Creating a image of the whole nethserver

capote · February 26, 2020, 6:12pm

no, I don’t use any DC or LDAP-Directory, only local user.

LOG

2020-02-26 17:30:36 Reading hosts file
2020-02-26 17:30:36 BackupPC 4.3.1 (Perl v5.16.3) started, pid 25121
2020-02-26 17:30:36 Next wakeup is 2020-02-26 18:00:00
2020-02-26 17:30:42 Got signal TERM… cleaning up (exit code = 0)
2020-02-26 17:30:42 Reading hosts file
2020-02-26 17:30:42 Added host linux-template to backup list
2020-02-26 17:30:42 Added host windows7-template to backup list
2020-02-26 17:30:42 Added host windows8-template to backup list
2020-02-26 17:30:42 Added host windowsxp-template to backup list
2020-02-26 17:30:42 BackupPC 4.3.1 (Perl v5.16.3) started, pid 25679
2020-02-26 17:30:42 Next wakeup is 2020-02-26 18:00:00
2020-02-26 18:00:00 Next wakeup is 2020-02-26 19:00:00
2020-02-26 18:33:35 Got signal TERM… cleaning up (exit code = 0)
2020-02-26 18:58:02 Reading hosts file
2020-02-26 18:58:02 BackupPC 4.3.1 (Perl v5.16.3) started, pid 2086
2020-02-26 18:58:02 Next wakeup is 2020-02-26 19:00:00
2020-02-26 19:00:00 Next wakeup is 2020-02-26 20:00:00

Status.pl

%Info = (
“ConfigLTime” => “1582739882”,
“DUInodeDailyMaxTime” => “1582734636”,
“DUInodeDailyMax” => 1,
“DUlastValueTime” => “1582739882”,
“ConfigModTime” => “1582734641”,
“nextWakeup” => “1582740000”,
“DUDailyMax” => 3,
“DUDailyMaxTime” => “1582734636”,
“Version” => “4.3.1”,
“pid” => 2086,
“DUlastValue” => 3,
“HostsModTime” => “1582734641”,
“startTime” => “1582739882”,
“DUInodelastValue” => 1
);
%Status = (
“windows7-template” => {
“endTime” => “”,
“reason” => “Reason_nothing_to_do”,
“activeJob” => 0,
“startTime” => “1582736400”,
“userReq” => undef,
“state” => “Status_idle”
},
“windowsxp-template” => {
“endTime” => “”,
“reason” => “Reason_nothing_to_do”,
“activeJob” => 0,
“startTime” => “1582736400”,
“userReq” => undef,
“state” => “Status_idle”
},
“linux-template” => {
“endTime” => “”,
“reason” => “Reason_nothing_to_do”,
“activeJob” => 0,
“startTime” => “1582736400”,
“userReq” => undef,
“state” => “Status_idle”
},
“windows8-template” => {
“endTime” => “”,
“reason” => “Reason_nothing_to_do”,
“activeJob” => 0,
“startTime” => “1582736400”,
“userReq” => undef,
“state” => “Status_idle”
}
);

ssl_access_log

192.168.3.11 - admin [26/Feb/2020:19:08:35 +0100] “GET /BackupPC HTTP/1.1” 401 381
192.168.3.11 - - [26/Feb/2020:19:08:41 +0100] “GET /BackupPC HTTP/1.1” 401 381

ssl_error_log

[Wed Feb 26 19:08:35.745586 2020] [authnz_pam:warn] [pid 2912] [client 192.168.3.11:49659] PAM authentication failed for user admin: Authentication service cannot retrieve authentication info
[Wed Feb 26 19:08:35.746449 2020] [auth_basic:error] [pid 2912] [client 192.168.3.11:49659] AH01617: user admin: authentication failure for “/BackupPC”: Password Mismatch

stephdl · February 26, 2020, 6:37pm

no, I don’t use any DC or LDAP-Directory, only local user.

you need it it is a mandatory

capote · February 26, 2020, 6:39pm

very sad, then I cannot use the solution and I am as smart as before.

