Self-Hosted Backup Solutions in 2026 — Duplicati, Restic, Borg Compared

Data loss is every self-hoster’s nightmare. Whether it’s a failed drive, ransomware, or an accidental rm -rf, losing your carefully curated homelab data can be devastating. That’s why a robust backup strategy isn’t optional — it’s essential.

In this comprehensive guide, we’ll compare three of the most popular self-hosted backup solutions in 2026: Duplicati, Restic, and BorgBackup. Each has its strengths and trade-offs, and choosing the right one depends on your specific needs, technical comfort level, and infrastructure.

By the end of this article, you’ll know exactly which backup tool to deploy, how to set it up, and how to ensure your data stays safe.

Why Self-Hosted Backups Matter

Before diving into the comparison, let’s establish why self-hosting your backups makes sense:

Control and Privacy: Your data never leaves your infrastructure unless you explicitly send it to an off-site location you control. No third-party cloud provider has access to your files.

Cost Efficiency: Cloud backup services charge recurring fees that scale with your storage needs. With self-hosted backups to your own hardware or budget cloud storage (like Backblaze B2 or Wasabi), you pay only for what you use.

Customization: You control retention policies, encryption methods, compression algorithms, and backup schedules. Want to keep 90 daily snapshots? No problem. Need to exclude certain file types? You set the rules.

Compliance: If you handle sensitive data subject to GDPR, HIPAA, or other regulations, keeping backups in-house can simplify compliance.

The 3-2-1 Backup Rule

Before selecting a tool, remember the golden rule of backups: 3-2-1.

• 3 copies of your data (1 primary + 2 backups)
• 2 different media types (e.g., local disk + cloud storage)
• 1 off-site backup (protect against physical disasters)

All three tools we’re comparing today can help you implement this strategy, but they approach it differently.

Duplicati: The User-Friendly Choice

Duplicati is a feature-rich, open-source backup tool with a web-based GUI that makes it accessible to users who prefer not to work exclusively from the command line.

Key Features

Web-Based Interface: Duplicati runs a local web server that provides a clean, intuitive interface for configuring backups, browsing archives, and restoring files. This is a huge advantage for beginners or anyone managing backups on a headless server.

Broad Storage Backend Support: Duplicati supports an impressive array of storage backends — local disks, network shares (SMB/NFS), SFTP, FTP, WebDAV, and virtually every major cloud provider (AWS S3, Backblaze B2, Google Drive, OneDrive, Dropbox, Wasabi, and more). This flexibility is unmatched.

Block-Level Deduplication: Duplicati splits files into blocks and only backs up changed blocks. This dramatically reduces storage usage and bandwidth, especially for large files that change infrequently (like virtual machine disk images).

Built-In Encryption: All backups are encrypted using AES-256 before leaving your system. You control the passphrase, and Duplicati never has access to your unencrypted data.

Incremental Backups: After the initial full backup, Duplicati performs incremental backups that only capture changes. This speeds up backup operations and reduces storage consumption.

Scheduling and Retention Policies: The web UI makes it easy to configure backup schedules (hourly, daily, weekly) and retention policies (keep 7 daily, 4 weekly, 12 monthly backups, etc.).

Command-Line Interface: For power users and automation, Duplicati also provides a CLI alongside its GUI.

Drawbacks

Performance: Duplicati can be slower than Restic or Borg, especially for initial backups or restores. The block-level deduplication adds overhead.

Database Corruption Issues: Duplicati maintains a local database to track backup state. If this database becomes corrupted (rare but possible), recovery can be complicated. Regular database backups and “repair” operations are recommended.

No Repository Encryption by Default: While Duplicati encrypts backup data, the repository metadata (file lists, block hashes) is not encrypted by default. This is a minor privacy consideration for some use cases.

Development Pace: Duplicati 2.0 has been in beta for years. While stable for most users, the slow release cycle has raised questions about long-term development.

