Differences
This shows you the differences between two versions of the page.
linux_wiki:urbackup_server_and_client [2018/03/09 00:45] billdozor [Server Config] |
linux_wiki:urbackup_server_and_client [2019/05/25 23:50] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Urbackup Server And Client ====== | ||
- | **General Information** | ||
- | |||
- | Installing and configuring Urbackup server and client. | ||
- | |||
- | " | ||
- | |||
- | Official Site: https:// | ||
- | |||
- | Documentation: | ||
- | |||
- | **Checklist** | ||
- | * Distro(s): Enterprise Linux | ||
- | * Server and client system available. | ||
- | |||
- | ---- | ||
- | |||
- | ====== Server Install ====== | ||
- | |||
- | Installing the Urbackup Server | ||
- | * Add CentOS repo< | ||
- | * Or select different distro here: https:// | ||
- | |||
- | * Install server< | ||
- | * Enable and start< | ||
- | systemctl start urbackup-server</ | ||
- | |||
- | ===== Install a Web Proxy Frontend ===== | ||
- | |||
- | Installing a Nginx web proxy frontend. | ||
- | * Obtain a SSL certificate from a certificate authority or [[linux_wiki: | ||
- | * [[linux_wiki: | ||
- | * Configure urbackup proxy pass< | ||
- | |||
- | server { | ||
- | server_name NAME.DOMAIN; | ||
- | |||
- | # Redirect all requests to https | ||
- | return 301 https:// | ||
- | } | ||
- | |||
- | server { | ||
- | listen 443 ssl; | ||
- | server_name NAME.DOMAIN; | ||
- | |||
- | # SSL Cert and Key | ||
- | ssl_certificate ssl/ | ||
- | ssl_certificate_key ssl/ | ||
- | |||
- | # SSL Protocols, Ciphers | ||
- | ssl_protocols TLSv1.2; | ||
- | ssl_ciphers HIGH: | ||
- | ssl_prefer_server_ciphers on; | ||
- | |||
- | # HSTS header | ||
- | add_header Strict-Transport-Security " | ||
- | |||
- | location / { | ||
- | proxy_pass http:// | ||
- | } | ||
- | } | ||
- | </ | ||
- | * Enable and start< | ||
- | systemctl start nginx</ | ||
- | |||
- | ===== Server Firewall Rules ===== | ||
- | |||
- | ^ Port ^ Protocol | ||
- | | 55413 | tcp | Incoming | ||
- | | 55414 | tcp | Incoming | ||
- | | 55415 | tcp | Incoming | ||
- | | 35623 | udp | Outgoing | ||
- | | 35623 | tcp | Incoming | ||
- | | 443 | tcp | Incoming | ||
- | | 80 | tcp | Incoming | ||
- | |||
- | \\ | ||
- | **Optional** - Needed if **not** using web proxy< | ||
- | firewall-cmd --add-port=55414/ | ||
- | |||
- | \\ | ||
- | **Optional** - Support client backups over the internet< | ||
- | |||
- | \\ | ||
- | Web proxy http and https< | ||
- | firewall-cmd --add-service=https --permanent</ | ||
- | |||
- | \\ | ||
- | **Needed?** - Incoming client discovery< | ||
- | * I had trouble with client discovery until I added this to the server side incoming firewall rules. (even though the documentation says this is outgoing only on the server side) | ||
- | |||
- | \\ | ||
- | Reload and list rules< | ||
- | firewall-cmd --list-all</ | ||
- | |||
- | ---- | ||
- | |||
- | ====== Client Install ====== | ||
- | |||
- | Installing the Urbackup client. | ||
- | * Install the 2.2.5 Linux client< | ||
- | * You will be prompted for: | ||
- | * Proceed with install into /usr/local [Y/n] | ||
- | * Snapshot mechanism used for backups (**1, 2, or 4**) | ||
- | * Using a snapshot method, a block snapshot is made of your data and that is used for the backup. (This is typically more reliable than a straight up file copy operation) | ||
- | * **1) dattobd** volume snapshot kernel module from https:// | ||
- | * Install instructions: | ||
- | * Good: No extra space needed, creates copy on write special device (not tested, just read about it) | ||
- | * Bad: Extra kernel module install | ||
- | * **2) LVM** - Logical Volume Manager snapshots | ||
- | * Good: Native snapshots (if LVM already setup on system) | ||
- | * Bad: Snapshots require free space in the same volume group as the logical volume being backed up, equal to the used size. (snapshots removed after backup completes) | ||
- | * **4) Use no snapshot** mechanism | ||
- | * Good: Simple, no add-ons, no extra space required | ||
- | * Bad: Since it is essentially a rsync, if files are modified during backup, there could be inconsistencies. | ||
- | |||
- | * Enable and start (should automatically do this)< | ||
- | systemctl start urbackupclientbackend</ | ||
- | |||
- | ===== Client Firewall Rules ===== | ||
- | |||
- | ^ Port ^ Protocol | ||
- | | 35621 | tcp | Incoming | ||
- | | 35622 | udp | Incoming | ||
- | | 35623 | tcp | Incoming | ||
- | |||
- | \\ | ||
- | Client firewall ports< | ||
- | firewall-cmd --add-port=35622/ | ||
- | firewall-cmd --add-port=35623/ | ||
- | |||
- | \\ | ||
- | Reload and list rules< | ||
- | firewall-cmd --list-all</ | ||
- | |||
- | |||
- | ===== Client Uninstall ===== | ||
- | * To uninstall the client< | ||
- | |||
- | ---- | ||
- | |||
- | ====== Urbackup Administration ====== | ||
- | |||
- | Administrative tasks for Urbackup server and clients. | ||
- | |||
- | Official administrative documentation: | ||
- | |||
- | ===== Server Management Console ===== | ||
- | Web console | ||
- | * Through web proxy: https:// | ||
- | * No web proxy (direct): http:// | ||
- | |||
- | ===== Server Admin Password ===== | ||
- | |||
- | The first time you navigate to the web console, all admin settings are accessible to the world. | ||
- | |||
- | To set an admin user and password: | ||
- | * Open the web console | ||
- | * Navigate to " | ||
