Best Self-Hosted Backup Solutions in 2026

By Alex Thornton backup Updated:

Quick Picks

Use CaseBest ChoiceWhy
Best overallResticFast, encrypted, supports 20+ storage backends (S3, B2, SFTP, local). The community standard.
Best deduplicationBorgBackupSuperior compression ratios. Best for large, slowly-changing datasets.
Best modern alternativeKopiaRestic-like features plus a web UI, policies, and snapshot management.
Best with GUIDuplicatiWeb-based GUI for scheduling and configuring backups. Best for non-CLI users.
Best Borg automationBorgmaticYAML-configured wrapper around BorgBackup. Automates the 3-2-1 rule.

The Full Ranking

1. Restic — Best Overall

Restic is the most versatile self-hosted backup tool. It encrypts all data by default (AES-256), deduplicates at the content level, and supports more storage backends than any alternative — local directories, SFTP, S3-compatible storage (AWS, Backblaze B2, MinIO, Wasabi), Azure Blob, Google Cloud Storage, and REST servers.

Backups are fast thanks to content-defined chunking. Restores are straightforward. The community is large and active. If you’re choosing one backup tool, choose Restic.

Pros:

  • 20+ storage backends (most of any backup tool)
  • AES-256 encryption by default — all data encrypted at rest
  • Content-defined chunking for efficient deduplication
  • Fast incremental backups
  • Cross-platform (Linux, macOS, Windows, BSD)
  • Single static binary — no dependencies
  • Active development with regular releases
  • Large community, extensive documentation

Cons:

  • CLI-only — no built-in GUI or web UI
  • No built-in scheduler — needs cron or systemd timers
  • Compression added relatively recently (v0.16.0+)
  • Cannot exclude files from an existing snapshot retroactively
  • Repository repair tools are limited

Best for: Anyone who wants reliable, encrypted backups to any storage backend. The default recommendation for self-hosters.

Read our full guide: How to Set Up Restic

2. BorgBackup — Best for Storage Efficiency

BorgBackup excels at compression and deduplication. For datasets with many similar files (VMs, databases, Docker volumes), Borg achieves smaller backup sizes than Restic. The authenticated encryption is solid, and append-only mode provides protection against ransomware.

Pros:

  • Best-in-class compression (lz4, zstd, zlib, lzma)
  • Excellent deduplication ratios
  • Append-only mode for ransomware protection
  • Mountable backups (FUSE) — browse archives like a filesystem
  • Mature and battle-tested (10+ years)

Cons:

  • SSH-only for remote backups — no native S3/cloud support
  • Requires BorgBackup installed on both client AND server
  • Slower than Restic for initial backups
  • No Windows support
  • No built-in scheduler
  • CRITICAL: Losing the encryption key means permanent data loss — export with borg key export

Best for: Users backing up to another Linux server via SSH who need maximum storage efficiency.

Read our full guide: How to Set Up BorgBackup

3. Kopia — Best Modern Alternative

Kopia is the newest serious contender in the backup space. It combines Restic’s multi-backend support with a built-in web UI, snapshot policies, and retention management. Think of it as “Restic with a GUI and better policy management.”

Pros:

  • Built-in web UI (server mode on port 51515)
  • Policy-based retention (global, per-directory, per-host)
  • S3, B2, SFTP, local, GCS, Azure, Rclone backends
  • AES-256-GCM encryption
  • Content-defined chunking (like Restic)
  • Snapshot browsing via FUSE mount
  • Active development, growing community

Cons:

  • Newer project — less battle-tested than Restic or Borg
  • Docker setup requires privileged mode for FUSE support
  • Web UI is functional but not polished
  • Smaller community means fewer guides and troubleshooting resources
  • Documentation is improving but still gaps exist

Best for: Users who want Restic’s backend flexibility with a web UI and built-in scheduling.

4. Duplicati — Best GUI Backup Tool

Duplicati provides a full web-based GUI for configuring, scheduling, and monitoring backups. For users who don’t want to touch the command line, it’s the only real option. Supports encryption, S3/B2/OneDrive/Google Drive backends, and email notifications.

