User:Ixo/Script/xo-backup-server

From OLPC
Jump to navigation Jump to search

(These are starting notes for a new wiki page on a possible solution for backing up a XO Laptop to a server. I needed to develop a solution for my own situation, so I might as well document and share it for others. :)


Intro

Summary

  • xo-backup-server: For OLPC/XO-1 Laptop, create a copy/backup of your XO Laptop /home/olpc directory to a specific computer (i.e. server).


Description

  • From XO-Laptop, and anywhere you have remote IP access to server (i.e. Mesh, Intranet, or Internet), backup and copy files from XO Laptop.
  • Script can ran multiple times, will only copy over files which have changed.

Benefits

  • Creates a backup of /home/olpc in case of errors or mistaken deletions.
  • Allows examination of files on different machine, with better local tools and resources.
  • run between operations on the XO, to see files created or updated.
  • one of many methods to 'backup' a laptop 'important' (Really? which ones? So all for now!) files onto a central server.

Optional 'no password' setup.

  • SSH keys work on any public released build _after_ Ship 2.2 (build 656)
  • Setup and create a 'shared SSH keys environment', and prompt for password goes away.

SETUP

Step 1. SERVER

(i.e. who's going to receive the archive/backup copy?)

  1. Note the IP address of server (or other device).
  2. Optionally, generate SSH public/private shared keys.

Step 2. XO Laptop

(i.e. who's going to grab a backup copy?)

#!/bin/bash
# FILE: ixo-backup-server
# Author: iainD on wiki.laptop.org or irc #olpc-help
# Version: 2008 01 20, backup XO /home directory to server site
# Licensing: RELEASED under CC-GNU GPL 3.0 license.
#
## Constants ##
#
# 'laptopbu' can be any account on the SERVER, you designate to receive the backup.
# '192.168.1.100' (or 'server.domain.com' ) is the IP address (or DNS) of your SERVER.
# '/data/Backup/OLPC' is the location where the backup will be stored.
#
backup_server="laptopbu@192.168.1.100:/data/Backup/OLPC"
#
# '22' is default port for SSH, can be updated for more security (sshd must be configured too)
#
backup_server_port="22"
#
## Program ##
rsync --compress --progress --timeout=30 --verbose --verbose --partial --times \
--recursive --links --perms --group --times --size-only \
--rsh="ssh -p $backup_server_port" /home/olpc $backup_server

#eof

Optional: SSH Keys

(i.e. no password prompt.)

  1. Using Terminal or root console shell logon as olpc.
  2. Create new file ~olpc/.ssh/authorized_keys
  3. Copy into above file, your copy of 'SERVER ssh public key' (i.e. ~/.ssh/id_rsa.pub),


NOTES:

  • Command is one single line.
  • Must setup password for olpc account, via 'root' command of $ sudo passwd olpc .

Outstanding Questions

  • Is there an easy way of moving the ssh public key from SERVER to LAPTOP ?
    • USB Drive ?
    • Download via Webpage ?
  • Best method for uniquely identifying the LAPTOP needing to be backed up ? (use Serial Number ?)
    • It is possible for XO Laptop IP address to change between connection attempts !
  • Archive how many copies of files? only one copy? or multiple ? Limited ?
    • Rsync has some of these options built in.

Background details

(Eventually, move this information to a separate wiki page... )

1. Create SERVER ssh keys with either of the following methods

 $ ssh-keygen  (pass phase can be blank, generates id_rsa and id_rsa.pub )
   (need exact steps here.. )

2. Your 'SERVER' ssh public key ( ~/.ssh/id_rsa.pub ) looks something like this.

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAyf/ux1DcURj7dyeHMPFk/zafEnuCOqJVWCb1Sy12ksEkfzoWojL1mcjXNnkfZ+P10SOlQ5kjerH7
2JBu4DqPP3NUrcuFezhST9Ixa3NU1ts1w2VKHAcAcSAq8ayBmVGzrTxq7gayT5RSvo/nvI0TXJHSSF3Jh/7hSFAKED4YOURUSE wiki@laptop.0rg

3. Your 'SERVER' ssh private key ( ~/.ssh/id_rsa ) looks something like this.

-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQDJ/+7HUNxRGPt3J4cw8WT/Np8Se4I6olVYJvVLLXaSwSR/Ohai
qMvWZyNc2eR9n4/XRI6VDmSN6sfvYkG7gOo8/c3Oty4V7OFJP0jFrc1TW2zXDZUo
cBwBxICrxrIG+UbOtPGruBrJPlFK+j+e8jRNckdJIXcmH/uFJ1HYOMssQwIBIwKB
gEVBzjW1Utn579EU3eTlDK9F7WVsLKZjivmm9QPVErX5E9PZZtiu5s0qrQnkTlb0
4NwXgVetKcpB3iYwUQ0WQa3m919JKCriMwrcA7Zqu1bS5Q48Q9v9TgydHxyKAguD
xerfe/HBMwLNJ1WpeEFYwHNZi+Y3k2Mpvy8XuDB5yRUrAkEA5S1kceYwXMF3P1ZR
Y6B/3Hy1KH5vn4YIZi5cfbHQZ2B/cK2Ak4NXERQR5sKCn1Kc7yG+fY846iLU7W2G
avSlbQJBAOGkPwU9aHxgR6jnoD2Ka5fUDbVQzIMc/z63kWEk6b2Pt43FVLEX/1bf
1I/eXbqwYBNNgIHPYVFrEYoLGb/3+m8CQHxpGUUlMDJaZU5EzRjTeJxDsszW7CNm
BI89vS5KlbR2No2gA/hOnPqkfr8ZIlZ9TeDmbrkwfftx/o+EmW1C+rcCQQCuEP1q
cTNYogtlCnRMuz0OuYbq9TANX4MTH+UtrsLxUZw6KoMph4p2N6P59K60lrCD61SB
ZXb1ql38xrwXv0wpAkEA4qsLj1QhcLSZdHuuSyLwjovqVzPB+PKJs/c+JDO0Nr6b
DYjugZ9YtVNLd5JEQHSkYI+TLGrCCFAKED4YOURUSE==
-----END RSA PRIVATE KEY-----

4. Your 'LAPTOP' authorized_keys ( ~olpc/.ssh/authorized_keys ) looks something like this.

(Note: Final configuration, this file should be the same as ssh public key)
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAyf/ux1DcURj7dyeHMPFk/zafEnuCOqJVWCb1Sy12ksEkfzoWojL1mcjXNnkfZ+P10SOlQ5kjerH7
2JBu4DqPP3NUrcuFezhST9Ixa3NU1ts1w2VKHAcAcSAq8ayBmVGzrTxq7gayT5RSvo/nvI0TXJHSSF3Jh/7hSFAKED4YOURUSE wiki@laptop.0rg

5. See 'rsync --help' or 'man rsync' for full explanation of options.

6. See 'ssh --help' or 'man ssh' for full explanation of options.