Difference between revisions of "Sysadm:Backuppc"
(Created page with "Backuppc is a web browser based unix backup tool. After a plan to put the backups on rebus failed, the plan now is to be place the backups on the 6x4TB RAID on the r...") |
|||
Line 155: | Line 155: | ||
</pre> | </pre> | ||
SAVE! | SAVE! | ||
+ | |||
+ | ==Finishing Up the Web Browser Interface== | ||
+ | Amend and double check iptables (iptables settings/arguments may vary slightly): | ||
+ | <pre class="wrap"> | ||
+ | [root@server ~]# iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT | ||
+ | [root@server ~]# /sbin/service iptables save | ||
+ | iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ] | ||
+ | [root@server ~]# cat /etc/sysconfig/iptables | ||
+ | </pre> | ||
+ | Now just start the services... | ||
+ | <pre class="wrap"> | ||
+ | [root@server ~]#service httpd start | ||
+ | Starting httpd: [ OK ] | ||
+ | [root@server ~]#service backuppc start | ||
+ | Starting BackupPC: [ OK ] | ||
+ | [root@server ~]# | ||
+ | </pre> | ||
+ | And go to your web browser! | ||
+ | <pre class="wrap"> | ||
+ | http://[server].geog.ucsb.edu/BackupPC | ||
+ | </pre> | ||
==Errors and Troubleshooting== | ==Errors and Troubleshooting== |
Revision as of 13:36, 2 October 2013
Backuppc is a web browser based unix backup tool. After a plan to put the backups on rebus failed, the plan now is to be place the backups on the 6x4TB RAID on the rebuilt zippy. Backuppc will be used for CHG desktops and chg2.
Contents
Required Packages
- man
- wget
- httpd
- epel (wget)
- remi (wget)
- perl-Compress-Zlib
- perl-Archive-Zip
- perl-File-RsyncP
- perl-suidperl
- openssh-clients
- expect
- Two special repositories, EPEL and REMI.
[root@server ~]# word-wrap: break-word">wget -c http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm [root@server ~]# wget -c http://rpms.famillecollet.com/enterprise/remi-release-6.rpm [root@server ~]# rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm
Enable the REMI repository
[root@server ~]# vib /etc/yum.repos.d/remi.repo
Change "enabled" under [remi] to
enabled=1
backuppc prereqs
[root@server ~]# yum -y install perl-Compress-Zlib perl-Archive-Zip perl-File-RsyncP perl-suidperl openssh-clients expect
Now run yum updates and upgrades (See Errors and Troubleshooting below)
[root@server ~]# yum update -y [root@server ~]# yum upgrade -y
BackupPC User
Make a local backuppc user on the backuppc server. The backuppc account is local and exclusive to [backuppc server].
[root@server ~]# mkdir /localhome/backuppc [root@server ~]# chown [UID]:[GID] !$ [root@server ~]# useradd -d /var/lib/BackupPC -u 105 -g 105 backuppc [root@server ~]# passwd backuppc Changing password for user backuppc. New password: Retype new password: passwd: all authentication tokens updated successfully.
Edit /etc/passwd
[root@server ~]# backuppc:x:105:105::/var/lib/BackupPC:/sbin/nologin
Edit /sbin/nologin
to /bin/bash
when you need to use the account to set up a new client.
Make sure user's entry is placed in the top three lines in /etc/[passwd,group,shadow,gshadow]
Increment the crontab entry on rebus from 2 to 3 so that the top 3 lines get preserved against updates from the GNIS stuff.
Pre-Install
Check this out for pre-install tweaks.
Install BackupPC
[root@server ~]# yum --enablerepo=epel install backuppc
Ganked from wiki.
SELinux voodoo ganked from ERI sysadm wiki
[root@server ~]# for i in httpd_use_nfs rsync_use_nfs httpd_enable_homedirs ; do setsebool -P $i on ; done
Symbolic link to storage area.
