rimball wiki

User Tools

Site Tools

Trace: backups
notes:backups

This is an old revision of the document!

Table of Contents

How I backup servers locally and in the cloud using rsync, restricted-rsync, rsnapshot, restic, backblaze b2.

Android phones have their photos backed up to a central backup server using syncthing, which is then backed up to the cloud using restic. Servers are backed up using rsync and restricted-rsync pulling from a centralized backup server.

Tools used

restic

rsnapshot

create a new ed25519 key on the backup server, and copy the public Setup /root/.ssh/authorized_keys command=“/usr/bin/rrsync -ro /”,restrict,from=“192.0.2.2” ssh-ed25519 abc1234PublicKey

This will force the use of rrsync to the / directory as read-only, when logging in using the specified key, from 192.0.2.2 .

make sure to use the “–inplace” option for rsync when using the setup for btrfs, from the rsync man page “it can also help keep a copy-on-write filesystem snapshot from diverging the entire contents of a file that only has minor changes”

rsnapshot and btrfs

In order to take advantage of btrfs subvolumes with rsnapshot the following options in the rsnapshot configuration will need to be modified according to 1) 

cmd_cp      /root/bin/rsnapshot_plug_cp_btrfs
cmd_rm      /root/bin/rsnapshot_plug_rm_btrfs

snapshot_plug_cp_btrfs 2)

snapshot_plug_cp_btrfs
#!/bin/sh
# Arg 1: -al
# Arg 2: /testbtrfs/backups/hourly.0
# Arg 3: /testbtrfs/backups/hourly.1
btrfs subvolume snapshot $2 $3

rsnapshot_plug_rm_btrfs 3)

rsnapshot_plug_rm_btrfs
#!/bin/sh
 
# Arg 1: -rf
# Arg 2: /testbtrfs/backups/hourly.4/
 
# echo 1: $1  2: $@
 
# Try to delete the given path with btrfs subvolume delete first
# if this fails fall back to normal rm
if [  "$1" = "-rf"  -a  "$3" = ""  ]; then
        # "trying to delete with btrfs"
        btrfs subvolume delete $2
        error=$?
        if [ $error -eq 13 ]; then
                # EC 13 => The directory specified is no subvolume
                rm $@
        elif [ $error -ne 0 ]; then
                echo Error while deleting with btrfs $?
        fi
else
        rm $@
fi

https://web.archive.org/web/20140409045559/http://wwerther.de/2011/10/migrate-rsnapshot-based-backup-to-btrfs-snapshots/

syncthing

OpenWRT backup

Prep backup server

create a user and limit it to a predefined sftp only chroot. 

useradd  -m -s /bin/false gatewaybackup

setup chroot 

mkdir -p /chrootbackup/gatewaybackup/backups
chown gatewaybackups /chrootbackup/gatewaybackup/backups

Setup openwrt box

nightly script using sysupgrade 4) 

#!/bin/sh
backupFile=/tmp/backup-${HOSTNAME}-$(date +%F).tar.gz
sysupgrade -b $backupFile
echo "put $backupFile backups/" |  sftp -i gatewaykey  -b - gatewaybackup@<backupserver>
rm -f "${backupFile}"

edit the /etc/sysupgrade.conf file on the openwrt machine with a list of files to backup

update cron to run it nightly /etc/crontabs/root 

54 1 * * * /root/backup.sh

create ssh key to login to backupserver 

dropbearkey -t ed25519 -f gatewaykey

copy the public key to the backup server /home/gatewaybackups/.ssh/authorized_keys 

dropbearkey -y -f gatewaykey

References

https://wiki.archlinux.org/title/SFTP_chroot

https://passingcuriosity.com/2014/openssh-restrict-to-sftp-chroot/

https://web.archive.org/web/20140409045559/http://wwerther.de/2011/10/migrate-rsnapshot-based-backup-to-btrfs-snapshots/

1)
https://web.archive.org/web/20140409045559/http://wwerther.de/2011/10/migrate-rsnapshot-based-backup-to-btrfs-snapshots/
2)
https://gist.githubusercontent.com/wwerther/1306185/raw/rsnapshot_plug_cp_btrfs
3)
https://gist.githubusercontent.com/wwerther/1306189/raw/rsnapshot_plug_rm_btrfs
4)
https://openwrt.org/docs/guide-user/troubleshooting/backup_restore
notes/backups.1634782443.txt.gz · Last modified: by david