• Download the installation package from the SourceForge project.
• Install Perl if it isn't already:

  sudo apt-get install perl

• If you want BackupPC to be able to compress the backups (probably a good idea, unless you have lots of hard disk space and CPU time is scarce), run:

  cpan

  • then from cpan run:

    install Compress::Zlib

  • and then exit cpan with Ctrl+D.
• If you want web access to BackupPC (again, a good idea) you'll need to install Apache2 and mod_perl:

  sudo apt-get install apache2 libapache2-mod-perl2

• Enable suExec:

  sudo a2enmod suexec

• Extract the .tar.gz file:

  tar -xzf BackupPC-3.1.0.tar.gz

• Change into the newly-created directory:

  cd BackupPC-3.1.0

• Create a symlink at /bin/perl pointing at your real Perl binary, because the BackupPC configuration script looks for it in the wrong place (you could also change the shebang in the configure.pl script, but I was lazy):

  sudo ln /usr/bin/perl /bin/perl

• Run the configuration script:

  sudo ./configure.pl

• Follow the instructions, answering the questions as appropriate.
• Modify the BackupPC configuration file:

  vi /etc/BackupPC/config.pl

• Modify the list of hosts to back up:

  vi /etc/BackupPC/hosts

• Rename the script it placed in your cgi-bin directory to give it a .cgi extension:

  mv /var/www/cgi-bin/BackupPC_Admin /var/www/cgi-bin/BackupPC_Admin.cgi

• SuExec can only work per-virtual host, so create a new virtual host for BackupPC specifically:

  sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/backuppc

• Enable that site:

  sudo a2ensite backuppc

• Modify the new site to tell Apache to listen on a new port (e.g. 8085), that this virtual host will be on that port, to deny access to everything in /var/www that isn't part of BackupPC, require a password to access BackupPC's admin pages (a password isn't strictly necessary, but if you don't log in using basic auth you can't actually view anything…) and to enable CGI (Perl) handling for .cgi/.pl files. Your sites-available/backuppc file should end up looking something like this:

  Listen 8085
  NameVirtualHost *:8085
  <VirtualHost *:8085>
          SuexecUserGroup backuppc backuppc
          DocumentRoot /var/www/
 
          #Also prevent access to our .htpasswd file
          <Files ~ "\.htpasswd$">
                  Order allow,deny
                  Deny from all
          </Files>
          <Directory /var/www/>
                  Options Indexes FollowSymLinks MultiViews
                  AllowOverride None
                  Order allow,deny
                  Deny from all
          </Directory>
          <Directory /var/www/BackupPC>
                  Order allow,deny
                  Allow from all
          </Directory>
          <Directory /var/www/cgi-bin>
                  AddHandler cgi-script .cgi .pl
                  Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                  Order allow,deny
                  Allow from all
 
                  AuthType Basic
                  AuthName "BackupPC"
                  AuthUserFile /var/www/backuppc.htpasswd
                  Require valid-user
          </Directory>
 
          ErrorLog /var/log/apache2/error-backuppc.log
          LogLevel warn
          CustomLog /var/log/apache2/access-backuppc.log combined
          ServerSignature On
  </VirtualHost>

• Additionally, if you add a HTTP 403 ErrorDocument directive to the <Directory /var/www/> block, you can automatically redirect users who don't go to /cgi-bin/BackupPC_Admin.cgi to that file, saving you typing that path, too:

  ErrorDocument 403 /cgi-bin/BackupPC_Admin.cgi

  • then you can just go to http://machinename:8085/ instead of http:////machinename//:8085/cgi-bin/BackupPC_Admin.cgi.
• Save that file and reload Apache:

  sudo /etc/init.d/apache2 force-reload

• Create a password file that matches the above Apache configuration. The username you specify must match the username you specified in the BackupPC hosts configuration file earlier:

  htpasswd -c /var/www/backuppc.htpasswd andrew

• Add any required extra users to that password file so that every user mentioned in the BackupPC hosts configuration file can log in:

  htpasswd /var/www/backuppc.htpasswd notandrew

• Copy the init.d script from BackupPC's installation source directory (the directory you extracted the .tar.gz to) to your /etc/init.d directory. For Ubuntu, we're using the Debian script:

  sudo cp ~/backuppc/init.d/debian-backuppc /etc/init.d/backuppc

• Tell BackupPC to start on boot:

  sudo update-rc.d backuppc defaults

• Set the permissions of the BackupPC init.d script:

  sudo chmod 755 /etc/init.d/backuppc

• Ensure that the permissions on the BackupPC directories are correct:

  sudo chown -R backuppc:backuppc /data
  sudo find /data -type d -exec chmod 750 {} \;

• Start BackupPC:

  sudo /etc/init.d/backuppc start

• Browse to http://MachineName:8085/BackupPC_Admin.cgi and change anything necessary in the GUI.

This means the ssh connection has failed. The most likely cause is that ssh is waiting for user input to ask a question about the host key. the solution is to log into the backups box, then switch to the backuppc user and attempt to connect to the target machine manually. If you see any prompts about unknown or changed host keys, then resolve the problem and backups should run cleanly once more.

• Ideally the BackupPC admin area should be run over HTTPS, but I'll leave that for another article.