Difference between revisions of "BackupPC"
m (→Remove backups) |
|||
(78 intermediate revisions by 9 users not shown) | |||
Line 1: | Line 1: | ||
{{Languages}} | {{Languages}} | ||
===Maintainer=== | ===Maintainer=== | ||
− | [mailto:daniel@firewall-services.com[[User:VIP-ire|Daniel B. | + | [mailto:daniel@firewall-services.com][[User:VIP-ire|Daniel B.]] from [http://www.firewall-services.com Firewall Services] |
− | === Version === | + | ===Version=== |
{{#smeversion: smeserver-BackupPC }} | {{#smeversion: smeserver-BackupPC }} | ||
− | |||
− | === Description === | + | ===Description=== |
[http://backuppc.sourceforge.net/ BackupPC] is a powerful, high-performance, enterprise-grade system for backing up a large number of Linux and Windows PCs and laptops to a server's disk. BackupPC is highly configurable and easy to install and maintain. | [http://backuppc.sourceforge.net/ BackupPC] is a powerful, high-performance, enterprise-grade system for backing up a large number of Linux and Windows PCs and laptops to a server's disk. BackupPC is highly configurable and easy to install and maintain. | ||
Line 16: | Line 15: | ||
BackupPC is written in Perl and extracts backup data via SMB using Samba, tar over ssh/rsh/nfs, or rsync. It is robust, reliable, well documented and freely available as Open Source on SourceForge. | BackupPC is written in Perl and extracts backup data via SMB using Samba, tar over ssh/rsh/nfs, or rsync. It is robust, reliable, well documented and freely available as Open Source on SourceForge. | ||
− | More information & support is available at | + | More information & support is available at http://backuppc.sourceforge.net |
===Features=== | ===Features=== | ||
− | A clever pooling scheme minimizes disk storage and disk I/O. Identical files across multiple backups of the same or different PCs are stored only once resulting in substantial savings in disk storage and disk I/O. | + | *A clever pooling scheme minimizes disk storage and disk I/O. Identical files across multiple backups of the same or different PCs are stored only once resulting in substantial savings in disk storage and disk I/O. |
+ | *One example of disk use: 95 laptops with each full backup averaging 3.6GB each, and each incremental averaging about 0.3GB. Storing three weekly full backups and six incremental backups per laptop is around 1200GB of raw data, but because of pooling and compression only 150GB is needed. | ||
+ | *Optional compression support further reducing disk storage. Since only new files (not already pooled) need to be compressed, there is only a modest impact on CPU time. | ||
+ | *No client-side software is needed. The standard smb protocol is used to extract backup data on Windows clients. On linux clients, tar over ssh/rsh/nfs is used to backup the data. With version 2.0.0, rsync is also supported on any client that has rsync or rysncd. | ||
+ | *A powerful web (http/cgi) user interface allows administrators to view log files, configuration, current status and allows users to initiate and cancel backups and browse and restore files from backups. | ||
+ | *A full set of restore options is supported, including direct restore (via smbclient, tar, or rsync/rsyncd) or downloading a zip or tar file. | ||
+ | *Supports mobile environments where laptops are only intermittently connected to the network and have dynamic IP addresses (DHCP). | ||
+ | *Flexible configuration parameters allow multiple backups to be performed in parallel, specification of which shares to backup, which directories to backup or not backup, various schedules for full and incremental backups, schedules for email reminders to users and so on. Configuration parameters can be set system-wide or also on a per-PC basis. | ||
+ | *Users are sent periodic email reminders if their PC has not recently been backed up. Email content, timing and policies are configurable. | ||
+ | *Tested on Linux, Freenix and Solaris hosts, and Linux, Windows 95, Windows 98, Windows 2000, Windows XP, and Windows Vista clients. | ||
+ | *Detailed documentation. | ||
+ | *Open Source, hosted by SourceForge and freely available under GPL. | ||
+ | *Requirements: SME Server 7.x, 8.x, 9.x or 10.x. | ||
+ | *A dedicated volume is recommended (this can be a simple disk or a RAID array). | ||
− | + | ===Installation=== | |
+ | ====Pre-Installation==== | ||
− | + | *Mount a volume on /var/lib/BackupPC | |
− | + | This part is optional but highly recommended. Backups should always be on a separate volume. | |
− | + | First, prepare your hard drive for ext3 fs (you can use any fs which support hardlinks, I always use ext3 as it's very reliable). | |
− | + | In this example, I use a simple partition /dev/sdb1, it could also be a RAID array (/dev/md3) or a LVM logical volume (or a combination of RAID and lvm). | |
− | + | (By the way, if you know how to manage LVM, its usage is also recommended as it will be easier to manage backup data later. XFS also should facilitate making replicas or backups of the BackupPC data, which is otherwise difficult.) | |
− | |||
− | + | Note: releases of Koozali SME Server from version 10 on use XFS as the default filesystem. On version 10 you can use XFS or ext4 on a secondary filesystem as preferred: ext3 has rather low size limits given disk sizes nowadays. | |
− | + | mkfs.ext3 -L BACKUPPC -m 1 /dev/sdb1 | |
+ | mkfs.ext4 -L BACKUPPC -m 1 /dev/sdb1 | ||
+ | mkfs.xfs -L BACKUPPC /dev/sdb1 | ||
− | + | ( -m 1 sets the percentage of reserved blocks on ext filesystems: XFS autoconfigures itself for Linux software RAID volumes.) | |