Best Use Cases

Duplicati shines when you need:

• A user-friendly GUI for backup management
• Broad cloud provider support (especially uncommon backends like Google Drive or OneDrive)
• Block-level deduplication for large, slowly changing files
• A backup solution that non-technical users can manage

Setting Up Duplicati with Docker

Here’s a Docker Compose example to get Duplicati running:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

version: '3.8'
services:
  duplicati:
    image: lscr.io/linuxserver/duplicati:latest
    container_name: duplicati
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
    volumes:
      - /path/to/duplicati/config:/config
      - /path/to/data/to/backup:/source
      - /path/to/backup/destination:/backups
    ports:
      - 8200:8200
    restart: unless-stopped

Deploy with docker-compose up -d, then access the web UI at http://localhost:8200. Configure your first backup job by selecting a source directory, destination (local or cloud), encryption passphrase, and schedule.

If you’re looking for reliable external storage, consider Seagate Expansion Desktop external hard drives for local backups or a WD My Book for high-capacity USB storage.

Restic: The Modern, Fast, and Flexible Option

Restic is a command-line backup tool that emphasizes speed, security, and simplicity. It’s become one of the most popular choices in the homelab community thanks to its excellent performance and thoughtful design.

Key Features

Fast and Efficient: Restic is written in Go and optimized for performance. Backups and restores are significantly faster than Duplicati, especially for large datasets.

Content-Defined Chunking: Like Duplicati, Restic uses deduplication, but it employs content-defined chunking (CDC) instead of fixed-size blocks. This means even small changes to a file don’t force re-uploading large blocks, further reducing storage and bandwidth usage.

Encryption by Default: Every Restic repository is encrypted using AES-256. There’s no way to create an unencrypted backup — security is baked in.

Immutable Repositories: Restic repositories are append-only by design, making them resistant to ransomware. Even if an attacker compromises your system, they can’t delete or modify existing backups (though they can add new data).

Snapshots and Tagging: Restic organizes backups as snapshots. You can tag snapshots (e.g., “before-upgrade”), list them, compare them, and restore individual files or entire snapshots with ease.

Flexible Storage Backends: Restic supports local disks, SFTP, REST servers, AWS S3, Backblaze B2, Azure Blob Storage, Google Cloud Storage, Wasabi, Minio, and more. It doesn’t support as many exotic backends as Duplicati, but it covers all the major ones.

Active Development: Restic is actively maintained with regular releases, bug fixes, and new features.

Simple Command-Line Interface: Restic’s CLI is straightforward and well-documented. Operations like restic backup, restic restore, and restic snapshots are intuitive.

Drawbacks

No Official GUI: Restic is command-line only. While third-party GUIs exist (like Resticprofile or Backrest), there’s no official web interface. This can be a barrier for less technical users.

No Built-In Scheduling: Restic doesn’t include a scheduler. You’ll need to use cron, systemd timers, or a third-party wrapper to automate backups.

Learning Curve: While not complex, Restic requires comfort with the command line and basic shell scripting for automation.

Best Use Cases

Restic is ideal when you need:

• Fast, efficient backups with excellent deduplication
• Strong security and encryption by default
• Ransomware resistance via immutable repositories
• A modern, actively developed tool with a clean architecture
• Flexibility to automate via scripts or external tools

Setting Up Restic

Restic doesn’t require Docker (it’s a single binary), but here’s how to integrate it into a Docker-based workflow using a simple Alpine container:

Install Restic (on your Docker host or in a container):

1
2
3
4
5
6
7
8

# On host (Debian/Ubuntu)
apt install restic

# Or download the latest binary
wget https://github.com/restic/restic/releases/latest/download/restic_*_linux_amd64.bz2
bunzip2 restic_*_linux_amd64.bz2
chmod +x restic_*_linux_amd64
sudo mv restic_*_linux_amd64 /usr/local/bin/restic

Initialize a repository:

1
2
3
4
5
6
7

# Local repository
restic init --repo /path/to/backup/repo

# Or use Backblaze B2 (example)
export B2_ACCOUNT_ID=your_account_id
export B2_ACCOUNT_KEY=your_account_key
restic init --repo b2:your-bucket-name:/restic-repo

You’ll be prompted for a password to encrypt the repository. Store this password securely — losing it means permanent data loss.

