Off-site Backup with Backupninja: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 6: | Line 6: | ||
* A <code>lurk</code> user created on the off-site backup that will be used specifically by the backup scripts | * A <code>lurk</code> user created on the off-site backup that will be used specifically by the backup scripts | ||
* Debian based servers (not sure Backupninja will run otherwise without some slight modifications) | * Debian based servers (not sure Backupninja will run otherwise without some slight modifications) | ||
* All the machines (servers and the backup machine) on a working Tinc VPN | * All the machines (servers and the backup machine) on a working [[VPN_with_Tinc | Tinc VPN]] | ||
* Enough space on the off-site backup machine :) | * Enough space on the off-site backup machine :) | ||
== On the Off-site machine == | == On the Off-site machine == | ||
* As <code>lurk</code> create directories for each server | * As <code>lurk</code> create directories for each server | ||
mkdir / | mkdir /data/lurk/douglas /data/lurk/agnesbaxter | ||
== On each server == | == On each server == | ||
=== Installation === | === Installation === | ||
Clone Backupninja from https://0xacab.org/riseuplabs/backupninja | |||
cd /usr/src/ && git clone https://0xacab.org/riseuplabs/backupninja | |||
cd /usr/src/backupninja | |||
./autogen.sh | |||
./configure | |||
make | |||
make install | |||
note that by running the above all configurations will be in <code>/usr/local/etc/</code> | |||
=== Configuration === | === Configuration === | ||
| Line 50: | Line 60: | ||
* leave ninjahelper | * leave ninjahelper | ||
==== | ==== Borg Backup ==== | ||
This is the action that will not only allow you to select which part of your local filesystem to remotely send and rotate to the off-site backup machine, but it will also make sure the local backups above are sent as well! | This is the action that will not only allow you to select which part of your local filesystem to remotely send and rotate to the off-site backup machine, but it will also make sure the local backups above are sent as well! | ||
* As <code>root</code> run | * make sure you have <code>borgbackup</code> installed: | ||
apt install borgbackup | |||
* As <code>root</code> run: | |||
ninjahelper | ninjahelper | ||
* create a new backup action | * create a new backup action, choose borg | ||
* choose file to include & exclude, add paths, wildcard accepted | * choose file to include & exclude, add paths, wildcard accepted | ||
* configure backup destination: | * configure backup destination: | ||
** dest_directory <code>/data/lurk/name-of-server-to-backup</code> | |||
** dest_directory <code>/ | |||
** dest_host <code>10.0.1.2</code> Adjust to the Tinc IP of the off-site backup machine. | ** dest_host <code>10.0.1.2</code> Adjust to the Tinc IP of the off-site backup machine. | ||
** dest_user <code>lurk</code> | ** dest_user <code>lurk</code> | ||
** dest_type <code>remote</code> | ** dest_type <code>remote</code> | ||
* set up ssh keys and test remote connection | * set up ssh keys and test remote connection | ||
* enable encryption, choose a nice long passphrase | |||
* enable pruning, keep <code>120D</code> (you can adjust if you will run out of space! Keep in mind this is incremental though, so don't panic) | |||
* '''select the action and test/run/review the config''' | * '''select the action and test/run/review the config''' | ||
* check that everything is showing up nicely on the backup server in the destination directory! | * check that everything is showing up nicely on the backup server in the destination directory! | ||
| Line 70: | Line 83: | ||
== Fine tuning == | == Fine tuning == | ||
=== Edit/Change the local filesystem path to include/exclude === | === Edit/Change the local filesystem path to include/exclude === | ||
By default Babckupninja will backup some folder and exclude some others. This can be changed during the initial configuration of the | By default Babckupninja will backup some folder and exclude some others. This can be changed during the initial configuration of the borg action but can also be done later. | ||
* As root, edit <code>/etc/backup.d/90. | * As root, edit <code>/etc/backup.d/90.borg</code> | ||
* Make changes in the section <code># files to include in the backup</code> | * Make changes in the section <code># files to include in the backup</code> | ||
* '''Optional:''' run <code>ninjahelper</code>, select the <code>90. | * '''Optional:''' run <code>ninjahelper</code>, select the <code>90.borg</code> action and <code>run</code> it to make sure it's being sent to the off-site machine. If you're sure of your changes, you can also wait the next backup to happen to see if it worked. | ||
[[Category:System]] | [[Category:System]] | ||
Revision as of 07:26, 25 July 2019
Goal: Setup a remote machine that will be used for incremental backup of critical parts of the LURK servers.
Requirements
This document assumes you already have:
- A configure Linux/BSD machine to work as off-site backup
- A
lurkuser created on the off-site backup that will be used specifically by the backup scripts - Debian based servers (not sure Backupninja will run otherwise without some slight modifications)
- All the machines (servers and the backup machine) on a working Tinc VPN
- Enough space on the off-site backup machine :)
On the Off-site machine
- As
lurkcreate directories for each server
mkdir /data/lurk/douglas /data/lurk/agnesbaxter
On each server
Installation
Clone Backupninja from https://0xacab.org/riseuplabs/backupninja
cd /usr/src/ && git clone https://0xacab.org/riseuplabs/backupninja cd /usr/src/backupninja
./autogen.sh ./configure make make install
note that by running the above all configurations will be in /usr/local/etc/
Configuration
/etc/backupninja.conf
Some changes:
reportemail = some@where.nice when = everyday at 05:55
MySQL local backups
- As
rootrun the command:
ninjahelper
- create a new backup action
- mysql database backup
- path:
/var/backups/mysql # adjust if this location does not have much free space
- all the databases to backup.
- select the debian maintenance user for access
- compress the sql output file
- select the action and test/run/review the config
- leave ninjahelper
PostgreSQL local backups
- As
rootrun the command:
ninjahelper
- create a new backup action
- postgresql database backup
- path:
/var/backups/postgres # adjust if this location does not have much free space
- backup the whole cluster
- compress the backups
- custom
- select the action and test/run/review the config
- leave ninjahelper
Borg Backup
This is the action that will not only allow you to select which part of your local filesystem to remotely send and rotate to the off-site backup machine, but it will also make sure the local backups above are sent as well!
- make sure you have
borgbackupinstalled:
apt install borgbackup
- As
rootrun:
ninjahelper
- create a new backup action, choose borg
- choose file to include & exclude, add paths, wildcard accepted
- configure backup destination:
- dest_directory
/data/lurk/name-of-server-to-backup - dest_host
10.0.1.2Adjust to the Tinc IP of the off-site backup machine. - dest_user
lurk - dest_type
remote
- dest_directory
- set up ssh keys and test remote connection
- enable encryption, choose a nice long passphrase
- enable pruning, keep
120D(you can adjust if you will run out of space! Keep in mind this is incremental though, so don't panic) - select the action and test/run/review the config
- check that everything is showing up nicely on the backup server in the destination directory!
Fine tuning
Edit/Change the local filesystem path to include/exclude
By default Babckupninja will backup some folder and exclude some others. This can be changed during the initial configuration of the borg action but can also be done later.
- As root, edit
/etc/backup.d/90.borg - Make changes in the section
# files to include in the backup - Optional: run
ninjahelper, select the90.borgaction andrunit to make sure it's being sent to the off-site machine. If you're sure of your changes, you can also wait the next backup to happen to see if it worked.