Difference between revisions of "Sysadm:Backuppc"

From CHG-Wiki
Jump to navigationJump to search
(Created page with "Backuppc is a web browser based unix backup tool. After a plan to put the backups on rebus failed, the plan now is to be place the backups on the 6x4TB RAID on the r...")
 
Line 155: Line 155:
 
</pre>
 
</pre>
 
SAVE!
 
SAVE!
 +
 +
==Finishing Up the Web Browser Interface==
 +
Amend and double check iptables (iptables settings/arguments may vary slightly):
 +
<pre class="wrap">
 +
[root@server ~]# iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
 +
[root@server ~]# /sbin/service iptables save
 +
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
 +
[root@server ~]# cat /etc/sysconfig/iptables
 +
</pre>
 +
Now just start the services...
 +
<pre class="wrap">
 +
[root@server ~]#service httpd start
 +
Starting httpd:                                            [  OK  ]
 +
[root@server ~]#service backuppc start
 +
Starting BackupPC:                                        [  OK  ]
 +
[root@server ~]#
 +
</pre>
 +
And go to your web browser!
 +
<pre class="wrap">
 +
http://[server].geog.ucsb.edu/BackupPC
 +
</pre>
  
 
==Errors and Troubleshooting==
 
==Errors and Troubleshooting==

Revision as of 13:36, 2 October 2013

Backuppc is a web browser based unix backup tool. After a plan to put the backups on rebus failed, the plan now is to be place the backups on the 6x4TB RAID on the rebuilt zippy. Backuppc will be used for CHG desktops and chg2.

Required Packages

  • man
  • wget
  • httpd
  • epel (wget)
  • remi (wget)
  • perl-Compress-Zlib
  • perl-Archive-Zip
  • perl-File-RsyncP
  • perl-suidperl
  • openssh-clients
  • expect
  • Two special repositories, EPEL and REMI.
[root@server ~]# word-wrap: break-word">wget -c http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
[root@server ~]# wget -c http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
[root@server ~]# rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm

Enable the REMI repository

[root@server ~]# vib /etc/yum.repos.d/remi.repo

Change "enabled" under [remi] to

enabled=1

backuppc prereqs

[root@server ~]# yum -y install perl-Compress-Zlib perl-Archive-Zip perl-File-RsyncP perl-suidperl openssh-clients expect

Now run yum updates and upgrades (See Errors and Troubleshooting below)

[root@server ~]# yum update -y
[root@server ~]# yum upgrade -y

BackupPC User

Make a local backuppc user on the backuppc server. The backuppc account is local and exclusive to [backuppc server].

[root@server ~]# mkdir /localhome/backuppc
[root@server ~]# chown [UID]:[GID] !$

[root@server ~]# useradd -d /var/lib/BackupPC -u 105 -g 105 backuppc
[root@server ~]# passwd backuppc
Changing password for user backuppc.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.

Edit /etc/passwd

[root@server ~]# backuppc:x:105:105::/var/lib/BackupPC:/sbin/nologin

Edit /sbin/nologin to /bin/bash when you need to use the account to set up a new client.

Make sure user's entry is placed in the top three lines in /etc/[passwd,group,shadow,gshadow]

Increment the crontab entry on rebus from 2 to 3 so that the top 3 lines get preserved against updates from the GNIS stuff.

Pre-Install

Check this out for pre-install tweaks.

Install BackupPC

[root@server ~]# yum --enablerepo=epel install backuppc 

Ganked from wiki.

SELinux voodoo ganked from ERI sysadm wiki

[root@server ~]# for i in httpd_use_nfs rsync_use_nfs httpd_enable_homedirs ; do setsebool -P $i on ; done

Symbolic link to storage area.

[root@server ~]# cp -dpR /var/lib/BackupPC/. /raid/backuppc
[root@server ~]# mv /var/lib/BackupPC /var/lib/BackupPC.orig
[root@server ~]# ln -s /raid/backuppc /var/lib/BackupPC

Investigating services...

