- Install CentOS 7 minimal software selection with a 2G /boot, 10G / and rest on /home, all XFS.
- Set hostname, a static IP and enable NTP
- Set root password and create an additional user (eg. backupadmin), the additional user will house all backup destinations in their /home/<USER> dir.
- Reboot and do a “yum update”
Install Gnome since you're going to backup online via Crashplan
yum groupinstall "X Window System" yum install gnome-classic-session gnome-terminal nautilus-open-terminal control-center liberation-mono-fonts
If you want Gnome to load on reboot run the commands below (though you don’t need to if you are only going to use VNC for remote management)
unlink /etc/systemd/system/default.target ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target
Install misc programs that will be useful and necessary
yum install gnome-disk-utility gnome-system-monitor firefox vim
Install TigerVNC Server
This is so you can remote admin using a GUI for Crashplan or other online backup that requires a GUI
yum install tigervnc-server cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:0.service vim /etc/systemd/system/vncserver@:0.service # Replace <USER> with backupadmin in 2 locations # Example: # ExecStart=/sbin/runuser -l backupadmin -c "/usr/bin/vncserver %i" # PIDFile=/home/backupadmin/.vnc/%H%i.pid # Change to the backupadmin user su backupadmin # Run vncserver to start prompt for password (don't enable a view only password) vncserver # Exit the backupadmin user exit # Add firewall rules and start the VNC server firewall-cmd --permanent --zone=public --add-port=5900/tcp firewall-cmd --reload systemctl daemon-reload systemctl enable vncserver@:0.service systemctl start vncserver@:0.service # Reboot shutdown -r now
Make backup destination folders in user home dir
su backupadmin mkdir /home/backupadmin/backups mkdir /home/backupadmin/backups/nfs mkdir /home/backupadmin/backups/rsync mkdir /home/backupadmin/backups/smb mkdir /home/backupadmin/backups/ssh # Note: we are creating a different folder for each type of backup transfer method to keep things manageable and prevent issues when 2 different methods dump to the same dir # Exit the backupadmin user exit
Setup Rsync server for backups over SSH without a password
(source)
# Install Rsync
yum install rsync
# Do a rsync to make sure it asks for the password for your account on the remote server, and successfully copies the files to the remote server.
The following example will synchronize the local folder /home/ramesh to the remote folder /backup/ramesh (on 192.168.200.10 server).
rsync -avz -e ssh /home/ramesh/ ramesh@192.168.200.10:/backup/ramesh/
# Now setup ssh so that it doesn’t ask for password when you perform ssh. Use ssh-keygen on local/source server to generate public and private keys. Be sure to add a comment detailing the source of the key so it's easier to manage, also make use a custom file name for automated logins only, make it descriptive as well.
Note: When it asks you to enter the passphrase just press enter key, do not create any password for automated key based ssh logins
ssh-keygen -b 4096 -f ~/.ssh/rsyncOverSshLocalUserNameLenovoT450S-062618 -C "rsyncOverLocalUserNameLenovoT450S-062618"
Use ssh-copy-id to copy the public key to the remote host.
Note: It will ask the password for your account on the remote host, and copy the public key automatically to the appropriate location. If ssh-copy-id doesn’t work for you, use the method we discussed earlier to setup ssh password less login.
ssh-copy-id -i ~/.ssh/rsyncOverSshLocalUserNameLenovoT450S-062618 user@192.168.200.10
Now, you should be able to ssh to remote host without entering the password.
ssh -i ~/.ssh/rsyncOverSshLocalUserNameLenovoT450S-062618 192.168.200.10
Perform the rsync again, it should not ask you to enter any password this time.
rsync -avz -e ssh -i ~/.ssh/rsyncOverSshLocalUserNameLenovoT450S-062618 /home/ramesh/ ramesh@192.168.200.10:/backup/ramesh/