Edit Rename Changes History Upload Download Back to Top

Using the Backup Server

TODO: Add information on README files to be included with backups.

Back to Backup Strategy.

See also sample backup scripts, Recovering a service from backup, Backing up a host.

For instructions on setting up the backup server itself, see Building the Backup Server.

How to backup a service to the backup server

The following steps are performed by the backup administrator. They need to be done for each specific service that is to use the backup server.

We create an example account for the mailing list service backup.

vole:~# adduser --ingroup backup bu-list
Adding user bu-list...
Adding new user bu-list (1002) with group backup.
Creating home directory /home/bu-list.
Copying files from /etc/skel
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for bu-list
Enter the new value, or press return for the default
        Full Name []: Mail lists backup

        Room Number []:
        Work Phone []:
        Home Phone []:
        Other []:
Is the information correct? [y/n] y
vole:~#

This is where the backup files will go in the name of the bu- user. So the xxx service administrator will rsync tar files here using the bu-xxx account.

vole:~# mkdir /var/openskills-backup/bu-list
vole:~# chown bu-list:backup /var/openskills-backup/bu-list
vole:~# chmod 2755 /var/openskills-backup/bu-list
vole:~#

We use chmod 2755 to set the permissions such that only bu-list (in this case) can write to the backup directory, but anyone can list and read. The leading 2 means that files written to the directory are set to the group of the directory, in this case "backup".

We can make the backup files visible in this way because any sensitive data is encrypted, and the more copies we have of backup data the better.

Configure the service server to backup to the backup server

This must be done by the individual service administrator on the OpenSkills server running the subject service. Needless to say, this server should not be backup.openskills.org.

Note that if another service uses the same account, the key will need to be added to the authorized_keys2 file rather than overwriting it.

The "31 12 * * *" means run the script at 31 minutes past the 12th hour on every month-day in every month on every day-of-the-week. All OpenSkills servers should have their clocks set to UTC (~GMT). Choose an hour between 1 and 13 so we can say that from 14:00 GMT onwards, it's OK to rsync the backup from the backup server.

Back to Backup Strategy

See also Building the Backup Server


Edit Rename Changes History Upload Download Back to Top