Backup procedure: Difference between revisions
From Newroco Tech Docs
Jump to navigationJump to search
No edit summary |
No edit summary |
||
| (7 intermediate revisions by 3 users not shown) | |||
| Line 8: | Line 8: | ||
<pre>sudo su - | <pre>sudo su - | ||
ssh-keygen</pre> | ssh-keygen</pre> | ||
Copy the public key from /root/.ssh/id_rsa.pub | |||
==On target server(s)== | ==On target server(s)== | ||
| Line 13: | Line 15: | ||
<pre>apt-get install rsync</pre> | <pre>apt-get install rsync</pre> | ||
Create a user for the backup script with the public key | Create a user for the backup script with the public key copied before | ||
<pre>adduser --disabled-password --gecos "" backup-user | |||
mkdir /home/backup-user/.ssh | |||
touch /home/backup-user/.ssh/authorized_keys | |||
echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYqISHAvWWn3xXyz+scUIVJ6wp3AT3vIihGU3FhjBE+DwDbFgKrAyZnwquEAvoRnMPMW9almT1/Pk3m03Kye3PkK1GUOWesgmQbISoViTehy76/oOPwYOxxiXOkKRTPlK8g3wZli3dHrgPi0C6dandCdwUDLhx5gopvNySo5rN5dKcCDX5xQ7SrIBvHd5tKv5MX9VNOOQKfzj02IPLQG1ICg052aQt6hewI+n7CzgEhwawYDYwRxcTb221QfxqmH4MENu3ETN4kkmkekJV4OHMGAMRHMyTaNYFjTcdAoNGDQ/NdSV0j2YKK+2budYGcxlRebteh+ifac0pIEqiwy/t root@compendium' > /home/backup-user/.ssh/authorized_keys | |||
chown -R backup-user:backup-user /home/backup-user/.ssh | |||
chmod 600 /home/backup-user/.ssh/authorized_keys</pre> | |||
Add entry in /etc/sudoers for the created user | Add entry in /etc/sudoers for the created user | ||
<pre>visudo | <pre># export EDITO=vim | ||
#visudo | |||
backup-user ALL=NOPASSWD: /usr/bin/rsync</pre> | backup-user ALL=NOPASSWD: /usr/bin/rsync</pre> | ||
==Back on backup server== | ==Back on backup server== | ||
Copy | Copy the backup script in /opt/bin/rsyncbackup.sh | ||
<pre> | <pre> | ||
#!/bin/bash | #!/bin/bash | ||
| Line 27: | Line 36: | ||
echo "Error: you need to provide 2 parameters, $# given." | echo "Error: you need to provide 2 parameters, $# given." | ||
echo "Syntax: rsyncbackup.sh remote local" | echo "Syntax: rsyncbackup.sh remote local" | ||
echo "Example: rsyncbackup.sh | echo "Example: rsyncbackup.sh rsyncbackup@ip.add.re.ss:/path/to/source/ /path/to/destination/ (mind the slashes)" | ||
echo | echo | ||
exit 1 | exit 1 | ||
| Line 33: | Line 42: | ||
CURRENTDATE=`/bin/date +"%F"` | CURRENTDATE=`/bin/date +"%F"` | ||
OLDDATE=`/bin/date --date="2 days ago" +"%F"` | #OLDDATE=`/bin/date --date="2 days ago" +"%F"` | ||
SOURCE=`echo $1` | SOURCE=`echo $1` | ||
| Line 67: | Line 76: | ||
/bin/rm ${DEST}latest | /bin/rm ${DEST}latest | ||
/bin/ln -s ${DEST}${CURRENTDATE} ${DEST}latest | /bin/ln -s ${DEST}${CURRENTDATE} ${DEST}latest | ||
/bin/rm -r ${DEST}${OLDDATE} | #/bin/rm -r ${DEST}${OLDDATE} | ||
echo `date +"%F %T"` " : Finished rsyncing to ${DEST}${CURRENTDATE}." | echo `date +"%F %T"` " : Finished rsyncing to ${DEST}${CURRENTDATE}." | ||
| Line 76: | Line 85: | ||
And make it executable | And make it executable | ||
<pre>chmod +x /opt/bin/rsyncbackup.sh</pre> | <pre>chmod +x /opt/bin/rsyncbackup.sh</pre> | ||
Create the directories where the backups will be saved | Create the directories where the backups will be saved | ||
<pre>mkdir -p /dir/for/the/backup</pre> | <pre>mkdir -p /dir/for/the/backup</pre> | ||
Create a file /etc/cron.d/ | Create a file /etc/cron.d/rsyncbackup and set the backup | ||
<pre> | <pre> | ||
# Minute Hour Day of Month Month Day of Week User Command | # Minute Hour Day of Month Month Day of Week User Command | ||
# (0-59) (0-23) (1-31) (1-12 or Jan-Dec) (0-6 or Sun-Sat) | # (0-59) (0-23) (1-31) (1-12 or Jan-Dec) (0-6 or Sun-Sat) | ||
00 00 * * * root /opt/bin/ | 00 00 * * * root /opt/bin/rsyncbackup.sh rsyncbackup@ta.rg.et.ip:/path/to/source /path/to/destination/ >> /var/log/replication.log | ||
</pre> | </pre> | ||
Make it executable | Make it executable | ||
<pre>chmod +x /etc/cron.d/ | <pre>chmod +x /etc/cron.d/rsyncbackup</pre> | ||
==Proxy== | ==Proxy== | ||
Latest revision as of 07:55, 5 February 2024
This page will describe how a backup procedure would look.