stephdl · February 26, 2020, 8:04pm

of course you can use it, I use an authentication via PAM inside the BackupPC vhost

you can remove the authentication
you can create a authentication with a static file

custom-templates is the key, a viable solution could be imported in my rpm

github.com

stephdl/nethserver-BackupPC4/blob/ns7/root/etc/e-smith/templates/etc/httpd/conf.d/BackupPC.conf/10base#L17


Alias /BackupPC/images /usr/share/BackupPC/html/


ScriptAlias /BackupPC /usr/libexec/BackupPC/BackupPC_Admin
ScriptAlias /backuppc /usr/libexec/BackupPC/BackupPC_Admin




   <IfModule !authnz_pam_module>
       LoadModule authnz_pam_module modules/mod_authnz_pam.so
   </IfModule>


   <Location /backuppc>
       AuthName "backuppc"
       AuthType Basic
       SSLRequireSSL on
       AuthBasicProvider PAM
       AuthPAMService backuppc
       Require valid-user
       Satisfy all
   </Location>


   <Location /BackupPC>

something like this should work

https://cwiki.apache.org/confluence/display/HTTPD/PasswordBasicAuth

michelandre · February 27, 2020, 5:08am

Hi Marko,

This is the cause of your problem.

You have absolutely to install an Account Provider (LDAP locally).

This will create the required admin user.

When the installation is finished, go to Management and groups and give a password to admin to activate it.

You have to also create a user backuppc inside the NethServer Web interface and put him in the group domain admin.
:

Then login to BackupPC using admin with the password you just gave.

Enjoy!,

Michel-André

capote · February 27, 2020, 7:09am

Hi Michael-Andre,
thank you for your awesome support.

Now it’s my turn to try this. So far, I have had no need to go beyond local users. I had already experimented with an LDAP server on my Synology DiskStation, but didn’t succeed in trying to use the logged in users on my Macs. The effort and benefit of making the switch was not in any meaningful use for me.
Also, I had no migration strategy.
Now I’m thinking about using the Synology LDAP server so that in case of a disaster, I can simply reinstall my Nethserver without losing the LDAP directory.

My strategy now would be:

implement your proposal and gain experience
build a network-wide LDAP server on top of Synology and use it for all accounts, including Nethserver.

capote · February 27, 2020, 7:24am

Your Documentation worked fine and I’m able to login into BackupPC. Now I will trie to use it.
THANK YOU AGAIN!

michelandre · February 27, 2020, 2:50pm

Hi Marko,

Glad it’s working.

The users are never lost in LDAP when you uninstall it, they are saved in a folder. They come back when you re-install LDAP (like in the case of changing the server name).
Consider LDAP as a GUI for the /etc/passwd file.

I do not see the usefulness of Synology’s LDAP.
LDAP is already included in NethServer.
Why use 2 technologies when you can use only one?

\

Backup is included in NethServer and is very easy to use.

Maybe it will be easier for you to start by having a look at: https://dokuwiki.micronator-dev.org/doku.php?id=nethserver_101_cahier_11_nethserver_backuppc&do=index. Translate with Google the first one (cours_nethserver_101) to have an idea of what are the other documents.

Michel-André

Andy_Wismer · February 27, 2020, 3:02pm

@capote
@michelandre

Hi

I use Synology a lot, Backup of a Synology works mostly (Using Hyperbackup to a local 8TB USB Drive, sometimes 2…).
As a NAS, Synology is not bad, it does it’s job quite well!

That does NOT entail Synology’s AD or LDAP or even DNS Solutions.
Some critical stuff is hardcoded, like the base DNS Server name.
Synology has NEVER produced a Server and the Support for AD is very poor. I can’t say for LDAP, I only had a quick look at it and it looked like the same as AD and DNS, just a different color but the same smell… (You know the saying, the fish starts smelling from the head…)

You’ve now got a backup/restor solution working for NethServer, a real SERVER Solution, not a NAS bloated to Server functionality…

Better use NethServer as your primary LDAP, and use Synology as a mirror copy of the NethServer NAS (If Synology can do that…).

This is intended as constructive critic, I’m seconding MichaelAndré…

My 2 cents
Andy

capote · February 27, 2020, 10:54pm

Thank you @Andy_Wismer and @michelandre. Your annotations are very interesting.

