Difference between revisions of "BackupPc"

From YobiWiki
Jump to navigation Jump to search
Line 37: Line 37:
 
* scp /var/lib/backuppc/.ssh/id_rsa.pub root@<host_to_backup>:
 
* scp /var/lib/backuppc/.ssh/id_rsa.pub root@<host_to_backup>:
 
* on the host:
 
* on the host:
** mv id_rsa.pub ~/.ssh/authorized_keys
+
** cat id_rsa.pub >> ~/.ssh/authorized_keys
 
** prepend the line in authorized_keys by sth like<br>from="<my_backup_server>" <br> so that only the backup host can log with this key.
 
** prepend the line in authorized_keys by sth like<br>from="<my_backup_server>" <br> so that only the backup host can log with this key.
 
** install a ssh server if not yet done
 
** install a ssh server if not yet done
 
** install rsync
 
** install rsync
 
* Try once as user backuppc to log as root on your host, first to accept the fingerprint, second to check if you are in without prompt for pwd
 
* Try once as user backuppc to log as root on your host, first to accept the fingerprint, second to check if you are in without prompt for pwd
  +
 
===Troubleshooting===
 
===Troubleshooting===
 
Backup failed and you've only a very poor error message?
 
Backup failed and you've only a very poor error message?

Revision as of 13:31, 8 April 2011

Setup

  • apt-get install apache2 backuppc libfile-rsyncp-perl
  • add to /etc/aliases
backuppc: root

If you use a dedicated disk or partition:

  • prefer reiserfs over ext3 to avoid any inode shortage problem.
  • mount it with "noatime" for better performances
  • If you've to move an existing setup, move /var/lib/backuppc to the dedicated partition but preserve hardlinks (use cp -a), then create /var/lib/backuppc symlink

To create/change http passwords:

 htpasswd /etc/backuppc/htpasswd backuppc

To create a new user:

htpasswd /etc/backuppc/htpasswd user

add to /etc/aliases

user: user@email.com

To prepare backuppc to access the hosts:

su - backuppc
ssh-keygen -t rsa -N ''

For a full restoration from scratch, see the backuppc paragraph in Harddrive

Whenever you change the config files, be sure to have the proper permissions:

chown backuppc:www-data /etc/backuppc/*
chmod go-rwx /etc/backuppc/*pl

Apache2

ln -s /etc/backuppc/apache.conf /etc/apache2/sites-enabled/backuppc

Add a host for backup

  • add it to /etc/backuppc/hosts
  • create a file such as /etc/backuppc/<host>.pl with the same name and with variables from config.pl that you want to adapt for your host
  • scp /var/lib/backuppc/.ssh/id_rsa.pub root@<host_to_backup>:
  • on the host:
    • cat id_rsa.pub >> ~/.ssh/authorized_keys
    • prepend the line in authorized_keys by sth like
      from="<my_backup_server>"
      so that only the backup host can log with this key.
    • install a ssh server if not yet done
    • install rsync
  • Try once as user backuppc to log as root on your host, first to accept the fingerprint, second to check if you are in without prompt for pwd

Troubleshooting

Backup failed and you've only a very poor error message?

For example:

Got fatal error during xfer (Unable to read 4 bytes)

There are more complete logfiles in /var/lib/backuppc/pc/*yourmachine*/XferLOG.bad.z
But they're compressed with libz (I think) so to read the file:

$ /usr/share/backuppc/bin/BackupPC_zcat /var/lib/backuppc/pc/*yourmachine*/XferLOG.bad.z

To continue on the same example, here we got:

full backup started for directory /blabla
Running: /usr/bin/ssh -q -x -l root yourmachine /usr/bin/rsync --server --sender --numeric-ids --perms --owner --group -D --links --hard-links --times --block-size=2048 --recursive --bwlimit=1500 --ignore-times . /blabla
Xfer PIDs are now 10100
Read EOF: Connection reset by peer
Tried again: got 0 bytes
Done: 0 files, 0 bytes
Got fatal error during xfer (Unable to read 4 bytes)
Backup aborted (Unable to read 4 bytes)
Not saving this as a partial backup since it has fewer files than the prior one (got 0 and 0 files versus 0)

Ok ssh command failed. Let's try it:

# su - backuppc
$ /usr/bin/ssh -l root yourmachine ls
The authenticity of host 'yourmachine (1.2.3.4)' can't be established.
RSA key fingerprint is bl:ab:la
Are you sure you want to continue connecting (yes/no)? yes

So that's was the issue! That's what happen when you miss the last step in the paragraph about adding a host, just here above!

To invert tunnelling (if from behind a firewall)

  • On the host:
    • ssh -R 2222:localhost:22 <backup_server>
      Make it passwordless with keys
    • To make it automated: install autossh
      Add somewhere in the startup scripts:
      su <my_local_user> -c 'autossh -N -f -M 29001 -R 2222:localhost:22 <backup_server>' &
    • Or in /etc/network/interfaces
      up su <my_local_user> -c 'autossh -N -f -M 29001 -R 2222:localhost:22 <backup_server>' &
      down su <my_local_user> -c 'killall autossh'
  • On the server:
    • backuppc ~/.ssh/config:
      • Host <host_to_backup_as_said_to_backuppc>
      • ~HostName <localhost or ip_pub for vservers>
      • Port 2222

Restoring

Tips

When upgrading to rsync 2.6.7 on the clients you could face some problems.
This is due to a different interpretation of the option --devices
Use -D instead for sth compatible with all rsync versions.
Change it in config.pl and other host config files: $Conf{RsyncArgs} and $Conf{RsyncRestoreArgs}
cf http://sourceforge.net/mailarchive/forum.php?thread_id=10176480&forum_id=503