SRV_SYNBAK

Synbak

Synbak - Universal Backup System

Zdroj: https://github.com/ugoviti/synbak

 

Návod na instalaci

1) Založíme nový LXC container

dle tohoto návodu: https://intranet.rs-kovarik.cz/srvtemplate Místo SRV_TEMPLATE zadat jméno SRV_SYNBAK

2) Připojíme se k serveru přes terminál

ssh připojení k Turiisu a pak přes lxc-attach

Příkazy:

lxc-attach SRV_SYNBAK

3) Instalace apache2

Příkazy:

apt update

apt install apache2

3) Povolení služby apache2

Příkazy:

systemctl enable apache2

4) Instalace požadovaného SW

What you need to run synbak:

  • a fully UTF-8 charset GNU/Linux Operating System
  • GNU bash shell v2.0 or v3.0
  • GNU autotools
    • apt install autotools-dev
  • GNU coreutils 5.x or above
  • mandatory commands:
    • GNU gettext 0.14 or highter
      • apt install gettext
    • GNU awk (default)
    • GNU sed (default)
    • GNU grep (default)
    • GNU date (default)
    • GNU find (default)
    • tee (defautl)
    • bc (default)
    • nc (netcat) (default)
    • mktemp 1.5 or highter (default)
  • mandatory backup utilities:
    • GNU tar (default)
    • mtx (default)
    • mt-tools (neni potřeba)
    • rsync (default)
    • samba (default)
    • mysqldump 
      • apt install mysql-client
    • exp (oracle's export command) (neni potřeba)
    • ldapsearch (neni potřeba)
    • mount.cifs or smbmount
      • apt install cifs-utils

5) Instalace synbak

příkazy pro stažení:

          wget https://github.com/ugoviti/synbak/archive/master.zip -O synbak.zip

unzip synbak.zip

cd synbak-master

          apt install libtool autopoint make automake

you can install synbak from sources with:

sh ./autogen.sh 

./configure --prefix=/opt/synbak

make

make install

  •  if you have a RPM based Linux distro you can use the available synbak package, and install it with: rpm -Uhv synbak-x.x.x-x.noarch.rpm
  •  if you want build binary rpm package from src.rpm package use: rpmbuild --rebuild synbak-x.x.x-x.src.rpm
  •  if you want build binary rpm package from tar.gz archive use: rpmbuild -ta synbak-x.x.x.tar.gz

6) Konfigurace synbak

  • read the FAQ file located into synbak doc directory (usually /usr/share/doc/synbak-x.x.x/)
  • launch synbak and read the output :-)
  • launch synbak with a command like this: synbak -s localhost -m rsync
  • it will create a '.synbak' directory in your user home directory
  • then follow the onscreen informations
  • edit the $HOME/.synbak/$method/$system.conf config file
  • re run the 'synbak -s localhost -m rsync' to make the real backup
  • that's all

Upravíme DocumentRoot na pache serveru:

nano /etc/apache2/sites-available/000-default.conf 

DocumentRoot řádek změníme na:

DocumentRoot /var/www/html/admin/log/backup

Uložíme a restartujeme apache:

service apache2 restart

 

7) Přístup přes ssh na server který chci zálohovat

Návod jak vytvořit ssh klíč

https://linuxize.com/post/how-to-set-up-ssh-keys-on-ubuntu-1804/

vytvoříme si ssh key

Příkazy:

ssh-keygen -t rsa -b 4096 -C "your_email@domain.com"

nano /root/.ssh/config_tmp

chmod 644 /root/.ssh/config_tmp

Vložíme tam: 

User root

PreferredAuthentications publickey

IdentityFile /root/.ssh/id_rsa

ForwardAgent yes

AddKeysToAgent yes

crtl +x uložit enter

Dle návodu SRV_TEMPLATE zprovozníme ssh server a přidáme vytvožený public key do authorized_keys

https://intranet.rs-kovarik.cz/srvtemplate

Po úspěšném nastavení se přihlásíme přes SSH z našeho synbak serveru k zalohovanemu serveru takto:

ssh root@server_ip

Při první přihlášení se nás zeptá zda sedí pingerprint, dám že jo. Příště se rovnou připojí.

8) Rsync na zálohovaném serveru

Ověřit zda tam je nainstalován rsync, pokud ne, tak doinstalovat

apt install rsync

9) Kam budu zálohovat 

Například na NAS může mount vypadat takto: 

mkdir /mnt/zalohy

nano ~/.smbcredentials

Enter your Windows username and password in the file:

username=msusername
password=mspassword

Save the file, exit the editor.

Change the permissions of the file to prevent unwanted access to your credentials:

chmod 600 ~/.smbcredentials

Then edit your /etc/fstab file (with root privileges) to add this line (replacing the insecure line in the example above, if you added it):

nano /etc/fstab

//servername/sharename /mnt/zalohy cifs credentials=/root/.smbcredentials,iocharset=utf8,sec=ntlm 0 0

Save the file, exit the editor.