Create your first backup:

1

restic backup /path/to/data --repo /path/to/backup/repo

Automate with cron:

Add a cron job to /etc/cron.d/restic-backup:

1

0 2 * * * /usr/local/bin/restic backup /path/to/data --repo /path/to/backup/repo --password-file /root/.restic-password

Restore files:

1
2
3
4
5

# List snapshots
restic snapshots --repo /path/to/backup/repo

# Restore latest snapshot
restic restore latest --target /path/to/restore --repo /path/to/backup/repo

For off-site storage, consider using Backblaze B2 or pairing Restic with a Synology DiskStation as a local backup target.

BorgBackup: The Deduplication Champion

BorgBackup (often just called “Borg”) is a deduplication-focused backup tool that excels at efficiently storing many similar backups. It’s a favorite among power users who prioritize storage efficiency and have the technical skills to manage a CLI-only tool.

Key Features

Unmatched Deduplication: Borg performs global, chunk-level deduplication across all backups in a repository. If you back up 100 nearly identical virtual machines, Borg stores each unique chunk only once. This can save massive amounts of storage.

Compression: Borg supports multiple compression algorithms (lz4, zstd, zlib). Zstd in particular offers an excellent balance of speed and compression ratio.

Encryption: Like Restic, Borg encrypts all data and metadata by default. You can choose between authenticated encryption (encrypt data, authenticate metadata) or full encryption (encrypt everything, including file names and directory structure).

Append-Only Mode: Borg supports append-only repositories, similar to Restic. This prevents accidental or malicious deletion of backups.

Efficient Incremental Backups: Borg’s incremental backups are extremely fast because it only transfers changed chunks. Even large datasets can be backed up in minutes after the initial run.

Repository Integrity Checks: Borg includes built-in commands to verify repository integrity and detect corruption.

SSH/SFTP Support: Borg excels at remote backups over SSH. You can push backups to a remote server running Borg, and the deduplication happens server-side, reducing bandwidth usage.

Drawbacks

No Official GUI: Borg is command-line only. Third-party tools like Vorta (desktop GUI) and Borgmatic (CLI wrapper) exist, but there’s no official web interface.

SSH-Focused: While Borg supports local and SSH repositories, it doesn’t natively support cloud object storage (S3, B2, etc.). You’d need to mount cloud storage as a filesystem (via tools like rclone or s3fs) or use SSH-based remote servers.

Steeper Learning Curve: Borg’s command syntax and repository model are more complex than Restic. It’s powerful, but requires investment to master.

Python Dependency: Borg is written in Python and has various dependencies. Installation can be trickier on some systems compared to Restic’s single binary.

Best Use Cases

Borg is perfect when you need:

• Maximum storage efficiency through aggressive deduplication
• Fast incremental backups for large datasets
• SSH-based remote backups with server-side deduplication
• Full metadata encryption (including filenames and directory structure)
• A mature, battle-tested backup tool with a strong track record

Setting Up BorgBackup

Install Borg:

1
2
3
4
5

# Debian/Ubuntu
apt install borgbackup

# Or use a Docker container (unofficial)
docker pull pschiffe/borg

Initialize a repository:

1
2
3
4
5

# Local repository
borg init --encryption=repokey /path/to/borg/repo

# Remote repository via SSH
borg init --encryption=repokey ssh://user@backupserver.com/~/borg-repo

Borg will prompt for a passphrase. Keep it safe — it’s required for all future operations.

Create your first backup:

1

borg create /path/to/borg/repo::backup-2026-03-20 /path/to/data

The ::backup-2026-03-20 part is the archive name. You can use any naming scheme you like.

Automate with Borgmatic (recommended wrapper):

Install Borgmatic:

1

pip3 install borgmatic

Create a config file at /etc/borgmatic/config.yaml:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21

location:
    source_directories:
        - /path/to/data
    repositories:
        - /path/to/borg/repo
    exclude_patterns:
        - '*.tmp'

retention:
    keep_daily: 7
    keep_weekly: 4
    keep_monthly: 12

consistency:
    checks:
        - repository
        - archives

storage:
    compression: zstd
    encryption_passphrase: "YOUR_PASSPHRASE_HERE"

Run manually or via cron:

1

borgmatic --verbosity 1 --config /etc/borgmatic/config.yaml

Restore files:

1
2
3
4
5
6
7
8

# List archives
borg list /path/to/borg/repo

# Restore entire archive
borg extract /path/to/borg/repo::backup-2026-03-20

# Restore specific file
borg extract /path/to/borg/repo::backup-2026-03-20 path/to/file.txt

If you’re setting up a dedicated backup server, consider a used enterprise server paired with large-capacity WD Red Plus NAS drives.

