Difference between revisions of "Quick Notes"
Jump to navigation
Jump to search
| Line 29: | Line 29: | ||
{{!}} style="text-align: center; width: 60px;" {{!}} [[File:Logo Debian.png{{!}}60px{{!}}link=https://www.debian.org/{{!}}center{{!}}middle{{!}}frameless]] | {{!}} style="text-align: center; width: 60px;" {{!}} [[File:Logo Debian.png{{!}}60px{{!}}link=https://www.debian.org/{{!}}center{{!}}middle{{!}}frameless]] | ||
{{!}} style="text-align: center; width: 40px;" {{!}} 12 (bookworm) | {{!}} style="text-align: center; width: 40px;" {{!}} 12 (bookworm) | ||
{{!}} | {{!}} <br> | ||
{{!}}} | {{!}}} | ||
Currently testing on a pair of LXCs, both configured as priveledged containers (tho this may not be needed). | Currently testing on a pair of LXCs, both configured as priveledged containers (tho this may not be needed). | ||
| Line 35: | Line 35: | ||
* VMID 999001: storage | * VMID 999001: storage | ||
* VMID 999002: backup | * VMID 999002: backup | ||
I've created a user named '''draal''' with specific responsibility for handling backups.(because remote access by '''''root''''' is stupid...) | |||
'''draal''' has an equivalent account on ALL involved machines and is set up with ssh keys to avoid the use of password-based access. | |||
== On the PVE Server: == | == On the PVE Server: == | ||
| Line 52: | Line 54: | ||
== On "storage" == | == On "storage" == | ||
* <code>ssh-keygen</code> | * <code>ssh-keygen</code> | ||
* <code>ssh-copy-id ''''' | * <code>ssh-copy-id '''''draal'''''@backup</code> | ||
* <code>apt install acl rsync</code> | * <code>apt install acl rsync</code> | ||
* <code>setfacl -R -m u:''''' | * <code>setfacl -R -m u:'''''draal''''':rwx /mnt/Storage</code> | ||
== On "backup" == | == On "backup" == | ||
* <code>ssh-keygen</code> | * <code>ssh-keygen</code> | ||
* <code>ssh-copy-id ''''' | * <code>ssh-copy-id '''''draal'''''@storage</code> | ||
* <code>apt install acl rsync</code> | * <code>apt install acl rsync</code> | ||
* <code>setfacl -R -m u:''''' | * <code>setfacl -R -m u:'''''draal''''':rwx /mnt/Storage</code> | ||
== Testing '''rsync''' commands == | == Testing '''rsync''' commands == | ||
In order to test things, I've basically dumped a copy of my Documents folder into '''/mnt/Storage''' on the '''storage''' LXC. This is around 25GB of incredibley mixed & sloppy crap varying from zero-length placeholders to USB binaries... | In order to test things, I've basically dumped a copy of my Documents folder into '''/mnt/Storage''' on the '''storage''' LXC. This is around 25GB of incredibley mixed & sloppy crap varying from zero-length placeholders to USB binaries... | ||
Everything from here on is done while logged in to '''storage''' as '''draal'''. | |||
* <code>cd /mnt/Storage</code> | * <code>cd /mnt/Storage</code> | ||
* <code>rsync -Aaiz * backup:/mnt/Storage</code> | * <code>rsync -Aaiz * backup:/mnt/Storage</code> | ||
Revision as of 17:59, 3 February 2025
Sections here are really just placeholders with enough information to get started on building actual articles...
Better Permissions Handling
 |
12 (bookworm) |
sudo apt install aclsudo mkdir /FOOBARsudo chown -R :users /FOOBARsudo chmod -R g+ws /FOOBARsudo setfacl -R -m g:users:rwx /FOOBAR
Now, the directory /FOOBAR is writeable by anyone in the users group.
Some Links
- Wikipedia : setuid
- Wikipedia : Access-control list
- StackExchange : Getting new files to inherit group permissions on Linux
- StackExchange : Using setfacl to create recursive permissions for Apache with rsync
Development Testing for a Backup Server
|
12 (bookworm) |
Currently testing on a pair of LXCs, both configured as priveledged containers (tho this may not be needed).
- VMID 999001: storage
- VMID 999002: backup
I've created a user named draal with specific responsibility for handling backups.(because remote access by root is stupid...)
draal has an equivalent account on ALL involved machines and is set up with ssh keys to avoid the use of password-based access.
On the PVE Server:
(setting up the storage for the test LXCs...)
mkdir /mnt/Storage-0mkdir /mnt/Storage-1mount -L Storage-0 /mnt/Storage-0mount -L Storage-1 /mnt/Storage-1vi /etc/fstab
LABEL=Storage-0 /mnt/Storage-0 ext4 defaults 0 0 LABEL=Storage-1 /mnt/Storage-1 ext4 defaults 0 0
pct set 999001 -mp0 /mnt/Storage-0,mp=/mnt/Storage # storagepct set 999002 -mp0 /mnt/Storage-1,mp=/mnt/Storage # backup
On "storage"
ssh-keygenssh-copy-id draal@backupapt install acl rsyncsetfacl -R -m u:draal:rwx /mnt/Storage
On "backup"
ssh-keygenssh-copy-id draal@storageapt install acl rsyncsetfacl -R -m u:draal:rwx /mnt/Storage
Testing rsync commands
In order to test things, I've basically dumped a copy of my Documents folder into /mnt/Storage on the storage LXC. This is around 25GB of incredibley mixed & sloppy crap varying from zero-length placeholders to USB binaries...
Everything from here on is done while logged in to storage as draal.
cd /mnt/Storagersync -Aaiz * backup:/mnt/Storage- copies all files to the backup machine
- Took about 7 minutes... (measured by wrapping the command in a time command)
- (& if you run it again, only copies NEW or CHANGED files)
- Every change I made took substantially under 1 second...
- copies all files to the backup machine
rsync -Aaiz --delete * backup:/mnt/Storage- Will actually synchronize. (i.e. It will DELETE any files from the destination that have been removed on the source.)
- DANGER...DANGER...DANGER
- This may NOT be exactly what you want to do in a backup situation.
- (But it might... Your choice...)