[root@server ~]# cp -dpR /var/lib/BackupPC/. /raid/backuppc [root@server ~]# mv /var/lib/BackupPC /var/lib/BackupPC.orig [root@server ~]# ln -s /raid/backuppc /var/lib/BackupPC
Investigating services...
[root@server ~]#chkconfig --list backuppc backuppc 0:off 1:off 2:off 3:off 4:off 5:off 6:off [root@server ~]#chkconfig --list httpd httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
Off? To turn them on at startup:
[root@server ~]#chkconfig backuppc on [root@server ~]#chkconfig httpd on [root@server ~]#chkconfig --list backuppc backuppc 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@server ~]#chkconfig --list httpd httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Apache Configuration for Web Interface
Prepare Apache for the BackupPC web interface:
[root@server ~]# htpasswd -c /etc/BackupPC/apache.users backuppc New password: #Use BackupPC password for ease of use Re-type new password: Adding password for user backuppc
Tweak the BackupPC Apache conf file - use vib to ensure you have a backup of the original.
vib /etc/httpd/conf.d/BackupPC.conf #Added: allow from all #Commented out: allow from 127.0.0.1 allow from ::1
Make a password/key (we'll use this later):
[root@server ~]# mkpasswd -l 32 -d 16 #Insert long string of letters and numbers here, which will be your password/key
Now use vib to tweak /etc/BackupPC/config.pl
[root@server ~]#vib /etc/BackupPC/config.pl
Search the document for the parameter '$Conf\{ServerMesgSecret\}'
$Conf{ServerMesgSecret} = '[insert password/key here!]'; Now search for $Conf{CgiAdminUsers} and add backuppc
$Conf{CgiAdminUsers} = 'backuppc';
If you are using rsync on a WinXX machine then it does no conversion. A typical WinXX encoding for latin1/western europe is 'cp1252', so in this case set $Conf{ClientCharset} to 'cp1252'.
SAVE!
Now for the Apache conf file!
[root@server ~]#vib /etc/httpd/conf/httpd.conf User backuppc Group apache ServerAdmin libby@geog.ucsb.edu ServerName rebus.geog.ucsb.edu:80 (uncomment)
SAVE!
Finishing Up the Web Browser Interface
Amend and double check iptables (iptables settings/arguments may vary slightly):
[root@server ~]# iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT [root@server ~]# /sbin/service iptables save iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ] [root@server ~]# cat /etc/sysconfig/iptables
Now just start the services...
[root@server ~]#service httpd start Starting httpd: [ OK ] [root@server ~]#service backuppc start Starting BackupPC: [ OK ] [root@server ~]#
And go to your web browser!
http://[server].geog.ucsb.edu/BackupPC
Errors and Troubleshooting
Yum Errors
[root@server ~]# yum update -y Total 3.4 MB/s | 184 MB 00:53 warning: rpmts_HdrFromFdno: Header V3 DSA/SHA1 Signature, key ID 00f97f56: NOKEY Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi Importing GPG key 0x00F97F56: Userid : Remi Collet <RPMS@FamilleCollet.com> Package: remi-release-6-2.el6.remi.noarch (installed) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-remi Running rpm_check_debug Running Transaction Test Transaction Check Error: installing package kernel-2.6.32-358.2.1.el6.x86_64 needs 21MB on the /boot filesystem Error Summary9.23* ------------- Disk Requirements: At least 21MB more space needed on the /boot filesystem.
[root@server ~]# yum upgrade -y Transaction Summary ================================================================ Install 11 Package(s) Upgrade 201 Package(s) Total size: 184 M Downloading Packages: Running rpm_check_debug Running Transaction Test Transaction Check Error: installing package kernel-2.6.32-358.2.1.el6.x86_64 needs 21MB on the /boot filesystem Error Summary ------------- Disk Requirements: At least 21MB more space needed on the /boot filesystem.