{"id":1716,"date":"2025-11-11T20:40:34","date_gmt":"2025-11-11T17:40:34","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/rclone-ile-s3-backblaze-b2-yedek-senkronizasyonu-sse-lifecycle-ve-glacier-ile-masrafi-nasil-tatli-tatli-dusururuz\/"},"modified":"2025-11-11T20:40:34","modified_gmt":"2025-11-11T17:40:34","slug":"rclone-ile-s3-backblaze-b2-yedek-senkronizasyonu-sse-lifecycle-ve-glacier-ile-masrafi-nasil-tatli-tatli-dusururuz","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/rclone-ile-s3-backblaze-b2-yedek-senkronizasyonu-sse-lifecycle-ve-glacier-ile-masrafi-nasil-tatli-tatli-dusururuz\/","title":{"rendered":"rclone ile S3\/Backblaze B2 Yedek Senkronizasyonu: SSE, Lifecycle ve Glacier ile Masraf\u0131 Nas\u0131l Tatl\u0131 Tatl\u0131 D\u00fc\u015f\u00fcr\u00fcr\u00fcz?"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#Bir_Fatura_Bir_Ders_Yedekler_Nereye_Kosuyor\"><span class=\"toc_number toc_depth_1\">1<\/span> Bir Fatura, Bir Ders: Yedekler Nereye Ko\u015fuyor?<\/a><\/li><li><a href=\"#Neyi_Nereye_ve_Neden_Stratejinin_Iskeleti\"><span class=\"toc_number toc_depth_1\">2<\/span> Neyi, Nereye ve Neden? Stratejinin \u0130skeleti<\/a><\/li><li><a href=\"#rclone_ile_Ilk_Temas_S3_ve_B2_Uzaktan_Baglantilari\"><span class=\"toc_number toc_depth_1\">3<\/span> rclone ile \u0130lk Temas: S3 ve B2 Uzaktan Ba\u011flant\u0131lar\u0131<\/a><ul><li><a href=\"#Ortam_degiskenleriyle_temiz_bir_baslangic\"><span class=\"toc_number toc_depth_2\">3.1<\/span> Ortam de\u011fi\u015fkenleriyle temiz bir ba\u015flang\u0131\u00e7<\/a><\/li><li><a href=\"#Uzaklari_adlandirmak_Sadelik_iyidir\"><span class=\"toc_number toc_depth_2\">3.2<\/span> Uzaklar\u0131 adland\u0131rmak: Sadelik iyidir<\/a><\/li><li><a href=\"#Ilk_senkron_Kucuk_bir_prova\"><span class=\"toc_number toc_depth_2\">3.3<\/span> \u0130lk senkron: K\u00fc\u00e7\u00fck bir prova<\/a><\/li><\/ul><\/li><li><a href=\"#SSE_Neden_Onemli_S3te_B2de_Nasil_Acilir\"><span class=\"toc_number toc_depth_1\">4<\/span> SSE Neden \u00d6nemli? S3\u2019te, B2\u2019de Nas\u0131l A\u00e7\u0131l\u0131r?<\/a><\/li><li><a href=\"#Lifecycle_Dokunusu_ve_Glaciere_Giden_Yol\"><span class=\"toc_number toc_depth_1\">5<\/span> Lifecycle Dokunu\u015fu ve Glacier\u2019e Giden Yol<\/a><\/li><li><a href=\"#Pratik_rclone_Komutlari_ve_Kucuk_Sihirler\"><span class=\"toc_number toc_depth_1\">6<\/span> Pratik rclone Komutlar\u0131 ve K\u00fc\u00e7\u00fck Sihirler<\/a><ul><li><a href=\"#Sync_mi_Copy_mi_rcat_mi\"><span class=\"toc_number toc_depth_2\">6.1<\/span> Sync mi, Copy mi, rcat mi?<\/a><\/li><li><a href=\"#Filtrelemek_Her_seyi_tasimak_zorunda_degilsin\"><span class=\"toc_number toc_depth_2\">6.2<\/span> Filtrelemek: Her \u015feyi ta\u015f\u0131mak zorunda de\u011filsin<\/a><\/li><li><a href=\"#Hiz_ayari_Trafigi_nazikce_kullan\"><span class=\"toc_number toc_depth_2\">6.3<\/span> H\u0131z ayar\u0131: Trafi\u011fi nazik\u00e7e kullan<\/a><\/li><li><a href=\"#Dogrulama_Guven_iyidir_check_daha_iyi\"><span class=\"toc_number toc_depth_2\">6.4<\/span> Do\u011frulama: G\u00fcven iyidir, check daha iyi<\/a><\/li><\/ul><\/li><li><a href=\"#Masrafi_Dusurmenin_Gunluk_Halleri\"><span class=\"toc_number toc_depth_1\">7<\/span> Masraf\u0131 D\u00fc\u015f\u00fcrmenin G\u00fcnl\u00fck Halleri<\/a><\/li><li><a href=\"#Kurtarma_Provasi_Dosyayi_Geri_Almak_Sistemi_Ayaga_Kaldirmak\"><span class=\"toc_number toc_depth_1\">8<\/span> Kurtarma Provas\u0131: Dosyay\u0131 Geri Almak, Sistemi Aya\u011fa Kald\u0131rmak<\/a><\/li><li><a href=\"#Otomasyon_Cron_systemd_ve_Saglik_Kontrolleri\"><span class=\"toc_number toc_depth_1\">9<\/span> Otomasyon: Cron, systemd ve Sa\u011fl\u0131k Kontrolleri<\/a><\/li><li><a href=\"#Guvenlik_Anahtarlar_Izinler_ve_Sinirlar\"><span class=\"toc_number toc_depth_1\">10<\/span> G\u00fcvenlik: Anahtarlar, \u0130zinler ve S\u0131n\u0131rlar<\/a><\/li><li><a href=\"#Gercek_Dunya_WordPress_ve_PostgreSQL_ile_Kucuk_Senaryolar\"><span