[root@server ~]#chkconfig --list backuppc
backuppc       	0:off	1:off	2:off	3:off	4:off	5:off	6:off
[root@server ~]#chkconfig --list httpd
httpd          	0:off	1:off	2:off	3:off	4:off	5:off	6:off

Off? To turn them on at startup:

[root@server ~]#chkconfig backuppc on
[root@server ~]#chkconfig httpd on
[root@server ~]#chkconfig --list backuppc
backuppc       	0:off	1:off	2:on	3:on	4:on	5:on	6:off
[root@server ~]#chkconfig --list httpd
httpd          	0:off	1:off	2:on	3:on	4:on	5:on	6:off

Apache Configuration for Web Interface

Prepare Apache for the BackupPC web interface:

[root@server ~]# htpasswd -c /etc/BackupPC/apache.users backuppc
New password:        #Use BackupPC password for ease of use
Re-type new password: 
Adding password for user backuppc

Tweak the BackupPC Apache conf file - use vib to ensure you have a backup of the original.

vib /etc/httpd/conf.d/BackupPC.conf

#Added:
allow from all

#Commented out:
allow from 127.0.0.1
allow from ::1

Make a password/key (we'll use this later):

[root@server ~]# mkpasswd -l 32 -d 16
#Insert long string of letters and numbers here, which will be your password/key

Now use vib to tweak /etc/BackupPC/config.pl

[root@server ~]#vib /etc/BackupPC/config.pl

Search the document for the parameter '$Conf\{ServerMesgSecret\}'

$Conf{ServerMesgSecret} = '[insert password/key here!]';
Now search for $Conf{CgiAdminUsers} and add backuppc
$Conf{CgiAdminUsers}     = 'backuppc';

If you are using rsync on a WinXX machine then it does no conversion. A typical WinXX encoding for latin1/western europe is 'cp1252', so in this case set $Conf{ClientCharset} to 'cp1252'.

SAVE!

Now for the Apache conf file!

[root@server ~]#vib /etc/httpd/conf/httpd.conf
User backuppc
Group apache
ServerAdmin libby@geog.ucsb.edu
ServerName rebus.geog.ucsb.edu:80 (uncomment)

SAVE!

Finishing Up the Web Browser Interface

Amend and double check iptables (iptables settings/arguments may vary slightly):

[root@server ~]# iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
[root@server ~]# /sbin/service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@server ~]# cat /etc/sysconfig/iptables

Now just start the services...

[root@server ~]#service httpd start
Starting httpd:                                            [  OK  ]
[root@server ~]#service backuppc start
Starting BackupPC:                                         [  OK  ]
[root@server ~]#

And go to your web browser!

http://[server].geog.ucsb.edu/BackupPC

Errors and Troubleshooting

Yum Errors

[root@server ~]# yum update -y
Total                                                   3.4 MB/s | 184 MB     00:53     
warning: rpmts_HdrFromFdno: Header V3 DSA/SHA1 Signature, key ID 00f97f56: NOKEY
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi
Importing GPG key 0x00F97F56:
 Userid : Remi Collet <RPMS@FamilleCollet.com>
 Package: remi-release-6-2.el6.remi.noarch (installed)
 From   : /etc/pki/rpm-gpg/RPM-GPG-KEY-remi
Running rpm_check_debug
Running Transaction Test

Transaction Check Error:
  installing package kernel-2.6.32-358.2.1.el6.x86_64 needs 21MB on the /boot filesystem

Error Summary9.23*
-------------
Disk Requirements:
  At least 21MB more space needed on the /boot filesystem.
[root@server ~]# yum upgrade -y
Transaction Summary
================================================================
Install      11 Package(s)
Upgrade     201 Package(s)

Total size: 184 M
Downloading Packages:
Running rpm_check_debug
Running Transaction Test

Transaction Check Error:
  installing package kernel-2.6.32-358.2.1.el6.x86_64 needs 21MB on the /boot filesystem

Error Summary
-------------
Disk Requirements:
  At least 21MB more space needed on the /boot filesystem.