Pros:

  • Full web-based GUI — no CLI needed
  • Built-in scheduler with retention policies
  • Email notifications
  • 25+ storage backends including consumer cloud (Google Drive, OneDrive)
  • AES-256 encryption
  • Runs on .NET (cross-platform)

Cons:

  • .NET runtime means higher resource usage
  • Known reliability issues with large backups (database corruption)
  • Slower than Restic or Borg for large datasets
  • Restore verification can be unreliable
  • Development pace has slowed

Best for: Non-technical users who need a GUI. Use with caution for critical data — always verify restores.

5. Borgmatic — Best BorgBackup Automation

Borgmatic wraps BorgBackup with YAML-based configuration, making it easy to define backup schedules, retention policies, consistency checks, and hooks — all in a single config file. It turns Borg’s manual CLI workflow into an automated system.

Pros:

  • Simple YAML configuration for complex Borg workflows
  • Built-in scheduling, retention, and consistency checks
  • Pre/post backup hooks (database dumps, notifications)
  • Supports multiple repositories in one config
  • Healthcheck integration (Healthchecks.io, Uptime Kuma)

Cons:

  • Requires BorgBackup (it’s a wrapper, not standalone)
  • Inherits Borg’s limitations (SSH-only remote, no Windows)
  • Adds a layer of abstraction to debug
  • No GUI

Best for: Users who’ve chosen BorgBackup and want to automate it properly. The recommended way to run Borg in production.

Full Comparison Table

FeatureResticBorgBackupKopiaDuplicatiBorgmatic
EncryptionAES-256 (default)AES-256AES-256-GCMAES-256Via Borg
DeduplicationContent-definedContent-definedContent-definedBlock-levelVia Borg
Compressionzstd (v0.16+)lz4/zstd/zlib/lzmaMultipleZip/7zVia Borg
S3/cloud backendsYes (20+)No (SSH only)Yes (many)Yes (25+)No (SSH only)
GUINoNoWeb UIWeb UINo
Built-in schedulerNoNoYes (policies)YesYes (cron)
Windows supportYesNoYesYesNo
FUSE mountYesYesYesNoVia Borg
Append-only modeNoYesNoNoVia Borg
RAM usage~100-200 MB~200-500 MB~200-300 MB~300-500 MBVia Borg
MaturityHighVery HighMediumMediumHigh
LicenseBSD-2BSD-3Apache-2.0LGPLGPL-3.0

The 3-2-1 Backup Rule

Every self-hoster should follow the 3-2-1 rule:

  • 3 copies of your data
  • 2 different storage media
  • 1 copy offsite

Example setup with Restic:

  1. Primary data on your server’s drives
  2. Local backup to a USB drive or NAS: restic -r /mnt/backup backup /data
  3. Offsite backup to Backblaze B2: restic -r b2:bucket-name backup /data

This costs roughly $5-10/month for 1 TB of B2 storage — far less than any managed backup service.

Read our full guide: Backup Strategy (3-2-1 Rule)

What to Back Up (Self-Hosting Checklist)

Most self-hosters forget critical data until they need a restore. Back up ALL of these:

Data TypeLocationWhy It Matters
Docker volumes/var/lib/docker/volumes/ or named volumesAll application data — databases, configs, uploads
Docker Compose filesWherever you store your stacksRecreating services from scratch without these is painful
.env filesAlongside Compose filesSecrets, API keys, database passwords — lose these and you lose access
Database dumpsVaries (MySQL, PostgreSQL, SQLite)Raw volume copies of running databases risk corruption. Always dump first.
Reverse proxy configsNPM database, Traefik rules, Caddy configSSL certificates and routing rules
DNS recordsExport from your DNS providerDocument or automate — losing DNS config means downtime
SSH keys & authorized_keys~/.ssh/Losing these locks you out of your own server
Cron jobs & systemd timers/etc/crontab, /etc/systemd/system/Scheduled tasks are easy to forget and hard to reconstruct

Database backup best practice: Never back up a running database by copying files. Use pg_dump for PostgreSQL, mongodump for MongoDB, mysqldump for MySQL, and .backup for SQLite. Schedule dumps before your backup tool runs.