Head-to-Head Comparison

Which Backup Tool Should You Choose?

Choose Duplicati if:

• You prefer a graphical interface
• You need to back up to Google Drive, OneDrive, or other non-S3 cloud providers
• You’re backing up large files that change infrequently (VMs, disk images)
• You want built-in scheduling and don’t want to mess with cron

Choose Restic if:

• You’re comfortable with the command line
• You want fast, modern, actively developed software
• Security and immutable backups are top priorities
• You’re using standard cloud storage (S3, B2, Azure, GCS)
• You want a simple, elegant tool without unnecessary complexity

Choose BorgBackup if:

• You need maximum storage efficiency through aggressive deduplication
• You’re managing many similar backups (e.g., multiple VMs or daily snapshots)
• You’re backing up to a remote server over SSH
• You want full metadata encryption (including filenames)
• You’re a power user who appreciates granular control

Hybrid Approach: Using Multiple Tools

There’s no rule that says you must use only one backup tool. Many advanced homelabbers combine tools for different use cases:

• Borg for local hourly snapshots to a NAS (fast, efficient, great for versioning)
• Restic for daily off-site backups to Backblaze B2 (immutable, cloud-friendly)
• Duplicati for weekly backups of specific datasets to Google Drive (easy restore for family members)

This hybrid approach leverages the strengths of each tool while providing defense in depth.

Essential Backup Best Practices

Regardless of which tool you choose, follow these best practices:

Test Your Restores: A backup you’ve never tested is not a backup — it’s a hope. Regularly restore random files or entire snapshots to verify your backups work.

Automate Everything: Manual backups will eventually be forgotten. Use cron, systemd timers, or built-in schedulers to automate your backups completely.

Monitor and Alert: Set up monitoring (with tools like Uptime Kuma or Healthchecks.io) to alert you if backups fail. Silent failures are your enemy.

Implement 3-2-1: Keep local backups for fast recovery and off-site backups for disaster scenarios. Test both regularly.

Secure Your Passphrases: Store encryption passphrases in a password manager (like Vaultwarden or Bitwarden) and keep an encrypted backup of critical passphrases in a safe deposit box or with a trusted person.

Version and Retain Smartly: Configure retention policies that balance storage costs with recovery needs. For example: keep 7 daily, 4 weekly, 12 monthly, and 7 yearly snapshots.

Document Your Process: Write down (or better yet, script) your backup and restore procedures. If disaster strikes, you’ll be under stress — documentation is your friend.

Advanced: Combining Restic with Rclone

If you want Restic’s performance and security with broader cloud storage support, consider pairing Restic with Rclone. Rclone can mount virtually any cloud provider as a local filesystem, and Restic can back up to it.

Example:

1
2
3
4
5
6
7
8

# Mount Google Drive via Rclone
rclone mount gdrive:restic-backups /mnt/gdrive-backups --daemon

# Initialize Restic repository on mounted filesystem
restic init --repo /mnt/gdrive-backups/restic-repo

# Create backup
restic backup /path/to/data --repo /mnt/gdrive-backups/restic-repo

This gives you the best of both worlds: Restic’s speed and security with access to Rclone’s 40+ supported cloud providers.

Conclusion

Duplicati, Restic, and BorgBackup are all excellent self-hosted backup solutions, each with distinct strengths.

For beginners or those who prefer GUIs, Duplicati is the clear winner. Its web interface and broad cloud support make backup management approachable.

For users comfortable with the command line who want a modern, fast, and secure tool, Restic is the sweet spot. It’s powerful without being overwhelming, and its active development ensures it will remain relevant for years.

For power users who demand maximum storage efficiency and don’t mind a steeper learning curve, BorgBackup is unmatched. Its deduplication capabilities and full metadata encryption make it ideal for complex backup scenarios.

Whichever tool you choose, the most important step is to start backing up today. Configure your backups, automate them, test your restores, and sleep better knowing your homelab data is protected.

Have questions about setting up any of these tools? Drop a comment below or join our community discussions. Happy backing up!