* install da-backup on the client
* create a crontab that runs da-backup daily at some convenient time
* configure the directories in {{{/etc/da-backup}}}
-* create a new SSH key pair for each configuration file foo in
- {{{/etc/da-backup/}}} with {{{ssh-keygen -t rsa -f /root/.ssh/da_foo"}}}:
-
-{{{
- cd /etc/da-backup &&
- [ -r /root/.ssh ] &&
- for i in *; do
- echo $i &&
- if [ -e "/root/.ssh/da_$i" ]; then continue; fi &&
- sudo ssh-keygen -t rsa -f /root/.ssh/da_$i -N '' -C "da-backup for $i on `hostname -f`";
- done
-
- echo "#" &&
- echo "# `hostname -f`" &&
- echo "#" &&
- myip=`host $(hostname -f) | \
- grep has\ address | \
- sed -e 's/.*address //'` &&
- cd /etc/da-backup &&
- for i in *; do
- echo "command=\"rsync --server -vlHogDtprz --delete --delete-after --ignore-errors . /org/backup.debian.org/staging/`hostname -f`/$i\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,from=\"::ffff:$myip,$myip\" `cat /root/.ssh/da_$i.pub`"
- done && echo
-}}}
-
-* install the public components of the key with the proper command in
- puppet {{{modules/ssh/templates/authorized_keys.erb}}} for bartok, start a new section for each host. Do a puppetrun on bartok.
+* install the public host key of the server with a proper command in
+ puppet {{{modules/ssh/templates/authorized_keys.erb}}} for bartok. Do a puppetrun on bartok.
+ (This might get done automatically eventually.)
* configure how many copies of the directory should be kept in
{{{/etc/da-backup-manager/}}}
-* mkdir the target directories (at least the first level dir is required. the last directory in the path rsync will create itself).
* run {{{da-backup -v}}} on the client to see if it all works.
-* Backup items should either be called {{{<host>/<directory>}}} or
- {{{services/<servicename>}}}, i.e. always use a two-level directory layout.
+* Backup items should be called {{{<host>/<directory>}}}.
+ Historically we also used {{{services/<servicename>}}}.
== Consistency checks ==
projects / mirror / dsa-wiki.git / commitdiff