Introduction

Shbackup was written to easily back up so called root or dedicated servers with a ftp backup space. Shbackup comes with two scripts shbftp and shbsync.

Shbftp can create encrypted snapshots of directories, MySQL databases or logical volumes (LVM2) and upload them to a ftp server. It only creates full backups and provides a simple backup rotation mechanism.

Shbsync synchronizes a logical volume or direcotry to a remove system (every valid rsync uri is possible).

Download

The source code is hosted on glatzor.de in a bzr respository:

bzr branch bzr.glatzor.de/shbackup/main

Packages for Debian (Etch, Lenny and SID) and Ubuntu can be obtained from the following repository:

deb packages.glatzor.de/shbackup stable main

Configuration

The central configuration is stored in /etc/shbackup.conf. The file has to be owned by root and has to be not world readable.

The file is separated in sections for ftp, mysql or encryption configuration.

1. FTP-SECTION

The section starts with the header [ftp]. It provides the following options:

  • host: hostname or ip address of the ftp server
  • user: login name
  • pass: password
  • base: base directory. backups will be stored in subdirectories beneath this directory. It can be overwritten by using a prefix with an absolute path at runtime.

2. RSYNC-SECTION

The section starts with the header [rsync]. It provides the following options:

  • dest: rsync destination. It can be in the classic format (server::module/path) or a rsync url (rsync://server/module/path). Using the url format you can also sync to other directories. The option can be overwritten at runtime using the --dest option.
  • delete: delete removed files also on the destination. Disabled by default.

3. MYSQL SECTION

The section starts with the header [mysql]. It provides the following option:

  • defaults: path to the MySQL client configuration file that contains a [mysqldump] section with the login information. See the man page of MySQL for details.

4. ENCRYPTION SECTION

The section starts with the header [mysql]. It provides the following option:

  • gpg: List of GnuPG key ids separated by spaces. If specified the backup files will be encrypted for the given keys. You have to import the public keys before! Shbackup will trust all keys on your keyring by default.

HOWTO

This section covers an example configuration for a webserver. The server is configured using LVM2. The system and server data are stored on different volumes of the vgserver volume group: The website files are stored on the volume "www" and should be backed up daily. The system on "root" only needs to be backed up once a week.

Since the communication with the ftp server is not encrypted and sometime old disk drives of hosting companies appear on e-bay it is a wise choice to encrypt the backup files. Shbackup uses GnuPG for the encryption. So you have to generate a GnuPG key before and keep it in a safe place. The key generation is not part of this HOWTO. Remember that you will no longer have access to your backups anymore if you have lost your private key! There is no fallback or general key available!

Upload your public key to the server and import it in the gnupg keyring of the root user:

gpg --import KEYFILE

Create the configuration file (/etc/shbackup.conf) using the provided example file as a starting point:

[ftp]
host=backupspace.myisp.de
user=admin
pass=shbackup@glatzor.de

In a next step set the file privileges accordingly:

chown root:root /etc/shbackup.conf
chmod 0640 /etc/shbackup.conf

Now you have to create the command for the daily backup run. At first the mode (lvm, dir or mysql) of shbftp has to be chosen. This is done by adding the corresponding switch to the command line. In this case "--lvm". Secondly the daily snapshots should be stored in a separate directory from the weekly ones: "--prefix daily". Finally the corresponding device path of the volume has to submitted to shbftp as an argument. You can specify several volumes at the same time, later more on this.

The resulting command line would be:

shbftp --lvm --prefix daily /dev/vgserver/www

After the execution you should find a file called lv-vgserver-www-YEAR-MONTH-DAY.tgz in the folder /lv-vgserver-www/daily on the ftp server. The name of the backup tarball includes the type (lv), name of the volume group (vgserver), the volume name (www) and the date of the backup.

Since the backup space is limited you perhaps want to limit the number of backups stored there. This can be done by using the --keep option. It allows you to specify the number of backups of the same name that should be kept in the same directory. (Side note: The keep option does not sort the files by modification date but by the file name. By default the date is part of the name)

Since the command has to be executed every day it is a good idea to automate this by using a cron job (e.g. /etc/cron.d/shbackup):

1 0 * * 1-6 root /usr/bin/shbftp --lvm --keep 10 --prefix daily /dev/vgserver/www

Correspondingly the cron job for the weekly backups (performed on Sundays) would look like this:

1 0 * * 7 root /usr/bin/shbftp --lvm --keep 5 --prefix daily /dev/vgserver/www /dev/vgserver/root

Bugs And Comments

Feel free to send me comments, ideas or critics via email or the bug tracker:

You can report bugs either in the free bug tracker:

bugs.glatzor.de

Or in the proprietary Launchpad of Canonical:

I hope that the programme can be of any use for you.

Sebastian Heinlein