Video Suggestion: Updates & backups

First of all. Love your content. I’ve learned a lot, and i’m still learning. :slight_smile:

How to properly set up updates and backups.

  • unattended-upgrades
  • How you use rsync ( How you connect. My guess is: backup server connects to server to be backed up. So that if the server gets compromised they can not get the credentials to the backup server and delete the backups?)
  • How to set up cron jobs for rsync, or do you use something else? (Script with all the rsync commands or do you write them in the cron table?)
  • Correct permissions for the user you connect with. Since root login is disabled, how do you handle the permissions on the remote host to get access to all the files you need when your logged in as a regular user.
  • How to get databases backed up. Do you copy the mysql files, or do a mysqldump with a cron job and download those files? (how to properly secure the mysql files with encryption if you use mysqldump)

Might be a topic worth discussing. Thanks for the suggestion.

As far as rsync goes you can do that over ssh with keys. Personally I would change the ssh ports to something other than 22 like 60122 or something higher that is less likely to get picked up in default port scans. You could also utilize VPN to make this even more secure, but will add overhead.

To do this rsync job on auto pilot, you should be using cron as the scheduler. In my scripts I always have it email me when the job is complete with stats grepped from a report file the script makes as well.

as far as permissions go, the user on the target offsite server should have rw- permissions to the directory rsync + ssh is syncing to.

with regards to mysql databases sqldump and that is included in my rsync. You can try this to secure the files; https://coderwall.com/p/abkrlg/encrypting-a-tar-or-gz-gzip-file-with-openssl

But all that aside, have a look at Syncthing

1 Like

Thanks for the advice. :slight_smile:
I’ve set up rsync with open media vault and ssh keys. Open media vault auto generates the cron jobs based on the settings in the gui. Also I have ZFS enabled and I’m planning to take snapshots of the share I’m backing up to. Currently there is no auto snapshot function in Open Media Vault, but I’m going to solve this by making a cron job. The sql part is currently a work in progress :stuck_out_tongue: