I’m running NS8 on 2 nodes, the leader resides on my home server, the second node on a VPS with the MAIL module installed, this to have a mailserver for my own domain.
On my leader node, i made a backup schedule to backup all installed apps to a SMB nas. This works for the apps installed on the leader node, but not for the VPS, so i’m trying to wrap my mind around the mechanics behind it.
The VPS node cannot reach the SMB share directly. But the nodes have a VPN connection. It looks like scheduled backups are not sent to the leader over VPN before they are sent to the NAS, because that’s the only part of the backup failing.
Is there a way to have the backups from my mail node (Node 2 on VPS) sent to the leader before sending it to the internal SMB storage?
In the logfiles i can see that NODE2 is trying an immediate connection to the SMB, can i adapt it in some way that it proxies to the leader node first before sending it?
Or does anyone have recomendations on how this situation is handled properly?
This may be more involved than necessary, but you could set up Minio on the leader node, set that up as an S3-compatible backup target on the second node, and run your backup there. The leader node in turn backs up–including the Minio data–to your NAS.
Another, probably simpler, option would be to install Tailscale on both your NAS and the second node, and back up over that connection.
Had some hard days, thank you all for the suggestions. I’m thinking further currently, since there will be more infra that will need direct connections to the cluster, like monitoring agents.
I’m playing with the idea to make a VLAN 1054, and somehow bridge/bond the WG0 ethernet interface straight to the Wireguard network, so the backbone network of NS8 is a ‘physical’ network.
Anyone done this before? or aware of any pitfalls?
I’m going to install a 3d node so i can start playing with the bridging without affecting my running infra, will keep you posted.