Varnostno kopiranje
@TODO splošne informacije
Borg backup
Možna rešitev za iterativne, deduplicirane in kompresirane backupe nudi program, ki kliče na ime Borg backup. S tem lahko hranimo X mesečnih, Y tedenskih in Z dnevnih backupov.
Varnostne kopije hranimo na strežniku, ki ima dovolj prostora in je vedno na voljo.
Kratka navodila
Na strežniku:
- mkdir /backups/<hostname> && borg init -e none /backups/<hostname>
- mkdir /mnt/<hostname> (za sshfs mount)
- kopiraš skripto (spodaj) v /etc/cron.daily/backup-<hostname>.sh (če želiš dnevno bekapirat, sicer pa v ustrezen drug cron folder)
- prilagodis skripto - nastavis host (če ni v DNS-ju, ga dodaj v /etc/hosts), urediš direktorije, vključene oz. izključene iz backupa
- dodaš ssh javni ključ v authorized keys na strežniku
- poženes prilagojeno skripto, za test
Skripta
- backup-<hostname
.sh> #!/bin/bash export HOST=<hostname> export ROOT=/mnt/$HOST LOGFAJL="/var/log/backup/$HOST" # Setting this, so the repo does not need to be given on the commandline: export BORG_REPO="/backup/$HOST" export TARGET="/backup/$HOST" echo "" | tee -a $LOGFAJL echo "Zacenjam backup" | tee -a $LOGFAJL date | tee -a $LOGFAJL # SSH mount! sshfs root@$HOST:/ $ROOT -p 2222 sshmount=$? if [ $sshmount -eq 0 ]; then echo "SSH mount uspel" | tee -a $LOGFAJL else echo "SSH mount fejlal :/" | tee -a $LOGFAJL exit $sshmount fi # Setting this, so you won't be asked for your repository passphrase: #export BORG_PASSPHRASE="daith5eeW3zi7thahng0" # or this to ask an external program to supply the passphrase: #export BORG_PASSCOMMAND='pass show backup' # some helpers and error handling: info() { printf "\n%s %s\n\n" "$( date )" "$*" >&2; } trap 'echo $( date ) Backup interrupted >&2; exit 2' INT TERM info "Starting backup" # Backup the most important directories into an archive named after # the machine this script is currently running on: export now=$(date +"%y-%m-%d") borg create \ --verbose \ --filter AME \ --list \ --stats \ --show-rc \ --compression lz4 \ --exclude-caches \ --files-cache ctime,size \ --exclude "$ROOT/home/*/.cache/*" \ --exclude "$ROOT/var/cache/*" \ --exclude "$ROOT/var/tmp/*" \ --exclude "$ROOT/var/lib/lxd/containers/*/rootfs" \ --exclude "$ROOT/var/snap/lxd/common/lxd/disks/lxd.img" \ --exclude "$ROOT/etc/.git" \ \ "$TARGET::$HOST-$now" \ $ROOT/etc \ $ROOT/home \ $ROOT/root \ $ROOT/var backup_exit=$? if [ $backup_exit -lt 2 ]; then echo "Backup uspel!" | tee -a $LOGFAJL else echo "Backup fejlal :/" | tee -a $LOGFAJL fusermount -u $ROOT exit $backup_exit fi info "Pruning repository" # Use the `prune` subcommand to maintain 7 daily, 4 weekly and 6 monthly # archives of THIS machine. The '{hostname}-' prefix is very important to # limit prune's operation to this machine's archives and not apply to # other machines' archives also: borg prune \ --list \ --prefix "$HOST-" \ --show-rc \ --keep-daily 7 \ --keep-weekly 4 \ --keep-monthly 6 \ "$TARGET" prune_exit=$? if [ $prune_exit -eq 0 ]; then echo "Prune uspel" | tee -a $LOGFAJL else echo "Prune fejlal :/" | tee -a $LOGFAJL fi # use highest exit code as global exit code global_exit=$(( backup_exit > prune_exit ? backup_exit : prune_exit )) if [ ${global_exit} -eq 0 ]; then info "Backup and Prune finished successfully" elif [ ${global_exit} -eq 1 ]; then info "Backup and/or Prune finished with warnings" else info "Backup and/or Prune finished with errors" fi # SSH unmount fusermount -u $ROOT umount=$? if [ $umount -eq 0 ]; then echo "SSH unmount uspel" | tee -a $LOGFAJL else echo "SSH unmount fejlal :/" | tee -a $LOGFAJL fi exit ${global_exit}
Obnova podatkov
Najprej lociramo varnostno kopijo na strežniku, recimo /backup/primerhosta
Nato izpišemo posnetke varnostnega kopiranja: borg list /backup/primerhosta
Željeno (najbrž najnovejšo), varnostno kopijo zmontiramo: borg mount /backup/primerhosta::primerhosta-19-11-10 /mnt/recovery (sintaksa je borg mount <lokacija_backupa>::<ime_posnetka>)
Fajle najdemo v /mnt/recovery/…