services:backup
Table des matières
Généralités
Grifon réalise des sauvegardes quotidiennes des données et configurations de ses VM avec l'outil Borg Backup. La destination des sauvegardes est une VM qui se trouve sur un site distant : Loth.
Voici maintenant un exemple de mise en place de la sauvegarde automatique quotidienne pour une VM.
Initialisation
resolver02 ~ # ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: SHA256:k1sJUwhscOyN4lJfjQAyj+dY42n/YOXBG8HwNnujBx0 root@resolver02.grifon.fr The key's randomart image is: +---[RSA 2048]----+ | o o=+. .. | | = .=+.. | | . =o +OoE | | *oooo+O.o | | .o=o .S * | | .....o @ . | | . + = . | | . o . | | . | +----[SHA256]-----+ resolver02 ~ # cat /root/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAdkdcHKX/mRy5EoQdXjO7TT5ZcWqIFGqH7Q4c4ErAMyXVquIjDUn0PLMmjGnpQgZ/thW4jS4qEjmwbRSxxRvDdSdkXzelTbN/dpMPAfeH6j3NqaDBgiKYIas9DvMYy8mag3i6uUoix4ISP4u+xS8nWoUv86fJ7T6pIe90IvBLtnrzg4SA0c6Hb6xfFhdanLhr4zT28cP0dQam1vByX4JsTNo8X81CfXijPz6fpE2CEZJKHZM7cSsa4ghvs8Q+WxAzzuL17VW2x0FYo8MWNO/slkmZcF2zi5QcCSRrOMvVr5XbH27rtj2kozC+Q3qxDRKM276d7BzwWqqRaxpOE69V root@resolver02.grifon.fr
loth ~ # echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAdkdcHKX/mRy5EoQdXjO7TT5ZcWqIFGqH7Q4c4ErAMyXVquIjDUn0PLMmjGnpQgZ/thW4jS4qEjmwbRSxxRvDdSdkXzelTbN/dpMPAfeH6j3NqaDBgiKYIas9DvMYy8mag3i6uUoix4ISP4u+xS8nWoUv86fJ7T6pIe90IvBLtnrzg4SA0c6Hb6xfFhdanLhr4zT28cP0dQam1vByX4JsTNo8X81CfXijPz6fpE2CEZJKHZM7cSsa4ghvs8Q+WxAzzuL17VW2x0FYo8MWNO/slkmZcF2zi5QcCSRrOMvVr5XbH27rtj2kozC+Q3qxDRKM276d7BzwWqqRaxpOE69V root@resolver02.grifon.fr' >> /home/backup/.ssh/authorized_keys
resolver02 ~ # emerge -va borgbackup […] >>> No outdated packages were found on your system. * GNU info directory index is up-to-date. resolver02 ~ # borg init -e=none backup@loth.grifon.fr:$(hostname -s ) The authenticity of host 'loth.grifon.fr (2001:67c:1740:9007::20)' can't be established. ECDSA key fingerprint is SHA256:aIHusQI+wt/ea+ym+z/TinYNga6v9Vvrndutr84Irws. Are you sure you want to continue connecting (yes/no)? yes Remote: Warning: Permanently added 'loth.grifon.fr,2001:67c:1740:9007::20' (ECDSA) to the list of known hosts.
loth ~ # mv /home/backup/resolver02/ /var/backup/ loth ~ # ln -s /var/backup/resolver02/ /home/backup/
Init repo
Il faut init le repo sur la target de backup, exemple sur backup03 :
backup@backup03:~/grifon$ pwd /var/backups/grifon backup@backup03:~/grifon$ mkdir gitlab
Puis depuis le serveur à backuper :
root@gitlab:~# borg init -e none backup@backup03.grifon.fr:/var/backups/grifon/$(hostname -s)
Script de backup
Script à mettre dans /usr/local/sbin/backup.sh :
#!/usr/bin/env bash borg prune -v backup@backup03.grifon.fr:/var/backups/grifon/$(hostname -s) --keep-daily=7 --keep-weekly=4 --keep-monthly=1 borg create --info --stats --compression lzma,9 backup@backup03.grifon.fr:/var/backups/grifon/$(hostname -s)::$(date +%F) $(find / -maxdepth 1 -type d | grep -Ev '^/$|^/tmp|^/lost\+found|^/mnt|^/run|^/proc|^/dev|^/sys|^/media' | tr '\n' ' ')
puis :
chmod +x /usr/local/sbin/backup.sh
et enfin un fichier de cron :
echo "51 0 * * * root /usr/local/sbin/backup.sh" > /etc/cron.d/backup
services/backup.txt · Dernière modification : 2023/05/04 11:54 de gizmo