Changes between Version 9 and Version 10 of Documentation/Community/HowTo/ThePerfectEboxSetup/Backup

Show
Ignore:
Timestamp:
05/27/09 13:33:53 (4 years ago)
Author:
jsalamero@… (IP: 87.198.40.144)
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • Documentation/Community/HowTo/ThePerfectEboxSetup/Backup

    v9 v10  
    11== Backups == 
    22 
    3 A well designed backup system is a must for any reliable system. Hardware failures, software bugs or human mistakes can let you with your system down or with missing files. Here will cover two strategies: local and remote backups. In both cases will make incremental daily backups using rdiff-backup. Incremental daily backups let us restore the state on a given date while storing only the differences within days. 
     3A well designed backup system is a must for any reliable system. Hardware failures, software bugs or human mistakes can let you with your system down or with missing files. Here will cover two strategies: local and remote backups. Will be making incremental daily backups using rdiff-backup. Incremental daily backups let us restore the state on a given date while storing only the differences within days. 
    44 
    5 Remote backups are always a more secure choice because of being in a differente computer. A hardware or software error doesn't affect the backups integrity and as backups are pulled from the backup server, a security compromise in the main server wouldn't affect neither the backups integrity, that's why backup server shouldn't run any aditional service. Having to servers backup each other is definitely a very bad idea as a compromise in one server means compromise the other. 
     5Remote backups are always a more secure choice because of being in a different computer. A hardware or software error doesn't affect the backups integrity and as backups are pulled from the backup server, a security compromise in the main server wouldn't affect neither the backups integrity, that's why backup server shouldn't run any aditional service. Having to servers backup each other is definitely a very bad idea as a compromise in one server means compromise the other. Will only cover local backups here because there are ongoing efforts to create an enterprise-level remote backup module for eBox Platform. 
    66 
    77=== Local backups === 
     
    106106Current mirror: Wed May 20 21:56:32 2009 
    107107}}} 
    108  
    109 === Remote backups === 
    110  
    111 TODO 
    112  
    113 {{{ 
    114 #!/bin/sh -e 
    115  
    116 CONF=/mnt/backup 
    117 ROOT=/mnt/backup 
    118 HOSTS=$(cat $CONF/hosts) 
    119  
    120 for HOST in $HOSTS ; do 
    121    mkdir -p $ROOT/$HOST 
    122    MAXAGE=$(cat $CONF/$HOST-maxage) 
    123    rdiff-backup --include-globbing-filelist $CONF/$HOST-filelist.inc --exclude-globbing-filelist $CONF/$HOST-filelist.exc root@$HOST::/ $ROOT/$HOST 
    124    if [ $? -eq 0 ]; then 
    125       rdiff-backup --remove-older-than $MAXAGE --force $ROOT/$HOST 
    126    else 
    127       echo $? > $ROOT/rdiff-backup.err 
    128    fi 
    129 done 
    130 }}} 
    131  
    132 We add to .ssh/authorized_keys2: 
    133  
    134 {{{ 
    135 command="rdiff-backup --server",from="your backup server ip address",no-port-forwarding,no-X11-forwarding,no-pty (+ your backup server public key) 
    136 }}} 
    137  
    138 so we get something like: 
    139  
    140 {{{ 
    141 % cat /root/.ssh/authorized_keys2 
    142 command="rdiff-backup --server",from="192.168.9.1",no-port-forwarding,no-X11-forwarding,no-pty ssh-rsa HHHHB3NzaC1yc2EAAAABIwAAAQEAnlhQrJ+EQb80OJ4igk7FaJdHbycpmNtoVefA4CrTDG2mjS++nKQylWsC0RFcJhhfTZGXtr9DbFWmtpfeRo7Mc931Eguz5yV2MhQtoY7mUpYnPOf7oKOKZl3zPjwFTd1H5yz9GHAaLWPPC6b+8r93Z+rHwh+q5Gwhhg9uZY+TqGsQ4hf7uxUIOC6hB4g2LLyhPb8MaGjjSe2WdiVU0iobkKQ+G6UAb54qbiy5kmMrTrQRixhkyCIMk9I9BlSsaJsYF/+4iGCT494jyvCyBBlP3puXtxXrsXGFeHM5YKNal3FaEPSRpfu68gsE0N4vZ45P9OCS+dTIUsSQ1sko1F+j4Q== root@backupsrv 
    143 }}}