This is an old revision of the document!
Urbackup Server And Client
General Information
Installing and configuring Urbackup server and client.
“UrBackup is an easy to setup Open Source client/server backup system, that through a combination of image and file backups accomplishes both data safety and a fast restoration time.”
Official Site: https://www.urbackup.org/
Documentation: https://www.urbackup.org/administration_manual.html
Checklist
- Distro(s): Enterprise Linux
- Server and client system available.
Server Install
Installing the Urbackup Server
- Add CentOS repo
wget https://download.opensuse.org/repositories/home:uroni/CentOS_7/home:uroni.repo -O /etc/yum.repos.d/urbackup-server.repo
- Or select different distro here: https://software.opensuse.org/download.html?project=home%3Auroni&package=urbackup-server
- Install server
yum install urbackup-server
- Enable and start
systemctl enable urbackup-server systemctl start urbackup-server
Install a Web Proxy Frontend
Installing a Nginx web proxy frontend.
- Obtain a SSL certificate from a certificate authority or generate a self signed cert
- Configure urbackup proxy pass
vim /etc/nginx/conf.d/urbackup.conf server { server_name NAME.DOMAIN; # Redirect all requests to https return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name NAME.DOMAIN; # SSL Cert and Key ssl_certificate ssl/NAME.DOMAIN.crt; ssl_certificate_key ssl/NAME.DOMAIN.key; # SSL Protocols, Ciphers ssl_protocols TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; # HSTS header add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; location / { proxy_pass http://localhost:55414/; } }
- Enable and start
systemctl enable nginx systemctl start nginx
Server Firewall Rules
Port | Protocol | In/Out | Description |
---|---|---|---|
55413 | tcp | Incoming | FastCG for web interface (needed if no web proxy) |
55414 | tcp | Incoming | HTTP web interface (needed if no web proxy) |
55415 | tcp | Incoming | Internet clients connect for backups |
35623 | udp | Outgoing | Broadcast for client discovery |
35623 | tcp | Incoming | Broadcast for client discovery (maybe needed?) |
443 | tcp | Incoming | HTTPS Web Proxy (if used) |
80 | tcp | Incoming | HTTP Web Proxy (if used) |
Optional - Needed if not using web proxy
firewall-cmd --add-port=55413/tcp --permanent firewall-cmd --add-port=55414/tcp --permanent
Optional - Support client backups over the internet
firewall-cmd --add-port=55415/tcp --permanent
Web proxy http and https
firewall-cmd --add-service=http --permanent firewall-cmd --add-service=https --permanent
Needed? - Incoming client discovery
firewall-cmd --add-port=35622/udp --permanent
- I had trouble with client discovery until I added this to the server side incoming firewall rules. (even though the documentation says this is outgoing only on the server side)
Reload and list rules
firewall-cmd --reload firewall-cmd --list-all
Client Install
Installing the Urbackup client.
- Install the 2.2.5 Linux client
TF=$(mktemp) && wget "https://hndl.urbackup.org/Client/2.2.5/UrBackup%20Client%20Linux%202.2.5.sh" -O $TF && sudo sh $TF; rm $TF
- You will be prompted for:
- Proceed with install into /usr/local [Y/n]
- Snapshot mechanism used for backups (1, 2, or 4)
- Using a snapshot method, a block snapshot is made of your data and that is used for the backup. (This is typically more reliable than a straight up file copy operation)
- 1) dattobd volume snapshot kernel module from https://github.com/datto/dattobd
- Install instructions: https://github.com/datto/dattobd/blob/master/INSTALL.md
- 2) LVM - Logical Volume Manager snapshots
- 4) Use no snapshot mechanism
- Enable and start (should automatically do this)
systemctl enable urbackupclientbackend systemctl start urbackupclientbackend
Client Firewall Rules
Port | Protocol | In/Out | Description |
---|---|---|---|
35621 | tcp | Incoming | Transfers during file backups |
35622 | udp | Incoming | Broadcasts for discovery |
35623 | tcp | Incoming | Server commands and image backups |
Client firewall ports
firewall-cmd --add-port=35621/tcp --permanent firewall-cmd --add-port=35622/udp --permanent firewall-cmd --add-port=35623/tcp --permanent
Reload and list rules
firewall-cmd --reload firewall-cmd --list-all
Client Uninstall
- To uninstall the client
/usr/local/sbin/uninstall_urbackupclient
Urbackup Administration
Administrative tasks for Urbackup server and clients.
Official administrative documentation: https://www.urbackup.org/administration_manual.html
Server Management Console
Web console
- Through web proxy: https://NAME.DOMAIN/
- No web proxy (direct): http://NAME.DOMAIN:55414
Server Admin Password
The first time you navigate to the web console, all admin settings are accessible to the world.
