Differences

This shows you the differences between two versions of the page.

--- deb10:backuppc [2022/09/29 12:53] – [Configuration on Hosts] Bernard Condrau
+++ deb10:backuppc [2023/02/03 14:21] – [Special host configurations] Bernard Condrau
@@ Line 178: / Line 178: @@
 ==== Maintenance ====
   * Delete a backup. If you delete several backups, delete non-filled backups which were taken after a filled backup first.<code>/usr/local/BackupPC/bin/BackupPC_backupDelete -h host -n num </code>[[http://backuppc.sourceforge.net/BackupPC-4.0.0.html#Other-Command-Line-Utilities|Other Command Line Utilities]] and [[https://github.com/backuppc/backuppc/blob/master/bin/BackupPC_backupDelete|BackupPC_backupDelete]]
+===== Move V4 data to new storage =====
+  - prepare new storage using [[deb9:mdadm|RAID - mdadm (Software RAID)]]
+  - mount existing storage to ''/backup'' and new storage to ''/new-backup''
+  - copy with ''%%rsync -axHAWXS --numeric-ids --info=progress2 /backup /new-backup%%''
+  * [[https://superuser.com/questions/307541/copy-entire-file-system-hierarchy-from-one-drive-to-another#answer-1185401|Copy entire file system hierarchy from one drive to another]]
 ===== Host Setup =====
 All hosts are setup with rsync through ssh. For Windows 10 hosts I use the [[win10:wsl|Windows Subsystem for Linux]] which allows to setup a Debian layer to access the host. To backup the localhost we need a small tweak which is explained below.
@@ Line 242: / Line 248: @@
 ==== Configuration on Hosts ====
-  * Windows 10: Install [[win10:wsl|Windows Subsystem for Linux]] on Windows 10 hosts, which installs a //Debian// command line layer on top of your Windows 10 installation
+  - Windows 10: Install [[win10:wsl|Windows Subsystem for Linux]] on Windows 10 hosts, which installs a //Debian// command line layer on top of your Windows 10 installation
-  * Install ssh and rsync:<code>sudo apt install ssh rsync</code>
+  - Install ssh and rsync:<code>sudo apt install ssh rsync</code>
-  * Harden [[deb9:ssh#Settings|SSH]] and restart the service.
+  - Harden [[deb9:ssh#Settings|SSH]] and restart the service.
-  * Create user backuppc with a restricted shell, not able to do local but only remote logins (do not expire the user):<code>sudo adduser --shell /bin/rbash --disabled-password backuppc</code>
+  - Create user backuppc with a restricted shell, not able to do local but only remote logins (do not expire the user):<code>sudo adduser --shell /bin/rbash --disabled-password backuppc</code>
-  * Copy the Server's backuppc id_rsa.pub file to the Host's backuppc authorized_keys file. The authorized_keys file should contain further restrictions to prevent e.g. port forwarding, preceed the ssh-rsa string with 'restrict,from="local.domain.subnet.ip"':<code>restrict,from="local.domain.subnet.ip" ssh-rsa <BASE64-PUBKEY-REPRESENTATION> backuppc</code>It should further be owned by root and being read- but not writable by the backuppc user, to prevent removal of SSH restrictions. In older SSH versions you must enter the following instead of restrict:<code>no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,from="local.domain.subnet.ip" ssh-rsa <BASE64-PUBKEY-REPRESENTATION> backuppc</code>
+  - Copy the Server's backuppc id_rsa.pub file to the Host's backuppc authorized_keys file. The authorized_keys file should contain further restrictions to prevent e.g. port forwarding, preceed the ssh-rsa string with 'restrict,from="local.domain.subnet.ip"':<code>restrict,from="local.domain.subnet.ip" ssh-rsa <BASE64-PUBKEY-REPRESENTATION> backuppc</code>It should further be owned by root and being read- but not writable by the backuppc user, to prevent removal of SSH restrictions. In older SSH versions you must enter the following instead of restrict:<code>no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,from="local.domain.subnet.ip" ssh-rsa <BASE64-PUBKEY-REPRESENTATION> backuppc</code>
-  * Allow user backuppc to run rsync as root, add the following line after %sudo:<code>sudo visudo
+  - Allow user backuppc to run rsync as root, add the following line after %sudo:<code>sudo visudo
-  * Test rsync access as root with the following command from user ''backuppc'' on the BackupPC Server:<code>ssh <new host> sudo rsync --version</code>
 %sudo ALL=(ALL:ALL) ALL
 backuppc ALL=(root:root) NOPASSWD: /usr/bin/rsync</code>
+  - Test rsync access as root with the following command from user ''backuppc'' on the BackupPC Server:<code>ssh <new host> sudo rsync --version</code>
   * [[https://superuser.com/questions/1481318/allowing-automatic-command-execution-as-root-on-linux-using-ssh#answer-1483701|Allowing automatic command execution as root on Linux using SSH]]
   * [[https://man.openbsd.org/OpenBSD-current/man8/sshd.8#AUTHORIZED_KEYS_FILE_FORMAT|authorized_keys]]
@@ Line 286: / Line 292: @@
       '*.mkv',
 ];</code>
-  * Synology DSM6 host share configuration:<code>$Conf{RsyncShareName} = ['/', '/volume1'];
+  * Synology DSM6 host share configuration. <color red>**IMPORTANT: you need to exclude any encrypted shared folders containing the encrypted physical files from the backup.**</color>. If you have a shared folder named ''documents'' then add the line as shown below in the sample config file:<code>$Conf{RsyncShareName} = ['/', '/volume1'];
 $Conf{BackupFilesExclude} = [
       '/proc',
@@ Line 293: / Line 299: @@
       '*.mkv',
       '*.vdi',
+      # exclude any shared folders here
+      '@documents@',
 ];</code>
   * Synology DSM6 host access configuration:<code>$Conf{RsyncClientPath} = 'sudo /var/services/homes/backuppc/bin/rsync';</code>

Differences

Know How