Tarsnap – The Ultimate Backup Solution

Reading Time: 2 minutes

Tarsnap is a no nonsense backup service for Unix (Linux, Mac etc) and is very nice indeed from a sysadmin’s point of view. It is inherently uber secure by design. It somewhat lacks being end-user friendly though – for example it doesn’t handle expiry of archives out-the-box. Therefore if you wanted GFS style rotation you need to wrap it in something which handles deleting old archives according to whatever deltas.


Their payment model is a bit strange in that it is prepay so you get a warning email when running low on credit or risk having your backups deleted for good. The cost of a particular backup run can be calculated with a –dry-run, which is handy. You get charged for actual on-disk storage at AWS and for RX/TX network traffic of that data. Hefty compression and de-duplication generally seems to work very well so costs can be lower than you might expect.

There no official packages for any OS’s so needs compiled (or an unofficial package created/used). It works with almost everything apart from Windows. Each machine should have a key generated. This key must be manually exported from that machine for the backups to be restored if the machine dies. In other words without the key the data is inaccessible.

Crontab needs to be configured to run either tarsnap directly or via whatever wrapper/script is being used. There’s no built-in scheduler.

As the ‘tarsnap’ service is run by its author there’s possibly concerns over what happens if he gets hit by the number 22 bus.

I now use it at home so although all those points may sound negative, in reality it means you have a very versatile and script-able backup tool which performs very well indeed. It just lacks the ‘enterprise’ credentials businesses may desire – that said Stripe reportedly use it as their backup solution, presumably because of its no nonsense approach.