Différences

Ci-dessous, les différences entre deux révisions de la page.

@@ Ligne 1: / Ligne 1: @@
+====== Généralités ======
+Grifon réalise des sauvegardes quotidiennes des données et configurations de ses VM avec l'outil [[https://borgbackup.readthedocs.io/en/stable/#|Borg Backup]]. La destination des sauvegardes est une VM qui se trouve sur un site distant : [[machines:grifon:loth|Loth]].
+Voici maintenant un exemple de mise en place de la sauvegarde automatique quotidienne pour une VM.
+====== Initialisation ======
+<code>
+resolver02 ~ # ssh-keygen
+Generating public/private rsa key pair.
+Enter file in which to save the key (/root/.ssh/id_rsa):
+Created directory '/root/.ssh'.
+Enter passphrase (empty for no passphrase):
+Enter same passphrase again:
+Your identification has been saved in /root/.ssh/id_rsa.
+Your public key has been saved in /root/.ssh/id_rsa.pub.
+The key fingerprint is:
+SHA256:k1sJUwhscOyN4lJfjQAyj+dY42n/YOXBG8HwNnujBx0 root@resolver02.grifon.fr
+The key's randomart image is:
++---[RSA 2048]----+
+|  o o=+. ..      |
+|   = .=+..       |
+|  . =o +OoE      |
+|   *oooo+O.o     |
+|  .o=o .S *      |
+|  .....o @ .     |
+|   .  + = .      |
+|     . o .       |
+|        .        |
++----[SHA256]-----+
+resolver02 ~ # cat /root/.ssh/id_rsa.pub
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAdkdcHKX/mRy5EoQdXjO7TT5ZcWqIFGqH7Q4c4ErAMyXVquIjDUn0PLMmjGnpQgZ/thW4jS4qEjmwbRSxxRvDdSdkXzelTbN/dpMPAfeH6j3NqaDBgiKYIas9DvMYy8mag3i6uUoix4ISP4u+xS8nWoUv86fJ7T6pIe90IvBLtnrzg4SA0c6Hb6xfFhdanLhr4zT28cP0dQam1vByX4JsTNo8X81CfXijPz6fpE2CEZJKHZM7cSsa4ghvs8Q+WxAzzuL17VW2x0FYo8MWNO/slkmZcF2zi5QcCSRrOMvVr5XbH27rtj2kozC+Q3qxDRKM276d7BzwWqqRaxpOE69V root@resolver02.grifon.fr
+</code>
+<code>
+loth ~ # echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAdkdcHKX/mRy5EoQdXjO7TT5ZcWqIFGqH7Q4c4ErAMyXVquIjDUn0PLMmjGnpQgZ/thW4jS4qEjmwbRSxxRvDdSdkXzelTbN/dpMPAfeH6j3NqaDBgiKYIas9DvMYy8mag3i6uUoix4ISP4u+xS8nWoUv86fJ7T6pIe90IvBLtnrzg4SA0c6Hb6xfFhdanLhr4zT28cP0dQam1vByX4JsTNo8X81CfXijPz6fpE2CEZJKHZM7cSsa4ghvs8Q+WxAzzuL17VW2x0FYo8MWNO/slkmZcF2zi5QcCSRrOMvVr5XbH27rtj2kozC+Q3qxDRKM276d7BzwWqqRaxpOE69V root@resolver02.grifon.fr' >> /home/backup/.ssh/authorized_keys
+</code>
+<code>
+resolver02 ~ # emerge -va borgbackup
+[…]
+>>> No outdated packages were found on your system.
+ * GNU
+info directory index is up-to-date.
+resolver02 ~ # borg init -e=none backup@loth.grifon.fr:$(hostname -s )
+The authenticity of host 'loth.grifon.fr (2001:67c:1740:9007::20)' can't be established.
+ECDSA key fingerprint is SHA256:aIHusQI+wt/ea+ym+z/TinYNga6v9Vvrndutr84Irws.
+Are you sure you want to continue connecting (yes/no)? yes
+Remote: Warning: Permanently added 'loth.grifon.fr,2001:67c:1740:9007::20' (ECDSA) to the list of known hosts.
+</code>
+<code>
+loth ~ # mv /home/backup/resolver02/ /var/backup/
+loth ~ # ln -s /var/backup/resolver02/ /home/backup/
+</code>
+====== Init repo ======
+Il faut init le repo sur la target de backup, exemple sur backup03 :
+<code>
+backup@backup03:~/grifon$ pwd
+/var/backups/grifon
+backup@backup03:~/grifon$ mkdir gitlab
+</code>
+Puis depuis le serveur à backuper :
+<code>
+root@gitlab:~# borg init -e none backup@backup03.grifon.fr:/var/backups/grifon/$(hostname -s)
+</code>
+====== Script de backup ======
+Script à mettre dans /usr/local/sbin/backup.sh :
+<code>
+#!/usr/bin/env bash
+borg prune -v backup@backup03.grifon.fr:/var/backups/grifon/$(hostname -s) --keep-daily=7 --keep-weekly=4 --keep-monthly=1
+borg create --info --stats --compression lzma,9 backup@backup03.grifon.fr:/var/backups/grifon/$(hostname -s)::$(date +%F) $(find / -maxdepth 1 -type d | grep -Ev '^/$|^/tmp|^/lost\+found|^/mnt|^/run|^/proc|^/dev|^/sys|^/media' | tr '\n' ' ')
+</code>
+puis :
+<code>
+chmod +x /usr/local/sbin/backup.sh
+</code>
+et enfin un fichier de cron :
+<code>
+echo "51 0 * * * root /usr/local/sbin/backup.sh" > /etc/cron.d/backup
+</code>