To set an admin user and password:
- Open the web console
- Navigate to “Settings” > “Users”
- Click the “Create User” button
- Set a username and password
- Set “Rights for” to “Administrator
- Click “Create”
- Refresh the page and you will now be prompted to login
Server Config
Some initial server config changes to make.
Login to the web console and navigate to “Settings”.
- Settings → Server
- Backup storage path: Full path to file system location where you want backups stored
- Server URL: Set to URL that you can access the web console (so clients can access and restore files)
- Download client from update server: Check if you want the server to look for new Urbackup client versions and download them automatically.
- Autoupdate clients: Check to keep clients auto updated
- Cleanup time window: Set the days/hours during which cleanup jobs can run.
- Click the ”?“ for cleanup window syntax.
- Note: Its a good idea to have a window of an hour or two in which backups will not run so cleanup jobs can run successfully.
- Settings → File Backups
- Two types of wildcards are available:
- * (star) → Matches any character, including file system path slash (forward slash for Linux, back slash for Windows)
- : (colon) → Matches any character, except file system path slash
- Excluded files (with wildcards): List of all files/directories to exclude from backups (semi-colon separated).
- Examples
# Exclude movie files *.avi;*.mkv;*.mpg;*.mpeg # Exclude all 'tmp' and 'temp' directories (ANYWHERE in the path) */tmp/*;*/temp/* # Exclude any user's Downloads and Desktop directory and its contents /home/:/Downloads/*;/home/:/Desktop/*
- Included files (with wildcards): List of all files to include from backups (semi-colon separated).
- If you do not define any includes, all files in the 'Default directories to backup' will be backed up, except items in the 'Excluded files' list.
- If there is one item in the 'Included files' list, only files that match are backed up.
- Examples
# Any user's specific hidden files and directories /home/:/.bash_aliases;/home/:/.bashrc;/home/:/.ssh/*;/home/:/.vim/*;/home/:/.vimrc # Any user's normal directories and their contents /home/:/bin/*;/home/:/Desktop/*;/home/:/Documents/*;/home/:/Downloads/*;/home/:/Music/*;/home/:/Pictures/*;/home/:/Videos/*
- Default directories to backup: List all of the top level directories (semi-colon separated) that you want backed up. Exclusions/inclusions of those directory contents are set above. (Excluded files, Included files)
- Example
/home/;/etc/
- Settings → Permissions
- Review the list of permissions and decide what you want each client to be able to do.
- Settings → Client
- Delay after system startup: Delay in minutes after system startup before backups can begin on clients.
- Backup window: Set the days/hours during which backups can run.
- Click the ”?“ for backup window syntax.
- Note: Its a good idea to have a window of an hour or two in which backups will not run so cleanup jobs can run successfully.
- Perform autoupdates silently: Check if you want client software to update in the background.
- Settings → Archive
- - to add when I get around to it
- Settings → Alerts
- - to add when I get around to it
- Settings → Internet
- - to add when I get around to it
- Settings → Advanced
- - to add when I get around to it
Server CLI
Various CLI commands on the Urbackup server.
Cleanup Commands
- Remove client that is marked for removal now
urbackupsrv cleanup --amount 0%
- Remove files not known by urbackup database
urbackupsrv remove-unknown
Client Config
Client side configuration options.
Snapshot Configs
Client side snapshot config can be changed after installation if desired
- Edit the client side snapshot configuration
- /usr/local/etc/urbackup/snapshot.cfg
- dattobd snapshots
create_filesystem_snapshot=dattobd_create_filesystem_snapshot remove_filesystem_snapshot=dattobd_remove_filesystem_snapshot
- LVM snapshots
create_filesystem_snapshot=lvm_create_filesystem_snapshot remove_filesystem_snapshot=lvm_remove_filesystem_snapshot
- No shapshots (regular file copy)
create_filesystem_snapshot=/usr/local/share/urbackup/filesystem_snapshot_common remove_filesystem_snapshot=/usr/local/share/urbackup/filesystem_snapshot_common
- Restart the backend client service
systemctl restart urbackupclientbackend
Client CLI
Client utility commands.
Client utility: /usr/local/bin/urbackupclientctl
- Backup Commands
- Backup Status
urbackupclientctl status
- Start a full backup
urbackupclientctl start --full
- Start an incremental
urbackupclientctl start --incremental
- Backed Up Directories
- List directories that are being backed up
urbackupclientctl list-backupdirs
- Browse backups or files/directories in backups
urbackupclientctl browse --path /home/myuser/ --backupid last
- Add directory to backup list
- Remove directory from backup list