class=\"toc_number toc_depth_1\">11<\/span> Ger\u00e7ek D\u00fcnya: WordPress ve PostgreSQL ile K\u00fc\u00e7\u00fck Senaryolar<\/a><ul><li><a href=\"#WordPress_dosyalari_ve_medya_arsivleri\"><span class=\"toc_number toc_depth_2\">11.1<\/span> WordPress dosyalar\u0131 ve medya ar\u015fivleri<\/a><\/li><li><a href=\"#PostgreSQL_WAL_akarken_guvenli_bir_liman\"><span class=\"toc_number toc_depth_2\">11.2<\/span> PostgreSQL: WAL akarken g\u00fcvenli bir liman<\/a><\/li><li><a href=\"#Sunucuyu_bastan_kurmak_gerektiginde\"><span class=\"toc_number toc_depth_2\">11.3<\/span> Sunucuyu ba\u015ftan kurmak gerekti\u011finde<\/a><\/li><\/ul><\/li><li><a href=\"#Kapanis_Akis_Kuruldugunda_Sessizce_Calisir\"><span class=\"toc_number toc_depth_1\">12<\/span> Kapan\u0131\u015f: Ak\u0131\u015f Kuruldu\u011funda Sessizce \u00c7al\u0131\u015f\u0131r<\/a><\/li><\/ul><\/div>\n<h2 id=\"section-1\"><span id=\"Bir_Fatura_Bir_Ders_Yedekler_Nereye_Kosuyor\">Bir Fatura, Bir Ders: Yedekler Nereye Ko\u015fuyor?<\/span><\/h2>\n<p>Hi\u00e7 \u00f6yle bulan\u0131k bir pazartesi sabah\u0131, kahveni al\u0131p masaya oturmu\u015fken bir anda gelen depolama faturas\u0131yla irkilip, \u201cBen bu kadar veri mi tuttum?\u201d diye d\u00fc\u015f\u00fcnd\u00fcn m\u00fc? Ben d\u00fc\u015f\u00fcnd\u00fcm. O g\u00fcn, yedeklerin sadece diskte de\u011fil, ak\u0131lda da bir stratejiye ihtiya\u00e7 duydu\u011funu hat\u0131rlad\u0131m. \u00c7\u00fcnk\u00fc yedek almak tek ba\u015f\u0131na kahramanl\u0131k say\u0131lm\u0131yor; neyi, nereye, ne kadar s\u00fcreyle, hangi \u015fifrelemeyle ve hangi s\u0131n\u0131fta tuttu\u011fun, i\u015fin as\u0131l masals\u0131 k\u0131sm\u0131.<\/p>\n<p>\u0130\u015fte burada rclone devreye giriyor. S3 ve Backblaze B2 gibi bulut depolama servislerine, sanki elinde bir d\u00fcmen varm\u0131\u015f gibi seri ve g\u00fcvenli \u015fekilde evrak ta\u015f\u0131yorsun. Araya <strong>SSE<\/strong> ile sunucu taraf\u0131 \u015fifreleme serpi\u015ftiriyorsun, <strong>lifecycle<\/strong> kurallar\u0131 ekleyip ya\u015flanan veriyi so\u011fuk b\u00f6lgelere g\u00f6nderiyorsun, gerekti\u011finde S3\u2019te <strong>Glacier<\/strong>\u2019e yat\u0131r\u0131yorsun. Hepsi bir ritim tutturunca, masraf grafi\u011fi a\u015fa\u011f\u0131 do\u011fru s\u00fcz\u00fcl\u00fcyor. Bu yaz\u0131da, pratik komutlarla, \u00f6rneklerle ve \u201cger\u00e7ekten b\u00f6yle olabiliyor mu?\u201d diyece\u011fin k\u00fc\u00e7\u00fck ipu\u00e7lar\u0131yla bu ritmi birlikte kuraca\u011f\u0131z.<\/p>\n<h2 id=\"section-2\"><span id=\"Neyi_Nereye_ve_Neden_Stratejinin_Iskeleti\">Neyi, Nereye ve Neden? Stratejinin \u0130skeleti<\/span><\/h2>\n<p>\u00d6nce niyet. G\u00fcnl\u00fck yedekler nerede dursun, ayl\u0131k ar\u015fivler nereye insin, kritik dosyalar ne kadar s\u00fcre saklans\u0131n? Mesela \u015f\u00f6yle d\u00fc\u015f\u00fcn: Uygulaman\u0131n g\u00fcnl\u00fck dosyalar\u0131n\u0131 ve medyalar\u0131n\u0131 S3\u2019te s\u0131cak tut, 30 g\u00fcn\u00fc a\u015fanlar\u0131 kademeli \u015fekilde so\u011fut, \u00fc\u00e7 ay\u0131 ge\u00e7enleri Glacier\u2019e park et. B2 taraf\u0131nda da eski versiyonlar\u0131 belirli bir s\u00fcrede temizle, sadece ay sonu anl\u0131k g\u00f6r\u00fcnt\u00fclerini sakla. Kula\u011fa d\u00fczen gibi geliyor, de\u011fil mi?<\/p>\n<p>Sonra g\u00fcvenlik. Asla \u00e7\u0131plak veriyi d\u0131\u015far\u0131 g\u00f6ndermemek, en az\u0131ndan sunucu taraf\u0131nda bir perde kullanmak, yani SSE. Yetmiyorsa u\u00e7tan uca \u015fifreleme i\u00e7in rclone\u2019un <strong>crypt<\/strong> uzant\u0131s\u0131n\u0131 d\u00fc\u015f\u00fcn. Eri\u015fim anahtarlar\u0131n\u0131 da gereksiz geni\u015f tutma; hem S3 hem B2 taraf\u0131nda sadece gerekli izinleri ver, bir klas\u00f6r\u00fcn d\u0131\u015f\u0131na ta\u015fmas\u0131nlar.