- | * Click the " | ||
- | * Set a username and password | ||
- | * Set " | ||
- | * Click " | ||
- | * Refresh the page and you will now be prompted to login | ||
- | |||
- | ===== Server Config ===== | ||
- | |||
- | Some initial server config changes to make. | ||
- | |||
- | ---- | ||
- | |||
- | Login to the web console and navigate to " | ||
- | |||
- | * **Settings -> General -> Server** | ||
- | * Backup storage path: Full path to file system location where you want backups stored | ||
- | * Server URL: Set to URL that you can access the web console (so clients can access and restore files) | ||
- | * Download client from update server: Check if you want the server to look for new Urbackup client versions and download them automatically. | ||
- | * Autoupdate clients: Check to keep clients auto updated | ||
- | * Cleanup time window: Set the days/hours during which cleanup jobs can run. | ||
- | * Click the "?" | ||
- | * **Note**: Its a good idea to have a window of an hour or two in which backups will not run so cleanup jobs can run successfully. | ||
- | |||
- | * **Settings -> General -> File Backups** | ||
- | * Two types of wildcards are available: | ||
- | * * (star) -> Matches any character, including file system path slash (forward slash for Linux, back slash for Windows) | ||
- | * : (colon) -> Matches any character, **except file system path slash** | ||
- | * Excluded files (with wildcards): List of all files/ | ||
- | * Examples< | ||
- | *.avi; | ||
- | |||
- | # Exclude all ' | ||
- | */ | ||
- | |||
- | # Exclude any user's Downloads and Desktop directory and its contents | ||
- | / | ||
- | * Included files (with wildcards): List of all files to include from backups (**semi-colon separated**). | ||
- | * If you do not define any includes, all files in the ' | ||
- | * If there is one item in the ' | ||
- | * Examples< | ||
- | / | ||
- | |||
- | # Any user's normal directories and their contents | ||
- | / | ||
- | * Default directories to backup: List all of the top level directories (**semi-colon separated**) that you want backed up. Exclusions/ | ||
- | * Example< | ||
- | |||
- | * **Settings -> General -> Permissions** | ||
- | * Review the list of permissions and decide what you want each client to be able to do. | ||
- | |||
- | * **Settings -> General -> Client** | ||
- | * Delay after system startup: Delay in minutes after system startup before backups can begin on clients. | ||
- | * Backup window: Set the days/hours during which backups can run. | ||
- | * Click the "?" | ||
- | * **Note**: Its a good idea to have a window of an hour or two in which backups will not run so cleanup jobs can run successfully. | ||
- | * Perform autoupdates silently: Check if you want client software to update in the background. | ||
- | |||
- | * **Settings -> General -> Archive** | ||
- | * FIXME - to add when I get around to it | ||
- | |||
- | * **Settings -> General -> Alerts** | ||
- | * E-Mail addresses: enter email address(es) semi colon separated to get alerts. | ||
- | * Send ok mail after backup status goes from not ok to ok: check this to get the recovered email. | ||
- | |||
- | * **Settings -> General -> Internet** | ||
- | * FIXME - to add when I get around to it | ||
- | |||
- | * **Settings -> General -> Advanced** | ||
- | * Most defaults are good settings. | ||
- | * Database cache size: 512 MB (I increased this from 200) | ||
- | * Run backups with background priority: Check this to not impact the clients as much when backups run. | ||
- | |||
- | ===== Server CLI ===== | ||
- | |||
- | Various CLI commands on the Urbackup server. | ||
- | |||
- | **Cleanup Commands** | ||
- | * Remove client that is marked for removal now<code bash> | ||
- | |||
- | * Remove files not known by urbackup database< | ||
- | |||
- | ---- | ||
- | ===== Client Config ===== | ||
- | |||
- | Client side configuration options. | ||
- | |||
- | ==== Snapshot Configs ==== | ||
- | |||
- | Client side snapshot config can be changed after installation if desired | ||
- | * Edit the client side snapshot configuration | ||
- | * / | ||
- | * dattobd snapshots< | ||
- | remove_filesystem_snapshot=dattobd_remove_filesystem_snapshot</ | ||
- | * LVM snapshots< | ||
- | remove_filesystem_snapshot=lvm_remove_filesystem_snapshot</ | ||
- | * No shapshots< | ||
- | touch / | ||
- | * Restart the backend client service< | ||
- | |||
- | ---- | ||
- | |||
- | ===== Client CLI ===== | ||
- | |||
- | Some commands can be executed on the client side. All of these commands can also be executed via the Urbackup server web console. | ||
- | |||
- | Urbackup client control | ||
- | * / | ||
- | |||
- | \\ | ||
- | **Note**: Some of these commands (such as browse and restore) require root privileges to work. | ||
- | |||
- | * Backup Commands | ||
- | * Backup Status< | ||
- | * Start a full backup< | ||
- | * Start an incremental backup< | ||
- | |||
- | \\ | ||
- | * Restore files | ||
- | * Browse backups or files/ | ||
- | * Use to determine which file id version you will want to restore | ||
- | * Restore a file/ | ||
- | * backupid is the id of the file version to restore from or " | ||
- | |||
- | \\ | ||
- | * Backed Up Directories | ||
- | * List directories that are being backed up<code bash> | ||
- | * Add directory to backup list< | ||
- | * Remove directory from backup list< | ||
- | * **Warning**: | ||
- | |||
- | ---- |