From 6891b390ede174f851dd4918439b5ecb61dcdec3 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin <4533074+alexAubin@users.noreply.github.com> Date: Wed, 10 Jul 2024 20:47:13 +0200 Subject: [PATCH] Update ADMIN.md --- doc/ADMIN.md | 59 +++++++--------------------------------------------- 1 file changed, 7 insertions(+), 52 deletions(-) diff --git a/doc/ADMIN.md b/doc/ADMIN.md index dbe81a0..1fbd5d1 100644 --- a/doc/ADMIN.md +++ b/doc/ADMIN.md @@ -1,67 +1,22 @@ -### Configuring the user on the target server - -You should now authorize the public key on the target server using something like: - -``` -mkdir ~/.ssh -p -touch ~/.ssh/authorized_keys -chmod u=rw,go= ~/.ssh/authorized_keys -cat << EOPKEY >> ~/.ssh/authorized_keys - -EOPKEY -``` - -Optional: to improve security, make sure the user can only connect through SFTP and can only access its home directory on the target server. -On Debian/Ubuntu, this is done using the following snippet. Otherwise refer to your distribution manual (don't forget to replace `servera` with the real username) - -``` -cat << EOF>> /etc/ssh/sshd_config -Match User servera - ChrootDirectory %h - ForceCommand internal-sftp - AllowTcpForwarding no - X11Forwarding no -EOF -systemctl restart ssh -``` - ### Test -At this step your backup should schedule. +You can manually trigger backups using: `systemctl start restic.service` -If you want to be sure, you can test it by running on server A: -``` -systemctl start restic.service -``` +And then make sure to verify the backup contents using: `restic -r sftp:DESTINATION_SERVER:ORIGIN_SERVER/auto_conf snapshots` -Next you can verify the backup contents by running on server A -``` -restic -r sftp:serverb.domain.tld:servera.domain.tld/auto_conf snapshots -``` - -Replace `auto_conf` with `auto_` if you did not choose to backup configuration but only applications. - -If you want to check the backups consistency: -``` -systemctl start restic_check.service -``` - -If you want to make a complete check of the backups - keep in mind that this reads all the backed up data, it can take some time depending on your target server upload speed (more on this topic in [the Restic documentation](https://restic.readthedocs.io/en/latest/045_working_with_repos.html#checking-integrity-and-consistency)): -``` -systemctl start restic_check_read_data.service -``` +(Replace `auto_conf` with `auto_` if you did not choose to backup configuration but only applications) ### Misc helpful commands - Display the apps list to backup: `yunohost app setting restic apps` - Edit the apps list to backup: `yunohost app setting restic apps -v "nextcloud,wordpress"` -- Launch a backup: `systemctl start restic` -- Launch a backup check: `systemctl start restic_check.service` +- Launch a backup manually: `systemctl start restic` +- Launch a backup consistency check: `systemctl start restic_check.service` ##### Launch a complete backup check -WARNING: this will read data from your backups destination server. -It may take a quite long time depending on the target server's internet upload speed and hardware performance. + +If you want to make a complete check of the backups - keep in mind that this reads all the backed up data, it can take some time depending on your target server upload speed (more on this topic in [the Restic documentation](https://restic.readthedocs.io/en/latest/045_working_with_repos.html#checking-integrity-and-consistency)): ``` systemctl start restic_check_read_data.service