<\/p>\n<p>Ve en sevdi\u011fimiz k\u0131s\u0131m: maliyet. K\u00fc\u00e7\u00fck dosyalar\u0131n say\u0131s\u0131 artt\u0131k\u00e7a API \u00e7a\u011fr\u0131lar\u0131 \u015fi\u015fer. Bazen b\u00fcy\u00fck bir ar\u015fiv dosyas\u0131 olu\u015fturup ak\u0131tmak daha tatl\u0131d\u0131r. Bazense do\u011frudan senkron iyi \u00e7al\u0131\u015f\u0131r. \u0130\u015fin sihri, senin verinin do\u011fas\u0131na g\u00f6re denge kurmakta.<\/p>\n<h2 id=\"section-3\"><span id=\"rclone_ile_Ilk_Temas_S3_ve_B2_Uzaktan_Baglantilari\">rclone ile \u0130lk Temas: S3 ve B2 Uzaktan Ba\u011flant\u0131lar\u0131<\/span><\/h2>\n<h3><span id=\"Ortam_degiskenleriyle_temiz_bir_baslangic\">Ortam de\u011fi\u015fkenleriyle temiz bir ba\u015flang\u0131\u00e7<\/span><\/h3>\n<p>Hesap anahtarlar\u0131n\u0131 dosyaya yaymak yerine ortam de\u011fi\u015fkenleriyle beslemek hem pratik hem tertipli. K\u00fc\u00e7\u00fck bir \u00f6rnek b\u0131rakay\u0131m.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># S3 (AWS uyumlu) i\u00e7in\nexport AWS_ACCESS_KEY_ID=&quot;AKI...&quot;\nexport AWS_SECRET_ACCESS_KEY=&quot;...&quot;\n\n# Backblaze B2 i\u00e7in\nexport B2_ACCOUNT_ID=&quot;...&quot;\nexport B2_ACCOUNT_KEY=&quot;...&quot;\n<\/code><\/pre>\n<h3><span id=\"Uzaklari_adlandirmak_Sadelik_iyidir\">Uzaklar\u0131 adland\u0131rmak: Sadelik iyidir<\/span><\/h3>\n<p>rclone\u2019da her hedeften \u00f6nce ona bir isim veriyoruz. Basit, ak\u0131lda kal\u0131c\u0131, m\u00fcmk\u00fcnse ortam\u0131 da anlatan bir ad se\u00e7. \u201cbackup-s3\u201d ve \u201cbackup-b2\u201d gibi.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># S3 remotesi (SSE: AES256 \u00f6rnek)\nrclone config create backup-s3 s3 \n  provider AWS \n  region eu-central-1 \n  acl private \n  server_side_encryption AES256\n\n# B2 remotesi\nrclone config create backup-b2 b2 \n  hard_delete true\n<\/code><\/pre>\n<p>Burada S3 i\u00e7in SSE\u2019yi remotenin varsay\u0131lan\u0131 yapt\u0131k. B2 i\u00e7in de \u201chard delete\u201d se\u00e7ene\u011fiyle ger\u00e7ekten silinsin mi, versiyonlama m\u0131? karar\u0131n\u0131 bilerek veriyorsun. Versiyonlamay\u0131 a\u00e7\u0131k tutacaksan hard delete\u2019i kapatmak daha uygun olur.<\/p>\n<h3><span id=\"Ilk_senkron_Kucuk_bir_prova\">\u0130lk senkron: K\u00fc\u00e7\u00fck bir prova<\/span><\/h3>\n<p>Elinde yerel bir klas\u00f6r var: \u201c\/srv\/backups\u201d. Bunu S3\u2019e ak\u0131tal\u0131m. Basit ama i\u015f g\u00f6ren bir komut \u015f\u00f6yle:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">rclone sync \/srv\/backups backup-s3:mybucket\/prod \n  --checksum \n  --fast-list \n  --transfers 8 \n  --checkers 16 \n  --s3-chunk-size 64M \n  --progress\n<\/code><\/pre>\n<p>Senin dosyalar\u0131n \u00e7ok k\u00fc\u00e7\u00fckse aktar\u0131mlar\u0131 art\u0131rmak i\u015fine yarayabilir; \u00e7ok b\u00fcy\u00fck dosyalar i\u00e7inse par\u00e7a boyutunu b\u00fcy\u00fctmek s\u00fcreklilik sa\u011flar. Hemen ard\u0131ndan bir kontrol de ekleyelim:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">rclone check \/srv\/backups backup-s3:mybucket\/prod --one-way --size-only<\/code><\/pre>\n<p>Burada checksum yerine boyuttan kontrol ettik; \u00e7ok say\u0131da dosyada h\u0131z kazan\u0131rs\u0131n. \u00d6nemli olan, bir standarda ba\u011flay\u0131p d\u00fczenli tekrar etmek.<\/p>\n<h2 id=\"section-4\"><span id=\"SSE_Neden_Onemli_S3te_B2de_Nasil_Acilir\">SSE Neden \u00d6nemli? S3\u2019te, B2\u2019de Nas\u0131l A\u00e7\u0131l\u0131r?<\/span><\/h2>\n<p>Sunucu taraf\u0131 \u015fifreleme, veriyi depoda \u015fifreli tutar. Sen veriyi g\u00f6nderdikten sonra servis sa\u011flay\u0131c\u0131 anahtar\u0131 kendi taraf\u0131nda y\u00f6netir. Bu sayede \u201c\u00e7imde unuttum\u201d diye \u00fcz\u00fclmezsin. S3\u2019te iki pratik yol var: sa\u011flay\u0131c\u0131n\u0131n anahtar\u0131n\u0131 kullanmak (AES256) ya da y\u00f6netilen bir anahtar servisiyle idare etmek (KMS). \u0130kisi de i\u015fini g\u00f6r\u00fcr; g\u00fcvenlik politikana g\u00f6re se\u00e7ersin.