− | + | Now, we need to create the directory: | |
− | + | mkdir -p /var/lib/BackupPC | |
− | |||
− | |||
− | + | Add the mount point in fstab. Just add something like: | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | /dev/sdb1 /var/lib/BackupPC ext4 noatime 0 0 | |
− | + | or | |
− | /dev/sdb1 /var/lib/BackupPC | + | /dev/sdb1 /var/lib/BackupPC xfs defaults 0 0 |
− | And check everything is ok | + | And check everything is ok: |
mount -a | mount -a | ||
mount | grep BackupPC | mount | grep BackupPC | ||
− | /dev/sdb1 on /var/lib/BackupPC type | + | /dev/sdb1 on /var/lib/BackupPC type ext4 (rw,noatime) |
− | |||
*create some symlinks | *create some symlinks | ||
Line 82: | Line 82: | ||
ln -s /var/lib/BackupPC/etc /etc/BackupPC | ln -s /var/lib/BackupPC/etc /etc/BackupPC | ||
ln -s /var/lib/BackupPC/log /var/log/BackupPC | ln -s /var/lib/BackupPC/log /var/log/BackupPC | ||
+ | {{Warning box|this contrib configuration is part of the core backup since smeserver-backuppc-0.2-10. However the backup includes /etc/BackupPC but NOT the /var/lib/BackupPC content including the backup pool. This is your responsibility to handle this as most user will have this outside of the core hdd and remove and replace to new server is easy. | ||
+ | Also is it yours to handle the redundancy of your backups.}} | ||
+ | |||
+ | ====RPM Installation==== | ||
+ | <tabs container=""><tab name="Backuppc4 For SME 10"> | ||
+ | yum --enablerepo=smecontribs install smeserver-BackupPC | ||
+ | |||
+ | You will have all RPMs pulled from CentOS or smecontribs including: BackupPC-XS BackupPC4 rsync-bpc | ||
+ | |||
+ | No need to update configuration files following the installation | ||
+ | |||
+ | Go to your server-manager. | ||
+ | |||
+ | |||
+ | </tab><tab name="Backuppc4 For SME 9"> | ||
+ | Important: you cannot install both BackupPC (3) and BackupPC4 on the same server! | ||
+ | |||
+ | First prepare the needed repo: | ||
+ | yum install smeserver-extrarepositories-fws smeserver-extrarepositories-epel -y | ||
+ | signal-event yum-modify | ||
+ | Then install it: | ||
+ | yum --enablerepo=smecontribs,fws,epel install smeserver-BackupPC4 | ||
+ | |||
+ | *Update the configuration files following the installation | ||
− | + | signal-event backuppc-update | |
+ | You should now be able to access the interface in the server-manager or directly on https://my.domain.tld/BackupPC | ||
+ | |||
+ | </tab><tab name="Backuppc3 For SME 9"> | ||
+ | yum --enablerepo=smecontribs install smeserver-BackupPC | ||
+ | |||
+ | *Update the configuration files following the installation | ||
− | |||
− | |||
− | |||
signal-event backuppc-update | signal-event backuppc-update | ||
− | = | + | |
− | + | </tab><tab name="For SME 8"> | |
yum --enablerepo=smecontribs install smeserver-BackupPC | yum --enablerepo=smecontribs install smeserver-BackupPC | ||
+ | |||
*remove -N option for Samba >=3.5 from /etc/BackupPC/config.pl ( 3 lines) for SME8 | *remove -N option for Samba >=3.5 from /etc/BackupPC/config.pl ( 3 lines) for SME8 | ||
+ | |||
cp /etc/BackupPC/config.pl /etc/BackupPC/config.pl.orig | cp /etc/BackupPC/config.pl /etc/BackupPC/config.pl.orig | ||
cat /etc/BackupPC/config.pl.orig|sed 's/ -E -N -d 1/ -E -d 1 /g'>/etc/BackupPC/config.pl | cat /etc/BackupPC/config.pl.orig|sed 's/ -E -N -d 1/ -E -d 1 /g'>/etc/BackupPC/config.pl | ||
− | + | Regarding upstream :http://sourceforge.net/apps/mediawiki/backuppc/index.php?title=BackupPC_on_Fedora_Core_9 | |
http://sourceforge.net/apps/mediawiki/backuppc/index.php?title=Troubleshooting | http://sourceforge.net/apps/mediawiki/backuppc/index.php?title=Troubleshooting | ||
and also bugs : [[bugzilla:7016]] and [[bugzilla:7281]] | and also bugs : [[bugzilla:7016]] and [[bugzilla:7281]] | ||
− | * | + | |
+ | *Update the configuration files following the installation | ||
+ | |||
signal-event backuppc-update | signal-event backuppc-update | ||
− | = | + | </tab><tab name="For SME 7"> |
− | yum --enablerepo= | + | You need to configure the EPEL directory as explained on this page: [[Epel]] and the sme7contribs as explained here due to SME7 now at EOL: [[SME8.0_Contribs_QA#Setup]] |
− | + | yum --enablerepo=sme7contribs install smeserver-BackupPC | |
+ | signal-event backuppc-update | ||
+ | |||
+ | </tab></tabs> | ||
− | |||
− | |||
You should now be able to access the interface in the server-manager or directly on https://my.domain.tld/BackupPC | You should now be able to access the interface in the server-manager or directly on https://my.domain.tld/BackupPC | ||
− | You'll find three sample | + | You'll find three sample configurations: |
− | *smeserver-template is a sample config file to backup | + | *smeserver-template is a sample config file to backup an SME Server. |
*localhost-template is a sample config file to backup the server itself. | *localhost-template is a sample config file to backup the server itself. | ||
*windows-template is a sample to backup a windows host using cygwin+rsyncd | *windows-template is a sample to backup a windows host using cygwin+rsyncd | ||
Line 120: | Line 152: | ||
To create a host using a template, create a new host, add =<template_name> | To create a host using a template, create a new host, add =<template_name> | ||
− | For example | + | For example: |
− | + | my_server=smeserver-template | |
− | When you | + | When you "Save", the configuration from smeserver-template will be copied to my_server. You can then edit my_server's config directly. |
− | === Upgrade from smeserver-backuppc.fws-3.0-1 === | + | ===Upgrade from smeserver-backuppc.fws-3.0-1=== |
