Btrbk: Difference between revisions

From NixOS Wiki
← Older editNewer edit →
VisualWikitext
imported>Onny
Add workaround for NOPASSWD in NixOS 23.11
imported>Onny
Make clear that instance name is custom
Line 24: Line 24:
services.btrbk = {
services.btrbk = {
   extraPackages = [ pkgs.lz4 ];
   extraPackages = [ pkgs.lz4 ];
   instances.remote = {
   instances."remote_myhost" = {
     onCalendar = "weekly";
     onCalendar = "weekly";
     settings = {
     settings = {
Line 76: Line 76:


<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
btrbk -c /etc/btrbk/remote.conf --dry-run --progress --verbose run
btrbk -c /etc/btrbk/remote_myhost.conf --dry-run --progress --verbose run
</syntaxhighlight>
</syntaxhighlight>


The filename <code>remote.conf</code> references the instance name choosen in the example configuration above.
The filename <code>remote_myhost.conf</code> references the instance name choosen in the example configuration above.


[[Category:Applications]]
[[Category:Applications]]
[[Category:Backup]]
[[Category:Backup]]

Revision as of 09:18, 7 December 2023

Btrbk, a tool for creating snapshots and remote backups of btrfs subvolumes.

Setup

When transferring backups of root filesystem snapshots using Btrbk, it is recommended to mount the root Btrfs drive with subvolume id 5 (in this example /dev/sda1) to a specific mountpoint where Btrbk can operate with. So in this case all subvolumes will be available as a subdirectory in /btr_pool. 

/etc/nixos/hardware-configuration.nix

fileSystems = {
  "/btr_pool" = {
    device = "/dev/sda1";
    fsType = "btrfs";
    options = [ "subvolid=5" ];
  };
};

Configuration

Following example configuration will create a weekly incremental backup of a local Btrfs subvolume called nixos and sends it compressed to the remote host myhost. The mount point /btr_pool, as referenced above, contains the subvolume.

The user btrbk together with the private key /etc/btrbk_key is used for authentication. 

/etc/nixos/configuration.nix

services.btrbk = {
  extraPackages = [ pkgs.lz4 ];
  instances."remote_myhost" = {
    onCalendar = "weekly";
    settings = {
      ssh_identity = "/etc/btrbk_key"; # NOTE: must be readable by user/group btrbk
      ssh_user = "btrbk";
      stream_compress = "lz4";
      volume."/btr_pool" = {
        target = "ssh://myhost/mnt/mybackups";
        subvolume = "nixos";
      };
    };
  };
};

The user has to be created on the remote host and needs root permissions on the commands btrfs, readlink and test, for example via sudo. For transport stream compression using lz4 to work, the package must also be installed on the target host. The target host configuration for Btrbk could look like this: 

/etc/nixos/configuration.nix

security.sudo = {
  enable = true;
  extraRules = [{
    commands = [
      {
        command = "${pkgs.coreutils-full}/bin/test";
        options = [ "NOPASSWD" ];
      }
      {
        command = "${pkgs.coreutils-full}/bin/readlink";
        options = [ "NOPASSWD" ];
      }
      {
        command = "${pkgs.btrfs-progs}/bin/btrfs";
        options = [ "NOPASSWD" ];
      }
    ];
    users = [ "btrbk" ];
  }];
  extraConfig = with pkgs; ''
    Defaults:picloud secure_path="${lib.makeBinPath [
      btrfs-progs coreutils-full
    ]}:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"
  '';
};

environment.systemPackages = [ pkgs.lz4 ];

Manual usage

Manually dry running and testing a btrbk configuration 

btrbk -c /etc/btrbk/remote_myhost.conf --dry-run --progress --verbose run

The filename remote_myhost.conf references the instance name choosen in the example configuration above.

Retrieved from "https://wiki.nixos.org/w/index.php?title=Btrbk&oldid=10468"