Subject: Guide / Success Story: 
(The AI Text, Thanks Grok)
Hi everyone,
I wanted to share a successful deployment of an all-in-one, plug-and-play offsite Proxmox Backup Server (PBS) solution. The goal was to build a self-contained box that could be dropped into any remote location with a wired internet connection and automatically establish a secure tunnel back to the primary site.
It has been running smoothly, and I thought the architecture might be useful to anyone looking for a low-cost, robust offsite backup strategy.
Hardware Specification
Software Architecture & Storage Layout
Instead of installing PBS bare-metal, I installed Proxmox VE on the 2TB NVMe drive to allow for greater flexibility. Within PVE, I provisioned three virtual machines:
Network & VPN Topology (Net-to-Net)
To secure the traffic between the primary site and the offsite backup box, I utilized IPFire's OpenVPN Net-to-Net capabilities:
Performance & Real-World Results
I was incredibly impressed with the efficiency of the PBS deduplication over the VPN tunnel:
(The AI Text, Thanks Grok)
Hi everyone,
I wanted to share a successful deployment of an all-in-one, plug-and-play offsite Proxmox Backup Server (PBS) solution. The goal was to build a self-contained box that could be dropped into any remote location with a wired internet connection and automatically establish a secure tunnel back to the primary site.
It has been running smoothly, and I thought the architecture might be useful to anyone looking for a low-cost, robust offsite backup strategy.
Hardware Specification
- Host: Older Intel Core i7 Desktop
- Networking: Dual Gigabit NICs
- Storage 1: 2TB NVMe SSD (Proxmox VE Host OS + Client VMs)
- Storage 2: 12TB HDD (Dedicated for PBS datastore)
Software Architecture & Storage LayoutInstead of installing PBS bare-metal, I installed Proxmox VE on the 2TB NVMe drive to allow for greater flexibility. Within PVE, I provisioned three virtual machines:
- IPFire VM: Acts as the local gateway and handles the VPN client connection.
- Proxmox Backup Server (PBS) VM: Handles the actual backup deduplication and storage.
- Windows 11 VM: Used purely for remote management and monitoring via AnyDesk (completely optional, but helpful for quick status checks). [1, 2]
Network & VPN Topology (Net-to-Net)
To secure the traffic between the primary site and the offsite backup box, I utilized IPFire's OpenVPN Net-to-Net capabilities:
- Primary Site (Master): Runs an IPFire instance (can be a dedicated hardware appliance or a VM) configured as the OpenVPN Master. Note: This site requires a static public IP, or a Dynamic DNS solution like DuckDNS to track WAN changes.
- Offsite Box (Client): The virtualized IPFire instance on the backup box is configured as the OpenVPN Client, pre-loaded with the connection package from the Master.
Performance & Real-World Results
I was incredibly impressed with the efficiency of the PBS deduplication over the VPN tunnel:
- Initial Backup (~1 TB): Took roughly 36 to 48 hours to complete.
- Daily Incremental Backups: Typically finish within 2 to 2.5 hours.