If you already use the previous version of the contrib, some other steps are needed as the default location of the backups has changed from /opt/backuppc/files to /var/lib/BackupPC | If you already use the previous version of the contrib, some other steps are needed as the default location of the backups has changed from /opt/backuppc/files to /var/lib/BackupPC | ||
Line 150: | Line 182: | ||
You should be done ;) | You should be done ;) | ||
− | |||
− | + | ||
+ | |||
+ | ===Upgrade from BackupPC (3) to BackupPC4 rpms (SME 9.X)=== | ||
+ | TODO. | ||
+ | You will mostly have some debugging to do regarding the bug {{Bugzilla:10514}} | ||
+ | Also according to BackupPC documentaton this should be doable, but might need some manual tweaking in order to use both v3 and v4 pools during the transition delay: | ||
+ | |||
+ | #http://backuppc.sourceforge.net/BackupPC-4.0.0.html#BackupPC-4.0 | ||
+ | #https://github.com/backuppc/backuppc/blob/master/bin/BackupPC_migrateV3toV4 | ||
+ | #https://www.srbu.se/index.php?option=com_content&view=article&id=210:migrating-backuppc-v3-pools-to-v4&catid=12&Itemid=121 | ||
+ | #https://github.com/backuppc/backuppc/issues/249 | ||
+ | |||
+ | ===DB properties=== | ||
+ | |||
+ | |||
+ | There's only two properties you can change: | ||
*'''status''': (enabled|disabled) Do you want the service to start automatically when the server boot ? | *'''status''': (enabled|disabled) Do you want the service to start automatically when the server boot ? | ||
*'''examples''': (enabled|disabled) Do you want the sample configuration files to be added again if they are removed ? | *'''examples''': (enabled|disabled) Do you want the sample configuration files to be added again if they are removed ? | ||
− | *'''sudo''': | + | *'''sudo''': A list of commands backuppc will be able to run as root using sudo. The default is "/usr/bin/rsync,/bin/gtar" |
− | When you have configured this, you should run | + | When you have configured this, you should run: |
signal-event backuppc-update | signal-event backuppc-update | ||
Line 165: | Line 211: | ||
And close the file. If visudo detects an error, it'll tell you. }} | And close the file. If visudo detects an error, it'll tell you. }} | ||
− | + | As an example if you want to be able to "Wake on Lan" : | |
config setprop backuppc sudo `config getprop backuppc sudo`,/sbin/ether-wake | config setprop backuppc sudo `config getprop backuppc sudo`,/sbin/ether-wake | ||
signal-event backuppc-update | signal-event backuppc-update | ||
− | then simply add a script to your prebackup command or your ping command like : | + | – then simply add a script to your prebackup command or your ping command like : |
Line 207: | Line 253: | ||
esac | esac | ||
− | === Operation === | + | |
− | ====Backup | + | NB. If using the default backuppc admin user, you will need to use the full path for the above commands |
− | To configure a SME Server client to be backed up using a configuration based on the provided smeserver-template, configure SSH from the backup server as follows: | + | Scripts should not be placed in /etc/BackupPC as permissions will be overwritten |
+ | |||
+ | ===Operation=== | ||
+ | ====Backup an SMEServer==== | ||
+ | To configure a Koozali SME Server client to be backed up using a configuration based on the provided smeserver-template, configure SSH from the backup server as follows: | ||
[root@backupserver ~]# su -s /bin/bash backuppc | [root@backupserver ~]# su -s /bin/bash backuppc | ||
Line 217: | Line 267: | ||
"cat >> /root/.ssh/authorized_keys2" | "cat >> /root/.ssh/authorized_keys2" | ||
(confirm the host key) | (confirm the host key) | ||
+ | |||
+ | *ssh port different from 22 | ||
+ | |||
+ | See this post : | ||
+ | https://forums.contribs.org/index.php/topic,53586.0.html | ||
+ | |||
+ | ====Restore or migrate an SMEServer==== | ||
+ | If you simply want to restore a few files or a whole directory you can simply use the web interface, and within a few clicks you are done, with your files restored directly in place, or to a downloadable file if you wish. | ||
+ | |||
+ | |||
+ | This will cover the opportunity to use this full or almost full backup to use the restoration option while installing a new manager, which will help you to migrate between versions. | ||
+ | |||
+ | *change '''SERVERNAME''' with the actual name of your backup | ||
+ | *change '''-n -1''' with the number of the most uptodate fullbackup you want to use. (-1 means relative to the end: last available in this case) | ||
+ | |||
+ | su - backuppc -s /bin/sh | ||
+ | cd ~ | ||
+ | mkdir myrestore | ||
+ | cd myrestore/ | ||
+ | |||
+ | To include and restore everything that is outside of the usual backuped folder in SME: | ||
+ | /usr/share/BackupPC/bin/BackupPC_tarCreate -h SERVERNAME -n -1 -s / / > smeserver.tar | ||
+ | |||
+ | The base backup in the SME Server console would be an equivalent to this : | ||
+ | /usr/share/BackupPC/bin/BackupPC_tarCreate -h SERVERNAME -n -1 -s / home/e-smith etc/e-smith/templates-custom etc/e-smith/templates-user-custom \ | ||
+ | etc/ssh root etc/sudoers etc/passwd etc/shadow etc/group etc/gshadow etc/samba/secrets.tdb etc/samba/smbpasswd > smeserver.tar | ||
+ | |||
+ | |||
+ | Then you have just to copy this on a USB disk, or alternatively copy it in a virtual disk if your SME will be virtualized and can not plug any USB device | ||
+ | mkdir /mnt/MyDisk | ||
+ | mount /dev/disk/by-label/MyDisk /mnt/MyDisk | ||
+ | mv /var/lib/BackupPC/myrestore/smeserver.tar /mnt/MyDisk/ | ||
+ | umount /mnt/MyDisk/ | ||
+ | |||
