Kinmunity

Kinmunity is an alterhuman community serving otherkin, the furry fandom, fictionkin, therians, vampires, coping links, plural systems, and the other-hearted. We provide our users with a wide variety of features, such as: forums, media center, articles library, user blogs, social groups, live chat, and more!

Curious? Come join us today!

Backup System Enabled

Since its current incarnation, Kinmunity has survived on a ad-hoc backup schedule. This is to say, that I would manually generate and store a backup before doing any major work on the site. As the site grows, especially considering downtime of the past, this is no longer a viable option. We need to take regular backups in order to be prepared to address unforeseeable future problems and ensure the continued existence of the site in the future. In order to do this, we have enabled automatic backups, powered by TarSnap.

Why TarSnap?

Appropriately taglined "Online backups for the truly paranoid", TarSnap offers the most security of any cloud backup service available. The client is open source, meaning we can verify that it works how it says it does. Data is securely encrypted before it leaves Kinmunity's server, and then it is stored by TarSnap on Amazon Simple Storage instances. The data can only be accessed and decrypted by Kinmunity root administrators, which at this time only includes myself. 

What about the keys?

I maintain multiple copies of the applicable TarSnap keys for Kinmunity, including copies securely stored offline. If copies of the key are ever stored online (ex. Cloud Storage of any kind), they are encrypted at rest with at minimum AES-256. Serpent-256 is preferred to AES for key storage whenever it is available. In short; it can only be accessed or utilized by me, not the service providing the storage. Hardware tokens are also required (in addition to secure passwords) for cloud account access. All copies of the key not used by ikari for the purpose of generating automatic backups are stored encrypted.  Long story short, multiple copies of the key are stored, and they are stored securely.

What is backed up?

Everything required for Kinmunity to work properly is automatically backed up. This includes, but is not limited to:

  • web server configuration.
  • IRC server configuration.
  • file system for the IRC server.
  • file system for kinmunity.com & subdomains, including all files needed to run the site.
  • file system for kinmunity.net & subdomains, including all files needed to run the site.
  • all databases hosted on ikari, including the ones for kinmunity.com, kinmunity.net and our IRC server.
When do backups occur?

  • Backups are generated daily during a period of low activity across our services.
How long are backups stored?

  • Yearly - Yearly backups (taken once per year) are stored indefinitely; these will not be automatically pruned by our system.
  • Monthly - Monthly backups (taken once per month) are stored for one year.
  • Daily - Daily backups (taken once per day) are stored for 31 days.
The purpose of storing yearly, monthly, and daily backups is to allow rolling back to a previous version of the site if ever required, and to have multiple backups to work from in case several days of backups ever end up corrupt or unusable. 

Are backups tested or verified in any way?

Yes, I will download and decrypt a daily backup on the 5th of each month to ensure integrity.

 
Last edited by a moderator:
Top