BackupsMSL: verschil tussen versies
(→main host 192.168.5.1) |
(→deur-db 192.168.4.2) |
||
| Regel 43: | Regel 43: | ||
== deur-db 192.168.4.2 == | == deur-db 192.168.4.2 == | ||
| − | + | Crontab calls a script around 3am in the morning called: | |
| − | |||
/home/mvn/backup.sh | /home/mvn/backup.sh | ||
Versie van 22 feb 2018 om 18:19
Backup setup (temporary).
Common setup
`rsync' in archive mode is used to create a daily (incremental) backup. This is send over ssh to an off site server. The backup is scheduled by cron(linux) or periodic(freebsd).
It relies on a public/private SSH keypair for authentication. The configuration for this can be found in:
.ssh/config .ssh/id_rsa
for its config and data. The host specific details are listed below; as they are slightly different between linux and freebsd.
The output is captured and written to both a daily log (which is overwritten the next day) and sent out as an email (unencrypted).
main host 192.168.5.1
The mail file is in the `daily' periodic structure of freebsd:
/usr/local/etc/periodic/daily/999.backup
and it does an incremental backup (rsync) of all mounted UFS volumes found.
#!/bin/sh
E=0
echo Offsite backups:
mount -p -t ufs | awk '{print $2 }' | while read dir
do
/bin/echo -n " $dir:"
if rsync -xCaz $dir --exclude "**/dev/**" backup-msl:/usr/home/backup-msl/msl-main; then
echo OK - completed without error.
else
E=$?
echo failed.
fi
done
echo
exit $E
scheduling, capturing the output, logging and email-alerts are all handled as per periodic(8)[1].
deur-db 192.168.4.2
Crontab calls a script around 3am in the morning called:
/home/mvn/backup.sh
which does an incremental backup (rsync) of all mounted EXT4 volumes - excluding the devices:
#!/bin/sh
echo Backup:
E=0
mount -t ext4 | awk '{print $3 }' | while read dir
do
echo -n " $dir: "
rsync -xCaz $dir --exclude '/proc/**' --exclude '/dev/**' --exclude '/sys/**' backup-msl:/usr/home/backup-msl/msl-deurdb && echo OK || E=$?
done
exit $E
This is called by crontab:
MAILTO=xxx@xxxx.com 0 3 * * * test -x /home/mvn/backup.sh && /home/mvn/backup.sh 2&>1 | tee /var/log/backup.log
with a quick sentinel and we're keeping a log of the most recent backups. In order for the email to work - outbound ssmtpd was configured in /etc/ssmtp/ssmtpd.conf as:
FromLineOverride=YES mailhub=smtp.xs4all.nl UseSTARTTLS=YES hostname=makerspaceleiden.nl root=postmaster
Destination
On the destination server:
command="/usr/local/bin/rsync --server -logDtprCze.iLsfxC . backup-msl/msl-main",,restrict,no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa ....
backed by an encrypted FS with a daily zfs-snapshot post the backup run; which ultimately gets offloaded onto tape. The rentention policy is currently 5 years (to be adjusted).
