UrBackup: Difference between revisions
Jump to navigation
Jump to search
| Line 49: | Line 49: | ||
</source> |
</source> |
||
By default, server connects to client using ports 35621, 35622, 35623. For this to work, we must add the following '''ufw''' rules: |
|||
Must also configure the '''ufw''' rules: |
|||
<source lang="diff"> |
<source lang="diff"> |
||
--- a/ufw/user.rules |
--- a/ufw/user.rules |
||
| Line 80: | Line 80: | ||
### tuple ### allow tcp 135,139,445 ::/0 any ::/0 in |
### tuple ### allow tcp 135,139,445 ::/0 any ::/0 in |
||
-A ufw6-user-input -p tcp -m multiport --dports 135,139,445 -j ACCEPT |
-A ufw6-user-input -p tcp -m multiport --dports 135,139,445 -j ACCEPT |
||
</source> |
|||
However, this means that any device can connect and read the files on the client! So, on untrusted network, it is recommended to enable '''Internet only''' mode [https://urbackup.atlassian.net/wiki/display/US/Headless+Linux+client+setup]): |
|||
<source lang="bash"> |
|||
echo "internet_server=example.com |
|||
internet_server_port=55415 |
|||
internet_authkey=foobar |
|||
internet_mode_enabled=true" > /usr/local/var/urbackup/data/settings.cfg |
|||
</source> |
</source> |
||
Revision as of 06:13, 8 May 2017
References
- https://www.urbackup.org/, the website.
- UrBackup administration manual.
Install on Ubuntu
- Server
sudo add-apt-repository ppa:uroni/urbackup
sudo apt update
sudo apt install urbackup-server
- Client
TF=`mktemp` && wget "https://hndl.urbackup.org/Client/2.1.15/UrBackup%20Client%20Linux%202.1.15.sh" -O $TF && sh $TF; rm $TF
# Verifying archive integrity... All good.
# Uncompressing UrBackup Client Installer for Linux 100%
# Installation of UrBackup Client 2.1.15 to /usr/local ... Proceed ? [Y/n]
# y
# Uncompressing install data...
# Detected Debian (derivative) system
# Detected systemd
# Detected architecture x86_64-linux-glibc
# Installed daemon configuration at /etc/default/urbackupclient...
# Info: Restoring from web interface is disabled per default. Enable by modifying /etc/default/urbackupclient.
# Installing systemd unit...
# Created symlink from /etc/systemd/system/multi-user.target.wants/urbackupclientbackend.service to /lib/systemd/system/urbackupclientbackend.service.
# Starting UrBackup Client service...
# Successfully started client service. Installation complete.
# +Detected Ubuntu LTS. Dattobd supported
#
# -Detected no btrfs filesystem
# +Detected LVM volumes
# Please select the snapshot mechanism to be used for backups:
# 1) dattobd volume snapshot kernel module from https://github.com/datto/dattobd
# 2) LVM - Logical Volume Manager snapshots
# 4) Use no snapshot mechanism
# 1
# Configured dattobd. Please install dattobd following the instructions at https://github.com/datto/dattobd
# Configured snapshot mechanism via /usr/local/etc/urbackup/snapshot.cfg
# Install dattobd
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 29FF164C
echo "deb https://cpkg.datto.com/repositories $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/datto-linux-agent.list
sudo apt-get update
sudo apt-get install dattobd-dkms dattobd-utils
By default, server connects to client using ports 35621, 35622, 35623. For this to work, we must add the following ufw rules:
--- a/ufw/user.rules
+++ b/ufw/user.rules
@@ -17,6 +17,12 @@
:ufw-user-limit-accept - [0:0]
### RULES ###
+### tuple ### allow tcp 35621,35623 0.0.0.0/0 any 0.0.0.0/0 in
+-A ufw-user-input -p tcp -m multiport --dports 35621,35623 -j ACCEPT
+
+### tuple ### allow udp 35622 0.0.0.0/0 any 0.0.0.0/0 in
+-A ufw-user-input -p udp --dport 35622 -j ACCEPT
+
### tuple ### allow tcp 135,139,445 0.0.0.0/0 any 0.0.0.0/0 in
-A ufw-user-input -p tcp -m multiport --dports 135,139,445 -j ACCEPT
--- a/ufw/user6.rules
+++ b/ufw/user6.rules
@@ -17,6 +17,12 @@
:ufw6-user-limit-accept - [0:0]
### RULES ###
+### tuple ### allow tcp 35621,35623 ::/0 any ::/0 in
+-A ufw6-user-input -p tcp -m multiport --dports 35621,35623 -j ACCEPT
+
+### tuple ### allow udp 35622 ::/0 any ::/0 in
+-A ufw6-user-input -p udp --dport 35622 -j ACCEPT
+
### tuple ### allow tcp 135,139,445 ::/0 any ::/0 in
-A ufw6-user-input -p tcp -m multiport --dports 135,139,445 -j ACCEPT
However, this means that any device can connect and read the files on the client! So, on untrusted network, it is recommended to enable Internet only mode [1]):
echo "internet_server=example.com
internet_server_port=55415
internet_authkey=foobar
internet_mode_enabled=true" > /usr/local/var/urbackup/data/settings.cfg
UrBackup client is not installed as a package. Files are found here:
/etc/default/urbackupclient
/etc/systemd/system/multi-user.target.wants/urbackupclientbackend.service
/lib/systemd/system/urbackupclientbackend.service
/usr/local/bin/urbackupclientctl
/usr/local/etc/urbackup
/usr/local/sbin/uninstall_urbackupclient
/usr/local/sbin/urbackupclientbackend
/usr/local/share/urbackup
/usr/local/var/urbackup
/var/log/urbackupclient.log