rimball wiki

User Tools

Site Tools

Trace:
notes:backups

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
notes:backups [2021/10/02 19:47] davidnotes:backups [2024/08/31 23:29] (current) – [Prep backup server] david
Line 1: Line 1:
-How I backup servers locally and in the cloud using rsync, restricted-rsync, rsnapshot, restic, backblaze b2+How I backup servers locally and in the cloud using rsync, restricted-rsync, rsnapshot, restic, backblaze b2
 + 
 +Android phones have their photos backed up to a central backup server using syncthing, which is then backed up to the cloud using restic. 
 +Servers are backed up using rsync and restricted-rsync  pulling from a centralized backup server.
  
 Tools used Tools used
Line 5: Line 8:
   * restricted rsync   * restricted rsync
   * ssh, and ssh authorized keys   * ssh, and ssh authorized keys
-  * restic+  * [[ https://restic.net | restic ]] 
 +  * [[ https://syncthing.net/ |syncthing ]] 
 +  * [[ https://www.backblaze.com/b2/cloud-storage.html | Backblaze B2 ]] for remote cloud backups
  
 +====== restic ======
 +====== rsnapshot ======
 +create a new ed25519 key on the backup server, and copy the public
 Setup /root/.ssh/authorized_keys  Setup /root/.ssh/authorized_keys 
-command="/usr/bin/rrsync -ro /",restrict,from="192.0.2.2" ssh-ed25519 abc1234 +command="/usr/bin/rrsync -ro /",restrict,from="192.0.2.2" ssh-ed25519 abc1234PublicKey
  
 This will force the use of rrsync to the / directory as read-only, when logging in using the specified key, from 192.0.2.2 . This will force the use of rrsync to the / directory as read-only, when logging in using the specified key, from 192.0.2.2 .
  
  
-=== OpenWRT backup === +make sure to use the "--inplace" option for rsync when using the setup for btrfs, from the rsync man page 
-== Prep backup server ==+"it can also help keep  a  copy-on-write  filesystem  snapshot from diverging the entire contents of a file that only has minor changes" 
 + 
 +===== rsnapshot and btrfs ===== 
 +In order to take advantage of btrfs subvolumes with rsnapshot the following options in the rsnapshot configuration will need to be modified according to (( https://web.archive.org/web/20140409045559/http://wwerther.de/2011/10/migrate-rsnapshot-based-backup-to-btrfs-snapshots/ )) 
 +<code> 
 +cmd_cp      /root/bin/rsnapshot_plug_cp_btrfs 
 +cmd_rm      /root/bin/rsnapshot_plug_rm_btrfs 
 +</code> 
 + 
 +snapshot_plug_cp_btrfs ((https://gist.githubusercontent.com/wwerther/1306185/raw/rsnapshot_plug_cp_btrfs)) 
 +<code bash rsnapshot_plug_cp_btrfs> 
 +#!/bin/sh 
 +# Arg 1: -al 
 +# Arg 2: /testbtrfs/backups/hourly.0 
 +# Arg 3: /testbtrfs/backups/hourly.1 
 +btrfs subvolume snapshot $2 $3 
 +</code> 
 + 
 +rsnapshot_plug_rm_btrfs 
 +((https://gist.githubusercontent.com/wwerther/1306189/raw/rsnapshot_plug_rm_btrfs)) 
 +<code bash rsnapshot_plug_rm_btrfs> 
 +#!/bin/sh 
 + 
 +# Arg 1: -rf 
 +# Arg 2: /testbtrfs/backups/hourly.4/ 
 + 
 +# echo 1: $1  2: $@ 
 + 
 +# Try to delete the given path with btrfs subvolume delete first 
 +# if this fails fall back to normal rm 
 +if [  "$1" = "-rf"  -a  "$3" = ""  ]; then 
 +        # "trying to delete with btrfs" 
 +        btrfs subvolume delete $2 
 +        error=$? 
 +        if [ $error -eq 13 ]; then 
 +                # EC 13 => The directory specified is no subvolume 
 +                rm $@ 
 +        elif [ $error -ne 0 ]; then 
 +                echo Error while deleting with btrfs $? 
 +        fi 
 +else 
 +        rm $@ 
 +fi 
 +</code> 
 +https://web.archive.org/web/20140409045559/http://wwerther.de/2011/10/migrate-rsnapshot-based-backup-to-btrfs-snapshots/ 
 + 
 +====== syncthing ====== 
 + 
 +====== OpenWRT backup ====== 
 +===== Prep backup server =====
 create a user and limit it to a predefined sftp only chroot. create a user and limit it to a predefined sftp only chroot.
 <code> <code>
Line 23: Line 79:
 <code> <code>
 mkdir -p /chrootbackup/gatewaybackup/backups mkdir -p /chrootbackup/gatewaybackup/backups
-chown gatewaybackups /chrootbackup/gatewaybackup/backups+chown gatewaybackup /chrootbackup/gatewaybackup/backups
 </code> </code>
  
-== Setup openwrt box ==+===== Setup openwrt box =====
 nightly script using sysupgrade ((https://openwrt.org/docs/guide-user/troubleshooting/backup_restore)) nightly script using sysupgrade ((https://openwrt.org/docs/guide-user/troubleshooting/backup_restore))
 <code> <code>
Line 36: Line 92:
 </code> </code>
 edit the /etc/sysupgrade.conf file on the openwrt machine with a list of files to backup edit the /etc/sysupgrade.conf file on the openwrt machine with a list of files to backup
 +
 +update cron to run it nightly
 +/etc/crontabs/root
 +<code>
 +54 1 * * * /root/backup.sh
 +</code>
  
 create ssh key to login to backupserver create ssh key to login to backupserver
Line 47: Line 109:
  
  
-=== References ===+====== References ======
 https://wiki.archlinux.org/title/SFTP_chroot https://wiki.archlinux.org/title/SFTP_chroot
  
  
 https://passingcuriosity.com/2014/openssh-restrict-to-sftp-chroot/ https://passingcuriosity.com/2014/openssh-restrict-to-sftp-chroot/
 +
 +https://web.archive.org/web/20140409045559/http://wwerther.de/2011/10/migrate-rsnapshot-based-backup-to-btrfs-snapshots/
  
notes/backups.1633218441.txt.gz · Last modified: by david