Thanks to the author from this article: http://www.davidstclair.co.uk/Automatically-Backing-Up-Remote-Servers-with-qnap-109
If you run an important server such as web server you should of course take regular off site backups. Now everyone knows that backups are a total pain to do manually and more often than not get forgotten. However, using linux cron you can automate this task easily and be more confident of your ability to recover should anything go wrong with your server and you need to restore. If you have a decent connection speed at your home or office you can program a QNAP 109 NAS to take care of this important task for you.
qnap 109 backup
Backing up like this has the following benefits
-It is off-site (assuming your qnap is at your home or office and the server you are backing up is in some data centre / ISP somewhere)
-It pulls the backups from the webserver. Keeping your qnap device behind a natted firewall means it is harder to be compromised as it will simply connect to the remote server then pull down a backup and then logoff. If you pushed the backup from the remote server to a remote host most likley you would have to store some connection info and credentials on the remote server which could be given away should your remote server be hacked. This means your server would be hacked and potentially your backups too. Nasty!
-Qnaps are very quiet and don't use much power. So rather than using a PC that could technically do the job just as well you can leave the qnap on 24/7 without it being too noisy or costly on electricity.
Install the QPKG
The QPKG is the qnap package manager that lets you expand your qnap's linux functions and software. We are going to need to replace the default Secure Shell that comes with the QNAP 109 with the OPENSSH package.
The following link describes this process:
http://wiki.qnap.com/wiki/Install_Optwa ... n_via_QPKG
Replace the default qnap SSH
The following link describes this process. http://wiki.qnap.com/wiki/How_To_Replac ... th_OpenSSH
Prepare the Qnap and your remote server for Automated Backups
Create a user on your qnap an on your remote server
Choose a username and create that user on both your qnap and your remote server
in my example I am going to use the name "dave"
Login to the qnap as admin and run this command:
Add the user and set his home directory an password:
adduser -h /share/HDA_DATA/dave dave
Do the same with the remote server, in my example I am creating the users home directory on a remote redhat box under /home/dave
adduser -h /home/dave dave
Change the newly created users password
Create public/private key pair
Now lets create a public / private key pair to allow the qnap to log onto the remote redhat server without a password. This is perfect for automated backup scripts.
Logon to the Qnap as user dave (or your user) and type
ssh-keygen -t rsa
Which should return this:
Generating public/private rsa key pair.
And after a moment you will be aske where you wish to write your private key to
Enter file in which to save the key (/share/HDA_DATA/dave/.ssh/id_rsa):
You can except this. Next will be the passphrase you wish to use with this key
Enter passphrase (empty for no passphrase):
Simply press enter or return. This will create a phraseless keypair.
This should complete and it will return the place where it has left your private and public keys.
Your identification has been saved in /share/HDA_DATA/dave/.ssh/id_rsa.
Your public key has been saved in /share/HDA_DATA/dave/.ssh/id_rsa.pub.
The private key (id_rsa) should always be kept safe - and as your qnap is hidden behind a natted firewall (it is I hope?) that you don't allow any kind of remote access to you should be safeish.
Now we need to copy the public key up to the remote host under the "dave" users we created earlier home directory normally something like this on a red hat box /home/dave/.ssh or for solaris /export/home/daves.
This is done simply by copying the file using scp.
Note ensure there is a /home/dave/.ssh directory on the remote server first before trying the command. If there isn't just create one as normal (mkdir /home/dave/.ssh)
scp id_dsa.pub email@example.com:/home/dave/.ssh/id_rsa.pub
Now that's copied login to the remote SSH server (in my example it is http://www.myserver.com)
and then appending the id_rsa.pub file to the authorized_keys file.
cat /home/dave/.ssh/id_pub.pub >> authorized_keys
Don't forget to ensure the user dave .ssh directory and the authorised keys are set to permissions 700 on both the remote and local servers.
Now you can test it by running the following command from the QNAP
If it logs in without a password you have done it! If you are prompted for a password the best thing to do is double check that the permissions on the qnap and the remote servers .ssh directory and below is set to 700.
Which looks like this:
drwx------ 2 dave dave 4096 May 14 18:14 .ssh
Example Backup Scripts
Now you can run backup which can backup mysql databases and files.
The following is an example script which you might want to run daily woulld backup a website directory. Naturally you need to alter some of the paths to suit your own environment.
#Optionally change mysitebackup to something.
#==== Backup ====
# Create Tar
ssh firstname.lastname@example.org "tar -cvf $BACKUPDATE.$TARARCHIVE.tar $DATA"
ssh email@example.com "gzip $BACKUPDATE.$TARARCHIVE.tar"
#Copy backup file to backup device
scp firstname.lastname@example.org:/home/dave/$BACKUPDATE.$TARARCHIVE.tar.gz /share/HDA_DATA/dave/backups/files/
ssh email@example.com "rm -r -r /home/dave/$BACKUPDATE.$TARARCHIVE.tar.gz"
1 post • Page 1 of 1
- QNAP Staff
- Posts: 5389
- Joined: Thu May 21, 2009 2:14 pm
- Location: Taipei