navodila:varnostno-kopiranje

Varnostno kopiranje

@TODO splošne informacije

Možna rešitev za iterativne, deduplicirane in kompresirane backupe nudi program, ki kliče na ime Borg backup. S tem lahko hranimo X mesečnih, Y tedenskih in Z dnevnih backupov.

Varnostne kopije hranimo na strežniku, ki ima dovolj prostora in je vedno na voljo.

Na strežniku:

  • mkdir /backups/<hostname> && borg init -e none /backups/<hostname>
  • mkdir /mnt/<hostname> (za sshfs mount)
  • kopiraš skripto (spodaj) v /etc/cron.daily/backup-<hostname>.sh (če želiš dnevno bekapirat, sicer pa v ustrezen drug cron folder)
  • prilagodis skripto - nastavis host (če ni v DNS-ju, ga dodaj v /etc/hosts), urediš direktorije, vključene oz. izključene iz backupa
  • dodaš ssh javni ključ v authorized keys na strežniku
  • poženes prilagojeno skripto, za test

Skripta

backup-<hostname
.sh>
#!/bin/bash
 
export HOST=<hostname>
export ROOT=/mnt/$HOST
LOGFAJL="/var/log/backup/$HOST"
 
# Setting this, so the repo does not need to be given on the commandline:
export BORG_REPO="/backup/$HOST"
export TARGET="/backup/$HOST"
 
echo "" | tee -a $LOGFAJL
echo "Zacenjam backup" | tee -a $LOGFAJL
date | tee -a $LOGFAJL
 
# SSH mount!
sshfs root@$HOST:/ $ROOT -p 2222
 
sshmount=$?
 
if [ $sshmount -eq 0 ]; then
	echo "SSH mount uspel" | tee -a $LOGFAJL
else
	echo "SSH mount fejlal :/" | tee -a $LOGFAJL
	exit $sshmount
fi
 
# Setting this, so you won't be asked for your repository passphrase:
#export BORG_PASSPHRASE="daith5eeW3zi7thahng0"
# or this to ask an external program to supply the passphrase:
#export BORG_PASSCOMMAND='pass show backup'
 
# some helpers and error handling:
info() { printf "\n%s %s\n\n" "$( date )" "$*" >&2; }
trap 'echo $( date ) Backup interrupted >&2; exit 2' INT TERM
 
info "Starting backup"
 
# Backup the most important directories into an archive named after
# the machine this script is currently running on:
 
export now=$(date +"%y-%m-%d")
 
borg create                         \
    --verbose                       \
    --filter AME                    \
    --list                          \
    --stats                         \
    --show-rc                       \
    --compression lz4               \
    --exclude-caches                \
    --files-cache ctime,size        \
    --exclude "$ROOT/home/*/.cache/*"    \
    --exclude "$ROOT/var/cache/*"   \
    --exclude "$ROOT/var/tmp/*"     \
    --exclude "$ROOT/var/lib/lxd/containers/*/rootfs" \
    --exclude "$ROOT/var/snap/lxd/common/lxd/disks/lxd.img" \
    --exclude "$ROOT/etc/.git"      \
                                    \
    "$TARGET::$HOST-$now"           \
    $ROOT/etc                       \
    $ROOT/home                      \
    $ROOT/root                      \
    $ROOT/var
 
backup_exit=$?
 
if [ $backup_exit -lt 2 ]; then
	echo "Backup uspel!" | tee -a $LOGFAJL
else
	echo "Backup fejlal :/" | tee -a $LOGFAJL
	fusermount -u $ROOT
	exit $backup_exit
fi
 
info "Pruning repository"
 
# Use the `prune` subcommand to maintain 7 daily, 4 weekly and 6 monthly
# archives of THIS machine. The '{hostname}-' prefix is very important to
# limit prune's operation to this machine's archives and not apply to
# other machines' archives also:
 
borg prune                          \
    --list                          \
    --prefix "$HOST-"               \
    --show-rc                       \
    --keep-daily    7               \
    --keep-weekly   4               \
    --keep-monthly  6               \
    "$TARGET"
prune_exit=$?
 
if [ $prune_exit -eq 0 ]; then
	echo "Prune uspel" | tee -a $LOGFAJL
else
	echo "Prune fejlal :/" | tee -a $LOGFAJL
fi
 
# use highest exit code as global exit code
global_exit=$(( backup_exit > prune_exit ? backup_exit : prune_exit ))
 
if [ ${global_exit} -eq 0 ]; then
    info "Backup and Prune finished successfully"
elif [ ${global_exit} -eq 1 ]; then
    info "Backup and/or Prune finished with warnings"
else
    info "Backup and/or Prune finished with errors"
fi
 
# SSH unmount
fusermount -u $ROOT
 
umount=$?
 
if [ $umount -eq 0 ]; then
	echo "SSH unmount uspel" | tee -a $LOGFAJL
else
	echo "SSH unmount fejlal :/" | tee -a $LOGFAJL
fi
 
exit ${global_exit}

Obnova podatkov

Najprej lociramo varnostno kopijo na strežniku, recimo /backup/primerhosta Nato izpišemo posnetke varnostnega kopiranja: borg list /backup/primerhosta

Željeno (najbrž najnovejšo), varnostno kopijo zmontiramo: borg mount /backup/primerhosta::primerhosta-19-11-10 /mnt/recovery (sintaksa je borg mount <lokacija_backupa>::<ime_posnetka>)

Fajle najdemo v /mnt/recovery/…

  • navodila/varnostno-kopiranje.txt
  • Last modified: 2022/07/25 15:45
  • by g1smo