

Why I Left Cron #