Differences

This shows you the differences between two versions of the page.

--- en:backup:server [2022/02/25 21:29] – [rsync] added borg link in alert info dan
+++ en:backup:server [2022/07/05 19:24] – [Script] -- prevent DokuWiki markup from rendering dan
@@ Line 1: / Line 1: @@
 ====== Server & desktop backup solutions ======
+The first backups will take a while. The following ones are much faster, but it depends on how much you change. Only the changes are saved.
 ===== rsync =====
@@ Line 9: / Line 10: @@
 <alert type="danger" icon="fa fa-warning">This backup solution is only recommended for an internal network. Use an encrypted backup method with [[en:backup:server#borg|borg]] instead.</alert>
+==== Dependencies ====
+The script needs ''inetutils'' for ''hostname'' command.
+<code>
+pacman -S inetutils
+</code>
 ==== Credentials ====
@@ Line 17: / Line 27: @@
 </code>
+==== Script ====
-=== Server ===
-== Script ==
 Add your details for ''DAEMONUSER=""'' and ''DAEMONHOST=""''.
+<code>
+nano /root/rsnapbackup.sh
+</code>
 <code>
 #!/bin/sh
@@ Line 40: / Line 49: @@
 DAEMONUSER=""
 DAEMONHOST=""
+HOSTNAME=$(hostname)
 MINCHANGES=1
@@ Line 68: / Line 78: @@
 fi
+rsync -avAXHP --delete --password-file=/etc/rsyncd.password $SNAP rsync://$DAEMONUSER@$DAEMONHOST/archive/backup/$HOSTNAME
-rsync -avAXHP --delete --password-file=/etc/rsyncd.password $SNAP rsync://$DAEMONUSER@$DAEMONHOST/archive/backup/server/root
+</code>
+<code>
+chmod +x /root/rsnapbackup.sh
 </code>
-== Exclude folder and files ==
+=== Exclude folder and files ===
-This is an example and widely used as a starting point for a server. Add anything you don't need to backup.
+This is an example. Add anything you don't need to backup. And change home ''$USER''.
 <code>
-backup-filter.rule
+nano /root/backup-filter.rule
 </code>
 <code>
@@ Line 88: / Line 100: @@
 /mnt/*
 /media/*
-/home/*
+/lost+found
+# root user
 /root/backup/*
-/lost+found
+/root/.cache/*
+# Home user
+/home/$USER/.cache/*
 </code>
-=== Desktop (home) ===
+===== borg =====
-== Script ==
+Follow our [[en:server:services:borg|borg]] tutorial first.
-Add your details for ''DAEMONUSER=""'' and ''DAEMONHOST=""''.
+The snapshots are stored remotely via ssh.
+==== Script ====
+Don't forget to create the borg repo first and add the credentials to the script.
+<code>
+borg init --encryption=keyfile-blake2 --make-parent-dirs ssh://username@remote.host.address:$port>/~/backups/borg/{hostname}
+</code>
+Add your excluded folders/files ''%%--%%exclude '/home/*/.cache/*' \'' and under ''::'{hostname}-{now}' \'' add folders/files you want to backup.
 <code>
 #!/bin/sh
-## Based on:
+# Setting this, so the repo does not need to be given on the commandline:
-## my own rsync-based snapshot-style backup procedure
+export BORG_REPO=ssh://username@example.com:2022/~/backups/borg/{hostname}
-## (cc) marcio rps AT gmail.com
-# config vars
+# See the section "Passphrase notes" for more infos.
