Line 9: |
Line 9: |
| == Install nessary packages== | | == Install nessary packages== |
| | | |
− | apt-get install libacl1-dev python3-dev libssl-dev gcc g++ | + | apt-get install libacl1-dev python3-dev libssl-dev gcc g++ |
| | | |
| == install pip == | | == install pip == |
| | | |
− | curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py | + | curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py |
− | python3 get-pip.py | + | python3 get-pip.py |
| | | |
| == Install Borg == | | == Install Borg == |
− | pip3 install borgbackup | + | pip3 install borgbackup |
| | | |
| == Test for proper version == | | == Test for proper version == |
− | root@db-ord:~# borg -V | + | root:~# borg -V |
− | borg 1.1.7 | + | borg 1.1.7 |
| | | |
− | which borg | + | which borg |
− | /usr/local/bin/borg | + | /usr/local/bin/borg |
| | | |
| == Install the scripts == | | == Install the scripts == |
| This will install a new ssh key for root that matches the Rsync.net account and place the borg.inc program in the /root/ directory. | | This will install a new ssh key for root that matches the Rsync.net account and place the borg.inc program in the /root/ directory. |
| | | |
− | cd / | + | cd / |
− | tar -xvf /root/borg-root-config.tar | + | tar -xvf /root/borg-root-config.tar |
| | | |
| = Edit the borg script= | | = Edit the borg script= |
Line 36: |
Line 36: |
| On the Db servers we add a command to dump the database to /var/mysql-backup-current.sql.bz2 | | On the Db servers we add a command to dump the database to /var/mysql-backup-current.sql.bz2 |
| | | |
− | = Initalize the repo= | + | = Initialize the repo= |
| | | |
| Copy the export lines to your shell and run then do | | Copy the export lines to your shell and run then do |
| | | |
− | echo $BORG_REPO | + | echo $BORG_REPO |
− | ASLUSER@host.rsync.net:borg/ASL/db-ord | + | ASLUSER@host.rsync.net:borg/ASL/db-ord |
| | | |
| The borg/ASL/db-ord needs to be created on the server | | The borg/ASL/db-ord needs to be created on the server |
− | ssh -t ASLUSER@host.rsync.net mkdir -p borg/ASL/db-ord | + | ssh -t ASLUSER@host.rsync.net mkdir -p borg/ASL/db-ord |
| | | |
| now we need to init the repo at that location | | now we need to init the repo at that location |
| + | borg init -e keyfile-blake2 -p -v |
| | | |
− | borg init -e keyfile-blake2 -p -v
| |
| | | |
| + | = export the key = |
| | | |
− | == export the key ==
| + | borg key export --paper |
| | | |
− | borg key export --paper
| + | Email this output GPG encrypted to the admin team members. |
| | | |
− | email this output GPG encrypted to the admin team members.
| + | '''If we lose this key, there is no way to restore the backup.''' This means if the server dies, we need the paper key record and the passphrase. |
− | | |
− | If we lose this key, there is no way to restore the backup. This means if the server dies, we need the paper key record and the passphrase. | |
| | | |
| = Do the first backup = | | = Do the first backup = |
| | | |
− | /root/borg.inc | + | /root/borg.inc |
| | | |
| Check that it's succeed | | Check that it's succeed |
Line 67: |
Line 66: |
| = move borg.inc to cron = | | = move borg.inc to cron = |
| | | |
− | mv /root/borg.inc /etc/cron.daily/ | + | mv /root/borg.inc /etc/cron.daily/ |
| + | |
| + | = edit crontab = |
| + | |
| + | edit /etc/crontab to run daily at 8am UTC |