General Information
Installing and configuring Urbackup server and client.
“UrBackup is an easy to setup Open Source client/server backup system, that through a combination of image and file backups accomplishes both data safety and a fast restoration time.”
Official Site: https://www.urbackup.org/
Documentation: https://www.urbackup.org/administration_manual.html
Checklist
Installing the Urbackup Server
wget https://download.opensuse.org/repositories/home:uroni/CentOS_7/home:uroni.repo -O /etc/yum.repos.d/urbackup-server.repo
yum install urbackup-server
systemctl enable urbackup-server
systemctl start urbackup-server
Installing a Nginx web proxy frontend.
vim /etc/nginx/conf.d/urbackup.conf server { server_name NAME.DOMAIN; # Redirect all requests to https return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name NAME.DOMAIN; # SSL Cert and Key ssl_certificate ssl/NAME.DOMAIN.crt; ssl_certificate_key ssl/NAME.DOMAIN.key; # SSL Protocols, Ciphers ssl_protocols TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; # HSTS header add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; location / { proxy_pass http://localhost:55414/; } }
systemctl enable nginx
systemctl start nginx
Port | Protocol | In/Out | Description |
---|---|---|---|
55413 | tcp | Incoming | FastCG for web interface (needed if no web proxy) |
55414 | tcp | Incoming | HTTP web interface (needed if no web proxy) |
55415 | tcp | Incoming | Internet clients connect for backups |
35623 | udp | Outgoing | Broadcast for client discovery |
35623 | tcp | Incoming | Broadcast for client discovery (maybe needed?) |
443 | tcp | Incoming | HTTPS Web Proxy (if used) |
80 | tcp | Incoming | HTTP Web Proxy (if used) |
Optional - Needed if not using web proxy
firewall-cmd --add-port=55413/tcp --permanent firewall-cmd --add-port=55414/tcp --permanent
Optional - Support client backups over the internet
firewall-cmd --add-port=55415/tcp --permanent
Web proxy http and https
firewall-cmd --add-service=http --permanent firewall-cmd --add-service=https --permanent
Needed? - Incoming client discovery
firewall-cmd --add-port=35622/udp --permanent
Reload and list rules
firewall-cmd --reload firewall-cmd --list-all
Installing the Urbackup client.
TF=$(mktemp) && wget "https://hndl.urbackup.org/Client/2.2.5/UrBackup%20Client%20Linux%202.2.5.sh" -O $TF && sudo sh $TF; rm $TF
systemctl enable urbackupclientbackend
systemctl start urbackupclientbackend
Port | Protocol | In/Out | Description |
---|---|---|---|
35621 | tcp | Incoming | Transfers during file backups |
35622 | udp | Incoming | Broadcasts for discovery |
35623 | tcp | Incoming | Server commands and image backups |
Client firewall ports
firewall-cmd --add-port=35621/tcp --permanent firewall-cmd --add-port=35622/udp --permanent firewall-cmd --add-port=35623/tcp --permanent
Reload and list rules
firewall-cmd --reload firewall-cmd --list-all
/usr/local/sbin/uninstall_urbackupclient
Administrative tasks for Urbackup server and clients.
Official administrative documentation: https://www.urbackup.org/administration_manual.html
Web console
The first time you navigate to the web console, all admin settings are accessible to the world.
To set an admin user and password:
Some initial server config changes to make.
Login to the web console and navigate to “Settings”.
# Exclude movie files *.avi;*.mkv;*.mpg;*.mpeg # Exclude all 'tmp' and 'temp' directories (ANYWHERE in the path) */tmp/*;*/temp/* # Exclude any user's Downloads and Desktop directory and its contents /home/:/Downloads/*;/home/:/Desktop/*
# Any user's specific hidden files and directories /home/:/.bash_aliases;/home/:/.bashrc;/home/:/.ssh/*;/home/:/.vim/*;/home/:/.vimrc # Any user's normal directories and their contents /home/:/bin/*;/home/:/Desktop/*;/home/:/Documents/*;/home/:/Downloads/*;/home/:/Music/*;/home/:/Pictures/*;/home/:/Videos/*
/home/;/etc/
Various CLI commands on the Urbackup server.
Cleanup Commands
urbackupsrv cleanup --amount 0%
urbackupsrv remove-unknown
Client side configuration options.
Client side snapshot config can be changed after installation if desired
create_filesystem_snapshot=dattobd_create_filesystem_snapshot remove_filesystem_snapshot=dattobd_remove_filesystem_snapshot
create_filesystem_snapshot=lvm_create_filesystem_snapshot remove_filesystem_snapshot=lvm_remove_filesystem_snapshot
rm /usr/local/etc/urbackup/snapshot.cfg touch /usr/local/etc/urbackup/no_filesystem_snapshot
systemctl restart urbackupclientbackend
Some commands can be executed on the client side. All of these commands can also be executed via the Urbackup server web console.
Urbackup client control
Note: Some of these commands (such as browse and restore) require root privileges to work.
urbackupclientctl status
urbackupclientctl start --full
urbackupclientctl start --incremental
urbackupclientctl browse --path /path/here/ --backupid last
urbackupclientctl restore-start --path /path/of/fileordir/to/restore --backupid <id>
urbackupclientctl list-backupdirs
urbackupclientctl add-backupdir --path /path/here/
urbackupclientctl remove-backupdir --path /path/here/
The backup location on the server can be rsync'ed to another location to create a backup of the backups.
This is useful if you were to attach removable storage to the server, run the rsync of the latest backups, and take the removable storage offsite.
Due to urbackup's space saving methods, rsync'ing the most current backup with the correct rsync options will provide the most accurate mirror.
Example
/usr/bin/rsync --archive --partial --progress --delete --copy-links -h /home/urbackup/clients/ /mnt/usb-storage/