+export BORG_PASSPHRASE='XYZl0ngandsecurepa_55_phrasea&&123'
-real_user=$SUDO_USER
+# some helpers and error handling:
+info() { printf "\n%s %s\n\n" "$( date )" "$*" >&2; }
+trap 'echo $( date ) Backup interrupted >&2; exit 2' INT TERM
-SRC="/home/$real_user/"
+info "Starting backup"
-SNAP="/home/$real_user/backup/"
-OPTS="-rltgoiP --delay-updates --delete --chmod=a-w"
-EXCL="--exclude-from=/home/$real_user/backup-filter.rule"
-DAEMONUSER=""
-DAEMONHOST=""
-MINCHANGES=1
-# run this process with real low priority
+# Backup the most important directories into an archive named after
+# the machine this script is currently running on:
-ionice -c 3 -p $$
+borg create                         \
-renice +12  -p $$
+    --verbose                       \
+    --filter AMEhsx                 \
+    --list                          \
+    --stats                         \
+    --progress                      \
+    --verbose                       \
+    --show-version                  \
+    --show-rc                       \
+    --compression zstd,11           \
+    --exclude-caches                \
+    --exclude '/home/*/.cache/*'    \
+    --exclude '/var/tmp/*'          \
+                                    \
+    ::'{hostname}-{now}'            \
+    /etc                            \
+    /home                           \
+    /root                           \
+    /var                            \
-# sync
+backup_exit=$?
-rsync $OPTS $EXCL $SRC $SNAP/latest >> $SNAP/rsync.log
+info "Pruning repository"
-# check if enough has changed and if so
+# Use the `prune` subcommand to maintain 7 daily, 4 weekly and 6 monthly
-# make a hardlinked copy named as the date
+# archives of THIS machine. The '{hostname}-' prefix is very important to
+# limit prune's operation to this machine's archives and not apply to
+# other machines' archives also:
-COUNT=$( wc -l $SNAP/rsync.log|cut -d" " -f1 )
+borg prune                          \
-if [ $COUNT -gt $MINCHANGES ] ; then
+    --list                          \
-        DATETAG=$(date +%Y-%m-%d-%H:%M)
+    --prefix '{hostname}-'          \
-        if [ ! -e $SNAP/$DATETAG ] ; then
+    --show-rc                       \
-                cp -al $SNAP/latest $SNAP/$DATETAG
+    --keep-daily    7               \
-                chmod u+w $SNAP/$DATETAG
+    --keep-weekly   4               \
-                mv $SNAP/rsync.log $SNAP/$DATETAG
+    --keep-monthly  6               \
-               chmod u-w $SNAP/$DATETAG
+    --keep-yearly   1               \
-         fi
-fi
+prune_exit=$?
-rsync -avAXHP --delete --password-file=/etc/rsyncd.password $SNAP rsync://$DAEMONUSER@$DAEMONHOST/archive/backup/server/$real_user
+# use highest exit code as global exit code
-</code>
+global_exit=$(( backup_exit > prune_exit ? backup_exit : prune_exit ))
+if [ ${global_exit} -eq 0 ]; then
+    info "Backup and Prune finished successfully"
+elif [ ${global_exit} -eq 1 ]; then
+    info "Backup and/or Prune finished with warnings"
+else
+    info "Backup and/or Prune finished with errors"
+fi
-== Exclude folder and files ==
+exit ${global_exit}
+</code>
+===== Crontab - rsync and borg =====
-This is an example. Add anything you don't need to backup.
+Follow our [[en:server:services:crontab|crontab]] tutorial first and add the following for your root user:
 <code>
-backup-filter.rule
+@daily /root/rsnapbackup.sh
 </code>
 <code>
-backup/
+@daily /root/bsnapbackup.sh
-.cache/
 </code>
+  * ''@yearly''
+  * ''@annually''
+  * ''@monthly''
+  * ''@weekly''
+  * ''@daily''
+  * ''@hourly''
+  * ''@reboot''
+===== Syncthing =====
+Follow our [[en:server:services:syncthing|Syncthing]] tutorial for both devices (backup server and your data device).
+==== Add device ====
+Add the backup server to your client under ''Remote Devices''.
+==== Add folder ====
+  * Add a folder under ''Folder'' and select the folder you want to backup under ''General''.
+  * Select your backup server under ''Sharing''.
+  * Under ''File Versioning'' you could add ''Staggered File Versioning'' which gives you more certainty, but have a look at https://docs.syncthing.net/users/versioning.html and choose what suits you best.
+  * Also check ''Advanced'' and ''Folder type'' and again choose what suits you best. For example, Keepass can be used with ''Send & Receive'' if you want sync your database on both devices.