+ | #install SME server | ||
+ | #reboot | ||
+ | #plug your drive when you see the screen asking for restoration | ||
+ | |||
+ | – and you are done. | ||
====Backup a Linux host through rsync==== | ====Backup a Linux host through rsync==== | ||
Line 245: | Line 334: | ||
Now you can go to the admin backuppc panel to set your host<br /> | Now you can go to the admin backuppc panel to set your host<br /> | ||
+ | |||
+ | ====Backup a Windows Client with rsync==== | ||
+ | |||
+ | To configure a Windows client to be backed up via rsync, install rsync on the Windows client. rysnc needs to be running as a service on the Windows client to ensure communication. | ||
+ | There are several options/versions of rsync – the first I was able to get working was from http://sourceforge.net/projects/backuppc/files/cygwin-rsyncd/2.6.8_0/ | ||
+ | The zip file contains 7 files – the site goes into more detail about each of the files. Depending on how you wish to use BackupPC will determine which files to edit. | ||
+ | I use rsync without ssh keys – to do so create a local user with sufficient rights to the directory or directories on the Windows client, then edit the file rsync.secrets to include the UserID & Password. You then use that same UserID & Password within the configuration from the BackupPC webpage – where you chose to back-up the client with Samba, rsync etc. The contents of rsync.secrets file is simply: | ||
+ | UserID:Password | ||
+ | You will have to create a “Cygwin share” on the Windows box – that is done using the rsync.conf file. The “Cygwin share” is the name you choose within the square brackets. My rsync.conf file with a share name of “cdocs” (after removal of all personal information of course) looks like this: | ||
+ | [cdocs] | ||
+ | path = c:/User | ||
+ | comment = c: Drive documents | ||
+ | auth users = <valid-back-up-user> | ||
+ | secrets file = c:/rsyncd/rsyncd.secrets | ||
+ | hosts allow = 192.168.1.1 | ||
+ | strict modes = false | ||
+ | read only = true | ||
+ | list = false | ||
+ | |||
+ | We have share name (cdocs), path, the valid user created on the Windows client, the path to the rysnc.secrets file, an allowable host (this being the local backup server IP), modes, read only and list. The options are mostly explained in the file – what it doesn’t show is that if you have a different version of rsync, the rsync.conf file looks a bit different. This one is for rsync 3.0.9 | ||
+ | [cdocs] | ||
+ | Path = /cygdrive/c/Users/<USERNAME> | ||
+ | comment = c: User Data | ||
+ | strict modes = false | ||
+ | auth users = <valid-back-up-user> | ||
+ | secrets file = c:/rsyncd/rsyncd.secrets | ||
+ | hosts allow = 192.168.1.1 | ||
+ | read only = false | ||
+ | list = false | ||
+ | |||
+ | The final thing that must happen to make rsync work properly is to load rysnc as a service on the Windows client. The file service.bat shows the following command to accomplish this: | ||
+ | c:/rsyncd/rsync.exe -a "--config=c:/rsyncd/rsyncd.conf --daemon --no-detach" | ||
+ | |||
+ | There is also a “gotcha” – sometimes port 873 is blocked by Windows Firewall, so you may need to fix that. | ||
====Remove backups==== | ====Remove backups==== | ||
+ | |||
*Remove all backups of a client | *Remove all backups of a client | ||
+ | |||
rm -rf /var/lib/BackupPC/pc/<client>/ | rm -rf /var/lib/BackupPC/pc/<client>/ | ||
sudo -u backuppc /usr/share/BackupPC/bin/BackupPC_serverMesg BackupPC_nightly run | sudo -u backuppc /usr/share/BackupPC/bin/BackupPC_serverMesg BackupPC_nightly run | ||
− | *Remove | + | *Remove one backup of a client |
+ | |||
cd /var/lib/BackupPC/pc/<client>/ | cd /var/lib/BackupPC/pc/<client>/ | ||
ls | ls | ||
Line 264: | Line 390: | ||
nano /var/lib/BackupPC/pc/<client>/backups | nano /var/lib/BackupPC/pc/<client>/backups | ||
− | + | With ctrl+k you can remove the line with <backup_number>. | |
Relog to your web interface and voila! No more <backup_number>. | Relog to your web interface and voila! No more <backup_number>. | ||
Line 270: | Line 396: | ||
===Known Issues=== | ===Known Issues=== | ||
− | * When restarting the BackupPC service you may receive the error as indicated below :<br /> | + | *When restarting the BackupPC service you may receive the error as indicated below :<br /> |
− | + | ||
[root@backuppc ~]# service backuppc restart<br /> | [root@backuppc ~]# service backuppc restart<br /> | ||
Shutting down BackupPC: [ OK ] | Shutting down BackupPC: [ OK ] | ||
Starting BackupPC: [ OK ] | Starting BackupPC: [ OK ] | ||
− | '''BackupPC: WARNING: Your BackupPC $Conf{TopDir} is not listed in the locate | + | '''BackupPC: WARNING: Your BackupPC $Conf{TopDir} is not listed in the locate ''' |
BackupPC: database configuration's PRUNEPATHS. This may cause all of your | BackupPC: database configuration's PRUNEPATHS. This may cause all of your | ||
− | BackupPC: backed up files to be indexed! | + | BackupPC: backed up files to be indexed! |
'''To remove the warning''' <br /> | '''To remove the warning''' <br /> | ||
− | + | You should create a custom template '''/etc/e-smith/templates-custom/etc/updatedb.conf/10conf''' (copy the default /etc/e-smith/templates/etc/updatedb.conf/10conf)<br /> | |
mkdir -p /etc/e-smith/templates-custom/etc/updatedb.conf/ | mkdir -p /etc/e-smith/templates-custom/etc/updatedb.conf/ | ||
cp /etc/e-smith/templates/etc/updatedb.conf/10conf /etc/e-smith/templates-custom/etc/updatedb.conf/ | cp /etc/e-smith/templates/etc/updatedb.conf/10conf /etc/e-smith/templates-custom/etc/updatedb.conf/ | ||
− | + | Add the directory /var/lib/BackupPC to the PRUNEPATHS list, then: | |
