Strato does a "time machine"-style online backup, which is nice, but I want a fresh start and integrate my old configs piece-by-piece, so while it is nice to work with a safety net, it's not really what I'm looking for.
Apparently you can download system backups via FTP from a dedicated server, but there seems to be no security whatsoever, neither for the account's master password, nor for the actual data. Not on my watch.
So, there is this directory /private-backup on the server with a README.txt in it (the dir is also mentioned in the management web interface somewhere).
Apparently this dir is left alone on system re-installs, so
- Move any backup files/directories that may lie littered around the filesystem into /private-backup
- Clean up log files (there was one I had never heard of, which was >2GB)
- yum clean all
- Clear temporary directories
- Become root, chdir into /private-backup, start a screen session (long-running command in a remote session...) and do this
tar --exclude='/private-backup' --one-file-system --sparse -cjvf backup
Next the tarball can be replicated into safety by rsync over ssh (single colon between hostname and path). No need to wait until tar is done, provided you pass -c to rsync which allows continuing in case the transfer exceeds the end of the growing file on the server. Finish up by comparing the md5sum of the replica.