IPCop-Forum.de

www.ipcop-forum.de


IPCop-Community
CL-Systems
Home Home   Doku Doku   Links Links   Downloads Downloads
UnIPCop Der (Un)IPCop   IFS IPCop-ForumSpy
CopTime CopTime   Galerie IPCop-Galerie   IPCop Userkarte Userkarte
Aktuelle Zeit: 25.09.2017, 22:34

Alle Zeiten sind UTC+02:00




Ein neues Thema erstellen  Auf das Thema antworten  [ 1 Beitrag ] 
Autor Nachricht
 Betreff des Beitrags: Backup and Restore
BeitragVerfasst: 09.06.2015, 23:19 
Offline
Rookie
Themenstarter
Rookie

Registriert: 09.06.2015
Beiträge: 4
Hi:
First, I hope it's ok to use English here. I am a longtime user of IPCop, and I would like to see if anyone has any improvements to suggest about the way I do my backups. I like to have a second machine with a duplicate of the configuration from my primary machine in case of hardware failure. I never had any luck with the backup in IPCop, and in any case it's not designed to bring an already installed machine to the same configuration as another. So on my production machine I run a script which I found years ago:
Code:
#! /bin/bash
# script written by Rod to allow cli backup of system
OUTFILE=ipcop_backup_date.tgz
# These are files IPCop specifically wants to be included
cat /var/ipcop/backup/include.system /var/ipcop/backup/include.user > /tmp/allIncludes
# I make this verbose so I can see what files are backed up
/bin/tar -T /tmp/allIncludes -X /var/ipcop/backup/exclude.system -X /var/ipcop/backup/exclude.user -C / -czvf /tmp/$OUTFILE
# clean up after ourselves
rm /tmp/allIncludes
# let the user know where to find the backup
echo Configuration backed up to /tmp/$OUTFILE

I then take that file, untar it on the backup machine, and run the following script in that directory:
Code:
#! /bin/bash
# Restore the important files from an IPCop backup.

# Firewall
cp var/ipcop/firewall/customnetworks /var/ipcop/firewall/customnetworks
cp var/ipcop/firewall/addressGroups /var/ipcop/firewall/addressGroups
cp var/ipcop/firewall/config /var/ipcop/firewall/config
cp var/ipcop/firewall/customservices /var/ipcop/firewall/customservices
cp var/ipcop/firewall/settings /var/ipcop/firewall/settings

# CA
cp var/ipcop/ca/*.pem /var/ipcop/ca/

# Certs
cp -f var/ipcop/certs/* /var/ipcop/certs/

# Crls
cp var/ipcop/crls/* /var/ipcop/crls/

# DHCP
cp -f var/ipcop/dhcp/dnsmasq.* /var/ipcop/dhcp/
cp -f var/ipcop/dhcp/fixedleases /var/ipcop/dhcp/fixedleases
cp -f var/ipcop/dhcp/settings /var/ipcop/dhcp/settings

# Ethernet
# Note - don't copy the settings file, that will reset your NICs
cp var/ipcop/ethernet/aliases /var/ipcop/ethernet/aliases

# Main
# Note: probably better to leave hostname.conf & settings commented,
# since they will have been set during install.
# cp var/ipcop/main/hostname.conf /var/ipcop/main/hostname.conf
# cp var/ipcop/main/settings /var/ipcop/main/settings
cp var/ipcop/main/hosts /var/ipcop/main/hosts

# IPSec
# If you're building a backup machine, don't do this unless the backup is
# on an isolated network!
# cp var/ipcop/ipsec/* /var/ipcop/ipsec/

# OpenVPN
# Better to just recreate these, doesn't seem to set everything correctly
# (at least when moving from 2.0.x to 2.1.x)
# cp -r var/ipcop/openvpn/* /var/ipcop/openvpn/

# VPN
cp var/ipcop/vpn/* /var/ipcop/vpn/

# SNAT
# Only uncomment if needed for custom SNAT rules
# cp etc/rc.d/rc.firewall.local /etc/rc.d/rc.firewall.local

# Only uncomment this if you have installed Snort and Guardian add-ons
# cp var/ipcop/guardian/settings/guardian.ignore /var/ipcop/guardian/settings/guardian.ignore
# cp var/ipcop/guardian/ipblock/config /var/ipcop/guardian/ipblock/config


This seems to work well, even when moving from 2.0.x to 2.1.x (except as noted in the script, OpenVPN did not work).

My question is, am I missing anything important in doing this? Does anyone have a script like this to compare? And I'd like to be able to copy my OpenVPN setup to a newer version, any ideas on that?

Thanks,
Bl0bby


Nach oben
   
Beiträge der letzten Zeit anzeigen:  Sortiere nach  
Ein neues Thema erstellen  Auf das Thema antworten  [ 1 Beitrag ] 

Alle Zeiten sind UTC+02:00


Wer ist online?

Mitglieder in diesem Forum: 0 Mitglieder und 1 Gast


Du darfst keine neuen Themen in diesem Forum erstellen.
Du darfst keine Antworten zu Themen in diesem Forum erstellen.
Du darfst deine Beiträge in diesem Forum nicht ändern.
Du darfst deine Beiträge in diesem Forum nicht löschen.

Suche nach:
Gehe zu Forum:  
cron
Powered by phpBB® Forum Software © phpBB Limited
Deutsche Übersetzung durch phpBB.de