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># S3'te komut baz\u0131nda SSE'yi zorlamak\nrclone copy \/srv\/dumps\/db.sql.zst backup-s3:mybucket\/prod\/db \n  --s3-server-side-encryption AES256\n\n# KMS kullanacaksan \u00f6rnek (KMS anahtar kimli\u011fi gerektirir)\nrclone copy \/srv\/secrets.tar backup-s3:mybucket\/prod\/secure \n  --s3-server-side-encryption aws:kms \n  --s3-sse-kms-key-id &quot;arn:aws:kms:...:key\/xxxx&quot;\n<\/code><\/pre>\n<p>Backblaze B2 taraf\u0131nda da sunucu taraf\u0131 \u015fifreleme se\u00e7enekleri bulunuyor. Genelde kovay\u0131 olu\u015ftururken veya hesap ayarlar\u0131nda varsay\u0131lan\u0131 tan\u0131mlars\u0131n, rclone taraf\u0131nda da uzaktan ayara ekleyebilirsin. Net olan \u015fu: \u015fifrelemeyi bir defa al\u0131\u015fkanl\u0131k haline getirince, yedeklerin i\u00e7ini \u00e7ok daha rahat eder \u015fekilde uyursun.<\/p>\n<p>Konu derinle\u015fsin istersen, <a href=\"https:\/\/rclone.org\/s3\/\" rel=\"nofollow noopener\" target=\"_blank\">rclone S3 se\u00e7enekleri<\/a> sayfas\u0131na ara s\u0131ra g\u00f6z atmak iyi gelir; se\u00e7enek isimleri ve k\u00fc\u00e7\u00fck n\u00fcanslar orada taptaze durur.<\/p>\n<h2 id=\"section-5\"><span id=\"Lifecycle_Dokunusu_ve_Glaciere_Giden_Yol\">Lifecycle Dokunu\u015fu ve Glacier\u2019e Giden Yol<\/span><\/h2>\n<p>Yedeklerin \u00e7o\u011fu ilk g\u00fcn \u00e7ok de\u011ferli, onuncu g\u00fcn h\u00e2l\u00e2 \u00f6nemli, doksan\u0131nc\u0131 g\u00fcn ise art\u0131k ar\u015fiv. \u0130\u015fte lifecycle burada hayat kurtar\u0131yor. S3 taraf\u0131nda \u201c30 g\u00fcnden sonra daha so\u011fuk s\u0131n\u0131fa indir, 90 g\u00fcnde Glacier\u2019e koy, 365\u2019te sil\u201d gibi kurallar kibarca i\u015f g\u00f6r\u00fcr. Arada \u201cglacier\u2019e ta\u015f\u0131nan dosyay\u0131 sildi\u011fimde versiyonunu \u015fu kadar s\u00fcre daha sakla\u201d diyerek ince ayar da yap\u0131labilir.<\/p>\n<p>\u00d6rnek bir S3 Lifecycle politikas\u0131; konsoldan da yap\u0131l\u0131r, kodla da. Mant\u0131k anla\u015f\u0131l\u0131r olsun diye sadele\u015ftirdim:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">{\n  &quot;Rules&quot;: [\n    {\n      &quot;ID&quot;: &quot;prod-logs&quot;,\n      &quot;Filter&quot;: { &quot;Prefix&quot;: &quot;prod\/logs\/&quot; },\n      &quot;Status&quot;: &quot;Enabled&quot;,\n      &quot;Transitions&quot;: [\n        { &quot;Days&quot;: 30, &quot;StorageClass&quot;: &quot;STANDARD_IA&quot; },\n        { &quot;Days&quot;: 90, &quot;StorageClass&quot;: &quot;GLACIER&quot; }\n      ],\n      &quot;Expiration&quot;: { &quot;Days&quot;: 365 }\n    }\n  ]\n}\n<\/code><\/pre>\n<p>Backblaze B2\u2019de yakla\u015f\u0131m biraz farkl\u0131. B2\u2019nin g\u00fc\u00e7l\u00fc yan\u0131, dosya versiyonlar\u0131n\u0131 ve saklama politikas\u0131n\u0131 basit\u00e7e y\u00f6netebilmen. \u201c30 g\u00fcnden eski versiyonlar\u0131 sil, sadece son versiyonu tut\u201d gibi kurallarla masraf\u0131n\u0131 kontrol edersin. Dilersen ay sonunda olu\u015fturdu\u011fun b\u00fcy\u00fck ar\u015fivleri aylarca tutar, g\u00fcnl\u00fck k\u00fc\u00e7\u00fckleri \u00e7abuk temizlersin. Detay i\u00e7in <a href=\"https:\/\/www.backblaze.com\/b2\/docs\/lifecycle_rules.html\" rel=\"nofollow noopener\" target=\"_blank\">Backblaze B2 lifecycle kurallar\u0131<\/a> sayfas\u0131na g\u00f6z atman pratik olur.<\/p>\n<p>Depolama s\u0131n\u0131flar\u0131 ve ar\u015fiv taraf\u0131nda, S3\u2019in resm\u00ee anlat\u0131m\u0131 da elinin alt\u0131nda olsun istersen, <a href=\"https:\/\/docs.aws.amazon.com\/AmazonS3\/latest\/userguide\/storage-class-intro.html\" rel=\"nofollow noopener\" target=\"_blank\">S3 depolama s\u0131n\u0131flar\u0131 ve Glacier<\/a> yaz\u0131s\u0131 ak\u0131lda kalan bir \u00f6zet sunuyor.<\/p>\n<h2 id=\"section-6\"><span id=\"Pratik_rclone_Komutlari_ve_Kucuk_Sihirler\">Pratik rclone Komutlar\u0131 ve K\u00fc\u00e7\u00fck Sihirler<\/span><\/h2>\n<h3><span id=\"Sync_mi_Copy_mi_rcat_mi\">Sync mi, Copy mi, rcat mi?