As stated, ideally I would be able to just make a backup image of my phone to an external harddrive (with or without a computer in the middle).
Phone breaks, just flash the image onto another same-model-phone and continue.
Or is this impossible, because things are registered for individual devices?
I agree, I wish it were this simple like with traditional computer management, but on mobile it isn’t that easy for several reasons. I would suggest that a starting point to see the challenge is due to encryption layers and not having root on the device. Both of these are by-design to limit threat vectors, but both contribute to it being not easy to do a full system backup and restore.
There are many many more pieces, such as the complications of the overlay filesystems, etc. that make it so you aren’t just looking at a simple partition structure. I am honestly not the best to answer this, I am a Linux guy so I can sympathize with you wanting to have full granular control, but concessions in control are made in the name of threat reduction.
Now, some ROMs such as https://lineage.microg.org and LineageOS itself use user-debug builds meaning that you have access to the underlying system using adb root. However, as policy, iodé only makes user builds which do not allow the use of adb root. You will notice that using the “Backup” utility in System Settings will not comprehensively backup all app files and settings for this reason, making it a bit of a hassle to migrate between phones (but the backup utility does assist with a lot such as getting the apps reinstalled albeit with a lot of them having their user data missing upon reinstall).
Others may contribute some more concise and yet more detailed replies, let’s see what other comments we get.
As long as Vince doesn’t decide to change something here, we can fantasize about it a thousand times more
Some years ago, I was successfully using TWRP (with LineageOS) which just allows to do that, but with my Fairphone 4, I had so many severe problems, that I have abandonded this way. Still, it would be nice to have a full dump of everything that is on the phone to an external drive, e.g. using the Linux program dd AND being able to copying the whole thing back to the phone..
Again, I do sympathize with this view, and personally would welcome it. But from a security / privacy perspective if you can do this, then what is stopping a malicious actor / privacy invading 3rd party (sadly like a government agency like in my home country) from doing the same?
Doing this from recovery directly (TWRP or other) I don’t see this as ever being possible, since at the recovery level you haven’t yet unlocked your userdata partition. If you can read the data at that level it is effectively bypassing encryption (see malicious actor above).
But but regarding using adb root which would need interaction from the user on an unlocked phone to connect, while I haven’t seen credible evidence that a userdebug build (that allows adb root) could be compromised this way, I think that is the theoretical reason that it is considered less secure and not enabled. And as @AlphaElwedritsch has mentioned here and many places, “until the decide to change something here, we can only fantasize about it” 
I also am still not certain, maybe @AlphaElwedritsch or @petefoth can clarify: can adb root be used on a device that has a re-locked bootloader?
I don’t know: none of the devices I own support bootloader locking (and its is not somethig I would do even if they did (see here and here). However I think that rooted debugging (adb root) and bootloader lock/unlock are not really related, so I would expect that, if the ROM supports rooted debugging (i.e. it is not a user build), then rooted debuggin should be available even if the bootloader is relocked. I would be interested to know the answer, and I may go digging elsewhere to see if I can find an answer. I’ll report back
From the sfX_Android Matrix room / Telegram Channel
yes you can re-lock on userdebug on supported devices (afaik)
I see no reason why adb root should have any effect on it as long as you do not tamper with the device (depends on if there is verity enabled etc etc)
The whole backup topic is really sad, isn’t it?
As mentions before e.g.: Real Backup needed - #2 by AlphaElwedritsch the only “solution” today is GitHub - seedvault-app/seedvault: A backup application for the Android Open Source Project. that still has limitations and is primarily developed and maintained by the Calyx Institute for usage in CalyxOS ?
You can find Seedvault on iodé, via settings → system → backup.
Sorry, i know that Seedvault is also available on iodé 
But independent of the ROM: Seedvault has limitation.
True.
But for me, it worked good enough (learnt a few lessons when using it to switch from CalyxOS to iodé, but that is to be expected with any program).
