Backup SME Server Remotely Using cURL

From SME Server
Revision as of 18:27, 8 April 2009 by Dhalliday (talk | contribs)
Jump to navigation Jump to search

Introduction

This HowTo describes a simple way to backup you SME Server remotely using cURL and requires no changes to your SME Server. Further, cURL requires no user interaction and can be scripted or automated using cron to perform regular backups.

Pre-Requisites

There are two simple pre-requisites.

1) The machine performing the backup must have web access to the server-manager of the SME Server being backed up. That is, you must be able to get to the manual web backup page from a web browser on the machine that will do the backup.
2) The machine that will perform the backup must have a copy of curl installed on it.

The Basics

The basic concept is very simple. We will use the curl command to imitatate the manual desktop backup procedure. During a manual desktop backup you do two things:

1) Log on to the Server Manager.
2) Perform a "Backup to Desktop" from the Backup and restore page.

These two actions map to the following cURL commands:


curl -s -k -b ~/.sme_cookies -c ~/.sme_cookies -F username=admin -F password=your_password \
        https://your_sme_server/server-common/cgi-bin/login

curl -f -s -k -b ~/.sme_cookies -F function=desktop-backup -F state=perform \
        https://your_sme_server/server-manager/cgi-bin/backup > backupfile.tar.gz

Where:
    Each curl commands should be on one line and the \ removed
    your_password     is replaced by your password
    your_sme_server   is replaced with the name or IP number of the SME Server you wish to backup
    backupfile.tar.gz is the name you want to save the backup as


  Note:
Full information on cURL can be found in the cURL manual
The Options I used are:
-f Fail silently
-s Silent, I.E. don't show a progress meter
-k Don't insist on SSL certs signed by trusted CA's (most SME Servers use self signed certificates)
-b <cookies> Send cookies to server
-c <cookies> Save cookies here, this is where it stashes your login credentials between step 1) and 2)
-F Fill in form field
<url>


Automating backups with cURL and cron

Now that we can pull a backup from an SME Server without any user interaction and without adding any software to the standard SME Server installation we can now automate backups by pulling the backups to our backup machine.

Automating the backups is simply a matter of automating the above commands on a calendar.

As the machine I was using to do the backup was also a Linux machine, the simple solution was to use cron.


  Note:
All the following is done on the machine doing the backup NOT the SME Server you are backing up. No changes are ever made to the SME Server.


Create a simple cronjob to perform the backup using crontab -e. Here I have a user smebackup that has the following cron entry:

45 21 * * * umask 077 && /home/smebackup/bin/do_backups

This starts a backup at 21:45 every day. The umask prevents other users on the machine reading the backups and is optional.

In smebackups home folder I have a bin folder to contain the do_backups script that is a simple modification to the commands above.

#!/bin/sh

curl -s -k -b ~/.sme_cookies -c ~/.sme_cookies -F username=admin -F password=your_password \
        https://snoopy/server-common/cgi-bin/login && \
curl -f -s -k -b ~/.sme_cookies -F function=desktop-backup -F state=perform \
        https://snoopy/server-manager/cgi-bin/backup > /home/smebackup/sme-snoopy-`/bin/date +\%d`.tgz

In this script we have combined the two curl commands via an && that way the second command will only run if the first succeeds.

The use of date in the filename will append the day of the month to the filename this will mean that a new backup will be created for every day of the month and overwrite them next month, obviously if the next month has fewer days you may be left with a couple of backups from last month. This process can be enhanced or changed as required.


  Warning:
There are a couple of security consideration that you should consider when using curl.

1. The cookie jar ~/.sme_cookies should not be made world readable otherwise others could use your downloaded cookies.

2. Your SME Server username and password will appear in the ps listing momentarily this can be avoided by placing the password in a file and using -F password="<your_password_file" if required.


Other Extensions

In my case several of the machines I backup are behind firewalls and can not be accessed via ssh or alternative methods. This however is not a problem for cURL if the firewalls allow http/https traffic even if a proxy needs to be used.

To use a proxy with cURL you can simply add:

-x your_proxy_server:your_proxy_port