<\/span><\/h3>\n<p>\u201csync\u201d yerel ile uzak hedefi ayn\u0131 hale getirir; yerelde silinen dosya uzak taraftan da u\u00e7ar. Bu g\u00fczel ama risklidir. \u201ccopy\u201d ise sadece ekler\/g\u00fcnceller, silmez. \u0130lk kurdu\u011fun ak\u0131\u015flarda \u201ccopy\u201d daha g\u00fcvenlidir; senkrona sonra ge\u00e7ersin. \u201crcat\u201d ise favorilerimden: bir ak\u0131\u015f\u0131 do\u011frudan uzak tarafa boru gibi d\u00f6kersin, dosyay\u0131 diske yazmadan.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># Sadece ekle\/g\u00fcncelle\nrclone copy \/srv\/media backup-b2:site-media\/prod \n  --transfers 16 --checkers 32 --fast-list --progress\n\n# Borudan ak\u0131t: b\u00fcy\u00fck ar\u015fivleri diske yazmadan G\u00f6nder\nsudo tar -I 'zstd -19 --long=31' -cf - \/var\/www \n | rclone rcat backup-s3:mybucket\/prod\/archives\/site-$(date +%F).tar.zst\n<\/code><\/pre>\n<h3><span id=\"Filtrelemek_Her_seyi_tasimak_zorunda_degilsin\">Filtrelemek: Her \u015feyi ta\u015f\u0131mak zorunda de\u011filsin<\/span><\/h3>\n<p>Yedeklerde gereksiz dosyalar \u00e7abuk \u015fi\u015firir. \u00d6rne\u011fin \u201cnode_modules\u201d ya da ge\u00e7ici cache\u2019leri ta\u015f\u0131mayabilirsin. rclone\u2019un dahil\/hari\u00e7 filtreleri hayat kurtar\u0131r.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">rclone sync \/srv\/app backup-s3:mybucket\/prod\/app \n  --exclude &quot;.cache\/**&quot; \n  --exclude &quot;node_modules\/**&quot; \n  --exclude &quot;*.tmp&quot; \n  --progress\n<\/code><\/pre>\n<h3><span id=\"Hiz_ayari_Trafigi_nazikce_kullan\">H\u0131z ayar\u0131: Trafi\u011fi nazik\u00e7e kullan<\/span><\/h3>\n<p>Geceleri daha h\u0131zl\u0131, g\u00fcnd\u00fczleri nazik \u00e7al\u0131\u015fmak isteyebilirsin. Bant geni\u015fli\u011fi s\u0131n\u0131rlamak bazen kom\u015funu, bazen sunucunu korur.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># 22:00-06:00 aras\u0131nda 0.5Gbit\/s, di\u011fer zamanlarda 50Mbit\/s\nrclone sync \/srv\/backups backup-b2:team\/prod \n  --bwlimit &quot;22:00,500M 06:00,50M&quot; \n  --progress\n<\/code><\/pre>\n<h3><span id=\"Dogrulama_Guven_iyidir_check_daha_iyi\">Do\u011frulama: G\u00fcven iyidir, check daha iyi<\/span><\/h3>\n<p>Arada bir \u201ccheck\u201d \u00e7al\u0131\u015ft\u0131rmak rahatlat\u0131r. \u00d6zellikle b\u00fcy\u00fck temizliklerden sonra.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">rclone check backup-s3:mybucket\/prod backup-b2:myreplica\/prod --one-way<\/code><\/pre>\n<p>B\u00f6ylece S3\u2019te olan\u0131n B2 taraf\u0131nda da g\u00f6r\u00fcnd\u00fc\u011f\u00fcn\u00fc, en az\u0131ndan boyut ve varsa imzalarla teyit etmi\u015f olursun.<\/p>\n<h2 id=\"section-7\"><span id=\"Masrafi_Dusurmenin_Gunluk_Halleri\">Masraf\u0131 D\u00fc\u015f\u00fcrmenin G\u00fcnl\u00fck Halleri<\/span><\/h2>\n<p>\u0130\u015fin s\u0131rr\u0131 k\u00fc\u00e7\u00fck al\u0131\u015fkanl\u0131klarda. Birincisi, gereksiz s\u00fcr\u00fcmleri h\u0131zl\u0131ca s\u00fcp\u00fcrmek. G\u00fcnde onlarca k\u00fc\u00e7\u00fck s\u00fcr\u00fcm tutmak yerine, saatlikleri k\u0131sa, g\u00fcnl\u00fckleri orta, ayl\u0131klar\u0131 uzun saklamak masraf\u0131 inceltir. \u0130kincisi, k\u00fc\u00e7\u00fck dosya selini bir ar\u015fivde toplay\u0131p ak\u0131tmak; API \u00e7a\u011fr\u0131s\u0131 say\u0131s\u0131 ve meta veri maliyeti d\u00fc\u015fer. \u00dc\u00e7\u00fcnc\u00fcs\u00fc, S3\u2019te s\u0131n\u0131f ge\u00e7i\u015flerini cesurca kurgulamak; s\u0131k bakmad\u0131\u011f\u0131n veriyi \u0131srarla s\u0131cak elde tutman\u0131n anlam\u0131 yok.<\/p>\n<p>D\u00f6rd\u00fcnc\u00fcs\u00fc, yeniden indirme ihtiyac\u0131n\u0131 azaltan bir katalog d\u00fczeni kurmak. Dizin yap\u0131n\u0131 \u201cprod\/ay\/y\u0131l\/g\u00fcn\u201d gibi insan\u0131n bak\u0131nca anlad\u0131\u011f\u0131 bir d\u00fczende kurgula. Be\u015fincisi, kimlerin eri\u015fti\u011fini bilmek ve g\u00fcnl\u00fckleri arada bir g\u00f6zden ge\u00e7irmek; gereksiz b\u00f6lgelere \u00f6dedi\u011fin trafik \u00fccreti g\u00f6z\u00fcn\u00fcn ucundan ka\u00e7mas\u0131n.