anton
/
luksbackup
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e9b4bd17b6'
${ noResults }
luksbackup/README.md

74 lines
2.6 KiB
Markdown
Raw Blame History

# LUKS backup
Backup anything to any remote luks device!
## Usage:
Currently this script is only present in fish, but you can translate it quite easily I suppose. Note that it requires fish to be the default shell for the user on the server
**Step 1:** Create a LUKS device on the target:
connect per ssh to the device, then run these commands (replace the seek=100G with your preferred size):
```bash
dd if=/dev/zero of=storage bs=1 count=0 seek=100G
chmod go-rwx storage
sudo cryptsetup luksFormat storage
sudo cryptsetup luksOpen storage luks_setup
sudo mkfs.ext4 /dev/mapper/luks_setup
mkdir backup
sudo mount /dev/mapper/luks_setup ~/backup
sudo chown -R --reference=. ~/backup
read -P "check out this progress"
sudo umount ~/backup
sudo cryptsetup luksClose luks_setup;
rmdir backup
```
you can replace the name (`storage`) with any filename you like. If you'd rather use a partition skip the `dd` part and run `luksFormat` directly on your partition and replace the file with the device at all other steps.
*Note that the file will be shown to be 100GB in size, but it will not use 100GB of disk space. As the luks container fills up, the file will grow with it. If you don't want this, I would suggest filling the whole file with data from urandom. This will take a while on initialization though.*
**step 2:** configure the backup script:
Replace these variables in the beginning with your own:
```fish
set REMOTE "your-backup-ssh-server" # ip/host where to backup to
set REMOTE_PATH "~/backup/current" # remote location where backup is mirrored
set USER username # ssh user
set KEY ~/.ssh/id_backup_key # ssh key
set SSH_OPT # possible ssh options
set LUKS_DEVICE "~/storage" # luks device or file to open
set LUKS_NAME "luks_"(random) # generate a random name for the luks groups
set LUKS_MOUNT "~/backup" # the mount point where the container is mounted to
set RSYNC_IGNORE_FILE "~/.backup-ignore" # the file containing the blacklist
```
**step 3:** configure your rsync ignore file:
use your editor to add all directories you'd like to skip to the `.backup-ignore` file (or whatever you named the `RSYNC_IGNORE_FILE` in the config)
**step 4:** run the backup script
`./backup.fish`
## Additional things:
Things you can do, but do not need to:
* symlink the `backup.fish` to a location in your PATH (also rename it)
* call the `backup.fish` script automatically (cronjob etc)
* run `backup.fish --browse` to browse the remote files
* add a sudo policy to not require the server user to prompt for passwords
Reference in New Issue View Git Blame Copy Permalink