diff --git a/content/blog/ovh-pca-backupninja-duplicity.md b/content/blog/ovh-pca-backupninja-duplicity.md index d819656..8b94d4d 100644 --- a/content/blog/ovh-pca-backupninja-duplicity.md +++ b/content/blog/ovh-pca-backupninja-duplicity.md @@ -1,7 +1,7 @@ --- title: Using OVH PCA with backupninja description: Accessing the OVH Public cloud archive with the automated backup tool backupninja using its duplicity backend -date: 2022-03-03 +date: 2024-03-06 --- ## Motivation @@ -36,17 +36,18 @@ OVH provides a cheap way for longterm storing backup data, the Public Cloud Arch ### On OVH -- Create a new user unter Cloud Archive → Project Management → Users & Roles +- Create new Public Cloud project +- Create a new user unter Public Cloud → Project Management → Users & Roles - Give the user the Role `ObjectStore operator` - Note username and **password** -- Get TenandID +- Get TenantID - click 3 dots on the right of the users row. Click Download OpenStack's RC file. Here you can select a region where the PCA should be set up - - Note the `OS_TENANT_ID`, here you also can extract `OS_USERNAME` and `OS_REGION_NAME` + - Note value of `OS_TENANT_ID` -## Installation -- Be sure to have at least version 0.8.21 of duplicity - - `pip3 install duplicity>=0.8.21 python-swiftclient python-keystoneclient` +## Install python modules +- Be sure to use latest issues, so install python modules with pip: + - `pip3 install duplicity python-swiftclient python-keystoneclient fasteners` ## Configuration - 3 files are used for this: @@ -60,7 +61,7 @@ OVH provides a cheap way for longterm storing backup data, the Public Cloud Arch - Most important options are: ``` -options = --volsize 200 --archive-dir /tmp --file-prefix-manifest 'hot_' --file-prefix-signature 'hot_' --file-prefix-archive 'cold_' +options = --archive-dir /tmp --file-prefix-manifest 'hot_' --file-prefix-signature 'hot_' --file-prefix-archive 'cold_' testconnect = no [gpg] @@ -81,10 +82,24 @@ desturl = 'multi:///etc/ovh-config.json?mode=mirror&onfail=abort' - This is the **credentials** file for OVH. Get this [template](/texts/ovh-config.json) - adapt the `url` keys to something meaningful ex. `backedupserver1_cold` and `backedupserver2_hot`. This will be the names of the Cloud Archives resp. Object Stores - change `PCA_TENANTID` and `SWIFT_TENANTID` to noted `OS_TENANT_ID` - - change `PCA_USERNAME` and `SWIFT_USERNAME` to noted `OS_USERNAME` + - change `PCA_USERNAME` and `SWIFT_USERNAME` to noted username - do the same for Password and Regionname - Make sure minimal access rights with `chmod 600` -## testing -- do a test run - - `backupninja -d -n` +## backup +- do a test run + `backupninja -d -n` +- backupninja should start every day at a predefined time as specified in `/etc/backupninja.conf` + +## restore +- create a `ovh-conf.json` file for the credentials like for backup +- run (preferably as root, so user ownership can also be restored): +```sh +duplicity --file-prefix-manifest 'hot_' \\ + --file-prefix-signature 'hot_' \\ + --file-prefix-archive 'cold_' \\ + --encrypt-key EXAMPLEKEYID \\ + --sign-key EXAMPLEKEYID \\ + --path-to-restore PATH/IN/BACKUP \\ + restore 'multi:///PATH/TO/ovh-config.json?mode=mirror&onfail=abort' LOCAL/SUBFOLDER +``` diff --git a/static/texts/20_ovh_pca.dup b/static/texts/20_ovh_pca.dup index bdab2db..6eb4f89 100644 --- a/static/texts/20_ovh_pca.dup +++ b/static/texts/20_ovh_pca.dup @@ -1,6 +1,6 @@ # passed directly to duplicity -options = --volsize 200 --archive-dir /tmp --file-prefix-manifest 'hot_' --file-prefix-signature 'hot_' --file-prefix-archive 'cold_' +options = --archive-dir /tmp --file-prefix-manifest 'hot_' --file-prefix-signature 'hot_' --file-prefix-archive 'cold_' # default is 0, but set to 19 if you want to lower the priority. nicelevel = 19