techne/btrbk.org

#+title: Btrbk
#+setupfile: ../org-templates/page.org

** On the host machine
#+begin_quote
Run these commands as root
#+end_quote

Add a system user for btrbk:
#+begin_src shell
useradd -c "Btrbk user" -m -r -s /bin/bash -U btrbk
#+end_src

Setup sudo for btrbk:
#+begin_src shell
echo "btrbk ALL=NOPASSWD:/usr/sbin/btrfs,/usr/bin/readlink,/usr/bin/test" | tee -a /etc/sudoers.d/btrbk
#+end_src

Create a subvolume for each client:
#+begin_src shell
mount /dev/sda1 /mnt/storage
btrfs subvolume create client_hostname
#+end_src

** On each client machine
Create a dedicated SSH key:
#+begin_src shell
mkdir -p /etc/btrbk/ssh
ssh-keygen -t ed25519 -f /etc/btrbk/ssh/id_ed25519
#+end_src

Add each client's SSH public key to ~/home/btrbk/.ssh/authorized_keys~ on the NAS machine:
#+begin_src shell
ssh-copy-id -i /etc/btrbk/ssh/id_ed25519 btrbk@nas.local
#+end_src

Create ~/etc/btrbk/btrbk.conf~ on each client:
#+begin_src shell
transaction_log /var/log/btrbk.log
snapshot_preserve_min latest
target_preserve 24h 7d 1m 1y
target_preserve_min 7d
ssh_user btrbk
ssh_identity /etc/btrbk/ssh/id_ed25519
backend btrfs-progs-sudo
snapshot_dir /btrbk_snapshots
target ssh://nas.local/mnt/storage/<client hostname>
subvolume /
subvolume /home
snapshot_create ondemand
#+end_src

Create directory to store btrbk snapshots on each client machine:
#+begin_src shell
mkdir /btrbk_snapshots
#+end_src

Create ~/etc/systemd/system/btrbk.service~:
#+begin_src systemd
[Unit]
Description=Daily btrbk backup

[Service]
Type=simple
ExecStart=/usr/bin/btrbk -q -c /etc/btrbk/btrbk.conf run
#+end_src

Create ~/etc/systemd/system/btrbk.timer~:
#+begin_src systemd
[Unit]
Description=Daily btrbk backup

[Timer]
OnCalendar=*-*-* 23:00:00
Persistent=true

[Install]
WantedBy=timers.target
#+end_src

Alternatively, create a shell script to be placed under ~/etc/cron.daily~:
#+begin_src shell
#!/usr/bin/env bash

set -e

/usr/bin/btrbk -q -c /etc/btrbk/btrbk.conf run >/dev/null
#+end_src