NetBSD.es: noviembre 2008

BackupPC es un software de copias de seguridad escrito en Perl que permite el backup remoto completo e incremental de archivos de una manera sencilla. Su característica principal es que hace las copias en disco, no son necesarias cintas. Permite compresión y programación de las copias y utiliza un interfaz web muy potente.

El programa tiene una serie de requisitos...

# pkg_add /usr/pkgsrc/packages/All/samba-3.0.32nb1.tgz
# pkg_add /usr/pkgsrc/packages/All/rsync-3.0.4.tgz
# pkg_add /usr/pkgsrc/packages/All/gtar-1.20.tgz
# pkg_add /usr/pkgsrc/packages/All/p5-Compress-Zlib-2.011.tgz
# pkg_add /usr/pkgsrc/packages/All/p5-Archive-Zip-1.24.tgz
# perl -MCPAN -e 'install File::RsyncP'
...
# useradd -m -d /backuppc backuppc
# mkdir -p /backuppc/www/cgi-bin
# chown -R backuppc /backuppc/www

Lo descargamos e instalamos

# wget http://downloads.sourceforge.net/backuppc/BackupPC-3.1.0.tar.gz
# tar xzf BackupPC-3.1.0.tar.gz
# cd BackupPC-3.1.0
# perl configure.pl

Is this a new installation or upgrade for BackupPC? If this is
an upgrade please tell me the full path of the existing BackupPC
configuration file (eg: /etc/BackupPC/config.pl). Otherwise, just
hit return.

--> Full path to existing main config.pl []?

I found the following locations for these programs:

bzip2 => /usr/bin/bzip2
cat => /bin/cat
df => /bin/df
gtar/tar => /bin/tar
gzip => /usr/bin/gzip
hostname => /bin/hostname
nmblookup => /usr/pkg/bin/nmblookup
par2 =>
perl => /usr/pkg/bin/perl
ping => /sbin/ping
rsync => /usr/pkg/bin/rsync
sendmail => /usr/sbin/sendmail
smbclient => /usr/pkg/bin/smbclient
split => /usr/bin/split
ssh/ssh2 => /usr/bin/ssh

--> Are these paths correct? [y]?

Please tell me the hostname of the machine that BackupPC will run on.

--> BackupPC will run on host [servidor.dominio.local]?

BackupPC should run as a dedicated user with limited privileges. You
need to create a user. This user will need read/write permission on
the main data directory and read/execute permission on the install
directory (these directories will be setup shortly).

The primary group for this user should also be chosen carefully.
The data directories and files will have group read permission,
so group members can access backup files.

--> BackupPC should run as user [backuppc]?

Please specify an install directory for BackupPC. This is where the
BackupPC scripts, library and documentation will be installed.

--> Install directory (full path) [/usr/local/BackupPC]? /backuppc

Please specify a data directory for BackupPC. This is where all the
PC backup data is stored. This file system needs to be big enough to
accommodate all the PCs you expect to backup (eg: at least several GB
per machine).

--> Data directory (full path) [/data/BackupPC]? /backuppc/data

BackupPC can compress pool files, providing around a 40% reduction in pool
size (your mileage may vary). Specify the compression level (0 turns
off compression, and 1 to 9 represent good/fastest to best/slowest).
The recommended values are 0 (off) or 3 (reasonable compression and speed).
Increasing the compression level to 5 will use around 20% more cpu time
and give perhaps 2-3% more compression.

--> Compression level [3]?

BackupPC has a powerful CGI perl interface that runs under Apache.
A single executable needs to be installed in a cgi-bin directory.
This executable needs to run as set-uid backuppc, or
it can be run under mod_perl with Apache running as user backuppc.

Leave this path empty if you don't want to install the CGI interface.

--> CGI bin directory (full path) []? /backuppc/www/cgi-bin

BackupPC's CGI script needs to display various GIF images that
should be stored where Apache can serve them. They should be
placed somewhere under Apache's DocumentRoot. BackupPC also
needs to know the URL to access these images. Example:

Apache image directory: /usr/local/apache/htdocs/BackupPC
URL for image directory: /BackupPC

The URL for the image directory should start with a slash.

--> Apache image directory (full path) []? /backuppc/www/images
--> URL for image directory (omit http://host; starts with '/') []? /images

Ok, we're about to:

- install the binaries, lib and docs in /backuppc,
- create the data directory /backuppc/data,
- create/update the config.pl file /etc/BackupPC/config.pl,
- optionally install the cgi-bin interface.

--> Do you want to continue? [y]?
Created /backuppc/bin
Created /backuppc/doc
Created /backuppc/lib/BackupPC/CGI
Created /backuppc/lib/BackupPC/Config
Created /backuppc/lib/BackupPC/Lang
Created /backuppc/lib/BackupPC/Storage
Created /backuppc/lib/BackupPC/Xfer
Created /backuppc/lib/BackupPC/Zip
Created /backuppc/www/images
Created /backuppc/data
Created /backuppc/data/pool
Created /backuppc/data/cpool
Created /backuppc/data/pc
Created /backuppc/data/trash
Created /etc/BackupPC
Created /var/log/BackupPC
Installing binaries in /backuppc/bin
Installing library in /backuppc/lib
Installing images in /backuppc/www/images
Making init.d scripts
Installing docs in /backuppc/doc
Installing config.pl and hosts in /etc/BackupPC
PING localhost (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=255 time=0.218 ms

----localhost PING Statistics----
1 packets transmitted, 1 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.218/0.218/0.218/0.000 ms
Installing cgi script BackupPC_Admin in /backuppc/www/cgi-bin

Ok, it looks like we are finished. There are several more things you
will need to do:

- Browse through the config file, /etc/BackupPC/config.pl,
and make sure all the settings are correct. In particular,
you will need to set $Conf{CgiAdminUsers} so you have
administration privileges in the CGI interface.

