Automatically Fetching Local Backup Data from Collax Business Server
Wednesday, August 20th, 2008Finally, I have a backup strategy for my Collax Business Server, which also hosts this blog and my gallery. The challenge was this:
- Setting up a automated backup on Collax is easy, but where to put the data?
- I don’t have another computer running 24/7 to share some harddisk space.
- I don’t know of an internet service that shares space via SMB or NFS.
- I don’t want to connect another harddrive to the box, since it’s running between our bedroom and Jonas’ Kinderzimmer. It’s a special silent pc from ichbinleise.de, and it’s really quiet. I don’t want to ruin that with a noisy harddrive.
The only solution I could come up with was to store backup the data on the server itself. But — in case of a hardware crash that doesn’t help me a lot. I need to get the data off of the server, including the email notification with crucial content how to restore the data (which is sent with every backup run to my local email account).
Saving the E-Mail
The first part was trivial: I just created a rule in Thunderbird to move any email starting with “Backup Information” to a local folder. All other emails can continue to live their happy live on the server, from where I can access them over IMAP.
Saving the backup
This was tricky (for me) - all you *nix gurus out there will possibly yawn at this. The solution I was after was that every time I logon to my ubuntu desktop, it will fetch/sync the backup data from the server to my local PC.
The outline solution was to allow root ssh access from my PC only and trigger a script on each logon which ssh’s into the server and get’s all the files. This sounds so easy in retrospect 
I’ll assume you have some basic knowledge about ssh, keys and how to automate logon. From here the steps were as follows:
- On the CBS I needed to allow root to login from remote, but restrict it to running a command that would copy the files over. In order to do that, I edited /etc/ssh/sshd_config and set the options PermitRootLogin to forced-commands-only and PermitUserEnvironment to yes:
root@scheff:/etc/ssh# sdiff -s sshd_config sshd_config_orig PermitRootLogin forced-commands-only | PermitRootLogin no PermitUserEnvironment yes | #PermitUserEnvironment no
- I edited the /root/.ssh/authorized_keys to include the from and command option. The first restricts the login as root to distinct servers, in my case only to my local desktop machine called “andreas-desktop”. The second option includes the command to be executed, whenever a login as root is detected. Note that this is all in a single line:
root@scheff:~/.ssh# cat authorized_keys from="andreas-desktop,andreas-desktop.intern.karroum.de",command="rsync -avz /var/lib/afbackup/ser vers/lokal/mount/ andreas@andreas-desktop:/home/andreas/Backup" ssh-rsa AAA............
As you can see I am planning to use rsync to transfer the backup files from /var/lib/afbackup/servers/lokal/mount to a local directory /home/andreas/Backup
- Where’re close to the solution now Third step is to create a shell script which is executed on every logon. I included a little ping wait because first the WiFi network connection needs to be established with the network manager. The script is really tiny and just looks like this - with ’scheff’ being the name of my server. Don’t forget to add execution rights (chmod +x filename) to the script after saving it:
#!/bin/sh ping -c 10 -w 120 scheff ssh root@scheff
- The last step is to tell Ubuntu/Gnome to start the script with the user session. Go to System -> Settings -> Sessions and add the script you just saved.
Done