expand-template /etc/updatedb.conf | expand-template /etc/updatedb.conf | ||
− | === Uninstall === | + | *“aborted by signal=PIPE” |
+ | |||
+ | |||
+ | Sometimes the backup fails with this error, this error is related to the remote ssh service. You must set in the /etc/ssh/ssh_config of your remote host: | ||
+ | |||
+ | ServerAliveInterval 120 | ||
+ | |||
+ | – then restart your ssh service. | ||
+ | |||
+ | |||
+ | Another way could be to set in the setting of BackupPC (RsyncClientCmd) the default value for all hosts: | ||
+ | $Conf{RsyncClientCmd} = '$sshPath -o ServerAliveInterval=120 -q -x -l root $host $rsyncPath $argList+'; | ||
+ | |||
+ | *trying to back up a SME Server you might encounter an error or timeout on ssh, this is because of the AutoBlock function on sshd. | ||
+ | |||
+ | |||
+ | For an SME10: | ||
+ | config setprop sshd AllowHost backuppcIP/255.255.255 | ||
+ | signal-event remoteaccess-update | ||
+ | |||
+ | Prior to SME10: | ||
+ | config setprop sshd AutoBlock disabled | ||
+ | signal-event remoteaccess-update | ||
+ | {{Tip box|if you disabled Autoblock, install denyhosts or fail2ban so as not to reduce your level of security.}} | ||
+ | |||
+ | *Since SME10 my old configuration for backup in my local server fails! | ||
+ | *You need to edit your configuration. You have two choices : use ssh for rsync which is not ideal for localhost, or you can edit your config changing this: | ||
+ | |||
+ | Conf{RsyncSshArgs} = ['-e', '$sshPath -l root'] | ||
+ | to this: | ||
+ | $Conf{RsyncSshArgs} = ['-e', '/usr/bin/sudo -p'] | ||
+ | |||
+ | You can also do that using the GUI in edit configuration / XFER; search for "RsyncSshArgs". New installations have the default template already modified. | ||
+ | |||
+ | <br /> | ||
+ | ===Uninstall=== | ||
yum remove smeserver-BackupPC BackupPC | yum remove smeserver-BackupPC BackupPC | ||
− | === Bugs === | + | ===Bugs=== |
Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla] | Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla] | ||
and select the smeserver-BackupPC component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-BackupPC|title=this link}} | and select the smeserver-BackupPC component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-BackupPC|title=this link}} | ||
− | - | + | Below is an overview of the current issues for this contrib:{{#bugzilla:columns=id,product,version,status,summary|sort=id|order=desc|component=smeserver-backuppc|noresultsmessage=No open bugs found.}} |
+ | |||
+ | ===Changelog=== | ||
+ | Only released version in smecontrib are listed here. | ||
+ | {{#smechangelog: smeserver-BackupPC}} | ||
[[Category: Contrib]] | [[Category: Contrib]] | ||
[[Category: Backup]] | [[Category: Backup]] |
Latest revision as of 19:33, 14 February 2024
Maintainer
[1]Daniel B. from Firewall Services
Version
Description
BackupPC is a powerful, high-performance, enterprise-grade system for backing up a large number of Linux and Windows PCs and laptops to a server's disk. BackupPC is highly configurable and easy to install and maintain.
With the decreasing cost of disks and raid systems, it is practical and cost effective to backup a large number of machines onto a server's local disk or network storage. This is what BackupPC does. For some sites, this might be the complete backup solution. For other sites, additional permanent archives could be created by periodically backing up the server to tape. A variety of Open Source systems are available for doing backup to tape.
BackupPC is written in Perl and extracts backup data via SMB using Samba, tar over ssh/rsh/nfs, or rsync. It is robust, reliable, well documented and freely available as Open Source on SourceForge.
More information & support is available at http://backuppc.sourceforge.net
Features
- A clever pooling scheme minimizes disk storage and disk I/O. Identical files across multiple backups of the same or different PCs are stored only once resulting in substantial savings in disk storage and disk I/O.
- One example of disk use: 95 laptops with each full backup averaging 3.6GB each, and each incremental averaging about 0.3GB. Storing three weekly full backups and six incremental backups per laptop is around 1200GB of raw data, but because of pooling and compression only 150GB is needed.
- Optional compression support further reducing disk storage. Since only new files (not already pooled) need to be compressed, there is only a modest impact on CPU time.
- No client-side software is needed. The standard smb protocol is used to extract backup data on Windows clients. On linux clients, tar over ssh/rsh/nfs is used to backup the data. With version 2.0.0, rsync is also supported on any client that has rsync or rysncd.
- A powerful web (http/cgi) user interface allows administrators to view log files, configuration, current status and allows users to initiate and cancel backups and browse and restore files from backups.
- A full set of restore options is supported, including direct restore (via smbclient, tar, or rsync/rsyncd) or downloading a zip or tar file.
- Supports mobile environments where laptops are only intermittently connected to the network and have dynamic IP addresses (DHCP).
- Flexible configuration parameters allow multiple backups to be performed in parallel, specification of which shares to backup, which directories to backup or not backup, various schedules for full and incremental backups, schedules for email reminders to users and so on. Configuration parameters can be set system-wide or also on a per-PC basis.
