@whreq true append-only / assymetric encryption would be nice but isn't too important because most of my server's current data is a superset of historical data. I'm more worried about a compromised server deleting all the backups.
Kopia *might* be able to do something there but reading their github issues and slack did not inspire much confidence at all