On backup server
Install rsync
apt-get install rsync
Switch to root and create a private/public key pair
sudo su - ssh-keygen
Copy the public key from /root/.ssh/id_rsa.pub
On target server(s)
Install rsync
apt-get install rsync
Create a user for the backup script with the public key copied before
adduser --disabled-password --gecos "" backup-user mkdir /home/backup-user/.ssh touch /home/backup-user/.ssh/authorized_keys echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYqISHAvWWn3xXyz+scUIVJ6wp3AT3vIihGU3FhjBE+DwDbFgKrAyZnwquEAvoRnMPMW9almT1/Pk3m03Kye3PkK1GUOWesgmQbISoViTehy76/oOPwYOxxiXOkKRTPlK8g3wZli3dHrgPi0C6dandCdwUDLhx5gopvNySo5rN5dKcCDX5xQ7SrIBvHd5tKv5MX9VNOOQKfzj02IPLQG1ICg052aQt6hewI+n7CzgEhwawYDYwRxcTb221QfxqmH4MENu3ETN4kkmkekJV4OHMGAMRHMyTaNYFjTcdAoNGDQ/NdSV0j2YKK+2budYGcxlRebteh+ifac0pIEqiwy/t root@compendium' > /home/backup-user/.ssh/authorized_keys chown -R backup-user:backup-user /home/backup-user/.ssh chmod 600 /home/backup-user/.ssh/authorized_keys
Add entry in /etc/sudoers for the created user
# export EDITO=vim #visudo backup-user ALL=NOPASSWD: /usr/bin/rsync
Back on backup server
Copy the backup script in /opt/bin/rsyncbackup.sh
#!/bin/bash
if [ $# -ne 2 ] ; then
echo "Error: you need to provide 2 parameters, $# given."
echo "Syntax: rsyncbackup.sh remote local"
echo "Example: rsyncbackup.sh rsyncbackup@ip.add.re.ss:/path/to/source/ /path/to/destination/ (mind the slashes)"
echo
exit 1
fi
CURRENTDATE=`/bin/date +"%F"`
#OLDDATE=`/bin/date --date="2 days ago" +"%F"`
SOURCE=`echo $1`
DEST=$2
echo "source=$SOURCE"
INPROGRESS=${DEST}inprogress
LATEST=${DEST}latest
if [ -d $INPROGRESS ] ; then
echo `date +"%F %T"` " : Directory $INPROGRESS already exists - is a previous backup still running?"
echo `date +"%F %T"` " : Directory $INPROGRESS already exists - is a previous backup still running?" | /usr/bin/mail -s "Backup of $SOURCE failed. Directory $INPROGRESS already exists - is a previous backup still running?" example@email.com
exit 1
fi
echo `date +"%F %T"` " : Started rsyncing to ${DEST}${CURRENTDATE}."
echo "source=$SOURCE"
/usr/bin/rsync --old-compress -rlptD --numeric-ids --hard-links --inplace --acls --xattrs --rsync-path "/usr/bin/sudo /usr/bin/rsync" --link-dest "${DEST}latest" --old-compress ${SOURCE} ${DEST}inprogress
RSYNCERROR=$?
if [ $RSYNCERROR -ne 0 ] ; then
echo `date +"%F %T"` " : Rsync to ${DEST}inprogress exited with non-null status. Exiting..."
echo `date +"%F %T"` " : Rsync to ${DEST}inprogress exited with non-null status. Exiting..." | /usr/bin/mail -s "Backup of $SOURCE failed" example@email.com
exit 1
fi
/bin/mv ${DEST}inprogress ${DEST}${CURRENTDATE}
/bin/rm ${DEST}latest
/bin/ln -s ${DEST}${CURRENTDATE} ${DEST}latest
#/bin/rm -r ${DEST}${OLDDATE}
echo `date +"%F %T"` " : Finished rsyncing to ${DEST}${CURRENTDATE}."
exit 0
And make it executable
chmod +x /opt/bin/rsyncbackup.sh
Create the directories where the backups will be saved
mkdir -p /dir/for/the/backup
Create a file /etc/cron.d/rsyncbackup and set the backup
# Minute Hour Day of Month Month Day of Week User Command # (0-59) (0-23) (1-31) (1-12 or Jan-Dec) (0-6 or Sun-Sat) 00 00 * * * root /opt/bin/rsyncbackup.sh rsyncbackup@ta.rg.et.ip:/path/to/source /path/to/destination/ >> /var/log/replication.log
Make it executable
chmod +x /etc/cron.d/rsyncbackup
Proxy
If you can't connect directly to the server that needs to be backed up and need to use a proxy, replace the rsync command from the above script with this one
/usr/bin/rsync --old-compress -rlptD --numeric-ids --hard-links --inplace --acls --xattrs --rsync-path "/usr/bin/sudo /usr/bin/rsync" --link-dest "${DEST}latest" --old-compress -e 'ssh -o "ProxyCommand ssh -A backup-user@<proxy-ip> -W %h:%p"' ${SOURCE} ${DEST}inprogress
And of course make sure there is a backup-user on the proxy with the previously generated public key.
