BackupsMSL: verschil tussen versies
Regel 1: | Regel 1: | ||
− | [[Categorie:Notes] | + | [[Categorie:Notes]][[Categorie:Docu]] |
Backup setup (temporary). | Backup setup (temporary). | ||
Versie van 17 okt 2018 om 22:41
Backup setup (temporary).
Systems under backup:
- space-main -- main machine with wiki, website, access controls of the machines, public MQTT and so on.
- deur-db - machine that does the access control for the doors.
- There is a single snapshot of the CNC cutter with René, Floris and Dirk-Willem
`rsync' in archive mode is used to create a daily (incremental) backup. This is send over ssh to an off site server. This relies on a public/private SSH keypair for authentication. he host specific details are listed below; as they are slightly different between linux and freebsd.
The backup is scheduled by cron(linux) or periodic(freebsd). The output is captured and written to both a daily log (which is overwritten the next day) and sent out as an email (unencrypted).
main host 192.168.5.1
The mail file is in the `daily' periodic structure of freebsd:
/usr/local/etc/periodic/daily/999.backup
and it does an incremental backup (rsync) of all mounted UFS volumes found.
#!/bin/sh E=0 echo Offsite backups: mount -p -t ufs | awk '{print $2 }' | while read dir do /bin/echo -n " $dir:" if rsync -xCaz $dir --exclude "**/dev/**" backup-msl:/usr/home/backup-msl/msl-main; then echo OK - completed without error. else E=$? echo failed. fi done echo exit $E
scheduling, capturing the output, logging and email-alerts are all handled as per periodic(8)[1].
deur-db 192.168.4.2
Crontab calls a script around 3am in the morning called:
/home/mvn/backup.sh
which does an incremental backup (rsync) of all mounted EXT4 volumes - excluding the devices:
#!/bin/sh echo Backup: E=0 mount -t ext4 | awk '{print $3 }' | while read dir do echo -n " $dir: " rsync -xCaz $dir --exclude '/proc/**' --exclude '/dev/**' --exclude '/sys/**' backup-msl:/usr/home/backup-msl/msl-deurdb && echo OK || E=$? done exit $E
This is called by crontab:
MAILTO=xxx@xxxx.com 0 3 * * * test -x /home/mvn/backup.sh && /home/mvn/backup.sh 2&>1 | tee /var/log/backup.log
with a quick sentinel and we're keeping a log of the most recent backups. In order for the email to work - outbound ssmtpd was configured in /etc/ssmtp/ssmtpd.conf as:
FromLineOverride=YES mailhub=smtp.xs4all.nl UseSTARTTLS=YES hostname=makerspaceleiden.nl root=postmaster
Destination
On the destination server:
command="/usr/local/bin/rsync --server -logDtprCze.iLsfxC . backup-msl/msl-main",,restrict,no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa ....
backed by an encrypted FS with a daily zfs-snapshot post the backup run; which ultimately gets offloaded onto tape. The rentention policy is currently 5 years (to be adjusted).