Server

Install Dirvish, rsync and ssh on the backup server:

apt-get install dirvish ssh 

/etc/dirvish/master.conf should look something like this:

bank:
        /data/backup
Runall:

expire-default: +15 days
expire-rule:
        #MIN    HR      DOM     MON     DOW     STRFTIME_FMT
        *       *       *       *       1       +3 months
        *       *       1-7     *       1       +1 year
        *       *       1-7     1,4,7,10 1
        *       10-20   *       *       *       +4 days

Create a dirctory where all backup’s will be stored:

mkdir -p /home/backup
chmod 700 /home/backup

Create the directory where the backup’s will be stored:

mkdir -p /data/backup/client-root/dirvish

/data/backup/client-root/dirvish/default.conf should look something like this (to backup the root partition on the client):

client: 192.168.1.24
tree: /
index: gzip
image-default: %Y-%m-%d
xdev: 1
exclude:
var/cache/apt/archives/*
var/cache/man/*
tmp/*
var/tmp*
var/backups*
var/cache*
var/games*
var/lib*
var/local*
var/lock*
var/mail*
var/opt*
var/run*
var/spool*
var/vmail*
/boot
/bin
/etc
/dev
/lib
/lost+found
/media
/home
/mnt
/opt
/proc
/sbin
/root
/selinux
/srv
/ssl
/sys
/tmp
/usr
aquota.group
aquota.user
quota.group
quota.user
#rsh: /tmp/ssh
rsh: ssh -i /root/.ssh/id_rsa_dirvish_client-new 192.168.1.24

Now create a temporary ssh script to found out the correct rsync commando to be run on the client.

echo -e '#!/bin/sh\necho $@ > /tmp/rsync' > /tmp/ssh
chmod +x /tmp/ssh

Run Dirvish so we find the command:

dirvish --vault client-root --init
cat /tmp/rsync
client rsync --server --sender -vlHogDtprx --numeric-ids . /

Over on the client we need to use the content of /tmp/rsync (except the first word – the name of the client):

rsync --server --sender -vlHogDtprx --numeric-ids . /

In /data/backup/client-root/dirvish/default.conf your should change the rsh: part to something like this:

rsh: ssh -i /root/.ssh/id_rsa_dirvish_client-root client

And delete the failde backup (to found out the exact rsync command we made a backup, but it failed because the ssh script was used):

rm -rf /data/backup/client-root/2005-03-25

Remember to change the date to the current date.

This section is done on the server.

Create a SSH key that will be used to connect to the client (don’t write any password, just press enter) and copy the public part to your client:

ssh-keygen -t rsa -f /root/.ssh/id_rsa_dirvish_client-root
scp /root/.ssh/id_rsa_dirvish_client-root.pub user@client:/tmp

 

Client Machine/Server

This section is done on the server that is being backed up.

Install rsync and ssh:

apt-get install rsync ssh

Copy the key we made on the server into authorized keys:

cat /tmp/id_rsa_dirvish_client-root.pub >> /root/.ssh/authorized_keys2

In the bottom of /root/.ssh/authorized_keys2 there should be af new line starting with ssh-rsa. Add the following the the beginning of that line:

command="rsync --server --sender -vlHogDtprx --numeric-ids . /",from="192.168.1.25",no-port-forwarding,no-X11-forwarding,no-agent-forwarding
  • Replace the rsync-command with the command we found in /tmp/rsync
  • Replace the IP-address with the IP-address of the backup server. This is the IP-address the client sees the server with, so if the server is behind NAT and the client is somewhere on the internet, it’s the external address.

The line should now look something like this (everyting should be on one line):

command="rsync --server --sender -vlHogDtprx --numeric-ids . /",from="192.168.1.25"
,no-port-forwarding,no-X11-forwarding,no-agent-forwarding ssh-rsa AAAAB3NzaC1yc
2EAAAABIwAAAIEAxH1KNHrOFn1XOZzYRaCaZRqtFfwjzGYPjE5FMhF4voEetoSojXMTIyUU6EI81S+6
Z9XWPFuEZDN0x2xZzjJlcR0ur1zZ5O0ipfNE7f7hqBusH1NQfE5VmH3R+ehQ61FBztvaGuGtl0DjehX
WUFrMT7INjJu2whz9+3Vtn4Vxp4U= root@server

Now you should problaly have your ssh server set to not accept root logins. Change it so you can log in as root only with a ssh key and a predefined command.

In /etc/ssh/sshd_config set PermitRootLogin to this:

PermitRootLogin forced-commands-only

And reload the ssh server:

/etc/init.d/ssh reload
 

Server

The initial backup can now be startet on the server with this command:

dirvish --vault client-root --init

This takes som time as all the data is transfered from the client to the server.

If all goes well, you now have af full backup up of the client.

Now set up Dirvish to automatic make a backup every night. In /etc/dirvish/master.conf under Runall: insert a line, so the file looks something like this:

Runall:
        client-root     22:00