For me, the only solution that works is using Neo Backup. For this, right after first install of iodé, I root the phone once (by patching boot.img with Magisk), stay offline while restoring the backup from the old phone with Neo Backup and then completely remove root and Magisk with the Magisk App.
Restoring app data with Seedvault works only for a few apps, so this is no solution for me.
Question is: Would it be possible to include something like Neo Backup (which is open source) as a system app in iodé (instead of or in addition to seedvault)? Or would Neo Backup not have access to app data, even as a system app on an unrooted phone?
The problem is iodéOS creates user builds not userdebug builds (such as LineageOS creates) which allow adb root, which then has the ability to do a full backup / restore of userdata. I am guessing (? maybe incorrectly?) that Neo Backup relies on something similar?
I tried solutions that rely on adb backup first (Titanium backup and AndDiSa android backup project, the latter only needs adb root) but these did not work with Android 15 anymore, at least not for migration from an older Android version. Found this link: Swift Backup - Fast and Secure Android Backup Solution which says adb backup is deprecated by google and you will need root access, not just adb root.
Neo Backup does not use adb backup (is uses SAF and root permission) and it worked perfectly for migration of most app’s data from an old Android version to Android 15.
Found this in the Neo Backup FAQ about the difference to Seedvault: “The main difference is that NB uses root to create a copy of the app’s APK and it’s data while Seedvault relies on Google’s api to backup (without forcing the user to backup to the Google-Cloud).”
So I guess it would not work without a rooted phone even if something like NeoBackup would be included as a system app with iodé (?)
Seems the only solution is leaving the bootloader unlocked and temporarily root the phone whenever a reliable backup of app data is needed. Or backup only the apps for which Seedvault backup works or that have backup/restore options of app data built-in.
If we’re talking about GitHub - AndDiSa/android_backup_project, then it works fine for me, including on recent Android / LineageOS versions (lineage-22.2, 23.0). It has been my preferred backup / restore / migrate method for several years. But as @rik says, it won’t work on official Iodé buds because they chose to make user builds that dont support adb root instead of userdebug builds that do.
Yes, that’s the one I tried on my backup phone running LineageOS for microG. Didn’t work, all restored apps just crashed, had to clear app data (and lose the restored data) to fix this. Will give it another try.
I was actually following your guide here:
Tried again, backing up from Lineage 22.2 and restoring to Lineage 22.2 after fresh install on another phone worked perfectly with AndDiSa/android backup project, very fast and there was no app that Neo Backup could restore and AndDiSa couldn’t.
I also found that when doing backup / restore from Lineage 22.2 to Lineage 22.2, Seedvault actually works quite well. There were only a few apps that could be restored with AndDiSa or Neo Backup but not with Seedvault.
That’s good news. Would you mind if I quote this message and / or link to your post in the los4microG Wiki page? It would be good to have u-to-date information there
Are they secure messaging apps or other? I just did a Seedvault full backup / restore to another phone and it even got my homescreen launcher layout, etc. which I was surprised by as I didn’t remember it able to do this before (or maybe I didn’t do a full restore but was selective).
Here is my list of apps I needed to manually re-setup:
DAVx5
Thunderbird
Element
Signal
Firefox / iodé browser
AntennaPod
Tailscale
The AntennaPod one stands out, I don’t quite get why it is unable to backup / restore but it is possible to do a full db backup and restore from within the app (subscriptions, play status, etc.). As the others are tied to various forms of OAuth logins they make sense that they can’t migrate (I would guess even AnDiSa wouldn’t accommodate those?)
For most of those, you can ease the pain with features built-in to the app and / or data stored in the cloud:
Sadly, I know nothing of TailScale 
I too was pleasantly surprised by how well SeedVault works now. I was put off by my experiences when it was first integrated (into /e/OS and LineageOS), and was seemingly incapable of backing up and restoring more than a fraction of my installed apps. It’s almost ready for ‘prime time’ now I think.