Monday, January 14, 2008

Boxbackup

For a long while I have pondered and tried to find an elegant way to backup my co-located server. I tried and failed with Amanda and several home-brew scripts. I finally stumbled across boxbackup.
Boxbackup is a multi platform network backup device. One system acts a a server to which clients (windows mac linux bsd) can connect to and backup files.
Boxbackup uses libsync (think rsync) to only synchronise files that have changed. Also because there is both a server and client agent its should be more efficient than rsync alone.
Security is assured through the use of Tsig certificates. Certificates are used to encrypt the data transmission and secure files as they are transferred.

Server Setup

There are Debian packages available here Download
wget http://www.backports.org/debian/pool/main/b/boxbackup/boxbackup-server_0.10-1~bpo.1_i386.deb
then install
dpkg -i boxbackup-server_0.10-1~bpo.1_i386.deb
The debian installer didnt work out very well for me so I manually ran. Replace server1.example.tld with the name of your server.
bbstored-config /etc/boxbackup server1.example.tld bbstored
Change directory
cd /etc/boxbackup/bbstored
Create a certificate authority
bbstored-certs ca init
Sign the server key
bbstored-certs ca sign-server server1.example.tld-csr.pem
copy the certificates into the bbstored directory
cp ca/servers/server1.example.tld-cert.pem .
copy the server cert
ca/roots/clientCA.pem .
My server is behind a NAT firewall so I had to open port 2100 and edit /etc/boxbackup/bbstored.conf from
ListenAddresses = inet:server1.example.tld
to
ListenAddresses = inet:10.0.0.254
Create a client account, each client is identified with a unique hex code 75AB59D
bbstoreaccounts create 75AB59D 0 20480M 20480M
The numbers with M following are the soft and hard limits for the amount of space on the server to allow for backups.
Start the server
/etc/init.d/boxbackup-server start

Client Setup

Log into the client computer, download boxbackup-client
wget http://www.backports.org/debian/pool/main/b/boxbackup/boxbackup-client_0.10-1~bpo.1_i386.deb

and install
dpkg -i boxbackup-client_0.10-1~bpo.1_i386.deb
You will be prompted to let Debian guide you, it didn't work for me. Change to the boxconfig directory
cd /etc/boxbackup/bbackupd
and run the config generator
bbackupd-config /etc/boxbackup/ lazy 75AB59D server1.example.tld /var/bbackupd /home /var/www

The final entries are the directories to backup.
Copy 75AB59D-csr.pem to the main server /etc/boxbackup/bbstored/ and sign with your server certificate.
bbstored-certs ca sign 75AB59D-csr.pem
This will create 2 files ca/roots/serverCA.pem and ca/ clients/75AB59D-cert.pem. Copy these to the client in /etc/boxbackup/bbackupd/
Start the client
/etc/init.d/boxbackup-client start
Check its running
grep bb /var/log/syslog
You should see something like

Jan 14 22:53:54 client bbackupd[3540]: Starting daemon (config: /etc/boxbackup/bbackupd.conf) (version 0.10)
Jan 14 22:53:55 client bbackupd[3540]: Beginning scan of local files
Jan 14 22:53:55 beta bbackupd[3540]: Opening connection to server server1.example.tld...
Jan 14 22:53:56 beta bbackupd[3540]: Connection made, login successful

Good Luck!
Post a Comment