Table of Contents
Backupninja with unattended rdiff-backup
Backupninja provides a centralized way to configure and schedule many different backup utilities. It allows for secure, remote, incremental filesytem backup (via rdiff-backup), compressed incremental data, backup system and hardware info, encrypted remote backups (via duplicity), safe backup of MySQL/PostgreSQL databases, subversion or trac repositories, burn CD/DVDs or create ISOs, incremental rsync with hardlinking.
This walkthrough will describe how to setup Backupninja together with rdiff-backup in unattended mode.
The two partners in this setup are server.example.net and backup.example.net. The former should backup its data nightly to the latter. The user service will be the backup system account using password-less ssh access. The target directory is /data/backup, so the complete backup target address in ssh notation is service@backup.example.net:/data/backup.
Setup: Once
target: create system user
backup.example.net:~$ useradd -m service backup.example.net:~$ passwd service # ^^ only required for copying over ssh public identities; can be disabled later: backup.example.net:~$ passwd --lock service
target: install backup software
rdiff-backup requires pyxattr >=0.4 (looks like)
- On debian lenny,
python-pyxattrhasVersion: 0.4.0-1, whilepython-xattrhasVersion: 0.4-4backup.example.net:~$ aptitude install backupninja rdiff-backup python-pyxattr
- On debian etch,
python-pyxattrhasVersion: 0.2.1-1.1, so usepython-xattr 0.4-4~bpo40+1frometch-backports:backup.example.net:~$ aptitude install python-xattr -t etch-backports
Setup: For each backup pair
target: setup backup destination
backup.example.net:~$ mkdir -p /data/backup/{customer}/server.example.net/rdiff backup.example.net:~$ chown -R service:service /data/backup/{customer}/server.example.net/rdiff
source: setup backup source
- setup backup tools
server.example.net:~$ aptitude install backupninja rdiff-backup python-pyxattr debconf-utils hwinfo
pyxattr >=0.4 required (so on debian etch): (see above “target: install backup software”)
server.example.net:~$ aptitude install python-xattr -t etch-backports
- create user service and its keypair, copy public key over to backup target
server.example.net:~$ useradd -m service server.example.net:~$ su - service service@server.example.net:~$ ssh-keygen service@server.example.net:~$ ssh-copy-id service@backup.example.net service@server.example.net:~$ logout
- backupninja: base configuration
- server.example.net:/etc/backupninja.conf
reportemail = root@example.net when = everyday at 00:45
Just the hour-part of “when” is actually used, so this will run at 00:00! This is due to a limitation (bug?) in backupninja.
- backupninja: handler setup
server.example.net:~$ cp /usr/share/doc/backupninja/examples/example.sys /etc/backup.d/10.sys server.example.net:~$ cp /usr/share/doc/backupninja/examples/example.mysql /etc/backup.d/20.mysql server.example.net:~$ cp /usr/share/doc/backupninja/examples/example.ldap /etc/backup.d/30.ldap server.example.net:~$ cp /usr/share/doc/backupninja/examples/example.rdiff /etc/backup.d/90.rdiff server.example.net:~$ chmod go-r /etc/backup.d/*
Properly configure each handler!
TODO: Write more e.g. about using
slapcat for LDAP.
- backupninja: unattended backup-rdiff
- server.example.net:/etc/backup.d/90.rdiff
... options = --force --remote-schema 'ssh -i /home/service/.ssh/id_rsa -C %s rdiff-backup --server' ... #label = thishostname ... include = /var/mail ... [dest] directory = /data/backup/{customer}/server.example.net/rdiff host = backup.example.net user = service sshoptions = -i /home/service/.ssh/id_rsa
- backupninja: force testrun
server.example.net:~$ backupninja --test --now server.example.net:~$ screen -S backup server.example.net:~$ backupninja --debug --now
detach from
screen: Ctrl+A, D
Prerequisites
target: prepare backup partition (optional)
hypervisor is the machine backup.example.net is running on. We'll mount another partition with plenty of backup space. Here's how (LVM + Xen):
hypervisor:~$ lvcreate -L 250G vg0 -n backup-data hypervisor:~$ mkfs.ext3 /dev/vg0/backup-data hypervisor:~$ nano /etc/xen/backup.example.net.cfg
- /etc/xen/backup.example.net.cfg
... disk = [ ... 'phy:vg0/backup-data,sda6,w', ] ...
backup.example.net:~$ mkdir /data backup.example.net:~$ nano /etc/fstab
- /etc/fstab
... /dev/sda6 /data ext3 noatime,nodiratime,errors=remount-ro 0 1
backup.example.net:~$ halt hypervisor:~$ xm create /etc/xen/backup.example.net.cfg
target: configure backup directory
Exclude backup path from being scanned by “locate” & Co.:
backup.example.net:~$ nano /etc/updatedb.findutils.cron.local PRUNEPATHS="/data/backup"