- Users are sent periodic email reminders if their PC has not recently been backed up. Email content, timing and policies are configurable.
- Tested on Linux, Freenix and Solaris hosts, and Linux, Windows 95, Windows 98, Windows 2000, Windows XP, and Windows Vista clients.
- Detailed documentation.
- Open Source, hosted by SourceForge and freely available under GPL.
- Requirements: SME Server 7.x, 8.x, 9.x or 10.x.
- A dedicated volume is recommended (this can be a simple disk or a RAID array).
Installation
Pre-Installation
- Mount a volume on /var/lib/BackupPC
This part is optional but highly recommended. Backups should always be on a separate volume.
First, prepare your hard drive for ext3 fs (you can use any fs which support hardlinks, I always use ext3 as it's very reliable).
In this example, I use a simple partition /dev/sdb1, it could also be a RAID array (/dev/md3) or a LVM logical volume (or a combination of RAID and lvm).
(By the way, if you know how to manage LVM, its usage is also recommended as it will be easier to manage backup data later. XFS also should facilitate making replicas or backups of the BackupPC data, which is otherwise difficult.)
Note: releases of Koozali SME Server from version 10 on use XFS as the default filesystem. On version 10 you can use XFS or ext4 on a secondary filesystem as preferred: ext3 has rather low size limits given disk sizes nowadays.
mkfs.ext3 -L BACKUPPC -m 1 /dev/sdb1 mkfs.ext4 -L BACKUPPC -m 1 /dev/sdb1 mkfs.xfs -L BACKUPPC /dev/sdb1
( -m 1 sets the percentage of reserved blocks on ext filesystems: XFS autoconfigures itself for Linux software RAID volumes.)
Now, we need to create the directory:
mkdir -p /var/lib/BackupPC
Add the mount point in fstab. Just add something like:
/dev/sdb1 /var/lib/BackupPC ext4 noatime 0 0
or
/dev/sdb1 /var/lib/BackupPC xfs defaults 0 0
And check everything is ok:
mount -a mount | grep BackupPC /dev/sdb1 on /var/lib/BackupPC type ext4 (rw,noatime)
- create some symlinks
This part is optional but recommended. With these commands, all BackupPC related files (config and logs) will be stored on the BackupPC volume. You'll then be able to swap the BackupPC disk between two servers.
mkdir -p /var/lib/BackupPC/{etc,log} ln -s /var/lib/BackupPC/etc /etc/BackupPC ln -s /var/lib/BackupPC/log /var/log/BackupPC
RPM Installation
yum --enablerepo=smecontribs install smeserver-BackupPC
You will have all RPMs pulled from CentOS or smecontribs including: BackupPC-XS BackupPC4 rsync-bpc
No need to update configuration files following the installation
Go to your server-manager.
Important: you cannot install both BackupPC (3) and BackupPC4 on the same server!
First prepare the needed repo:
yum install smeserver-extrarepositories-fws smeserver-extrarepositories-epel -y signal-event yum-modify
Then install it:
yum --enablerepo=smecontribs,fws,epel install smeserver-BackupPC4
- Update the configuration files following the installation
signal-event backuppc-update
You should now be able to access the interface in the server-manager or directly on https://my.domain.tld/BackupPC
yum --enablerepo=smecontribs install smeserver-BackupPC
- Update the configuration files following the installation
signal-event backuppc-update
yum --enablerepo=smecontribs install smeserver-BackupPC
- remove -N option for Samba >=3.5 from /etc/BackupPC/config.pl ( 3 lines) for SME8
cp /etc/BackupPC/config.pl /etc/BackupPC/config.pl.orig cat /etc/BackupPC/config.pl.orig|sed 's/ -E -N -d 1/ -E -d 1 /g'>/etc/BackupPC/config.pl
Regarding upstream :http://sourceforge.net/apps/mediawiki/backuppc/index.php?title=BackupPC_on_Fedora_Core_9
http://sourceforge.net/apps/mediawiki/backuppc/index.php?title=Troubleshooting
and also bugs : bugzilla:7016 and bugzilla:7281
- Update the configuration files following the installation
signal-event backuppc-update
You need to configure the EPEL directory as explained on this page: Epel and the sme7contribs as explained here due to SME7 now at EOL: SME8.0_Contribs_QA#Setup
yum --enablerepo=sme7contribs install smeserver-BackupPC signal-event backuppc-update
You should now be able to access the interface in the server-manager or directly on https://my.domain.tld/BackupPC
You'll find three sample configurations:
- smeserver-template is a sample config file to backup an SME Server.
- localhost-template is a sample config file to backup the server itself.
- windows-template is a sample to backup a windows host using cygwin+rsyncd
To create a host using a template, create a new host, add =<template_name>
For example:
my_server=smeserver-template
When you "Save", the configuration from smeserver-template will be copied to my_server. You can then edit my_server's config directly.
Upgrade from smeserver-backuppc.fws-3.0-1
If you already use the previous version of the contrib, some other steps are needed as the default location of the backups has changed from /opt/backuppc/files to /var/lib/BackupPC
The easiest way is just to symlink the old location to the new one:
ln -s /opt/backuppc/files /var/lib/BackupPC
Then, you can install the new release:
yum --enablerepo=smecontribs install smeserver-BackupPC
Then, just enter the following commands:
mv /etc/BackupPC/config.pl.back /etc/BackupPC/config.pl mv /etc/BackupPC/hosts.back /etc/BackupPC/hosts mv /etc/BackupPC/pc/localhost.pl.back /etc/BackupPC/pc/localhost.pl db configuration delprop backuppc version usermod -d /var/lib/BackupPC/ -m backuppc mv /home/e-smith/files/users/backuppc/.ssh/ /var/lib/BackupPC/ signal-event backuppc-update
You should be done ;)
Upgrade from BackupPC (3) to BackupPC4 rpms (SME 9.X)
TODO. You will mostly have some debugging to do regarding the bug {{Bugzilla:10514}} Also according to BackupPC documentaton this should be doable, but might need some manual tweaking in order to use both v3 and v4 pools during the transition delay:
- http://backuppc.sourceforge.net/BackupPC-4.0.0.html#BackupPC-4.0
- https://github.com/backuppc/backuppc/blob/master/bin/BackupPC_migrateV3toV4
- https://www.srbu.se/index.php?option=com_content&view=article&id=210:migrating-backuppc-v3-pools-to-v4&catid=12&Itemid=121
- https://github.com/backuppc/backuppc/issues/249
DB properties
There's only two properties you can change:
- status: (enabled|disabled) Do you want the service to start automatically when the server boot ?
