Randall, > I got to thinking, how hard would it be to isolate the hardware dependent > portions of a system, and simply backup and restore the hardware > independent portions onto a new system using rsync? Can someone shed some > light on the subject? A thinks I'm not clear on. I have implemented this using "backup2l". I've attached a copy of my "backup2l.conf" file and rsync shell scripts to give you an idea. :-) My servers and those of a few friends get backed up to a central server using rsync, and before the sync happens, the backups are encrypted using the appropriate GPG key. My home machine then syncs all backups down to itself for burning/archival; we try to keep all of a machine's own backups on it's system, then update a "skip.list" file (used for rsync exclusions) to reflect what backups have actually been burned. Cheers, Tyler
# Configuration file for backup2l #
##################################################
# Define the backup2l version for which the configuration file is written.
# This way, future versions can automatically warn if the syntax has changed.
FOR_VERSION=1.3
TZ=GMT
BHOME="/var/backups"
GPG_HOME="$BHOME/.gpg"
GPG_KEY="backup@crackerjack.net"
SQL_TUNNEL_USER="backup@tv.knoglinger.com"
SQL_DB="backup_log"
SQL_USER="backup"
# This is the prefix for all output files;
# multiple volumes can be handled by using different configuration files
# ... or with this hack, by using one config file with all the common info :)
if test -z "$VOLNAME"; then
VOLNAME=`hostname -f`
fi
if test "$VOLNAME" = "crackerjack"; then
VOLNAME="crackerjack.yi.org"
fi
if test "$VOLNAME" = "barn"; then
VOLNAME="barn.arnot"
fi
case "$VOLNAME" in
ubookbox.yi.org)
SYNC="sync-to-arctic.sh"
MYSQLDUMP="0"
PGDUMP="0"
TRIM_KEYS="0"
CREATE_DRIVER="DRIVER_MY_GPGBZ2"
SQL_TUNNEL="1"
SQL_PORT="51979"
BTDUMP="/usr/local/bin/bt_db2xml /var/lib/mod_bt"
;;
crackerjack.yi.org)
SYNC="sync-from-arctic.sh"
MYSQLDUMP="1"
PGDUMP="0"
TRIM_KEYS="0"
CREATE_DRIVER="DRIVER_TAR_BZ2"
SQL_TUNNEL="1"
SQL_PORT="51979"
BTDUMP="/usr/local/bin/bt_db2xml /var/lib/mod_bt"
;;
bavarian.yi.org)
SYNC="sync-to-arctic.sh"
MYSQLDUMP="1"
PGDUMP="0"
TRIM_KEYS="0"
CREATE_DRIVER="DRIVER_MY_GPGBZ2"
SQL_TUNNEL="1"
SQL_PORT="51979"
GPG_KEY="0167415C"
;;
susicivus.crackerjack.net)
SYNC="sync-to-arctic.sh"
MYSQLDUMP="1"
PGDUMP="0"
TRIM_KEYS="1"
CREATE_DRIVER="DRIVER_MY_GPGBZ2"
SQL_TUNNEL="1"
SQL_PORT="51979"
BTDUMP=""
;;
libertas.crackerjack.net)
SYNC="sync-to-arctic.sh"
MYSQLDUMP="1"
PGDUMP="0"
TRIM_KEYS="0"
CREATE_DRIVER="DRIVER_MY_GPGBZ2"
SQL_TUNNEL="1"
SQL_PORT="51979"
BTDUMP=""
;;
ostendo.crackerjack.net)
SYNC="sync-to-arctic.sh"
MYSQLDUMP="1"
PGDUMP="0"
TRIM_KEYS="0"
CREATE_DRIVER="DRIVER_MY_GPGBZ2"
SQL_TUNNEL="1"
SQL_PORT="51979"
BTDUMP=""
;;
tv.knoglinger.com)
MYSQLDUMP="1"
PGDUMP="0"
TRIM_KEYS="0"
CREATE_DRIVER="DRIVER_MY_GPGBZ2"
SQL_TUNNEL="0"
GPG_KEY="0167415C"
BTDUMP=""
;;
deemfudge.yi.org)
SYNC="sync-to-arctic.sh"
MYSQLDUMP="1"
PGDUMP="0"
TRIM_KEYS="0"
CREATE_DRIVER="DRIVER_MY_GPGBZ2"
SQL_TUNNEL="1"
SQL_PORT="51979"
BTDUMP=""
;;
viclog06.acd.int)
SYNC="sync-to-arctic.sh"
MYSQLDUMP="0"
PGDUMP="0"
TRIM_KEYS="0"
CREATE_DRIVER="DRIVER_MY_GPGBZ2"
SQL_TUNNEL="1"
SQL_PORT="51979"
