User Tools

Site Tools


backuppc

This is an old revision of the document!


BackupPC

Installation

sudo apt-get install perl

  • If you want BackupPC to be able to compress the backups (probably a good idea, unless you have lots of hard disk space and CPU time is scarce), run:

cpan :then from

cpan

run: install Compress::Zlib :and then exit

cpan

(Ctrl+D).

  • If you want web access to BackupPC (again, a good idea) you'll need to install Apache2 and
    mod_perl

    >

sudo apt-get install apache2 libapache2-mod-perl2

  • Enable
    suExec

    >

sudo a2enmod suexec

  • Extract the .tar.gz file:

tar -xzf BackupPC-3.1.0.tar.gz

  • Change into the newly-created directory:

cd BackupPC-3.1.0

  • Create a symlink at /bin/perl pointing at your real Perl binary, because the BackupPC configuration script looks for it in the wrong place (you could also change the shebang in the configure.pl script, but I was lazy):

sudo ln /usr/bin/perl /bin/perl

  • Run the configuration script

sudo ./configure.pl

  • Follow the instructions, answering the questions as appropriate.
  • Modify the BackupPC configuration file:

vi /etc/BackupPC/config.pl

  • Modify the list of hosts to back up:

vi /etc/BackupPC/hosts

  • Rename the script it placed in your cgi-bin directory to give it a .cgi extension:

mv /var/www/cgi-bin/BackupPC_Admin /var/www/cgi-bin/BackupPC_Admin.cgi

  • SuExec can only work per-virtual host, so create a new virtual host for BackupPC specifically:

sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/backuppc

  • Enable that site:

sudo a2ensite backuppc

  • Modify the new site to tell Apache to listen on a new port (e.g. 8085), that this virtual host will be on that port, to deny access to everything in /var/www that isn't part of BackupPC, require a password to access BackupPC's admin pages (a password isn't strictly necessary, but if you don't log in using basic auth you can't actually view anything…) and to enable CGI (Perl) handling for .cgi/.pl files. Your sites-available/backuppc file should end up looking something like this:

Listen 8085 NameVirtualHost *:8085 <VirtualHost *:8085>

       SuexecUserGroup backuppc backuppc
       DocumentRoot /var/www/

#Also prevent access to our .htpasswd file

       <Files ~ "\.htpasswd$">
               Order allow,deny
               Deny from all
       </Files>
       <Directory /var/www/>
               Options Indexes FollowSymLinks MultiViews
               AllowOverride None
               Order allow,deny
               Deny from all
       </Directory>
       <Directory /var/www/BackupPC>
               Order allow,deny
               Allow from all
       </Directory>
       <Directory /var/www/cgi-bin>
               AddHandler cgi-script .cgi .pl
               Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
               Order allow,deny
               Allow from all

AuthType Basic

               AuthName "BackupPC"
               AuthUserFile /var/www/backuppc.htpasswd
               Require valid-user
       </Directory>

ErrorLog /var/log/apache2/error-backuppc.log

       LogLevel warn
       CustomLog /var/log/apache2/access-backuppc.log combined
       ServerSignature On

</VirtualHost>

  • Additionally, if you add a HTTP 403
    ErrorDocument

    directive to the

    <Directory /var/www/>

    block, you can automatically “redirect” users who don't go to /cgi-bin/BackupPC_Admin.cgi to that file, saving you typing that path, too:

ErrorDocument 403 /cgi-bin/BackupPC_Admin.cgi :then you can just go to http:////machinename//:8085/ instead of http:////machinename//:8085/cgi-bin/BackupPC_Admin.cgi.

  • Save that file and reload Apache:

sudo /etc/init.d/apache2 force-reload

  • Create a password file that matches the above Apache configuration. The username you specify must match the username you specified in the BackupPC hosts configuration file earlier:

htpasswd -c /var/www/backuppc.htpasswd andrew

  • Add any required extra users to that password file so that every user mentioned in the BackupPC hosts configuration file can log in:

htpasswd /var/www/backuppc.htpasswd notandrew

  • Copy the init.d script from BackupPC's installation source directory (the directory you extracted the .tar.gz to) to your /etc/init.d directory. For Ubuntu, we're using the Debian script:

sudo cp ~/backuppc/init.d/debian-backuppc /etc/init.d/backuppc

  • Tell BackupPC to start on boot:

sudo update-rc.d backuppc defaults

  • Set the permissions of the BackupPC init.d script:

sudo chmod 755 /etc/init.d/backuppc

  • Ensure that the permissions on the BackupPC directories are correct:

sudo chown -R backuppc:backuppc /data sudo find /data -type d -exec chmod 750 {} \;

  • Start BackupPC:

sudo /etc/init.d/backuppc start

Troubleshooting

Backup failed: unable to read 4 bytes

This means the ssh connection has failed. The most likely cause is that ssh is waiting for user input to ask a question about the host key. the solution is to log into the backups box, then switch to the backuppc user and attempt to connect to the target machine manually. If you see any prompts about unknown or changed host keys, then resolve the problem and backups should run cleanly once more.

Notes

  • Ideally the BackupPC admin area should be run over HTTPS, but I'll leave that for another article.
backuppc.1416791658.txt.gz · Last modified: 2014/11/24 01:14 by 0.0.0.0