Thursday, October 31, 2013

How I backup my server configs with lsyncd

In the event that something happens to my server, or one of the services running on my machine, I like to have a backup of my config for that particular service. Ain't nothing worse than taking hours or even days to properly configure a service to have a hard drive crash, operating system got corrupted, an update replaced your config file with the default or maybe you accidentally deleted the config or made some mistakes modifying it. This post shows how i use lsyncd and logrotate to automatically sync my /etc directory on my server with a remote machine and use logrotate to create and rotate 2 backup copies of the /etc directory.

The machines involved are main_server and backup_server.

On the main_server:

# apt-get install lsyncd

Lsyncd will use ssh as its network transport and we will need to create ssh keys for unattended remote login access. Lsyncd service runs as the root user so will need to login into the root account to create your ssh keys.

# ssh-keygen -t rsa

Copy your public key to the backup_server to allow password less login with ssh keys.

# ssh-copy-id backup_server

Try and logging to the backup server to see that you can authenticate to the backup_server without your password. If you run into issues, check the /etc/ssh/sshd_config file and ensure that public key authentication is enabled.

# ssh backup_server

Now we can create and configure lsyncd on the main_server. A config file is not created by default (on ubuntu and debian) so we need to create one.

# touch /etc/lsyncd/lsyncd.conf.lua

Now a simple config like this will suffice.

settings = {       

        logfile = "/var/log/lsyncd.log",
        statusFile = "/var/log/lsyncd.stat",
        statusIntervall = 1,}
sync{       
        default.rsyncssh,       
        source="/etc/",
        host="backup_server",
        targetdir="/root/backups/main_server/etc/"
}

Now we can start our service

service lsynd start

Hopefully everything went well and no errors occurred. Note that the location /root/backups/main_server/etc will need to be created(or atleast exist) prior to starting the lsyncd service .Now you can login to the backup_server and confirm that files and directories are being syncd.

At this point, you can create a logrotate config in /etc/logrotate.d/. Since logrotate runs via a daily cron job, our config will get executed daily. What our config will do is create a gzip'd tar archive of the /root/backups/main_server/etc/ and keep 2 copies while being rotated daily. The config will look like this.

# touch /etc/logrotate.d/main_server
# nano /etc/logrotate.d/main_server

/var/backups/main_server.tar.gz{
rotate 2
daily
create 644 root root
prerotate
rm /var/backups/main_server.tar.gz
tar -P -zcf /var/backups/main_server.tar.gz /root/backups/main_server
endscript
}

You will want to create a dummy main_server.tar.gz file to satisfy the first run of the prerotate script.

# touch /var/backups/main_server.tar.gz

We're all done. To recap, lsyncd will sync the /etc folder in near real time (few seconds of delay) from the main_server with the backup_server. And on the backup_server, a copy of the sync'd folder is backed up daily with logrotate, maintaining 2 rotated copies.

Resources / Good Readering:

1. https://www.digitalocean.com/
2. https://github.com/axkibe/lsyncd/

No comments:

Post a Comment