I wanted to create a backup system using tools I already knew, such as scp. I set up a way for it to send a backup to a remote server at home with a 2nd SSH key specifically for the task.<\/p>\n\n\n\n
1. Generate the key on the server you’ll be backing up with ssh-keygen<\/strong>. Save the key to something like ~\/.ssh\/backup-key, and configure it how you like.<\/p>\n\n\n\n 2. Transfer the private key to your PC (not any of the servers). Disconnect from the server by typing exit<\/strong>, then scp <\/strong>the key to your PC. This will transfer the private key to your PC so you can copy it to the server you are backing up to.<\/p>\n\n\n\n 3. Transfer the private key to the server you are backing up to. There’s a few ways to do this, but I used this method since I already had authentication set up with a different SSH key. Replace backup-key<\/strong> with your new key if you used a different name, and replace current-priv-key<\/strong> with your current working key.<\/p>\n\n\n\n 4. Connect to the server you are backing up to. Create the backup folder \/home\/bkup-user\/backup<\/strong>, then a folder for the server you are backing up, such as \/home\/bkup-user\/backup\/server-name<\/strong>.<\/p>\n\n\n\n 5. Create a script that we will use for crontab to run. Use nano <\/strong>to open it.<\/p>\n\n\n\n 6. Copy this script, and change the parts in bold as needed. We will be making a couple scripts on the backup server itself as well after this.<\/p>\n\n\n\n 7. Give the script executable permissions with chmod<\/strong>. Then open the crontab <\/strong>editor.<\/p>\n\n\n\n 8. Add this line to crontab. This will run the script daily at 12am. Then exit crontab with ctrl+x and save the settings.<\/p>\n\n\n\n 9. Open up visudo <\/strong>to give the script sudo permissions.<\/p>\n\n\n\n 10. Add this line to the sudoers file that opened, then ctrl+x and save the configuration.<\/p>\n\n\n\n 11. Disconnect from the backup server, then connect with ssh <\/strong>to the server you are backing up<\/strong>. Create a temp folder.<\/p>\n\n\n\n # ssh into the server you are backing up before doing this, and run it there 12. Open up a new script with nano called backup.sh, then give it this code and save it:<\/p>\n\n\n\n 13. Create another script with nano for deleting the temp contents once the backup is completed. Name it bkup_deltemp.sh and give it this code:<\/p>\n\n\n\n 14. Create a text file with nano that you will use to set up the directories and files you want to backup. Here is an example text file I use to back up my web server:<\/p>\n\n\n\n 15. The back up should now be set up. You can test this by logging into the backup server and running the backup script, then checking the ~\/backup\/server-name folder for a .tar.gz file.<\/p>\n\n\n\n This does not include a mysql database backup, as I did not want to add more complexity to this post. If you have a mysql database backup already configured, you can add it to the backup-list.txt.<\/p>\n\n\n\n Otherwise, you can look into creating a separate script to backup mysql, use a cron job on the server to run it an hour before (0 23 * * *), and include the mysql backup files into the backup-list.txt. I used this script from github: GitHub Script<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" I wanted to create a backup system using tools I already knew, such as scp. I set up a way for it to send a backup to a remote server at home with a 2nd SSH key specifically for the task. 1. Generate the key on the server you’ll be backing up with ssh-keygen. Save … How to Create a Full Backup System with Linux scp and