Blog / SysAdmin / Backup computers with Duplicity over FTP
on the server:
apt install vsftpd
mkdir /etc/vsftpd_user_conf
You need to ack a bit the configuration file for systemd: enable write and chroots. Get
/etc/vsftpd.conf
/etc/vsftpd.chroot_list
/etc/vsftpd_user_conf
from a backup.
on the clients:
apt install lftp
For each machine, here web01 as an example:
on the server
addgroup --gid=1010 backup-web01
addgroup --gid=1011 backup-web02
addgroup --gid=1012 backup-spin
adduser --uid=1008 --gid=1010 --home=/data/backup/web01Backup backup-web01
adduser --uid=1009 --gid=1011 --home=/data/backup/web02Backup backup-web02
adduser --uid=1010 --gid=1012 --home=/data/backup/spinBackup backup-spin
and for each user, change the pwd via the usual vault:
chpasswd
backup-web01:YOURSTRONGFTPPWD
ˆD
Setup dirs:
mkdir -p /data/backup/web01Backup
chmod 500 /data/backup/web01Backup
and for each directory you want to backup:
mkdir -p /data/backup/web01Backup/etc
mkdir -p /data/backup/web01Backup/home
mkdir -p /data/backup/web01Backup/scripts
chown -R backup-web01:backup-web01 /data/backup/web01Backup
On each client that you want to backup:
apt install duplicity
and then add a script:
#!/bin/sh
export PASSPHRASE=YOUR_STRONG_BACKUP_PWD
export FTP_PASSWORD=YOUR_STRONG_FTP_PWD
duplicity /etc ftp://backup-web01@server/etc
duplicity \
--exclude /home/pierre/tmp \
--exclude /home/pierre/snap \
--exclude /home/pierre/ray \
/home/pierre \
ftp://backup-web01@server/home
unset PASSPHRASE
unset FTP_PASSWORD
note that server need to be replaced by an ip.
crontab -e
0 5 * * 1 cd /home/pierre && ./backup.sh
cd /data/backup/backupMachine
mkdir restore-etc
duplicity restore file:///data/backup/backupMachine/etc ./restore-etc