Difference between revisions of "Backups"
Line 74: | Line 74: | ||
#borg backup | #borg backup | ||
30 8 * * * root /srv/borg.sh | 30 8 * * * root /srv/borg.sh | ||
+ | |||
+ | |||
+ | service cron reload |
Revision as of 21:30, 6 October 2018
Server Backups
AllStarLink, Inc uses a per server backup method based on borg.
Installing Borg on Ubuntu 16
the default package that ships with ubuntu 16.04 LTS is borg 1.0 based and we use the latest 1.1 version as it has several security fixes.
Install nessary packages
apt-get install libacl1-dev python3-dev libssl-dev gcc g++
install pip
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py python3 get-pip.py
Install Borg
pip3 install borgbackup
Test for proper version
root:~# borg -V borg 1.1.7
which borg /usr/local/bin/borg
Install the scripts
This will install a new ssh key for root that matches the Rsync.net account and place the borg.inc program in the /root/ directory.
cd / tar -xvf /root/borg-root-config.tar
Edit the borg script
On the Db servers we add a command to dump the database to /var/mysql-backup-current.sql.bz2
Initialize the repo
Copy the export lines to your shell and run then do
echo $BORG_REPO ASLUSER@host.rsync.net:borg/ASL/db-ord
The borg/ASL/db-ord needs to be created on the server
ssh -t ASLUSER@host.rsync.net mkdir -p borg/ASL/db-ord
now we need to init the repo at that location
borg init -e keyfile-blake2 -p -v
export the key
borg key export --paper
Email this output GPG encrypted to the admin team members.
If we lose this key, there is no way to restore the backup. This means if the server dies, we need the paper key record and the passphrase.
Do the first backup
/root/borg.inc
Check that it's succeed
move borg.inc to cron
mv /root/borg.inc /srv/borg.sh
edit crontab
edit /etc/crontab to run daily at 8am UTC
#borg backup 30 8 * * * root /srv/borg.sh
service cron reload