Setting up automated appvm backups using cron?
25 views
Skip to first unread message
Stumpy
Nov 25, 2018, 4:33:18 PM11/25/18
to Qubes users
I was wanting to back up some of my more important appvms, like vault,
on a regular basis. I am lazy so was thinking that cron might be an
option? Its been awhile since I used cron but I assume I could make a
job with a line like:
qvm-backup -d vault -p /tmp/vault-key ?????
I am not sure about the last part as I would like to put it on an
external drive so in 3.2 I could have pointed it to the ext drive on
dom0 but now I am not quite sure where to point it? Ideas?
on a regular basis. I am lazy so was thinking that cron might be an
option? Its been awhile since I used cron but I assume I could make a
job with a line like:
qvm-backup -d vault -p /tmp/vault-key ?????
I am not sure about the last part as I would like to put it on an
external drive so in 3.2 I could have pointed it to the ext drive on
dom0 but now I am not quite sure where to point it? Ideas?
Ivan Mitev
Nov 26, 2018, 2:16:00 AM11/26/18
to qubes...@googlegroups.com
Hi,
On 11/25/18 11:31 PM, Stumpy wrote:
> I was wanting to back up some of my more important appvms, like vault,
> on a regular basis. I am lazy so was thinking that cron might be an
> option? Its been awhile since I used cron but I assume I could make a
> job with a line like:
>
> qvm-backup -d vault -p /tmp/vault-key ?????
qvm-backup --yes --passphrase-file /some/file /backup/dir vmname
then create an executable script with this one-liner and put it in one
of the /etc/cron.* dir (eg weekly, daily). Or, create a specific cron
entry in /etc/cron.d/
> I am not sure about the last part as I would like to put it on an
> external drive so in 3.2 I could have pointed it to the ext drive on
> dom0 but now I am not quite sure where to point it? Ideas?
I backup VMs in dom0 (qvm-backup ... like above) and then copy the
backup file to a mounted dir in an AppVM (could be an external HD, a
NFS/smb share, ...).
eg.:
cat backupfile | qvm-run --pass-io work "cat > /store/dir/qubes/backupfile"
You can backup multiple VMs at once with `qvm-backup` so you can't
specify a target file. A workaround is to create a dedicated target
directory for each qvm-backup "run" and `ls` the file(s) created there
(I prefer to run `qvm-backup` for each vm rather than listing all the
vms at once - it helps with error detection and simplifies scripting).
Here's how you could backup some VMs to /bkpvm in dom0 and then copy the
files to a mount in the 'work' AppVM:
for vm in vault banking; do
bkpdir=/bkpvm/$vm-$(date "+%FT%H%M%S")
mkdir $bkpdir
qvm-shutdown --wait --timeout 60 $vm
qvm-backup --yes --passphrase-file /some/file $bkpdir $vm
bkpfile=$(ls $bkpdir)
cat $bkpfile | qvm-run --pass-io work "cat > /mnt/qubes/backupfile"
done
Note- no guarantee that the above works as-is (I've copied/adapted the
main commands from my backup script).
FWIW backuping large VMs is a waste of resource when there are only a
few files changed. For such VMs I mount an encrypted volume in a
dedicated backup AppVM and rsync the content of the VM there. That's
much, much, much (did I say much ?!) faster and efficient than the
qvm-backup resource hog.
BTW writing a backup strategy doc is on my todo list for more than one
year. Can't get around to writing it :(
On 11/25/18 11:31 PM, Stumpy wrote:
> I was wanting to back up some of my more important appvms, like vault,
> on a regular basis. I am lazy so was thinking that cron might be an
> option? Its been awhile since I used cron but I assume I could make a
> job with a line like:
>
> qvm-backup -d vault -p /tmp/vault-key ?????
then create an executable script with this one-liner and put it in one
of the /etc/cron.* dir (eg weekly, daily). Or, create a specific cron
entry in /etc/cron.d/
> I am not sure about the last part as I would like to put it on an
> external drive so in 3.2 I could have pointed it to the ext drive on
> dom0 but now I am not quite sure where to point it? Ideas?
backup file to a mounted dir in an AppVM (could be an external HD, a
NFS/smb share, ...).
eg.:
cat backupfile | qvm-run --pass-io work "cat > /store/dir/qubes/backupfile"
You can backup multiple VMs at once with `qvm-backup` so you can't
specify a target file. A workaround is to create a dedicated target
directory for each qvm-backup "run" and `ls` the file(s) created there
(I prefer to run `qvm-backup` for each vm rather than listing all the
vms at once - it helps with error detection and simplifies scripting).
Here's how you could backup some VMs to /bkpvm in dom0 and then copy the
files to a mount in the 'work' AppVM:
for vm in vault banking; do
bkpdir=/bkpvm/$vm-$(date "+%FT%H%M%S")
mkdir $bkpdir
qvm-shutdown --wait --timeout 60 $vm
qvm-backup --yes --passphrase-file /some/file $bkpdir $vm
bkpfile=$(ls $bkpdir)
cat $bkpfile | qvm-run --pass-io work "cat > /mnt/qubes/backupfile"
done
Note- no guarantee that the above works as-is (I've copied/adapted the
main commands from my backup script).
FWIW backuping large VMs is a waste of resource when there are only a
few files changed. For such VMs I mount an encrypted volume in a
dedicated backup AppVM and rsync the content of the VM there. That's
much, much, much (did I say much ?!) faster and efficient than the
qvm-backup resource hog.
BTW writing a backup strategy doc is on my todo list for more than one
year. Can't get around to writing it :(
gdr...@gmail.com
Nov 26, 2018, 3:29:11 AM11/26/18
to qubes-users
So here is how I do it manually only once a week :
---%<-------------------------------
#!/bin/sh
VM_LIST=sys-net\ sys-firewall\ sys-net2\ sys-net3
MOUNT_PATH="/mnt/removable"
BACKUP_DIR="backupVM_desktop"
# all vm-shutdown
qvm-shutdown --wait --all --exclude=sys-net --exclude=sys-usb
qvm-run sys-net "sudo ifconfig ens5 down; sudo modprobe -r r8169"
qvm-shutdown --wait sys-net
# qvm-backup
qvm-backup --compress --verbose --passphrase-file /home/gdrub/read_in --dest-vm sys-usb $MOUNT_PATH/$BACKUP_DIR fedora-28-minimal-LAMP kali hyneview fedora-26 sys-net sys-net2 sys-net3 sys-firewall sys-firewall3 debian-8 debian-9 win10 docker dockerhost personal work dom0
# rotate
# /usr/bin/mv backup.1 backup.2 > /dev/null 2>&1
qvm-run sys-usb "sudo mv $MOUNT_PATH/$BACKUP_DIR/backup.1 $MOUNT_PATH/$BACKUP_DIR/backup.2"
# /usr/bin/mv backup backup.1 > /dev/null 2>&1
qvm-run sys-usb "sudo mv $MOUNT_PATH/$BACKUP_DIR/backup $MOUNT_PATH/$BACKUP_DIR/backup.1"
# /usr/bin/mv $lastfile backup > /dev/null 2>&1
qvm-run sys-usb "sudo mv $MOUNT_PATH/$BACKUP_DIR/qubes-backup* $MOUNT_PATH/$BACKUP_DIR/backup"
sleep 3
# vm-start
for VM in $VM_LIST
do
qvm-start $VM
done
sleep 30
qvm-start personal
qvm-start work
---%<-------------------------------
Best regards
Reply all
Reply to author
Forward
0 new messages