BTDUMP=""
;;
eyecandy.arnot)
SYNC="sync-to-arctic.sh"
MYSQLDUMP="1"
PGDUMP="0"
TRIM_KEYS="0"
CREATE_DRIVER="DRIVER_MY_GPGBZ2"
SQL_TUNNEL="1"
SQL_PORT="51979"
BTDUMP=""
;;
barn.arnot)
SYNC="sync-to-arctic.sh"
MYSQLDUMP="0"
PGDUMP="0"
TRIM_KEYS="0"
CREATE_DRIVER="DRIVER_MY_GPGBZ2"
SQL_TUNNEL="1"
SQL_PORT="51979"
BTDUMP=""
;;
knock.arnot)
SYNC="sync-to-arctic.sh"
MYSQLDUMP="0"
PGDUMP="0"
TRIM_KEYS="0"
CREATE_DRIVER="DRIVER_MY_GPGBZ2"
SQL_TUNNEL="1"
SQL_PORT="51979"
BTDUMP=""
;;
esac
export SQL_PORT SQL_USER SQL_DB TZ
export PATH="$BHOME/bin:$PATH"
##################################################
# Source files
# All paths MUST be absolute and start with a '/'!
SRCLIST=(/etc /root /home /var /opt /usr/local /srv)
SKIPCOND=( \
-path "*/opt/pmx*" -o -path "*/cache/apt/*" -o -path "*/.spamassassin/*" \
-o -path "*/lib/postgrey/*" -o -name "proclog" -o -name ".procmail.log" \
-o -path "*.nobackup*" -o -name "*.o" -o -path "*/lib/mysql/*" \
-o -path "*/var/run/*" -o -path "*/tmp/*" -o -path "*/cache/*" \
-o -path "*/dump/backup/*" -o -path "*/public_html/seed/*" \
-o -path "*/public_html/btdown/*" -o -path "*/.sheep/*" \
-o -path "*/var/log/mysql.log*" -o -path "*/var/log/apache/*_log*" \
-o -path "*/var/log/apache/*.log*" -o -path "*/furnace/*" \
-o -path "*/.razor/*" -o -path "*/home/upload/*" \
-o -path "*/var/lib/mod_bt/*" -o -path "*/var/tracker/*" \
-o -path "*/home/*/.*/Cach*/*" -o -path "*/access_log*" \
-o -path "*/.aMule/*" -o -path "*/access.log*" \
-o -path "*/var/log/kismet/*" -o -path "*/urantia/shares/*" \
-o -path "*/home/archivezelect/*" \
-o -path "*/home/faraway/rip/*" \
-o -path "*/home/ftp/debian/*" -o -path "*/home/ftp/CPAN/*" \
-o -path "*/var/video/*" -o -path "*/var/music/*" \
-o -path "*/var/lib/mythtv/*" -o -path "*/var/pictures/*" \
-o -path "*/var/lib/mythdvd/*" -o -path "*/var/lib/mytharchive/*" \
-o -type b -o -type c -o -type p -o -type s -o -fstype nfs \
-o -path "*/home/morganna/*.avi" -o -path "*/home/morganna/*.mp3" \
-o -path "*/chroot/*/sys/*" -o -path "*/chroot/*/proc/*" \
-o -path "*/chroot/*/dev/*"
)
##################################################
# Destination
if test -z "$BACKUP_DIR"; then
BACKUP_DIR="/dump/backup"
fi
# Mount point of backup device (optional)
# BACKUP_DEV="/dump"
##################################################
# Backup parameters
# Number of levels of differential backups (1..9)
MAX_LEVEL=3
# Maximum number of differential backups per level (1..9)
MAX_PER_LEVEL=7
# Maximum number of full backups (1..9)
MAX_FULL=2
# For differential backups: number of generations to keep per level;
# old backups are removed such that at least GENERATIONS * MAX_PER_LEVEL
# recent versions are still available for the respective level
GENERATIONS=1
# If the following variable is 1, a check file is automatically generated
CREATE_CHECK_FILE=1
##################################################
# Pre-/Post-backup functions
# This user-defined bash function is executed before a backup is made
PRE_BACKUP ()
{
# On a Debian system, the following statements dump a machine-readable list of
# all installed packages to a file.
echo " writing dpkg selections to /root/dpkg-selections.log..."