<\/p>\n<p>Ve elbette, deneme. Bir hafta daha b\u00fcy\u00fck par\u00e7a boyutu, bir hafta daha k\u00fc\u00e7\u00fck; bir hafta daha fazla e\u015fzamanl\u0131 aktar\u0131m, sonra tam tersi. Senin verin nas\u0131l akmak istiyorsa en iyi cevab\u0131 o s\u00f6yl\u00fcyor.<\/p>\n<h2 id=\"section-8\"><span id=\"Kurtarma_Provasi_Dosyayi_Geri_Almak_Sistemi_Ayaga_Kaldirmak\">Kurtarma Provas\u0131: Dosyay\u0131 Geri Almak, Sistemi Aya\u011fa Kald\u0131rmak<\/span><\/h2>\n<p>Yedek almak kadar geri d\u00f6nebildi\u011fini g\u00f6rmek de \u00f6nemli. Bunun i\u00e7in k\u00fc\u00e7\u00fck rit\u00fceller belirle. Ayda bir, rastgele bir dosyay\u0131 indir ve a\u00e7. \u00dc\u00e7 ayda bir, ciddi bir geri d\u00f6n\u00fc\u015f sim\u00fclasyonu yap. Bir WordPress ar\u015fivini indir, ba\u015fka bir klas\u00f6re a\u00e7, \u201c\u00e7al\u0131\u015f\u0131yor mu?\u201d sorusunun cevab\u0131n\u0131 kendin duy.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># Se\u00e7ili klas\u00f6r\u00fc geri getir\nrclone copy backup-s3:mybucket\/prod\/archives\/site-2024-11-01.tar.zst \/restore\/\n\n# Sadece loglar\u0131 indir\nrclone copy backup-b2:team\/prod\/logs \/var\/tmp\/restore-logs \n  --include &quot;*.log&quot; \n  --max-age 30d\n<\/code><\/pre>\n<p>Plan\u0131 yaz\u0131ya d\u00f6kmek, ekibin birlikte prova yapmas\u0131yla anlam kazan\u0131r. Burada \u015fu yaz\u0131, d\u00fc\u015f\u00fcnceyi derli toplu hale getirmekte iyi bir yolda\u015f: <a href=\"https:\/\/www.dchost.com\/blog\/felaket-kurtarma-plani-nasil-yazilir-rto-rpoyu-kafada-netlestirip-yedek-testleri-ve-runbooklari-gercekten-calisir-hale-getirmek\/\">felaket kurtarma plan\u0131 ve RTO\/RPO\u2019yu netle\u015ftirmek<\/a>. Okurken bir iki \u201ckendi i\u015fime nas\u0131l uyarlar\u0131m?\u201d notu d\u00fc\u015fersen sonraki provada meyvesini g\u00f6r\u00fcrs\u00fcn.<\/p>\n<h2 id=\"section-9\"><span id=\"Otomasyon_Cron_systemd_ve_Saglik_Kontrolleri\">Otomasyon: Cron, systemd ve Sa\u011fl\u0131k Kontrolleri<\/span><\/h2>\n<p>Elle \u00e7al\u0131\u015ft\u0131r\u0131lan yedek, en iyi ihtimalle bug\u00fcn vard\u0131r; yar\u0131n kalmayabilir. Otomasyon bu y\u00fczden var. Basit bir cron sat\u0131r\u0131yla i\u015fe ba\u015flamak her zaman m\u00fcmk\u00fcn.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># Her gece 02:15'te S3'e senkron\n15 2 * * * \/usr\/bin\/rclone sync \/srv\/backups backup-s3:mybucket\/prod \n  --fast-list --checksum --log-level INFO \n  --log-file \/var\/log\/rclone-backup-s3.log\n<\/code><\/pre>\n<p>systemd sevenlere ufak bir iskelet:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># \/etc\/systemd\/system\/rclone-backup.service\n[Unit]\nDescription=Rclone backup to S3\n\n[Service]\nType=oneshot\nEnvironmentFile=\/etc\/default\/rclone-backup\nExecStart=\/usr\/bin\/rclone sync \/srv\/backups backup-s3:mybucket\/prod \n  --checksum --fast-list --log-level INFO \n  --log-file \/var\/log\/rclone-backup-s3.log\n\n# \/etc\/systemd\/system\/rclone-backup.timer\n[Unit]\nDescription=Nightly rclone backup\n\n[Timer]\nOnCalendar=*-*-* 02:15:00\nPersistent=true\n\n[Install]\nWantedBy=timers.target\n<\/code><\/pre>\n<p>Bir de sa\u011fl\u0131k sinyali al\u0131\u015fkanl\u0131\u011f\u0131 ekleyebilirsin: \u0130\u015f bitti\u011finde k\u00fc\u00e7\u00fck bir HTTP \u00e7a\u011fr\u0131s\u0131 atmak, grafikte ye\u015fil bir tik g\u00f6rmek iyi gelir. Loglar\u0131 d\u00f6ng\u00fcsel tutup arada \u201cERROR\u201d taramas\u0131 yapmak da minik bir cankurtaran.<\/p>\n<p>Altyap\u0131y\u0131 kodla y\u00f6netiyorsan, yedek kovalar\u0131n\u0131 ve kurallar\u0131n\u0131 da kodda tutmak huzur verir. \u0130lham ar\u0131yorsan, \u015fu yaz\u0131 fikir verir: <a href=\"https:\/\/www.dchost.com\/blog\/terraform-ile-vps-ve-dns-otomasyonu-cloudflare-proxmox-openstack-ve-sifir-kesinti-dagitim-nasil-bir-araya-gelir\/\">Terraform ile VPS ve DNS otomasyonu<\/a>. Ayn\u0131 zihniyetle S3 Lifecycle, IAM kullan\u0131c\u0131lar\u0131 ve B2 kovalar\u0131 da tekrar \u00fcretilebilir olur.