Backup Setup

Note to users of CSX- and Abstraction- provided services, including those hosted on clubs.calvin.edu and csx.calvin.edu: this page is for the sanity of the system administrators of CSX and Abstraction only. If you need help or assistance with backup up your data on an Abstraction- or CSX- provided service, please contact Abstraction's leadership or <npb5> directly.

Filesystem-level Backups

Software

rdiff-backup is used for filesystem-level backup. It uses components of rsync to allow low-bandwidth transfer of file modifications over the network. For each backup, it creates a distinct snapshot so that one can compare a system's state on separate days or retrieve older files. It stores the backup as a filesystem tree, meaning no special tools are required to access backed-up files.

Location

For simplicity and lack of creativity, each server that Abstaction runs will store its backups of the other servers in /backup. Such a location will make it easier for servers to avoid backing up backups themselves using a simple exclusino rule against /backup.

Security

Root access is required to read all files necessary for creating a complete backup. Root access is required for creating the filesystem tree representing the backed up system. Remote passwordless root SSH access will thus have to be used for either pushing or pulling backups from and to each Asbtraction server.

To protect backups from being accessed maliciously, the permissions of /backup shall be set to the following:

drwx------   2 root root  4096 2010-09-05 23:47 backup

Automation Scripts

The automation for backups is provided by a one-liner call to rdiff-backup(1) in /etc/crontab. The scripts shall be set to exclude the /backup directory of the servers being backed up, providing a uniform and easy way to avoid backing up backups which would quickly cause disk-space exhaustion. Backups of mirror shall also excludee the /srv/ftp directory as everything that mirror mirrors is easily recreatable and space-consuming.