Table of Contents

BackupPC

This guide is written when installing BackupPC V4.3.2. It covers installation, migration of V3 backup data, and host setup. Since Debian 10 includes BackupPC V3.3, this guide covers installation from tarball rather than by using the packet manager. Find the BackupPC Documentation. I'm using the term host interchangeably with client to refer to the host to be backed up, and server to refer to the host (or server) where BackupPC is running on.

Install V4.3.2

Debian 10 has BackupPC 3.3 in it's repositories. To install version 4 we need to manually install it.

Changing Passwords after Installation

To disable authentication, comment the auth instructions in /etc/backuppc/apache.conf and restart backuppc and apache.

Apache Setup

Migrate data from V3 to V4

Links

Migrate V3 data from a non-encrypted drive to V4 on an encrypted LVM drive

You can follow the steps in this paragraph to migrate an old V3 installation from an obsolete backuppc machine to a new V4 installation on a Debian 10 backuppc machine. You may need to omit steps if they do not apply to your situation.

Move data to a temporary mount point (on a different drive)

You can omit this step if you are setting up a new data drive and still have access to the drive containing V3 data.

Install BackupPC

Migrate Data

Setup encrypted LVM partition

Move V4 data to encrypted partition

Links

Setup boot configuration

Maintenance

Move V4 data to new storage

  1. prepare new storage using RAID - mdadm (Software RAID)
  2. mount existing storage to /backup and new storage to /new-backup
  3. copy with rsync -axHAWXS --numeric-ids --info=progress2 /backup /new-backup

Host Setup

All hosts are setup with rsync through ssh. For Windows 10 hosts I use the Windows Subsystem for Linux which allows to setup a Debian layer to access the host. To backup the localhost we need a small tweak which is explained below.

Main Configuration on BackupPC server

Check whether a host is accessible

Configuration on Server for Localhost

Configuration on Server for local hosts

Configuration on Server for remote hosts

Configuration on Server for remote hosts accessible through relais

Configuration on Hosts

  1. Windows 10: Install Windows Subsystem for Linux on Windows 10 hosts, which installs a Debian command line layer on top of your Windows 10 installation
  2. Install ssh and rsync:
    sudo apt install ssh rsync
  3. Harden SSH and restart the service.
  4. Create user backuppc with a restricted shell, not able to do local but only remote logins (do not expire the user):
    sudo adduser --shell /bin/rbash --disabled-password backuppc
  5. Copy the Server's backuppc id_rsa.pub file to the Host's backuppc authorized_keys file. The authorized_keys file should contain further restrictions to prevent e.g. port forwarding, preceed the ssh-rsa string with 'restrict,from=“local.domain.subnet.ip”':
    restrict,from="local.domain.subnet.ip" ssh-rsa <BASE64-PUBKEY-REPRESENTATION> backuppc

    It should further be owned by root and being read- but not writable by the backuppc user, to prevent removal of SSH restrictions. In older SSH versions you must enter the following instead of restrict:

    no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,from="local.domain.subnet.ip" ssh-rsa <BASE64-PUBKEY-REPRESENTATION> backuppc
  6. Allow user backuppc to run rsync as root, add the following line after %sudo:
    sudo visudo
    %sudo ALL=(ALL:ALL) ALL
    backuppc ALL=(root:root) NOPASSWD: /usr/bin/rsync
  7. Test rsync access as root with the following command from user backuppc on the BackupPC Server:
    ssh <new host> sudo rsync --version

Configuration on Synology DSM6 Hosts

Special host configurations

Ping commands

Alternative setups for Windows hosts

I'm not using any of the methods described in below links. I have collected those during my search for the best way to integrate Windows hosts into BackupPC. If you need to backup a host which does not run Windows 10, or does not provide the Microsoft Windows Subsystem for Linux, then those links might be helpful.

Special commands

Delete specific files