Difference between revisions of "Backup Setup"
Step by step how-to instructions on installing and running KoBo Toolbox on a standalone server.
m (→2. Create mounting point and add entry to Host's fstab) (Tag: visualeditor) |
m (Tag: visualeditor) |
||
Line 1: | Line 1: | ||
== Permanently mount backup storage onto KoBo server's filesystem == | == Permanently mount backup storage onto KoBo server's filesystem == | ||
− | === | + | === Store cretendials safely === |
+ | Rather than putting Windows share credentials directly into the Host's fstab, where it is readable by all Host users, create the file containing sensitive information, and restrict access to the file to root alone. Host's fstab will reference this file. | ||
+ | |||
$ sudo nano /etc/samba/kobo-backups.cred | $ sudo nano /etc/samba/kobo-backups.cred | ||
Revision as of 09:09, 5 January 2017
Contents
Permanently mount backup storage onto KoBo server's filesystem
Store cretendials safely
Rather than putting Windows share credentials directly into the Host's fstab, where it is readable by all Host users, create the file containing sensitive information, and restrict access to the file to root alone. Host's fstab will reference this file.
$ sudo nano /etc/samba/kobo-backups.cred
username=kobo-pilot password=F1xMyStreet
$ sudo chmod 0600 /etc/samba/kobo-backups.cred
Create mounting point and add entry to Host's fstab
$ sudo mkdir /media/kobo-backups $ sudo nano /etc/fstab
...adding the following two lines at the end of the file. The second line starts with //192.168.50.50/ and contains everything upto the end.
# KOBO-Backups folder on 192.168.50.50 //192.168.50.50/KOBO-Backups /media/kobo-backups cifs credentials=/etc/samba/kobo-backups.cred,iocharset=utf8,sec=ntlm 0 0
The backup share will this be automatically mounted on every reboot of the system. To activate the changes immediately, issue the command
$ sudo umount -a
Backup script
$ sudo nano /usr/sbin/kobo-backup
#!/bin/bash KOBO_DOCKER=/home/ate/kobo-docker KEEP_DAYS=31 LOCAL=/srv/kobo-backups/ REMOTE=/media/kobo-backups/kobo-backups/ function log { echo "`date +'[%d/%b/%Y:%k:%M:%S %z]'` $1" } if [[ $UID != 0 ]]; then echo "Please run this script as root:" echo "sudo $0 $*" exit 1 fi log "MSF KoBo Toolbox backup script starting" cd $KOBO_DOCKER log "Postgres backup..." docker exec kobodocker_postgres_1 bash -c "pg_dump --format=c --no-privileges --no-owner kobotoolbox -U postgres > /srv/db/backup/current.pgdump" mv --verbose $KOBO_DOCKER/.vols/db/backup/current.pgdump $KOBO_DOCKER/backups/postgres/`date +%Y%m%d%H%M`.pgdump log "postgres done" log "Moving files..." touch -t `date +%m%d0000` /tmp/$$ find $KOBO_DOCKER/backups/ -type f -newer /tmp/$$ -exec mv --verbose -f {} $LOCAL \; rm /tmp/$$ log "mv done" log "Remove archives older than $KEEP_DAYS days..." find $LOCAL -type f -mtime +$KEEP_DAYS \( -name "*.tar" -o -name "*.tar.gz" -o -name "*.pgdump" -o -name "*.pgrestore" \) -exec rm --verbose {} \; log "unlink done" log "RSyncing local and remote backup destination..." rsync --archive --delete $LOCAL $REMOTE log "rsync done" log "MSF KoBo Toolbox backup script completed" touch /root/kobo-last-backup.timestamp echo "---" echo "automated message sent by KoBo Toolbox backup * support@mreznisistemi.rs *"
$ sudo chown root:root /usr/sbin/kobo-backup $ sudo chmod 0755 /usr/sbin/kobo-backup
Schedule backup execution
$ sudo nano /etc/cron.d/kobo-backup
MAILTO=root SHELL=/bin/bash PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin 30 3 * * * root kobo-backup