<\/p>\n<h2 id=\"section-10\"><span id=\"Guvenlik_Anahtarlar_Izinler_ve_Sinirlar\">G\u00fcvenlik: Anahtarlar, \u0130zinler ve S\u0131n\u0131rlar<\/span><\/h2>\n<p>Yedek anahtarlar\u0131, \u015fifresiz hazine gibidir. En az yetki kural\u0131n\u0131 benimse. S3 i\u00e7in sadece \u201clist, put, get\u201d gibi gerekli izni ver, kovay\u0131 ve m\u00fcmk\u00fcnse alt yol \u00f6n ekiyle s\u0131n\u0131rla. B2\u2019de uygulama anahtar\u0131n\u0131 tek bir kovayla ve belirli bir \u00f6nekle kilitle, s\u00fcresini de k\u0131s\u0131tla. Ortam de\u011fi\u015fkenlerini sadece yedek kullan\u0131c\u0131s\u0131na g\u00f6r\u00fcn\u00fcr k\u0131l, loglarda s\u0131zd\u0131rma.<\/p>\n<p>\u0130kinci ad\u0131m, \u015fifreleme disiplinini b\u0131rakmamak. SSE\u2019yi varsay\u0131lan yap, \u00f6zel dosyalarda daha s\u0131k\u0131 bir anahtar y\u00f6netimi uygula. U\u00e7tan uca isteyenler i\u00e7in rclone crypt bir se\u00e7enek; ama anahtarlar\u0131n g\u00fcvenli saklanmas\u0131, yedeklerin eri\u015filebilirli\u011finden daha \u00f6nemli hale gelebilir. Dengeyi senin g\u00fcvenlik gereksinimin belirlesin.<\/p>\n<p>Son olarak, iz s\u00fcrme. Hangi i\u015flemler ne zaman yap\u0131lm\u0131\u015f bilmek, sorun oldu\u011funda hem s\u00fcreci hem de g\u00fcvenli\u011fi h\u0131zl\u0131ca toparlaman\u0131 sa\u011flar.<\/p>\n<h2 id=\"section-11\"><span id=\"Gercek_Dunya_WordPress_ve_PostgreSQL_ile_Kucuk_Senaryolar\">Ger\u00e7ek D\u00fcnya: WordPress ve PostgreSQL ile K\u00fc\u00e7\u00fck Senaryolar<\/span><\/h2>\n<h3><span id=\"WordPress_dosyalari_ve_medya_arsivleri\">WordPress dosyalar\u0131 ve medya ar\u015fivleri<\/span><\/h3>\n<p>WordPress\u2019i konteynerlerle \u00e7al\u0131\u015ft\u0131r\u0131yor olabilirsin. Dosyalar\u0131 s\u0131k s\u0131k oynar, medya klas\u00f6r\u00fc b\u00fcy\u00fcr. Dosyay\u0131 de\u011fil ak\u0131\u015f\u0131 yedeklemek istedi\u011fin g\u00fcnlerde \u015fu tarz bir boru pek tatl\u0131d\u0131r:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">cd \/var\/lib\/docker\/volumes\/wp_data\/_data\nsudo tar -I 'zstd -19 --long=31' -cf - . \n | rclone rcat backup-b2:site-media\/prod\/archives\/wp-$(date +%F).tar.zst\n<\/code><\/pre>\n<p>Uygulaman\u0131n nas\u0131l kuruldu\u011funa dair ak\u0131\u015flar\u0131 seviyorsan, bu yaz\u0131 ho\u015funa gidebilir: <a href=\"https:\/\/www.dchost.com\/blog\/docker-compose-ile-wordpress-nginx-mariadb-redis-nasil-tatli-tatli-akiyor-kalici-hacimler-otomatik-yedek-ve-guncelleme-akisi\/\">Docker Compose ile WordPress\u2019i tatl\u0131 tatl\u0131 yedeklemek<\/a>. Oradaki hacim mant\u0131\u011f\u0131n\u0131 bu yaz\u0131n\u0131n rclone ak\u0131\u015flar\u0131yla evlendirince, her gece uykun daha rahat olur.<\/p>\n<h3><span id=\"PostgreSQL_WAL_akarken_guvenli_bir_liman\">PostgreSQL: WAL akarken g\u00fcvenli bir liman<\/span><\/h3>\n<p>Veritaban\u0131nda en sevdi\u011fim yakla\u015f\u0131m, g\u00fcnl\u00fck tam yedek + ara ad\u0131mlarda s\u00fcrekli WAL ar\u015fivlemek. G\u00fcnl\u00fck yede\u011fi s\u0131k\u0131 s\u0131k\u0131ya bir ar\u015five al, sonra rclone ile uzak depoya ta\u015f\u0131. Ayr\u0131nt\u0131lar\u0131yla bir yol haritas\u0131 ar\u0131yorsan, \u015fu kaynak \u00e7ok i\u015f g\u00f6r\u00fcyor: <a href=\"https:\/\/www.dchost.com\/blog\/vps-uzerinde-postgresql-yedekleme-ve-pitr-pgbackrest-ile-wal-arsivleme-adim-adim\/\">pgBackRest ile WAL ar\u015fivleme<\/a>. Oradaki ak\u0131\u015f\u0131 B2\u2019ye ya da S3\u2019e ak\u0131tmak i\u00e7in, bu yaz\u0131daki rclone par\u00e7alar\u0131n\u0131 ufak oynamalarla yerle\u015ftirmek yeterli.