|
(Label: Nieuwe doorverwijzing) |
(8 tussenliggende versies door 3 gebruikers niet weergegeven) |
Regel 1: |
Regel 1: |
− | Backup setup (temporary).
| + | #REDIRECT [[MTA-Backups / Duplicty]] |
− | | |
− | == Common setup ==
| |
− | | |
− | `rsync' in archive mode is used to create a daily (incremental) backup. This is send over ssh to an off site server. The backup is scheduled by cron(linux) or periodic(freebsd).
| |
− | | |
− | It relies on a public/private SSH keypair for authentication. The configuration for this can be found in:
| |
− | | |
− | .ssh/config
| |
− | .ssh/id_rsa
| |
− | | |
− | for its config and data. The host specific details are listed below; as they are slightly different between linux and freebsd.
| |
− | | |
− | The output is captured and written to both a daily log (which is overwritten the next day) and sent out as an email (unencrypted).
| |
− | | |
− | == main host 192.168.5.1 ==
| |
− | | |
− | The mail file is in the `daily' periodic structure of freebsd:
| |
− | | |
− | /usr/local/etc/periodic/daily/999.backup
| |
− | | |
− | and it does an incremental backup (rsync) of all mounted UFS volumes found.
| |
− | | |
− | #!/bin/sh
| |
− | E=0
| |
− | echo Offsite backups:
| |
− | mount -p -t ufs | awk '{print $2 }' | while read dir
| |
− | do
| |
− | /bin/echo -n " $dir:"
| |
− | if rsync -xCaz $dir --exclude "**/dev/**" backup-msl:/usr/home/backup-msl/msl-main; then
| |
− | echo OK - completed without error.
| |
− | else
| |
− | E=$?
| |
− | echo failed.
| |
− | fi
| |
− | done
| |
− | echo
| |
− | exit $E
| |
− | | |
− | | |
− | scheduling, capturing the output, logging and email-alerts are all handled as per periodic(8)[http://nixdoc.net/man-pages/FreeBSD/man8/periodic.8.html].
| |
− | | |
− | == deur-db 192.168.4.2 ==
| |
− | | |
− | | |
− | File in
| |
− | | |
− | /home/mvn/backup.sh
| |
− | | |
− | which does an incremental backup (rsync) of all mounted EXT4 volumes - excluding the devices:
| |
− | | |
− | #!/bin/sh
| |
− | echo Backup:
| |
− | E=0
| |
− | mount -t ext4 | awk '{print $3 }' | while read dir
| |
− | do
| |
− | echo -n " $dir: "
| |
− | rsync -xCaz $dir --exclude '/proc/**' --exclude '/dev/**' --exclude '/sys/**' backup-msl:/usr/home/backup-msl/msl-deurdb && echo OK || E=$?
| |
− | done
| |
− | exit $E
| |
− | | |
− | This is called by crontab:
| |
− | | |
− | MAILTO=xxx@xxxx.com
| |
− | 0 3 * * * test -x /home/mvn/backup.sh && /home/mvn/backup.sh 2&>1 | tee /var/log/backup.log
| |
− | | |
− | with a quick sentinel and we're keeping a log of the most recent backups. In order for the email to work - outbound ssmtpd was configured in /etc/ssmtp/ssmtpd.conf as:
| |
− | | |
− | FromLineOverride=YES
| |
− | mailhub=smtp.xs4all.nl
| |
− | UseSTARTTLS=YES
| |
− | hostname=makerspaceleiden.nl
| |
− | root=postmaster
| |
− | | |
− | == Destination ==
| |
− | | |
− | On the destination server:
| |
− | | |
− | command="/usr/local/bin/rsync --server -logDtprCze.iLsfxC . backup-msl/msl-main",,restrict,no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa ....
| |
− | | |
− | backed by an encrypted FS with a daily zfs-snapshot post the backup run; which ultimately gets offloaded onto tape. The rentention policy is currently 5 years (to be adjusted).
| |