dpkg --get-selections | diff - /root/dpkg-selections.log > /dev/null || dpkg --get-selections > /root/dpkg-selections.log
if [ "$TRIM_KEYS" = "1" ]; then
echo " trimming session keys from yi"
mysql mydns -e "delete from session_keys where expires < now()"
echo
fi
if [ "$MYSQLDUMP" = "1" ]; then
echo " dumping MySQL database"
mkdir -p "$BHOME/mysql"
mysql-backup.sh "$BHOME/mysql"
echo
fi
if test -n "$BTDUMP"; then
echo " dumping mod_bt database"
$BTDUMP | diff -I ServerTime - /root/mod_bt.xml > /dev/null || $BTDUMP > /root/mod_bt.xml
echo
fi
}
# This user-defined bash function is executed after a backup is made
POST_BACKUP ()
{
# e. g., restart some mail/db server if its files are to be backup'ed
echo " changing ownership of backup files"
chown -R backup.backup "$BACKUP_DIR"
chmod -R g-w,g+r,o-rwx "$BACKUP_DIR"
echo
if [ "$SQL_TUNNEL" = "1" ]; then
echo " establishing SSH tunnel on port $SQL_PORT"
fuser -s -k -n tcp $SQL_PORT
su - backup -c "ssh -NfL $SQL_PORT:127.0.0.1:3306 $SQL_TUNNEL_USER"
fi
if test -n "$SYNC"; then
echo " syncronizing with $SYNC"
$SYNC
echo
fi
if [ "$SQL_TUNNEL" = "1" ]; then
echo " closing SSH tunnel for SQL"
fuser -sn tcp -k $SQL_PORT
fi
}
##################################################
# Misc.
# Create a backup when invoked without arguments?
AUTORUN=0
# Size units
SIZE_UNITS="M" # set to "B", "K", "M" or "G" to obtain unified units in summary list
##################################################
# User-defined archive drivers (optional)
# If you do not want to write your own archive driver, you can remove the remainder of this file.
USER_DRIVER_LIST="DRIVER_MY_GPGBZ2" # uncomment to register the driver(s) below (optional)
GPG ()
{
gpg --no-permission-warning --homedir "$GPG_HOME" "$@"
}
GPGE ()
{
GPG --yes --batch --trust-model always -r "$GPG_KEY" -e "$@"
}
GPGX ()
{
GPG --decrypt "$@"
}
DRIVER_MY_GPGBZ2 ()
{
case $1 in
-test)
require_tools gpg gpgv bzip2
if [ -z "$GPG_KEY" ]; then
echo "The GPG_KEY setting is required for gpg encryption!"
break
fi
if [ -z "$GPG_HOME" ]; then
echo "The GPG_HOME setting is required for gpg encryption!"
break
fi
if \
echo "foo" | GPGE > /dev/null
then
echo "ok"
else
echo "gpg test failed\!"
fi
;;
-suffix)
echo "tar.bz2.gpg"
;;
-create)
# Arguments: $2 = BID, $3 = archive file name, $4 = file list file
# We don't encrypt the archive yet because the "-toc" step happens
# next and needs access to it.
outfile="$3"
bzfile=`echo "$outfile" | sed -e "s,.gpg$,,"`
DRIVER_TAR_BZ2 -create "$2" "$bzfile" "$4"
;;
-toc)
# Arguments: $2 = BID, $3 = archive file name
# This function is used to validate the correct generation of an archive file.
outfile="$3"
bzfile=`echo "$outfile" | sed -e "s,.gpg$,,"`
DRIVER_TAR_BZ2 -toc "$2" "$bzfile"
GPGE "$bzfile" && rm -f "$bzfile"
;;
-extract)
# Arguments: $2 = BID, $3 = archive file name, $4 = file list file
# It is extremely important that only those files contained in $4 are restored.
GPGX "$3" | tar xj --same-permission --same-owner -f - -T "$4" 2>&1
;;
esac
}
Attachment:
sync-from-arctic.sh
Description: Bourne shell script
Attachment:
sync-to-arctic.sh
Description: Bourne shell script