Example pre-backup database dump script:

#!/bin/bash
# Run this BEFORE your Restic/Borg backup
docker exec nextcloud-db pg_dump -U nextcloud nextcloud > /backup/staging/nextcloud.sql
docker exec vaultwarden sqlite3 /data/db.sqlite3 ".backup '/data/backup.sqlite3'"

Backup Storage: Cost Comparison

Where you store your offsite backups matters for both cost and reliability.

Storage ProviderCost (1 TB/month)Egress CostRestic SupportBorg SupportNotes
Backblaze B2~$6$0.01/GBYes (native)Via rcloneBest value for most self-hosters
Wasabi$7FreeYes (S3)Via rcloneNo egress fees, 90-day minimum retention
Hetzner Storage Box~$3.80FreeYes (SFTP/REST)Yes (SSH)EU-based, great for Hetzner VPS users
AWS S3 Glacier~$4$0.09/GBYes (S3)Via rcloneCheapest storage, expensive restores
Another server (SFTP)$5-15 (VPS cost)FreeYes (SFTP)Yes (SSH)Full control, but you manage two servers
Local NASOne-time HDD costN/AYes (local/SFTP)Yes (SSH)Not offsite — add a cloud copy too

Recommendation: Backblaze B2 + Restic is the sweet spot for most self-hosters. ~$6/month for 1 TB, native Restic support, and low egress fees. For EU users, Hetzner Storage Boxes are cheaper and have zero egress costs.

Automating Backups

None of these tools (except Duplicati and Kopia) include a built-in scheduler. Use systemd timers for reliable scheduling:

# /etc/systemd/system/restic-backup.service
[Unit]
Description=Restic Backup
After=network-online.target

[Service]
Type=oneshot
ExecStartPre=/usr/local/bin/pre-backup-dumps.sh
ExecStart=/usr/bin/restic -r b2:my-bucket backup /data /opt/docker
ExecStartPost=/usr/bin/restic -r b2:my-bucket forget --keep-daily 7 --keep-weekly 4 --keep-monthly 6 --prune
EnvironmentFile=/etc/restic/env
# /etc/systemd/system/restic-backup.timer
[Unit]
Description=Run Restic backup daily at 3 AM

[Timer]
OnCalendar=*-*-* 03:00:00
Persistent=true

[Install]
WantedBy=timers.target

Enable with systemctl enable --now restic-backup.timer.

Add monitoring so you know when backups fail. Send a ping to Uptime Kuma or Healthchecks.io after each successful backup:

ExecStartPost=/usr/bin/curl -fsS -m 10 https://uptime-kuma.example.com/api/push/YOUR_TOKEN

Testing Restores

A backup you’ve never tested is not a backup. Schedule quarterly restore tests:

  1. Full restore test: Spin up a fresh VPS, install Docker, restore from your backup, and verify all services start correctly.
  2. Selective restore test: Pull a single file or database dump from backup and verify it’s valid.
  3. Measure restore time: Know how long a full recovery takes before you need it in an emergency.

With Restic:

# List snapshots
restic -r b2:my-bucket snapshots

# Mount a snapshot and browse it
restic -r b2:my-bucket mount /mnt/restore

# Restore a specific directory from the latest snapshot
restic -r b2:my-bucket restore latest --target /tmp/restore-test --include /data/nextcloud

With Borg:

# List archives
borg list /backup/repo

# Mount and browse
borg mount /backup/repo::archive-name /mnt/restore

# Extract a specific directory
borg extract /backup/repo::archive-name data/nextcloud

How We Evaluated

We evaluated each tool on: reliability (does restore actually work?), encryption strength, storage efficiency, backend flexibility, ease of automation, resource usage, and community support. Restic ranks #1 because it’s the most reliable and versatile. BorgBackup ranks #2 for its superior compression. Kopia ranks #3 as the best modern alternative with a GUI.

FAQ

How often should I back up my self-hosted services?

