HA development is absolutelly awesome and I am sure everyone is grateful for anyone’s time put in developing HA, no matter how small. I understand HA devs look out for the benefit of all HA users, however, I do think it is not great at all to force users on automated and encrypted backups.
We need options to tailor to our individual needs, and this has now been taken away with the shift to automated and encrypted backups.
For my case, my encryption locally and on the cloud is handled by myseff on a larger scope that just the Home Assistant backup files and it is therefore completely unecessary and PITA to have these backup files encrypted.
Also my requirements for backing up are for when I am carrying out code and dashboard updates. I may go for weeks without any modifications and therefore an automated backup would only waste resources in my case. If I update code and dashboards, then I back up manually, in addition to git version control.
In addition, now there is no option accessing backed up code externally! Sometimes, I may want to see some yaml code for a few months ago, but now it is not possible since the files can only be decrypted after loading back to HA!
I understand these chages are meant for everyone’s benefit, however, can the main dev team please add back the option for non encrypted manual backups without the need to set up an automated schedule.
Yes I can extract the individual xxxx.gz files from the .tar.
Cant go any further though and open the .gz files (using 7-zip).
I did manage to restore a backup a couple of days ago after a zigbee2mqtt update without putting in an decryption key.
BTW: I just found out, that when testing the resulting backup tar-Archive inside the HA terminal for consistency, I always got a
tar: invalid tar magic
error message. This always happens when accessing the share.tar.gz inside the backup. I thought this indicates a corrupt tar-file, but meanwhile I found out, it’s only due to the busybox tar Version, which is used inside HAOS. When copying the tar file to a Debian Linux Box, there is no issue extracting the main tar archive as well as the tar.gz files inside the tar archive.
The backup tar-archive is recognized by HA (Settings->System->Backups) as manual backup, so everything seems to be okay. Will now try to recover it in a newly provisioned HA VM on Proxmox to cross check.
Just updated to latest Home Assistant and went through the experience of finding that backups are effectively useless now, albeit with a pretty front end. Running manual backups for the foreseeable future now.
This encryption implementation looks to be very immature. Hopefully the ability to remove keys makes it to the codebase. Soon.
That’s exactly it! If I ever need the encryption I will sort it out at-rest on endpoint…
The place I’m encrypting to, if anyone got there, the ha backups would be my least worry (proper sensitive data out there)
I am also in the same situation since the update 2025.01. Backups cannot be really verified and there is no way to restore a backup easily in a docker environment. Providing an own encryption format is a nice idea, but there are enough working and widely supported solutions, so i think it is not really necessarry und usefull. Please allow to make a backup without using a special format and encryption (or just add an option to disable this encryption)! Many thanks!
