A multi-tier backup strategy using Synology Active Backup for Business (ABB) for both Proxmox VE hypervisors (with PBS) and bare-metal Linux hosts, backed by a Synology NAS.
flowchart LR
subgraph proxmox["Proxmox Host"]
pve["Proxmox VE\nvzdump"]
lo8007["localhost:8007"]
lo5510["localhost:5510"]
abbagent_pve["ABB Linux Agent"]
end
subgraph synology["Synology NAS"]
subgraph docker["Docker Stack"]
pbs_c["proxmox-backup-server\nPort 8007"]
tunnel_pbs["autossh-pbs\nReverse Tunnel"]
tunnel_abb["autossh-abb\nReverse Tunnel"]
end
abb["Active Backup\nfor Business"]
vol1[("Backup\nDatastore")]
end
pve -- "Backup via\nlocalhost:8007" --> lo8007
tunnel_pbs -. "SSH -R 8007" .-> lo8007
tunnel_pbs -- "Docker\nNetwork" --> pbs_c
pbs_c --> vol1
tunnel_abb -. "SSH -R 5510" .-> lo5510
lo5510 --> abbagent_pve
tunnel_abb -- "host-gateway\n:5510" --> abb
abb -- "Proxmox API\n:8006" --> pve
style proxmox fill:#e6f3ff,stroke:#2196F3
style synology fill:#e8f5e9,stroke:#4CAF50
style docker fill:#fff3e0,stroke:#FF9800
flowchart LR
subgraph linux["Bare-Metal Linux Host"]
agent["ABB Linux Agent\nsynology-backupd"]
synosnap["synosnap module\n(DKMS, dattobd)"]
lvm["LVM / Partitions\n/, /boot"]
end
subgraph synology["Synology NAS"]
agentserver["abk-agent-server\nPort 5510"]
abb["Active Backup\nfor Business"]
vol1[("Backup\nDatastore")]
end
agent -- "TCP :5510\nauth + long_poll" --> agentserver
agentserver -- "dispatch event" --> agent
agent -- "ioctl" --> synosnap
synosnap -- "CoW snapshot" --> lvm
agent -- "upload blocks\n(dedup + compress)" --> abb
abb --> vol1
style linux fill:#e6f3ff,stroke:#2196F3
style synology fill:#e8f5e9,stroke:#4CAF50
| Tier | Method | Target | Frequency | Purpose |
|---|---|---|---|---|
| Tier 2 | PBS (incremental, dedup) | Proxmox VMs | Daily 01:00 | Fast VM-level backup |
| Tier 3a | ABB (hypervisor/agent) | Proxmox host | Weekly Sun 05:00 | Independent copy + bare-metal |
| Tier 3b | ABB Linux Agent | Bare-metal Linux | Daily 03:00 (weekdays) | Full host backup with snapshots |
Proxmox challenge: The Synology can reach the Proxmox host, but not vice versa. A reverse SSH tunnel from Synology to Proxmox enables push-mode backups via localhost:8007.
Linux agent: Bare-metal hosts with direct network access use the ABB Linux Agent with synosnap (dattobd-based) kernel module for block-level CoW snapshots. Supports LVM, ext4, btrfs, xfs.
- Setup Guide - Complete installation from scratch
- Daily Operations - Start, stop, monitor, manual backups
- VM Restore - Restore individual VMs from PBS
- Bare-Metal Restore - Full host recovery
- ABB Integration - Active Backup for Business setup
- Best Practices - Retention, verification, secondary destinations
- Troubleshooting - Common issues and fixes
- docker-compose.yml Reference - Annotated compose file
- Linux Agent Setup - ABB on Debian/Ubuntu with synosnap, LVM, kernel 6.12+ support (Peppershade patch)
# 1. Clone
git clone https://github.com/icepaule/IceBackup.git
cd IceBackup
# 2. For Proxmox PBS setup:
# See docs/01-setup.md
# 3. For bare-metal Linux agent:
# See docs/09-linux-agent-bare-metal.md- Synology NAS with DSM 7.2+
- Docker (Synology Container Manager)
- Proxmox VE 7.x or 8.x
- Active Backup for Business (free Synology package)
- SSH access between Synology and Proxmox host
- Synology NAS with DSM 7.2+ and ABB
- Debian 12+ or Ubuntu 22.04+
- Direct network access to NAS (port 5510)
- Kernel 6.12+: Peppershade synosnap patch required
| Component | Image/Package | Purpose |
|---|---|---|
| PBS | ayufan/proxmox-backup-server |
Proxmox Backup Server (Docker) |
| autossh-pbs | jnovack/autossh |
Reverse tunnel for PBS (port 8007) |
| autossh-abb | jnovack/autossh |
Reverse tunnel for ABB agent (port 5510) |
| ABB Linux Agent | synology-backupd |
Bare-metal host backup agent |
| synosnap | DKMS kernel module | Block-level CoW snapshots (dattobd-based) |
MIT