====== BackupPC ====== ===== Installation ===== * Download the installation package from [[http://sourceforge.net/projects/backuppc/|the SourceForge project]]. * Install Perl if it isn't already:


sudo apt-get install perl

* If you want BackupPC to be able to compress the backups (probably a good idea, unless you have lots of hard disk space and CPU time is scarce), run:


cpan

* then from ''cpan'' run:


install Compress::Zlib

* and then exit ''cpan'' with ''Ctrl+D''. * If you want web access to BackupPC (again, a good idea) you'll need to install Apache2 and ''mod_perl'':


sudo apt-get install apache2 libapache2-mod-perl2

* Enable ''suExec'':


sudo a2enmod suexec

* Extract the .tar.gz file:


tar -xzf BackupPC-3.1.0.tar.gz

* Change into the newly-created directory:


cd BackupPC-3.1.0

* Create a symlink at **/bin/perl** pointing at your real Perl binary, because the BackupPC configuration script looks for it in the wrong place (you could also change the shebang in the **configure.pl** script, but I was lazy):


sudo ln /usr/bin/perl /bin/perl

* Run the configuration script:


sudo ./configure.pl

* Follow the instructions, answering the questions as appropriate. * Modify the BackupPC configuration file:


vi /etc/BackupPC/config.pl

* Modify the list of hosts to back up:


vi /etc/BackupPC/hosts

* Rename the script it placed in your **cgi-bin** directory to give it a **.cgi** extension:


mv /var/www/cgi-bin/BackupPC_Admin /var/www/cgi-bin/BackupPC_Admin.cgi

* SuExec can only work per-virtual host, so create a new virtual host for BackupPC specifically:


sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/backuppc

* Enable that site:


sudo a2ensite backuppc

* Modify the new site to tell Apache to listen on a new port (e.g. 8085), that this virtual host will be on that port, to deny access to everything in **/var/www** that isn't part of BackupPC, require a password to access BackupPC's admin pages (a password isn't strictly necessary, but if you don't log in using basic auth you can't actually view anything...) and to enable CGI (Perl) handling for **.cgi**/**.pl** files. Your **sites-available/backuppc** file should end up looking something like this:


  Listen 8085
  NameVirtualHost *:8085
  
          SuexecUserGroup backuppc backuppc
          DocumentRoot /var/www/
  
          #Also prevent access to our .htpasswd file
          
                  Order allow,deny
                  Deny from all
          
          
                  Options Indexes FollowSymLinks MultiViews
                  AllowOverride None
                  Order allow,deny
                  Deny from all
          
          
                  Order allow,deny
                  Allow from all
          
          
                  AddHandler cgi-script .cgi .pl
                  Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
                  Order allow,deny
                  Allow from all
  
                  AuthType Basic
                  AuthName "BackupPC"
                  AuthUserFile /var/www/backuppc.htpasswd
                  Require valid-user
          
  
          ErrorLog /var/log/apache2/error-backuppc.log
          LogLevel warn
          CustomLog /var/log/apache2/access-backuppc.log combined
          ServerSignature On

* Additionally, if you add a HTTP 403 ''ErrorDocument'' directive to the '''' block, you can automatically ''redirect'' users who don't go to **/cgi-bin/BackupPC_Admin.cgi** to that file, saving you typing that path, too:


ErrorDocument 403 /cgi-bin/BackupPC_Admin.cgi

* then you can just go to ''http://machinename:8085/'' instead of ''http:////machinename//:8085/cgi-bin/BackupPC_Admin.cgi''. * Save that file and reload Apache:


sudo /etc/init.d/apache2 force-reload

* Create a password file that matches the above Apache configuration. The username you specify must match the username you specified in the BackupPC hosts configuration file earlier:


htpasswd -c /var/www/backuppc.htpasswd andrew

* Add any required extra users to that password file so that every user mentioned in the BackupPC hosts configuration file can log in:


htpasswd /var/www/backuppc.htpasswd notandrew

* Copy the **init.d** script from BackupPC's installation source directory (the directory you extracted the .tar.gz to) to your ''/etc/init.d'' directory. For Ubuntu, we're using the Debian script:


sudo cp ~/backuppc/init.d/debian-backuppc /etc/init.d/backuppc

* Tell BackupPC to start on boot:


sudo update-rc.d backuppc defaults

* Set the permissions of the BackupPC ''init.d'' script:


sudo chmod 755 /etc/init.d/backuppc

* Ensure that the permissions on the BackupPC directories are correct:


sudo chown -R backuppc:backuppc /data
sudo find /data -type d -exec chmod 750 {} \;

* Start BackupPC:


sudo /etc/init.d/backuppc start

* Browse to ''http://MachineName:8085/BackupPC_Admin.cgi'' and change anything necessary in the GUI. ===== Troubleshooting ===== ==== Backup failed: unable to read 4 bytes ==== This means the ssh connection has failed. The most likely cause is that ssh is waiting for user input to ask a question about the host key. the solution is to log into the backups box, then switch to the backuppc user and attempt to connect to the target machine manually. If you see any prompts about unknown or changed host keys, then resolve the problem and backups should run cleanly once more. ===== Notes ===== * Ideally the BackupPC admin area should be run over HTTPS, but I'll leave that for another article.