cjones/sysconfig
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
65bd2a290b22f738515e671d9ce08a9b15e1d9eb
sysconfig/design/ClientBackup.md

2.9 KiB
Raw Blame History

Client Device Backup Implementation

Target Repository

Client devices are backed up to the client-backup Restic repository on Teal. The transport protocol is SFTP.

Windows Clients

Windows clients are backed up using the restic-windows-backup PowerShell scripts. The source code and documentation for these scripts is in a repository on our Gitea server at https://gitea.objectbrokers.com/cjones/restic-windows-backup.git (cloned from Kevin Woley's Github repository at https://github.com/kmwoley/restic-windows-backup.git). The restic-windows-backup scripts are installed at C:\restic on each Windows client system. The script code is tailored to the requirements of the client system to specify directories to be backed up, needed passwords, etc. The process for configuring backup on a Windows system, in brief, is:

  1. Install the scripts at C:\restic
  2. Configure the location and password of the target Restic repository and the email information to be used for notifications in the file secrets.ps1. Use the supplied secrets_sample.ps1 as a guide.
  3. Configure the directories to be backed up and snapshot retention and pruning policies in the file config.ps1. Use the supplied config_sample.ps1 as a guide.

Consult the README.md in the root of the restic-windows-backup repository for full documentation of the install and configuration process.

Scheduled backups are handled by creating a task in Windows Task Scheduler. In order to use the Windows VSS facility to back up files that are in use or whose permissions would not allow reading for backup, the Scheduler task must run as the SYSTEM user. That, in turn, means that SSH keys must be generated (and copied to the target server) for the SYSTEM user. Use PsExec.exe from the PsTools suite to open a command window logged on as SYSTEM in order to generate and install these SSH keys. See the discussion of "Backup Over SFTP" in the README file in the Git repository at https://gitea.objectbrokers.com/cjones/restic-automatic-backup-scheduler/src/branch/main/README.md.

Linux Clients

Linux clients are backed up using the restic-automatic-backup-scheduler scripts. The source code and documentation for these scripts is in a repository on our Gitea server at https://gitea.objectbrokers.com/cjones/restic-automatic-backup-scheduler.git (cloned from Erik Westrup's Github repository at https://github.com/erikw/restic-automatic-backup-scheduler.git). The restic-automatic-backup-scheduler scripts are installed as a systemd service on each Linux client system (driven by a systemd timer). Configuration is done by customizing two scripts at /etc/restic: _global.env.sh and default.env.sh. At present, _global.env.sh is used unchanged (as supplied from the Git repo). default.env.sh is customized to specify the Restic repository and the directories to be backed up:

  • export RESTIC_REPOSITORY="sftp:sftpuser@teal.objectbrokers.com:/srv/restic/client-backup"
  • export RESTIC_BACKUP_PATHS="/etc:/root:/home"
Reference in New Issue View Git Blame Copy Permalink