My Diskstation is my data grave and runs and runs and runs… a stable system, no problems in the last 7 years. But I don’t do critical experiments with it unlike Nethserver.
I had to set up NS completely new several times because I couldn’t fix mistakes and the complete reinstallation was much faster. (that was the reason to think about doing a drive image for disaster recovery)
In the case of the loss of the complete NS installation, I also assume the loss of the LDAP. Synology LDAP would be the surviving system.

I have no experience with restoring NS Backups and would like to avoid bringing in misconfigurations into a fresh installation via restore.

BackupPC is not an easy understandable system, esp.the french instructions do not make it easier.

I have to try a lot… As soon as I have enough confidence in NS and my administration skills, I will also use LDAP.
Thank you for your patience.

michelandre · February 27, 2020, 11:02pm

Hi Marko,

Before going any further you need to use Virtual machines - this is a must for testing as you can easily take a snapshot of a machine and return to it in case of an error. It takes only a few seconds to return to a previous machine, you do not have to reinstall…

Have a look at: https://dokuwiki.micronator-dev.org/doku.php?id=nethserver_101_cahier_02_installations_configurations_logiciels_prerequis to install all the required softwares for a testing environment.

In that, it will show you how to install VirtualBox - a must…

Michel-André

capote · February 27, 2020, 11:10pm

Hi Michael, you can read minds, that’s exactly why I’m experimenting with Proxmox. I have already installed NS as a VM, but I can’t get it configured as a gateway, because only one of the two physical interfaces can be activated in Proxmox. But this is now a bit off topic here.

michelandre · February 28, 2020, 12:07am

Hi Marko.

A lot of people at NS are using Proxmox but I prefer VirtualBox - easier. I do not have a big LAN so VB is quite good for me.

I made a document on it: https://dokuwiki.micronator-dev.org/doku.php?id=nethserver_201_cahier_06_proxmox

Michel-André

dnutan · February 29, 2020, 11:05am

62 posts were merged into an existing topic: Problem configuring NethServer as gateway in Proxmox

capote · February 29, 2020, 12:49pm

my Solution:

stojovski · March 4, 2020, 6:30am

Install veeam backup agent, works great.

royceb · March 4, 2020, 2:39pm

Using XCP-NG and XOA I automate my full system VM backups (you might consider this a whole system image) to an SMB/NFS/ISCSI FreeNas share as flat self contained vhd files. Within my Backup jobs I use TAG labels on each of my VM’s that have been defined within my backup jobs that automatically pull their respective VM’s for backup without me having to set policy per VM. Restoration is only limited by my hardware/networking backend and can be automated for disaster recovery detection/automatic deployment.

I’d highly suggest watching Lawrence System’s video to get a quick and dirty explanation/live demo if you were interested in learning about this platform from someone with tons of experience.

Andy_Wismer · March 4, 2020, 11:13pm

@stojovski

Hi

Isn’t this just Backup software?

It seems it can create images.

It’s just that VEEAM is a highly MS Company. Most Server Products are for VMWare or HyperV, and require a MS Server - to “administrate” a Linux system?

And VEEAM can’t handle KVM well - or not at all…
( or XCP-NG, for that matter!)

My 2 cents
Andy

stojovski · March 5, 2020, 6:10am

Well I have a very good experiense with veeam, and it is backup software, i have tested with nethserver, it’s just very reliable.Of course with kvm you can use image backup.I spoke about backup.With veeam i was able to restore completely, and also with proxmox.Proxmox it’s just great, all on board, than you don’t need any image backup software, and Nethserver have a backup on board. For veeam agent you don’t need MS system, it works from Linux console.

Andy_Wismer · March 5, 2020, 9:30am

OK, thx for the Infos…

The Titel IS about Imaging, not Backups…

I looked and tested VEEAM against a ESXi 5.5 2 years back.
Not just the Backup, but the whole set of Tools freely available at the time.
I even installed a Windows Server in ESXi to manage it, but that wouldn’t work at all!
Tried even in two separate locations.

Maybe, in those two cases, Novell’s IPX Protocolls (And other, nowadays rare stuff) on the LAN were interrupting, as besides for NetWare, my friend had a very similiar setup, even same hardware, and it was working for him.

Maybe another look might be worth it, as I still have clients running Netware on ESXi, those are the only ESXi I still have running…

My 2 cents
Andy