Finally, test the fstab entry by issuing:

sudo mount -a

Nebo např takto: 

mount.cifs -o user=xxx,password=xxxxx //192.168.0.222/zal_lxc /mnt/zalohy

10) Příklady konfigurace 

Příkazy:

mkdir /root/.synbak

cd /root/.synbak

mkdir rsync

cd rsync

nano 192.168.1.1.conf

Vzorová konfigurace:

## synbak 3.x main configuration file

# for quick usage instructions go to the end of this file and read FAQ file

 

## backup source base uri (you must provide a valid URI that will used as base address of every 'backup_source' entry)

## valid URI: file:// ssh:// sftp:// rsync:// smb:// cifs:// mysql:// pgsql:// oracle:// ldap:// http:// ftp:// (the URI is dependant of backup method)

backup_source_uri = ssh://root@your_server_IP

backup_source = /bin /boot /etc /lib* /root /sbin /usr /var

backup_destination = /srv/backup/$system/$method

backup_exclude = /srv/backup /home/*/.gvfs /srv/storage/home/*/.gvfs

 

backup_method_opts = # extra method options (send extra arguments to the real backup command. ex: with rsync method add -A to backup ACL premissions)

backup_destination_automake = yes # auto make destination dir if not exist

backup_destination_prefix = yes # prefix the backup destination dir with backup-$system-$date name (setting to 'no' will disable the autoerase function)

 

## automatic backup schedule management: daily, weekly, monthly, yearly

backup_schedule = yes # backup_schedule will enable auto managament of backup schedule (this will disable the global backup_keep option)

 

backup_schedule_planning = d,w,m,y # when execute the scheduled backups: d=daily w=weekly m=monthly y=yearly

 

backup_schedule_daily_keep = 5 # keep n. backups online before erase them in daily backup (0 = disable)

backup_schedule_weekly_keep = 4 # keep n. backups online before erase them in weekly backup (0 = disable)

backup_schedule_monthly_keep = 12 # keep n. backups online before erase them in monthly backup (0 = disable)

backup_schedule_yearly_keep = 1 # keep n. backups online before erase them in yearly backup (0 = disable)

 

backup_schedule_daily_cron = 1,2,3,4,5,6,7 # (format: use the crontab(5) format) days of the week when make backups. (from 1 = monday to 7 = sunday)

backup_schedule_weekly_cron = 6 # (format: from 1 to 7) specify only one day of the week when make backups. ex: use 7 to run weekly backups on sunday

backup_schedule_monthly_cron = 31 # (format: from 1 to 31) day of the month when make backup (synbak always considers 31 as the last day of the month)

backup_schedule_yearly_cron = 12-31 # (format: MONTH-DAY) month and day when make yearly backup

 

## oneshot backup management (used when backup_schedule=no)

backup_keep = 5 # keep online max n. backups, then autoerase older backups (only if backup_keep_on_errors=no or no error occour)

backup_keep_on_errors = yes # keep old backups if any error occour in a backup step, otherwise erase old backups

 

## method specific options

method_concurrent_limit = 1 # this allow synbak to run n. cuncurrent backup job at same time for this system

method_rsync_sudo = no # yes = synbak will connect to the remote host and will run rsync daemon via sudo command (you must add the specified user into sudoers file. this greatly enhance security)

method_rsync_differential = no # yes = rsync differential backup without hardlinks, no = rsync incremental backup via file system hardlinks (use only when your destination doesn't support hardlinks, like a NTFS or FAT32 formatted filesystem)

method_tape_device_changer = /dev/changer # the tape changer device path (used in method: tape)

method_verify = no # verify the backup (used in method: tape/tar/laserdisc)

method_device_eject = no # eject the device at backup end (used in method: tape/laserdisc)

 

## reports managements

report_remote_uri_down = yes # yes = create the reports if the remote host is down. no = don't make any reports if the remote host to backup is down (useful whit laptops)

 

report_info_support = InitZero S.r.l. - support@initzero.it # the techincal support info you want show to your customers

 

## standard output reporting

report_stdout = no # always generate standard output report (override this with -d command line option)

report_stdout_on_errors = no # generate standard output report on errors only

 

## email output reporting

report_email = no # always generate an email report

report_email_on_errors  = yes # generate email report on errors only

report_email_rcpt = root@localhost # the destination address of email reports

 

## html/rss output reporting

report_html = yes # always generate a html report

report_html_on_errors   = yes # generate html report on errors only

report_html_destination = /var/www/html/admin/log/backup # destination dir of html reports

report_html_uri         = http://your_IP/admin/log/backup # http uri of html and rss reports

report_html_logo = yes # display a logo in the html report

report_html_logo_image = # http uri or web root relative path of the image logo (empty = use default synbak logo)

report_html_logo_link = http://www.initzero.it/products/opensource/synbak # http uri link of the log

 

11) 1. spuštění manuální

Příkazy:

mkdir /var/www/html/admin/

mkdir /var/www/html/admin/log

mkdir /var/www/html/admin/log/backup

Zálohu spustíme manuálně:

/opt/synbak/bin/synbak -s your_serverver_ip -m rsync

Pokud proběhne OK, měli by jsme na stránce http://your_ip/ vidět výsledek

 

12) crontab

Pro automatické byckupy jen přidáme příslušnou úlohu do crontab:

crontab -e

Přidáme tam například takovou konfiguraci: 

0 1 * * * /opt/synbak/bin/synbak -s your_serverver_ip -m rsync


VYHLEDÁVÁNÍ

Zanechte nám svoje číslo
Rádi se Vám ozveme

NEZÁVAZNÁ POPTÁVKA