<\/p>\n<h3><span id=\"Sunucuyu_bastan_kurmak_gerektiginde\">Sunucuyu ba\u015ftan kurmak gerekti\u011finde<\/span><\/h3>\n<p>Bir g\u00fcn s\u0131f\u0131rlamak gerekirse, yedekleri indirip servisleri aya\u011fa kald\u0131rmak kadar, altyap\u0131y\u0131 da h\u0131zl\u0131 kurabilmek \u00f6nemli. Ben genelde sunucu kurulumunu tekrar \u00fcretilebilir tutmay\u0131 seviyorum. Bu yolda fikir veren iki dost daha var: <a href=\"https:\/\/www.dchost.com\/blog\/bulutun-ilk-nefesi-cloud%E2%80%91init-ve-ansible-ile-tekrar-uretilebilir-vps-nasil-kurulur\/\">cloud-init ve Ansible ile tekrar \u00fcretilebilir VPS<\/a> ve az \u00f6nce payla\u015ft\u0131\u011f\u0131m otomasyon yaz\u0131s\u0131. Yedek + otomasyon ikilisi, felaket g\u00fcn\u00fcnde bir anda en yak\u0131n arkada\u015f\u0131na d\u00f6n\u00fc\u015f\u00fcyor.<\/p>\n<h2 id=\"section-12\"><span id=\"Kapanis_Akis_Kuruldugunda_Sessizce_Calisir\">Kapan\u0131\u015f: Ak\u0131\u015f Kuruldu\u011funda Sessizce \u00c7al\u0131\u015f\u0131r<\/span><\/h2>\n<p>Bir yedek, bir komut, sonra bir di\u011feri\u2026 derken ortaya akan bir nehir \u00e7\u0131k\u0131yor. rclone ile S3\/Backblaze B2 yedek senkronizasyonu, ilk bak\u0131\u015fta \u201ckomut ezberleme\u201d i\u015fi gibi g\u00f6r\u00fcnse de, asl\u0131nda d\u00fczen kurma sanat\u0131. SSE ile veriyi i\u00e7eride g\u00fcvene al\u0131yorsun, lifecycle ile ya\u015flanan veriyi nazik\u00e7e kenara al\u0131yorsun, Glacier\u2019e inen uzun uykularda masraf sakinle\u015fiyor. B2\u2019de de versiyon politikas\u0131n\u0131 iyi kurunca, gereksiz y\u00fckleri h\u0131zl\u0131ca at\u0131yorsun.<\/p>\n<p>Pratik bir kapan\u0131\u015f listesi b\u0131rakay\u0131m, ama c\u00fcmleler halinde: \u00d6nce k\u00fc\u00e7\u00fck bir klas\u00f6rle ba\u015fla, copy ile ak\u0131t; sonra check ile do\u011frula. SSE\u2019yi varsay\u0131lana \u00e7ek; lifecycle\u2019\u0131 yaz\u0131ya d\u00f6k\u00fcp kovaya uygula. Bir gece senkronu, bir de haftal\u0131k b\u00fcy\u00fck ar\u015fivi rutine ba\u011fla. Ayda bir geri d\u00f6n\u00fc\u015f provas\u0131 yap; bir dosyay\u0131 indir a\u00e7, bir sistemi sandbox\u2019ta aya\u011fa kald\u0131r. Anahtarlar\u0131 dar izinde tut; loglar\u0131 k\u0131sa aral\u0131klarla kokla. Ve ak\u0131\u015f\u0131 sev; ak\u0131\u015f oturunca g\u00fcndeminden kendili\u011finden d\u00fc\u015fer.<\/p>\n<p>Umar\u0131m bu yaz\u0131 yedek yolculu\u011funda iyi bir e\u015flik\u00e7i olmu\u015ftur. E\u011fer t\u00fcm bu ak\u0131\u015f\u0131, daha geni\u015f bir i\u015f s\u00fcreklili\u011fi hikayesine ba\u011flamak istersen, \u015fu yaz\u0131 \u00e7ok g\u00fczel tamamlar: <a href=\"https:\/\/www.dchost.com\/blog\/felaket-kurtarma-plani-nasil-yazilir-rto-rpoyu-kafada-netlestirip-yedek-testleri-ve-runbooklari-gercekten-calisir-hale-getirmek\/\">felaket kurtarma plan\u0131 ve RTO\/RPO\u2019yu netle\u015ftirmek<\/a>. Sorular\u0131n olursa, notlar\u0131n\u0131 topla; bir sonraki yaz\u0131da onlar\u0131 konu\u015fal\u0131m. G\u00f6r\u00fc\u015fmek \u00fczere.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>\u0130&ccedil;indekiler1 Bir Fatura, Bir Ders: Yedekler Nereye Ko\u015fuyor?2 Neyi, Nereye ve Neden? Stratejinin \u0130skeleti3 rclone ile \u0130lk Temas: S3 ve B2 Uzaktan Ba\u011flant\u0131lar\u01313.1 Ortam de\u011fi\u015fkenleriyle temiz bir ba\u015flang\u0131\u00e73.2 Uzaklar\u0131 adland\u0131rmak: Sadelik iyidir3.3 \u0130lk senkron: K\u00fc\u00e7\u00fck bir prova4 SSE Neden \u00d6nemli? S3\u2019te, B2\u2019de Nas\u0131l A\u00e7\u0131l\u0131r?5 Lifecycle Dokunu\u015fu ve Glacier\u2019e Giden Yol6 Pratik rclone Komutlar\u0131 ve K\u00fc\u00e7\u00fck [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1717,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-1716","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/1716","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=1716"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/1716\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/1717"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=1716"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=1716"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=1716"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}