matoski.com

Ideas and imagination are boundless

Debian Backup with Tartarus

on (Last modified on: ) – Read in about 3 min · (608 Words) 0 Comments
debian backup tartarus full system backup incremental backup sftp

How to backup a Debian/Ubuntu server with Tartarus, and why is this usefull for us

Why do you need this, if you are like me and like to experiment a lot, you will end up breaking your server a lot of times, so this will enable you to restore your server fast and easy.

To be able to use Tartarus first we need to install it, so let’s issue the following commands.

wget -O /etc/apt/sources.list.d/wertarbyte.list http://wertarbyte.de/apt/wertarbyte-apt.list
wget -O - http://wertarbyte.de/apt/software-key.gpg | apt-key add -
apt-get update
apt-get install tartarus tar bzip2 lvm2 gnupg curl

This will add and install the application on your server and some extra applications needed. Now we need to create the required directories for tartarus.

mkdir /etc/tartarus
mkdir -p /var/spool/tartarus/timestamps

Let’s create a passphrase file, we can do this by executing the command

pwgen -s 50 1 > /etc/tartarus/backup.sec

That command will create a file that contains a random generated password, you can just do

cat /etc/tartarus/backup.sec
JvXqwrouhnV1xaGS563N1ivvmgevUaCVLX13kHkYUmJH6gCiql

So you can see that we have gotten a random secure password. Next thing, we need to setup a general configuration, that all the other configurations are gonna extend from.

touch /etc/tartarus/generic.inc

Now open it up in your favorite editor, and adjust your settings to match.

STORAGE_FTP_SSL_INSECURE="yes"
STORAGE_METHOD="FTP"
STORAGE_FTP_SERVER="<FTP SERVER>"
STORAGE_FTP_USER="<FTP USER>"
STORAGE_FTP_PASSWORD="<PUT YOUR FTP PASSWORD HERE>"
STORAGE_FTP_USE_SFTP="yes"

COMPRESSION_METHOD="bzip2"
STAY_IN_FILESYSTEM="yes"

ENCRYPT_SYMMETRICALLY="yes"
ENCRYPT_PASSPHRASE_FILE="/etc/tartarus/backup.sec"

TARTARUS_POST_PROCESS_HOOK() {
    echo -n "$STORAGE_FTP_PASSWORD" | /usr/sbin/charon.ftp \
    --host "$STORAGE_FTP_SERVER" \
    --user "$STORAGE_FTP_USER" --readpassword \
    --maxage 7 \
    --dir "$STORAGE_FTP_DIR" --profile "$NAME"
}

TARTARUS_DEBUG_HOOK() {
    echo $DEBUGMSG | logger
}

So this is the generic file from which everyone will extend. Now we have everything, all the variables are set, and we an create our first backup script. Let’s create a complete root backup.

touch /etc/tartarus/root.conf

After opening in your favorite editor add the following lines

source /etc/tartarus/generic.inc
NAME="root"
DIRECTORY="/"
EXCLUDE="/tmp/ /proc/ /sys/ /var/tmp/ /var/run/ /var/lib/mysql/"
CREATE_LVM_SNAPSHOT="no"
INCREMENTAL_STACKING="yes"
INCREMENTAL_TIMESTAMP_FILE="/var/spool/tartarus/timestamps/root"

You can see we excluded some of the directories for backup. Let’s explain some of the options, for a full list of options you can check them at Tartarus

  • INCREMENTAL_TIMESTAMP_FILE

Everytime a full backup is successfully completed, Tartarus willtouch the file specified here as a reference point for future incremental backups.

  • INCREMENTAL_STACKING

With this option enabled, Tartarus will also update the flagfile after completing a successfull partial (differential/incremental) backup run. By that, incremental backups are “stacked” on each other instead of being based on the most recent full backup.

Now let’s create a backup script that we gonna put into cron to run everyday.

touch /usr/local/sbin/tartarus-backup.sh
chmod u+x /usr/local/sbin/tartarus-backup.sh

And with your editor add the following contents

#!/bin/sh
# /usr/local/sbin/tartarus-backup.sh
# Run all backup profile found in /etc/tartarus/ and pass
# command line arguments on to tartarus (e.g. -i)
for profile in /etc/tartarus/*.conf; do
 /usr/sbin/tartarus $* "$profile"
done

So in crontab we add the following, so it will do a full backup every sunday, and from monday to saturday incremental backup

crontab -e

And copy paste the following entries

0 1 * * mon-sat /usr/local/sbin/tartarus-backup.sh -i
0 1 * * sun /usr/local/sbin/tartarus-backup.sh

When you do a

crontab -l

You should be able to see them in the output OK, so beacuse this is the first time, let’s run the backup script so it creates full backups

/usr/local/sbin/tartarus-backup.sh

Restoring a backup

Since tartarus is based on linux utilities, restoring a backup from a rescue system is extremely easy, in case of incremental stacking you will need to extract all the files in the order they were created, you still use the same command to extract them.

mkdir /mnt/restore
curl ftp://USER:PASS@YOURSERVER/DIR/FILE | gpg --decrypt | tar xpvj -C /mnt/restore

Your backup is restored in the directory /mnt/restore