Daily for most services. For databases with frequent writes (Nextcloud, Vaultwarden, Paperless-ngx), consider twice daily or even hourly incremental backups — deduplication makes frequent backups cheap. The real question is: how much data can you afford to lose? If the answer is “less than a day,” back up more frequently.

Should I encrypt my backups?

Always. Both Restic and BorgBackup encrypt by default. Even if your backup storage is “trusted” (your own NAS), encryption protects against physical theft, compromised storage accounts, and mistakes. The performance overhead is negligible — modern CPUs handle AES-256 at gigabytes per second.

Can I use Syncthing as a backup solution?

Syncthing is a sync tool, not a backup tool. If you delete a file, Syncthing deletes it on all devices. If ransomware encrypts your files, Syncthing encrypts them everywhere. Syncthing has file versioning that provides some protection, but it’s not a substitute for proper point-in-time snapshots with retention policies. Use Syncthing for sync, Restic/Borg for backup.

How much backup storage do I need?

With deduplication, far less than you’d expect. A 500 GB dataset with daily backups kept for 30 days typically uses 600-700 GB of backup storage (not 15 TB). The first backup is full-size; subsequent backups only store changed blocks. Start with 2x your source data size and adjust from there.

What about Proxmox Backup Server?

Proxmox Backup Server is excellent for VM and container backups — it integrates natively with Proxmox VE. But it’s not a general-purpose file backup tool. Use PBS for your Proxmox VMs and containers, and Restic/Borg for everything else (Docker volumes, config files, databases).

Is Duplicati reliable for critical data?

Use with caution. Duplicati has known issues with database corruption on large backup sets and occasional failed restores. For non-critical data (media libraries, replaceable files), it’s fine. For critical data (databases, configs, irreplaceable files), use Restic or BorgBackup and verify restores quarterly.

How do I back up Docker volumes?

Two approaches: (1) Stop containers, back up the volume directory (simplest but causes downtime). (2) Use docker run --rm --volumes-from container -v $(pwd):/backup alpine tar czf /backup/volume.tar.gz /path to back up while running — safe for file-based data, but NOT safe for databases. Always dump databases first with their native tools.

Can I use rclone instead of a dedicated backup tool?

Rclone is a sync/copy tool — it mirrors files to cloud storage but doesn’t provide deduplication, encryption, retention policies, or point-in-time snapshots. You can use rclone as a backend for Restic (restic -r rclone:remote:bucket) to combine Restic’s backup capabilities with rclone’s storage backend support.

What’s the cheapest way to do offsite backups?

Hetzner Storage Boxes ($3.80/TB/month) or Backblaze B2 ($6/TB/month). Both support Restic natively. For extreme budget: back up to a friend or family member’s server via SFTP — cost is $0 if they do the same to your server (mutual backup). This is the original 3-2-1 approach.

Related Articles

compare

Restic vs Kopia vs BorgBackup: Best Backup Tool?

Three-way comparison of Restic, Kopia, and BorgBackup for self-hosted backup — deduplication, speed, cloud support, and ...

replace

Self-Hosted Alternatives to Backblaze

Best self-hosted backup solutions to replace Backblaze Personal and B2 with encrypted, deduplicated backups you fully co...

replace

Self-Hosted Alternatives to CrashPlan

Replace CrashPlan with self-hosted backup solutions like Borgmatic, Restic, Duplicati, and Kopia. Full 3-2-1 backups wit...

replace

Self-Hosted Alternatives to iCloud Backup

Best self-hosted alternatives to iCloud backup — Restic, Syncthing, Kopia, and BorgBackup compared with migration guide ...

replace

Self-Hosted Alternatives to Time Machine

Best self-hosted alternatives to Apple Time Machine for network backups — BorgBackup, Restic, Kopia, and Samba Time Mach...

foundations

Self-Hosted Backup Strategy Guide

Complete backup strategy for self-hosted infrastructure — tools, automation, schedules, offsite storage, and restore tes...

Read Next Restic vs Kopia vs BorgBackup: Best Backup Tool?

Comments