cron<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.sacko.dev\/index.php?rest_route=\/wp\/v2\/posts\/219"}],"collection":[{"href":"https:\/\/blog.sacko.dev\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.sacko.dev\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.sacko.dev\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.sacko.dev\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=219"}],"version-history":[{"count":6,"href":"https:\/\/blog.sacko.dev\/index.php?rest_route=\/wp\/v2\/posts\/219\/revisions"}],"predecessor-version":[{"id":226,"href":"https:\/\/blog.sacko.dev\/index.php?rest_route=\/wp\/v2\/posts\/219\/revisions\/226"}],"wp:attachment":[{"href":"https:\/\/blog.sacko.dev\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=219"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.sacko.dev\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=219"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.sacko.dev\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=219"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}exit\nscp -i ~\/.ssh\/current-key<\/strong> server-user<\/strong>@server-to-backup.domain<\/strong>:\/home\/server-user<\/strong>\/.ssh\/backup-key<\/strong> ~\/.ssh\/backup-key<\/strong><\/code><\/pre>\n\n\n\nscp -i ~\/.ssh\/current-priv-key<\/strong> ~\/.ssh\/backup-key<\/strong> bkup-user<\/strong>@the-backup-server.domain<\/strong>:\/home\/bkup-user<\/strong>\/.ssh\/backup-key<\/code><\/pre>\n\n\n\n# ssh into the backup server before doing this, and run it there\nmkdir \/home\/bkup-user<\/strong>\/backup\nmkdir \/home\/bkup-user<\/strong>\/backup\/server-name<\/strong><\/code><\/pre>\n\n\n\nnano \/home\/bkup-user<\/strong>\/backup-script.sh<\/strong><\/code><\/pre>\n\n\n\n#! \/bin\/bash\n# runs scripts on the server that backs up databases and creates a tar file with all the files needed to be backed up\nssh -i .ssh\/backup-key<\/strong> server-user<\/strong>@server-to-backup.domain<\/strong> \".\/backup.sh\"\n# once above command runs, it is disconnected\n# back on the backup server, downloads temp directory to the backup server\nscp -r -i .ssh\/backup-key<\/strong> server-user<\/strong>@server-to-backup.domain<\/strong>:\/home\/server-user<\/strong>\/temp \/home\/bkup-user<\/strong>\/backup\/server-name<\/strong>\n# everything is downloaded to \/temp; this will move it down a directory\nmv \/home\/bkup-user<\/strong>\/backup\/server-name<\/strong>\/temp\/* \/home\/bkup-user<\/strong>\/backup\/server-name\n# removes the temp folder\nrm -r \/home\/bkup-user<\/strong>\/backup\/server-name<\/strong>\/temp<\/strong>\n# deletes all files older than 30 days\nfind \/home\/bkup-user<\/strong>\/backup\/server-name<\/strong> -type f -mtime +30 -delete\n# goes back into the remote server and deletes the backed up file\nssh -i .ssh\/backup-key<\/strong> server-user<\/strong>@server-to-backup.domain<\/strong> \".\/bkup_deltemp.sh\"<\/code><\/pre>\n\n\n\nchmod +x \/home\/bkup-user<\/strong>\/backup-script.sh<\/strong>\ncrontab -e<\/code><\/pre>\n\n\n\n0 0 * * * \/home\/bkup-user<\/strong>\/backup-script.sh<\/strong><\/code><\/pre>\n\n\n\nsudo visudo<\/code><\/pre>\n\n\n\nbkup-user<\/strong> ALL=(ALL) NOPASSWD:\/home\/bkup-user<\/strong>\/backup-script.sh<\/strong><\/code><\/pre>\n\n\n\n
mkdir \/home\/server-user<\/strong>\/temp<\/p>\n\n\n\n#! \/bin\/bash\ntar -czvf \"\/home\/server-user<\/strong>\/temp\/server-name<\/strong>-$(date +\"%d-%m-%Y\").tar.gz\" -T backup-list.txt<\/code><\/pre>\n\n\n\n#! \/bin\/bash\nrm \/home\/server-user<\/strong>\/temp\/*<\/code><\/pre>\n\n\n\n\/home\/server-user<\/strong>\/backup-list.txt\n\/home\/server-user<\/strong>\/bkup_script.sh\n\/home\/server-user<\/strong>\/bkup_deltemp.sh\n\/etc\/systemd\/system\/website-1.service\n\/etc\/systemd\/system\/website-2.service\n\/var\/www\n\/etc\/nginx\/sites-available\n\/etc\/nginx\/sites-enabled<\/code><\/pre>\n\n\n\n.\/backup-script.sh\ncd ~\/backup\/server-name<\/strong><\/code><\/pre>\n\n\n\n