- examples: (enabled|disabled) Do you want the sample configuration files to be added again if they are removed ?
- sudo: A list of commands backuppc will be able to run as root using sudo. The default is "/usr/bin/rsync,/bin/gtar"
When you have configured this, you should run:
signal-event backuppc-update
As an example if you want to be able to "Wake on Lan" :
config setprop backuppc sudo `config getprop backuppc sudo`,/sbin/ether-wake signal-event backuppc-update
– then simply add a script to your prebackup command or your ping command like :
#!/bin/sh # Set the mac address for each host host1_mac=<mac address> host1_name=<host name> host2_mac=<mac address> host2_name=<host name> # How long does the host take to boot boottime=120 # Which interface to send the WoL packets out of interface=eth0 # Function to check if the host pings pingcheck() { ping -w 5 -c 2 $1 export pingstatus=$? } case $1 in host1) sudo etherwake -i $interface $host1_mac sleep $boottime pingcheck $host1_name exit $pingstatus ;; host2) sudo etherwake -i $interface $host2_mac sleep $boottime pingcheck $host2_name exit $pingstatus ;; *) echo "Unknown machine $1" exit 1 ;; esac
NB. If using the default backuppc admin user, you will need to use the full path for the above commands
Scripts should not be placed in /etc/BackupPC as permissions will be overwritten
Operation
Backup an SMEServer
To configure a Koozali SME Server client to be backed up using a configuration based on the provided smeserver-template, configure SSH from the backup server as follows:
[root@backupserver ~]# su -s /bin/bash backuppc bash-3.2$ ssh-keygen -t rsa -b 2048 (used a blank passphrase) bash-3.2$ cat /var/lib/BackupPC/.ssh/id_rsa.pub | ssh root@myserver.mydomain.com \ "cat >> /root/.ssh/authorized_keys2" (confirm the host key)
- ssh port different from 22
See this post : https://forums.contribs.org/index.php/topic,53586.0.html
Restore or migrate an SMEServer
If you simply want to restore a few files or a whole directory you can simply use the web interface, and within a few clicks you are done, with your files restored directly in place, or to a downloadable file if you wish.
This will cover the opportunity to use this full or almost full backup to use the restoration option while installing a new manager, which will help you to migrate between versions.
- change SERVERNAME with the actual name of your backup
- change -n -1 with the number of the most uptodate fullbackup you want to use. (-1 means relative to the end: last available in this case)
su - backuppc -s /bin/sh cd ~ mkdir myrestore cd myrestore/
To include and restore everything that is outside of the usual backuped folder in SME:
/usr/share/BackupPC/bin/BackupPC_tarCreate -h SERVERNAME -n -1 -s / / > smeserver.tar
The base backup in the SME Server console would be an equivalent to this :
/usr/share/BackupPC/bin/BackupPC_tarCreate -h SERVERNAME -n -1 -s / home/e-smith etc/e-smith/templates-custom etc/e-smith/templates-user-custom \ etc/ssh root etc/sudoers etc/passwd etc/shadow etc/group etc/gshadow etc/samba/secrets.tdb etc/samba/smbpasswd > smeserver.tar
Then you have just to copy this on a USB disk, or alternatively copy it in a virtual disk if your SME will be virtualized and can not plug any USB device
mkdir /mnt/MyDisk mount /dev/disk/by-label/MyDisk /mnt/MyDisk mv /var/lib/BackupPC/myrestore/smeserver.tar /mnt/MyDisk/ umount /mnt/MyDisk/
- install SME server
- reboot
- plug your drive when you see the screen asking for restoration
– and you are done.
Backup a Linux host through rsync
To configure a Linux host client to be backed up, configure SSH from the backup server as follows in order to exchange certificates and to perform a login without passwords.
At the BackupPC server command line as root:
su -s /bin/bash backuppc ssh-keygen -t rsa -b 2048 # use a blank passphrase exit
Assuming SSH access to the remote host to be backed up is already configured, as root:
su -s /bin/bash backuppc ssh-copy-id -i ~backuppc/.ssh/id_rsa.pub root@your.host.name exit
You can test the key exchange:
su -s /bin/bash backuppc #become backuppc user ssh -l root your.host.name # add "-p 2222" for port 2222 exit #from the remote_host exit #from the backuppc user back to root
You should be able to log in without a password.
Note: There are times when the backuppc user needs a real shell specified in /etc/passwd, for example, when the backuppc user is used to run sudo commands or pre/post scripts.
