OK, they just changed the way that Google Workspace works, it used to be free unlimited storage and now it is 5TB per person, so time to figure out how to move things away from Google Workspace. This got me thinking about what we really use Google for, the main thing is the spam filter on Gmail and the free storage. The Google Docs thing is not as valuable since even private accounts get that.
So the solution is twofold:
- iCloud Mail with iCloud+. I need to experiment with this, but Apple now supports five private domains to your Apple account and you get all the spam filtering. Since we have Apple One already this makes some sense.
- BackBlaze Personal. The main need that we have is actually the backup of lots of content and BackBlaze actually works pretty well. The main limitation is that it will not back up a NAS at the personal price, it has to be a disk attached to a machine. Right now this is working for my photos (which are on two NASes and also get Synology synced to a RAID1 array on a MacBook). The Synology sync is actually pretty flaky so that is the weak link. If I can get a bigger RAID array (say four drives) then I can use that for storage in the cloud and the main choice right now is the OWC ThunderBays
Using Custom Domain with iCloud and Apple Mail
I actually started a project last year where I took all 157K mail in Google Mail and exported it successfully into Apple Mail:
- You need to have 2FA set on your account and iCloud Mail on your phones etc.
- You have to do this on the web, so go to the dots at the upper right and select click Custom Email Domain > Use a Domain You Own.
- Then you can say are there other people and you can tell Apple all the addresses that you are using
- The real magic is that you change your MX records to
mx01.mail.icloud.com, mx02.mail.icloud.com
and then you will have a TXT verification you need. This is an easy way to move off of Google Cloud
This actually works pretty well, although I do miss the keyboard shortcuts of Superhuman, now that Apple Mail has reminders, you can use it the same way just with more complex shortcuts.
Note that what happens is that in the FROM line you get a choice of which custom domain it comes from, so the unified inbox is nice, but it doesn’t have the keyboard shortcuts, makes me want to
Moving to a new Comcast Plan: 1Gbps with unlimited data but do not use their xFi Gateway, avoid chats, use phones
Comcast has been raising prices, right now, they need a bank account to get the full prepay discount and for $90 you get 1.2Gbps/35Mbps and then another $30 for unlimited data, but right now they have a promotion where if you use their bundled router (ugh!), then it is $90, so time to call them.
I finally ended up with the $70 for 800Mbps/20Mbps because the extra $20 wasn’t worth it and I got the $30/month unlimited plan because it is pretty easy to blow out 1.2TB if you are doing internet backups.
The main problem was that I abandoned the installation with the xFI and it wouldn’t reset, no matter that I spent three hours with various helpdesk folks. What happens is that if you get into something too hard, the chat technicians just stop answering you. Probably it is throwing off their stats. At one point after doing multiple reboots, they would say, “Please wait…” want wouldn’t get back.
So instead, use phone support because it is not as easy to hang up, but the xFI modem would sort of work. It would actually allow VPN traffic but it wouldn’t allow DNS connections, so it seems like the provisioning was just broken. It is kind of sad to see how bad these things are. So I returned the $25/month product for the $30/month unlimited data. Another note is that if you have a customer-owned system they don’t check and will charge you $15/month for your own system.
Local Backup Strategy: Synology NAS Replication without Synology QuickConnect
The first part of the new strategy doesn’t change, use the Synology BTR replication. One note here is I discontinued the use of Synology QuickConnect which is DDNS connect because it just made our servers visible to attackers, but this changed the addressing scheme. But this change broke the connection but Synology Replication seems to work properly and even handles 2FA properly.
Remote Backup from NAS to DAS to Backblaze
Now that Google is charging for storage, the solution is to use the Backblaze Personal which allows unlimited storage of local data, so the only trick is getting a big enough Direct Attached Storage Array to sync with the Synology NAS. Then this goes up to BackBlaze.
As usual, there is a Synology application for this called Synology Drive I can’t for the life of me remember how it works. As usual, it is really complicated to set this up and there is an administrator setup first:
- On DSM 6.2 or later, go to the Package Center and you have to install three packages, Synology Drive, Synology Drive Admin Console, and Synology Drive ShareSync
- The basic idea is the Synology Drive Server allows access to a shared place on the NAS and allows automatic replication to PCs which is exactly what we need.
- Go to the console that the key location is Team Folder which lets you enable shares for each user as part of My Drive. And then you can give any PC access to any of the Synology folders, so click on the shares that you want to backup and choose enable for each.
- You need permissions to make sure that you can access things with Control Panel. User & Group, select the user and then Edit > Permissions. And then enable the permissions on Control Panel > Shared Folder, shared folder, and click Edit > Permissions.
Enable the Synology Drive client to access the Synology Drive Server
Now you need to enable the Synology Drive Desktop Client
- You need to install the drive with
brew install synology-drive
to get it for the MacOS and then start it - You will get a login screen and a chance to select and get the IP address of your Synology. Since we are not using QuickConnect ID, this means that it will do a local IP address. The search works semi-well so sometimes you get one and sometimes not.
- Then once you connect (it understands 2FA as well), choose Sync Task and you will get a folder to sync from, Hit the change and you should see all the Team Folders (aka your Shared Drives), now you just need to point that to a folder location on your local DAS.
Setup a local DAS and BackBlaze Personal from it
The next step is to have enough storage on your local machine. I use a Thunderbolt Drive Array which lets you put two drives into the system. This looks like a local device. Note that BackBlaze Personal does not allow NAS backup, so you need to have a DAS that looks like a local disk not a network share to use their unlimited backup.
Once you have that setup, then you just need to have BackBlaze backup that DAS. This will normally be a new volume, but there is no problem here. Install BackBlaze and then in Settings > Select Hard Drives to Backup, you should see your DAS, just check on it and it should begin backing it all up. Very handy.
Make sure to also set in Security your Private Encryption Key (and don’t lose it), this makes the BackBlaze end-to-end encrypted so they can’t see anything there.
I’ve found it runs amazingly fast compared with HyperBackup, so while it takes months to use Hyperbackup, Backblaze seems to do some sort of incredible compression and it takes just a few days to upload.