Backup configuration

From eg

Jump to: navigation, search

This article explains backup in the context of open configuration projects. For details of the backup configuration of eg:itself see eg:backup configuration. For information about backup policies, such as how often backups happen, see eg:backup.

[edit] Backup software

The backup software we're currently using is rdiff-backup which has the main advantage that it is very easy to use. In the future we may move to other technologies, in which case the changes will be documented here. rdiff-backup was configured to use a 'pull' style of backup, although other approaches are possible. Detailed instructions for setting up this type of backup are available here Unattended rdiff-backup Howto


[edit] Backup configuration

rdiff-backup is very simple to use. The program itself takes care of the nitty gritty details of network connectivity and maintaining versions of the backed up repository. The only real challenge in running the backup is to set up a pairing via ssh's authorized keys facility to allow the rdiff-backup process access to the target machine (the one being backed up - eg.zooid.org in this case) unattended. A secondary problem is setting up a cron job to run the backups. A description of the process used to set up the backups follows

[edit] Configuration description

  1. Installed rdiff-backup from the debian package on both eg.zooid.org and adelaide.zooid.org
  2. Created a new user on adelaide.zooid.org called eg-backup with no login shell. This user will be the one which runs the backup process which accesses eg.zooid.org\
  3. Create a /home/eg-backup directory and set it to the appropriate permissions (i.e. mkdir /home/eg-backup; chown eg-backup:eg-backup; /home/eg-backup; and check that the directory permissions match the other users in /home.
  4. su eg-backup and create a new passphrase free ssh key as that user by saying ssh-keygen -t rsa Just push enter if it asks you for a passphrase. I saved the key in /home/eg-backup/.ssh
  5. Create a config file that defines what to do when accessing eg.zooid.org If you need to see the structure of the config file, view it on adelaide.zooid.org or look at the above mentioned howto
  6. Now you need to edit the file /root/.ssh/authorized_keys2 on eg.zooid.org to allow adelaide.zooid.org to connect. To do this we need to add the following to the file command="rdiff-backup --server --restrict-read-only /",from="199.166.207.200",no-port-forwarding,no-X11-forwarding,no-pty

XXXXXXXXXXX eg-backup@199.166.207.200 where XXXXXXXXXX should be replaced by the contents of the /home/eg-backup/.ssh/id_rsa_eg_backup.pub from adelaide.zooid.org

  1. Now is a good time to test that the eg-backup user on adelaide.zooid.org can connect zooid and back something up without a passphrase. Try it. If it doesn't work, go back and try these instructions again with the help of the howto mentioned above or search on google for ssh authorized key logins. The authorized_keys2 file can be very sensitive to extraneous line breaks (the public key should have no line breaks) and ssh can sometimes choke on things like not being able to do reverse lookups on domain names.
  2. Once rdiff-backup can login and backup files from the eg, its a simple matter of creating a cron job on adelaide to run the backup. Create a new crontab as the eg-backup user. For the actual crontabs in use, see crontab -e -u eg-backup They are easy to understand.
Retrieved from "http://let.sysops.be/wiki/Backup_configuration"
Personal tools