Now you can go to the admin backuppc panel to set your host
Backup a Windows Client with rsync
To configure a Windows client to be backed up via rsync, install rsync on the Windows client. rysnc needs to be running as a service on the Windows client to ensure communication. There are several options/versions of rsync – the first I was able to get working was from http://sourceforge.net/projects/backuppc/files/cygwin-rsyncd/2.6.8_0/ The zip file contains 7 files – the site goes into more detail about each of the files. Depending on how you wish to use BackupPC will determine which files to edit. I use rsync without ssh keys – to do so create a local user with sufficient rights to the directory or directories on the Windows client, then edit the file rsync.secrets to include the UserID & Password. You then use that same UserID & Password within the configuration from the BackupPC webpage – where you chose to back-up the client with Samba, rsync etc. The contents of rsync.secrets file is simply:
UserID:Password
You will have to create a “Cygwin share” on the Windows box – that is done using the rsync.conf file. The “Cygwin share” is the name you choose within the square brackets. My rsync.conf file with a share name of “cdocs” (after removal of all personal information of course) looks like this:
[cdocs] path = c:/User comment = c: Drive documents auth users = <valid-back-up-user> secrets file = c:/rsyncd/rsyncd.secrets hosts allow = 192.168.1.1 strict modes = false read only = true list = false
We have share name (cdocs), path, the valid user created on the Windows client, the path to the rysnc.secrets file, an allowable host (this being the local backup server IP), modes, read only and list. The options are mostly explained in the file – what it doesn’t show is that if you have a different version of rsync, the rsync.conf file looks a bit different. This one is for rsync 3.0.9
[cdocs] Path = /cygdrive/c/Users/<USERNAME> comment = c: User Data strict modes = false auth users = <valid-back-up-user> secrets file = c:/rsyncd/rsyncd.secrets hosts allow = 192.168.1.1 read only = false list = false
The final thing that must happen to make rsync work properly is to load rysnc as a service on the Windows client. The file service.bat shows the following command to accomplish this:
c:/rsyncd/rsync.exe -a "--config=c:/rsyncd/rsyncd.conf --daemon --no-detach"
There is also a “gotcha” – sometimes port 873 is blocked by Windows Firewall, so you may need to fix that.
Remove backups
- Remove all backups of a client
rm -rf /var/lib/BackupPC/pc/<client>/ sudo -u backuppc /usr/share/BackupPC/bin/BackupPC_serverMesg BackupPC_nightly run
- Remove one backup of a client
cd /var/lib/BackupPC/pc/<client>/ ls rm -fR <backup_number> sudo -u backuppc /usr/share/BackupPC/bin/BackupPC_serverMesg BackupPC_nightly run
After this, you will see space reclaimed and you can check it with df, but you still need to remove statistic line, otherwise you will see it in your web interface. To do that:
nano /var/lib/BackupPC/pc/<client>/backups
With ctrl+k you can remove the line with <backup_number>.
Relog to your web interface and voila! No more <backup_number>.
Known Issues
- When restarting the BackupPC service you may receive the error as indicated below :
[root@backuppc ~]# service backuppc restart
Shutting down BackupPC: [ OK ] Starting BackupPC: [ OK ] BackupPC: WARNING: Your BackupPC $Conf{TopDir} is not listed in the locate BackupPC: database configuration's PRUNEPATHS. This may cause all of your BackupPC: backed up files to be indexed!
To remove the warning
You should create a custom template /etc/e-smith/templates-custom/etc/updatedb.conf/10conf (copy the default /etc/e-smith/templates/etc/updatedb.conf/10conf)
mkdir -p /etc/e-smith/templates-custom/etc/updatedb.conf/ cp /etc/e-smith/templates/etc/updatedb.conf/10conf /etc/e-smith/templates-custom/etc/updatedb.conf/
Add the directory /var/lib/BackupPC to the PRUNEPATHS list, then:
expand-template /etc/updatedb.conf
- “aborted by signal=PIPE”
Sometimes the backup fails with this error, this error is related to the remote ssh service. You must set in the /etc/ssh/ssh_config of your remote host:
ServerAliveInterval 120
– then restart your ssh service.
Another way could be to set in the setting of BackupPC (RsyncClientCmd) the default value for all hosts:
$Conf{RsyncClientCmd} = '$sshPath -o ServerAliveInterval=120 -q -x -l root $host $rsyncPath $argList+';
- trying to back up a SME Server you might encounter an error or timeout on ssh, this is because of the AutoBlock function on sshd.
For an SME10:
config setprop sshd AllowHost backuppcIP/255.255.255 signal-event remoteaccess-update
Prior to SME10:
config setprop sshd AutoBlock disabled signal-event remoteaccess-update
- Since SME10 my old configuration for backup in my local server fails!
- You need to edit your configuration. You have two choices : use ssh for rsync which is not ideal for localhost, or you can edit your config changing this:
Conf{RsyncSshArgs} = ['-e', '$sshPath -l root']
to this:
$Conf{RsyncSshArgs} = ['-e', '/usr/bin/sudo -p']
You can also do that using the GUI in edit configuration / XFER; search for "RsyncSshArgs". New installations have the default template already modified.
Uninstall
yum remove smeserver-BackupPC BackupPC
Bugs
Please raise bugs under the SME-Contribs section in bugzilla and select the smeserver-BackupPC component or use this link
Below is an overview of the current issues for this contrib:
ID | Product | Version | Status | Summary (4 tasks) ⇒ |
---|---|---|---|---|
12197 | SME Contribs | 10.0 | CONFIRMED | cleanup /var/log/httpd-bkpc/ |
12196 | SME Contribs | 10.0 | CONFIRMED | remove old way logrotate |
12123 | SME Contribs | 10.0 | CONFIRMED | import deps from fws |
11517 | SME Contribs | 10.0rc | CONFIRMED | cleanup remove use of sv run script for service |
Changelog
Only released version in smecontrib are listed here.
- expand-updatedb-conf patch [SME: 10513]
- $Conf{TopDir} not in locate configuration's PRUNEPATHS [SME: 10513]
2022/07/31 Jean-Philippe Pialasse 0.2-13.sme
- update to httpd 2.4 syntax [SME: 12036]
- Re-build and link to latest devtools [SME: 11997]
- update to httpd 2.4 syntax [SME: 12036]