btrbk: Difference between revisions
From wiki
server setup |
Setup SSH access |
||
| Line 15: | Line 15: | ||
=== User === | === User === | ||
<syntaxhighlight lang="console"> | <syntaxhighlight lang="console"> | ||
# adduser --system --home /backup/ --group --no-create-home btrbk | # adduser --system --shell /bin/sh --home /backup/ --group --no-create-home btrbk | ||
Adding system user `btrbk' (UID 122) ... | Adding system user `btrbk' (UID 122) ... | ||
Adding new group `btrbk' (GID 124) ... | Adding new group `btrbk' (GID 124) ... | ||
Adding new user `btrbk' (UID 122) with group `btrbk' ... | Adding new user `btrbk' (UID 122) with group `btrbk' ... | ||
Not creating home directory `/backup/'. | Not creating home directory `/backup/'. | ||
</syntaxhighlight> | # mkdir /backup/.ssh | ||
# touch /backup/.ssh/authorized_keys | |||
</syntaxhighlight>This user will need to run <code>btrfs</code> tools as root. Let’s add this to the <code>/etc/sudoers</code> file<syntaxhighlight> | |||
btrbk ALL=NOPASSWD:/bin/btrfs | |||
</syntaxhighlight>If you limited access to certain users through SSH, add <code>btrbk</code> to the [[SSH|AllowUsers]] list and [[SSH|restart SSH]] | |||
== Setup Client == | == Setup Client == | ||
{{TODO|msg = }}[[Category:Debian Release]] | |||
=== SSH Key === | |||
Create an SSH key dedicated to your backups<syntaxhighlight lang="console"> | |||
# mkdir /etc/btrbk/ssh | |||
# chmod 700 /etc/btrbk/ssh | |||
# ssh-keygen -t ed25519 -N "" -f /etc/btrbk/ssh/id_ed25519 | |||
... | |||
# cat /etc/btrbk/ssh/id_ed25519 | |||
AAAAC3NzaC1lZDI1NTE5AAAAIFWJQzmdbnWfJqfa/YqXHQXh5bhkRir76mkkdVSln+eo root@client.example.org | |||
</syntaxhighlight>Then, '''on the backup server''', add the following line to <code>/backup/.ssh/authorized_keys</code>.<syntaxhighlight lang="sh"> | |||
command="/usr/share/btrbk/scripts/ssh_filter_btrbk.sh --target --info -p /backup --sudo",restrict,from="client.example.org" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDwxT6AaiAjahdUBeitkRDK6FXeZhI10rVN8BIeVriXG root@client.example.org | |||
</syntaxhighlight>{{TODO|msg = }}[[Category:Debian Release]] | |||
[[Category:Linux Desktop]] | [[Category:Linux Desktop]] | ||
[[Category:Linux Server]] | [[Category:Linux Server]] | ||
Revision as of 21:15, 30 March 2016
btrbk is a backup tool for Btrfs disks.
 Warning: | This page is a work in progress and is not completed. Important informations might be missing or wrong. |
Install
btrbk is not yet included in Debian Jessie. Make sure you configure stretch source before running the command bellow.
# apt install btrbk
Setup Backup Server
Destination Disk
Create a Btrfs volume and mount it on /backup.
User
# adduser --system --shell /bin/sh --home /backup/ --group --no-create-home btrbk
Adding system user `btrbk' (UID 122) ...
Adding new group `btrbk' (GID 124) ...
Adding new user `btrbk' (UID 122) with group `btrbk' ...
Not creating home directory `/backup/'.
# mkdir /backup/.ssh
# touch /backup/.ssh/authorized_keys
This user will need to run btrfs tools as root. Let’s add this to the /etc/sudoers file
btrbk ALL=NOPASSWD:/bin/btrfsIf you limited access to certain users through SSH, add btrbk to the AllowUsers list and restart SSH
Setup Client
SSH Key
Create an SSH key dedicated to your backups
# mkdir /etc/btrbk/ssh
# chmod 700 /etc/btrbk/ssh
# ssh-keygen -t ed25519 -N "" -f /etc/btrbk/ssh/id_ed25519
...
# cat /etc/btrbk/ssh/id_ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIFWJQzmdbnWfJqfa/YqXHQXh5bhkRir76mkkdVSln+eo root@client.example.org
Then, on the backup server, add the following line to /backup/.ssh/authorized_keys.
command="/usr/share/btrbk/scripts/ssh_filter_btrbk.sh --target --info -p /backup --sudo",restrict,from="client.example.org" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDwxT6AaiAjahdUBeitkRDK6FXeZhI10rVN8BIeVriXG root@client.example.org
TODO
