TroLUG 2022-03#

Wil lkommen zur Anmeldung für das kommende TroLUG- Treffen:

Datum: 03.03.2022
Thema: Backup- Workshop

19:00 Uhr über BBB

Konferenzserver bis auf W eiteres:
https://bbb.daten.reisen/b/jon-mqr-zwu

Anmeldungen#

Jan
Michael (muss zwischendurch aber mal weg) *Uwe
Sandro (komme aber später, habe bis 1900 noch einen Termin)
Maik *Andreas

Protokoll#

Restliche Konfiguration mit dediziertem User\

Auf NAS/Server#

adduser restic
mkdir /vol/restic
chown restic:restic /vol/restic

vipw
restic:x:1002:1002:Restic -Benutz er,,,:/home/restic:/bin/false

Auf client, der zu sichern ist#

als root#

adduser restic

ssh-keygen -t rsa -b 4096
ssh-copy-id -i ~/.ssh/id_rsa.pub restic@nasrechner

host in .ssh/config aufnehmen#

after each restic update:#

cp /usr/bin/restic /home/restic/bin/ && chmod 710 /home/restic/bin/restic && setcap “CAP_DAC_READ_SEARCH+ep” /home/restic/bin/restic

ssh Einstellungen auf NAS#

/etc/ssh/sshd_config
PubkeyAuthentication yes
PasswordAuthentication no

/home/restic/bin/restic init -r /tmp/trolug/test
restic backup -r /tmp/trolug/test/ /root/ # mit systemweitem restic keine Rechte
/home/restic/bin/restic backup -r /tmp/trolug/test/ /root/ # sichern
/home/restic/bin/restic backup -r /tmp/trolug/test/ /root/ # nochmal sichern
/home/restic/bin/restic backup -r /tmp/trolug/test/ /root/ -v # verbose

Caches nicht sichern:
https://bford.info/cachedir/

wgetpaste -c “cat /etc/sudoers.d/restic”

Snapshots in btrfs, oder mit LVM

cat /etc/sudoers.d/restic#

all commands for the backup#

restic ALL=(root) NOPASSWD: /sbin/btrfs subvolume snapshot -r /home /data/restic_homebak
restic ALL=(root) NOPASSWD: /sbin/btrfs subvolume snapshot -r /data /data/restic_databak
restic ALL=(root) NOPASSWD: /sbin/btrfs subvolume delete /data/restic_homebak
restic ALL=(root) NOPASSWD: /sbin/btrfs subvolume delete /data/restic_databak

restic@client ~ $ cat backup.sh
#!/bin/bash

RESTIC_PROGRESS_FPS=5
LOGFILE=~/restic.log

echo “prepare btrfs snapshots”
sudo /sbin/btrfs subvolume snapshot -r /home /data/restic_homebak
sudo /sbin/btrfs subvolume snapshot -r /data /data/restic_databak

echo “backup data”
/home/restic/bin/restic backup /data/restic_homebak /data/restic_databak -r sftp:restic@nasrechner:/vol/restic –password-file ~/my/pw/restic.txt

MYSUCCESS=$?

MYDATE=date +"%s %Y-%m-%d T %H-%M-%S" -u

if [ $MYSUCCESS -gt 0 ]
then
echo “${MYDATE} restic FAILED with ${MYSUCCESS}” » ${LOGFILE}
else
echo “${MYDATE} restic SUCCEDED with ${MYSUCCESS}” » ${LOGFILE}
fi

echo “remove btrfs snapshots”
sudo /sbin/btrfs subvolume delete /data/restic_homebak
sudo /sbin/btrfs subvolume delete /data/restic_databak

https://chemnitzer.linux-tage.de/2022/de/