» Do it. Now.

Backupninja with unattended rdiff-backup

Backupninja provides a centralized way to configure and schedule many different backup utilities. It allows for secure, remote, incremental filesytem backup (via rdiff-backup), compressed incremental data, backup system and hardware info, encrypted remote backups (via duplicity), safe backup of MySQL/PostgreSQL databases, subversion or trac repositories, burn CD/DVDs or create ISOs, incremental rsync with hardlinking.

This walkthrough will describe how to setup Backupninja together with rdiff-backup in unattended mode.

The two partners in this setup are server.example.net and backup.example.net. The former should backup its data nightly to the latter. The user service will be the backup system account using password-less ssh access. The target directory is /data/backup, so the complete backup target address in ssh notation is service@backup.example.net:/data/backup.


Setup: Once

target: create system user

backup.example.net:~$ useradd -m service 
backup.example.net:~$ passwd service 
                      # ^^ only required for copying over ssh public identities; can be disabled later: 
                      backup.example.net:~$ passwd --lock service 

target: install backup software

rdiff-backup requires pyxattr >=0.4 (looks like)

  • On debian lenny, python-pyxattr has Version: 0.4.0-1, while python-xattr has Version: 0.4-4
    backup.example.net:~$ aptitude install backupninja rdiff-backup python-pyxattr 
  • On debian etch, python-pyxattr has Version: 0.2.1-1.1, so use python-xattr 0.4-4~bpo40+1 from etch-backports:
    backup.example.net:~$ aptitude install python-xattr -t etch-backports 

Setup: For each backup pair

target: setup backup destination

backup.example.net:~$ mkdir -p /data/backup/{customer}/server.example.net/rdiff 
backup.example.net:~$ chown -R service:service /data/backup/{customer}/server.example.net/rdiff 

source: setup backup source

  • setup backup tools
    server.example.net:~$ aptitude install backupninja rdiff-backup python-pyxattr debconf-utils hwinfo 

    pyxattr >=0.4 required (so on debian etch): (see above “target: install backup software”)

    server.example.net:~$ aptitude install python-xattr -t etch-backports 
  • create user service and its keypair, copy public key over to backup target
    server.example.net:~$ useradd -m service 
    server.example.net:~$ su - service 
    service@server.example.net:~$ ssh-keygen 
    service@server.example.net:~$ ssh-copy-id service@backup.example.net 
    service@server.example.net:~$ logout 

Just the hour-part of “when” is actually used, so this will run at 00:00! This is due to a limitation (bug?) in backupninja.

  • backupninja: handler setup
    server.example.net:~$ cp /usr/share/doc/backupninja/examples/example.sys /etc/backup.d/10.sys 
    server.example.net:~$ cp /usr/share/doc/backupninja/examples/example.mysql /etc/backup.d/20.mysql 
    server.example.net:~$ cp /usr/share/doc/backupninja/examples/example.ldap /etc/backup.d/30.ldap 
    server.example.net:~$ cp /usr/share/doc/backupninja/examples/example.rdiff /etc/backup.d/90.rdiff 
    server.example.net:~$ chmod go-r /etc/backup.d/* 

Properly configure each handler!

TODO: Write more e.g. about using slapcat for LDAP.

  • backupninja: unattended backup-rdiff
    options = --force --remote-schema 'ssh -i /home/service/.ssh/id_rsa -C %s rdiff-backup --server' 
    #label = thishostname 
    include = /var/mail 
    directory = /data/backup/{customer}/server.example.net/rdiff 
    host = backup.example.net 
    user = service    
    sshoptions = -i /home/service/.ssh/id_rsa 
  • backupninja: force testrun
    server.example.net:~$ backupninja --test --now 
    server.example.net:~$ screen -S backup 
    server.example.net:~$ backupninja --debug --now 

    detach from screen: Ctrl+A, D


target: prepare backup partition (optional)

hypervisor is the machine backup.example.net is running on. We'll mount another partition with plenty of backup space. Here's how (LVM + Xen):


hypervisor:~$ lvcreate -L 250G vg0 -n backup-data 
hypervisor:~$ mkfs.ext3 /dev/vg0/backup-data 
hypervisor:~$ nano /etc/xen/backup.example.net.cfg 
disk        = [ 
backup.example.net:~$ mkdir /data 
backup.example.net:~$ nano /etc/fstab 
/dev/sda6 /data    ext3 noatime,nodiratime,errors=remount-ro 0 1 
backup.example.net:~$ halt 
hypervisor:~$ xm create /etc/xen/backup.example.net.cfg 

target: configure backup directory

Exclude backup path from being scanned by “locate” & Co.:

backup.example.net:~$ nano /etc/updatedb.findutils.cron.local 
setup/backupninja-with-unattended-rdiff-backup.txt · Last modified: 2019/05/26 15:04 (external edit)