- Edit the list of hosts to backup in /etc/BackupPC/hosts.

- Read the documentation in /backuppc/doc/BackupPC.html.
Please pay special attention to the security section.

- Verify that the CGI script BackupPC_Admin runs correctly. You might
need to change the permissions or group ownership of BackupPC_Admin.
If this is an upgrade and you are using mod_perl, you will need
to restart Apache. Otherwise it will have stale code.

- BackupPC should be ready to start. Don't forget to run it
as user backuppc! The installation also contains an
init.d/backuppc script that can be copied to /etc/init.d
so that BackupPC can auto-start on boot. This will also enable
administrative users to start the server from the CGI interface.

See init.d/README.

Enjoy!

Y creamos un bonito script de inicio...

# cat > /etc/rc.d/backuppc
#!/bin/sh
# DESCRIPTION
#
# Startup init script for backuppc for NetBSD.
#
# Provided by Aaron Watson for FreeBSD
# Modified by Victor M. Varela for NetBSD
#

if [ -f /etc/rc.subr ]; then
. /etc/rc.subr
fi

name="backuppc"
rcvar=${name}

backuppc_pidfile="/var/log/BackupPC/BackupPC.pid"
backuppc_flags="-d"
backuppc_user="backuppc"
backuppc_group="users"
backuppc_config="/etc/BackupPC/config.pl"

load_rc_config $name

command="/backuppc/bin/BackupPC"
command_args="${backuppc_flags}"
pidfile="${backuppc_pidfile}"
required_files="${backuppc_config}"
sig_stop="-KILL"
stop_cmd="stop_cmd"
status_cmd="status_cmd"

stop_cmd()
{
if [ -f "$pidfile" ]; then
kill `cat $pidfile`
rm -f $pidfile
echo -n " killed backuppc"
fi
}

status_cmd()
{
if [ -f "$pidfile" ]; then
echo "${name} is running as pid `cat $pidfile`."
else
echo "${name} is not running."
fi
}

if [ -f /etc/rc.subr ]; then
load_rc_config $name
run_rc_command "$1"
else
echo -n " ${name}"
${command} ${command_args}
fi

# chmod +x /etc/rc.d/backuppc
# echo "backuppc=YES" >> /etc/rc.conf
# /etc/rc.d/backuppc start
Starting backuppc.
#

Ya está iniciado y podriamos configurarlo a mano, pero vamos a utilizar el interfaz web.

# pkg_add /usr/pkgsrc/packages/All/lighttpd-1.4.19nb1.tgz
# cp /usr/pkg/share/examples/rc.d/lighttpd /etc/rc.d/
# echo "lighttpd=YES" >> /etc/rc.conf

Debemos cambiar las siguientes lineas en /usr/pkg/etc/lighttpd/lighttpd.conf

... dentro de server.modules = ( agregar
"mod_auth",
"mod_cgi",
... cambiar
server.document-root = "/srv/www/htdocs/"
server.errorlog = "/var/log/lighttpd/error.log"
accesslog.filename = "/var/log/lighttpd/access.log"
... por
server.document-root = "/backuppc/www/"
server.errorlog = "/backuppc/lighttpd-error.log"
accesslog.filename = "/backuppc/lighttpd-access.log"
... agregar
server.port = 8181
server.pid-file = "/backuppc/lighttpd.pid"
server.username = "backuppc"
$HTTP["url"] =~ "/cgi-bin/" {
cgi.assign = ( "" => "/usr/pkg/bin/perl" )
}
auth.backend = "plain"
auth.backend.plain.userfile = "/usr/pkg/etc/lighttpd/lighttpd.user"
auth.require = ( "/cgi-bin" =>
(
"method" => "digest",
"realm" => "backuppc",
"require" => "user=admin"
)
)

Iniciamos el servidor y continuamos con la configuración

# /etc/rc.d/lighttpd start
# echo "admin:clave" > /usr/pkg/etc/lighttpd/lighttpd.user
# echo "\$Conf{CgiAdminUsers} = 'admin';" >> /etc/BackupPC/config.pl
# cat - > /backuppc/www/index.html

Ahora podemos seguir via web con el usuario "admin" y la clave "clave"

Le permitimos al usuario backuppc acceder a "localhost" como "root":

# su - backuppc
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/backuppc/.ssh/id_rsa):
Created directory '/backuppc/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /backuppc/.ssh/id_rsa.
Your public key has been saved in /backuppc/.ssh/id_rsa.pub.
The key fingerprint is:
bb:24:b2:d1:86:cb:67:11:4c:c6:23:62:97:49:4b:57 backuppc@bellapaca
$ cat .ssh/id_rsa.pub | ssh root@localhost "cat - >> .ssh/authorized_keys"
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is 0a:56:5e:61:10:91:a6:99:38:17:89:1d:f6:c7:d9:f4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.

Password:

( leer mas ... )

NetBSD.es

backuppc: instalacion

Algunas configuraciones despues de Instalar

Buscar

Etiquetas

Archivo

Mas blogs sobre NetBSD