Backup your website databases to your NAS with Laravel Forge

If you use Laravel Forge to manage your website, you have the option to make database backup to the cloud. But what if you don't want to send them to a cloud provider or send it locally to our head quarters? 

This tutorial covers the use of Minio with Synology NAS. It doesn't cover a reliable and secure beackup strategy for your data. That an entire topic by itself.

• Prerequisites
• Prepare a volume to store the data
• Install Minio with Docker on your NAS
• Open port on your firewall
• Create a bucket and access keys
• Test the connection
• Configure Forge backups

# Prerequisites

Before we start, you do need a domain name configured on your NAS. If you do not have a fixed IP, you should start by configure a DynDNS for your NAS. But I suppose you already have, with a nice Let's Encrypt SSL.

Another prerequist is to have Docker installed on your Synology, every model is not supported. I have a DS418play and it's not on the list but there is a workaround if your model has a compatible CPU.

# Prepare a volume to store the data

I'm trying to keep this article short so I won't go into the detail. Just some notes.

• Versionning is not necessary since Minio can handle that per bucket.
• I actived Compression because I know I would only store cold data.
• Restricted the access to only admin acount
• Doesn't show up on network shares
• Added a quota of 1 To to the volume, to be safe with other applications on my NAS. You can also but a per bucket quota with Minio if you prefer. I wanted both.

# Install Minio with Docker on your NAS

Go to Docker app -> Register -> Search for minio/minio and download the latest. Then go to Docker -> Image -> Double click on minio to configure a new instance. Each step represent a page of the UI configurator:

1. Network => bridge mode (should be the default)
2. Next choose a name (it can be anything) and check automatic restart. Then click on Advanced settings
   • In Environment tab add two new variables : MINIO_ROOT_USER and MINIO_ROOT_PASSWORD. They are self explanatory, so choose a user and password.
   • In Command execution tab set the command to minio server /data --console-address ":9090"
3. In the next step, you need two ports 9000 => 9000 and 9090 => 9090. Both in TCP.
4. Now we have to choose volumes for your docker image.
   • One for the data /minio (the volume we have created just before) => /data (the directory we put on the command to execute)
   • The other one for the configuration /docker/minio (I put all my docker configurations on a docker volume, put them where you want) => /root/.minio

# Open port on your firewall

I assume you already know how to do that:

• 9000 is the S3 compatible storage port, should be open.
• 9090 is your configuration console for Minio and should not be accessible from outside.

If like me, you are doing this outside of your lan network, see my other article to create a secure ssh tunnel through your NAS and access lan ip:port.

# Create a bucket and access keys

Depends on your usage, but I think you should create a new user first.

Then create a bucket, the UI is really easy and you have hints just next to every options. I activated versioning. I don't recommend object locking since Forge will need to delete older backups.

And finally create an access keys for your user or the one you just created and save them for the rest of the tutorial. If you created another user, make sure he has access to the bucket you created.

# Test the connection

To test the configuration I use awscli tool provided by Amazon.

You can install it easily with Homebrew

brew install awscli

Then configure it with the access key created in Minio

awscli configure

List the buckets

aws s3 ls --endpoint-url http://urlofyournas:9000

You should see the bucket you created here.

If you are int the same network as your NAS, don't forget to switch to 4G/5G connexion or something. To be sure you can access from outside. While you are here, check that the console one 9090 is not accessible.

# Configure Forge backups

Go to your server on Forge => Backups.
Add a new backup configuration with

• Provider: Custom (S3 Compatible)
• Region: not important. I always put eu-west-3 but really its ignored in our case
• Bucket: name of the bucket you created
• Endpoint: http://yournasdomain:9000
• Storage directory: I put the name of my server here. Ideally, create a bucket per server to be even safer.
• Then your keys
• And it's up to you for the frequency and the retention.

Now, every night a backup of the database is sended to my home! From there you can backup them to an USB drive. You can also create a replication strategy with Synology.

And that's it! If you have a little time, I'm curious about your backup strategy and if you used this tutorial at some point.