how to properly Backup a PBS-VM?

W

WizzurdOfOdd

New Member
May 11, 2023
6
0
1
Hi,

so currently im running PBS as a VM on my PVE.
Im backing my PVEs configuration (e.g. /etc/qemu.. | /etc/lxc) with borg backup to a remote location. so in case of a hardware failure i can mount the borg repo and restore my PVE.
well now i thought, it would be great that i can do the same with the PBS, basically backup the configuration of datastores / remotes / Syncs etc.

so my ideal restore case would be:
setup a new PVE, mount the borg PVE backup and restore the configuration of all lxcs and VMs
setup a new PBS and mount the borg PBS backup and restore the configuration of datastores, remotes and all of this.
then restore the VMs and LXCs and have a new running environment.


so... my question here would be:
what files etc. would i need to backup from the pbs to archive such a desired state? :D

thanks and best regards,
Gerhard
 
I backed up the whole PBS VM via VZDump to some NAS. Then I first restore the PBS VM from that backup archive so PBS is running again and then being able to restore everything else from PBS.
Or even better, have two PBS VMs running on different server that will sync each other datastores. You could then backup PBS VM to another PBS.

For PVE and PBS you usually want to have a backup of the whole /etc folder to have backups of most config files for all those hundreds of Debian/Proxmox packages.
I also back up /usr, /var/lib/vz, /root and /home for PVE.
 
Last edited:
  • Like
Reactions: Chris
is the VZDump encrypted?
the thing is i would like to store this VM outside of my location encrypted, thats why I was thinking of "just" backing up the configuration.

unfortunately I only have one server in my homelab and only an old NAS on which i cant run VMs or Containers
 
Last edited:
WizzurdOfOdd said:
is the VZDump encrypted?
Click to expand...
It's not, but you could store it on some encrypted storage or write a vzdump hook script to automatically encrypt that backup archive after taking the backup. So you could do the VZDump backup to local storage, the hook script then encrypts it using the encryption tool of your choice and then move that backup using the tool of your choice to some untrusted storage.

Tuxis also offers 150GB of free PBS storage in case you want to try that. You could then backup your PBS VM encrypted to their PBS.
 
Last edited:
  • Like
Reactions: WizzurdOfOdd and Chris
hm... not a bad idea :)
question in regards to this: how often would you upload the backup to the remote location? i mean, as long as i dont update the PBS or something like that i should be fine right? i mean all the backups are stored on the datastores not the VM itself.

or am i missing something? :D
 
I backup the PBS VMs every week. But when backing up PBS to PBS it doesn't really matter how many backups you store thanks to deduplication.
 
ok, so just for anyone who also wants to go the way i do:



Dennis Schroeder made a nice little backupscript for the PVE:

https://schroederdennis.de/tutorial...ackup-mit-borg-backup-fertiges-backup-script/ (i know unfortunately in german, but i guess you get what hes doing here). I save this backupscript under /script/borg.sh



I run the borg.sh script daily on my PBS, but i only backup these files / folders:

Code: 
/etc/fstab

/scripts

and in: /etc/proxmox-backup/datastore.cfg, prune.cfg, remote.cfg, sync.cfg, proxy.key and proxy.pem



in case my backupserver dies, i just create a new VM with the same PBS Version (v3 in my case), same password and the same IP address of my old PBS.

then i create the folder /scripts and in it a restore.sh with following content:



Bash: 
#!/bin/sh



# Update package lists and install BorgBackup

apt update -y
apt install borgbackup -y



# Set credentials for Hetzner Cloud

cat > /etc/.credentials << EOL
user=XXXXXXXXXXXXXXXXXXXXXXXXXXX
password=XXXXXXXXXXXXXXXXXXXXXXXXXXX
EOL



# Create necessary directories

mkdir -p /mnt/{borgmount,test,borg,restore}



# add Mount of Hetznercloud Borg repository to fstab

cat >> /etc/fstab << EOL
//XXXXXXXXXXXXXXXXXXXXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXXXXX /mnt/borg cifs iocharset=utf8,rw,credentials=/etc/.credentials,noserverino,file_mode=0660,dir_mode=0770 0 0
EOL



# Reload systemd manager configuration and mount filesystems

systemctl daemon-reload
mount -a


# Set BorgBackup repository and passphrase
export BORG_REPO=/mnt/path/to/your/borg/repo
export BORG_PASSPHRASE='XXXXXXXXXXXXXXXXXXXXXXXXXXX'

# List all backups and extract the latest one
borg list $BORG_REPO >> /mnt/test/allbackups.txt
tail -n 1 /mnt/test/allbackups.txt | awk '{print $1}' >> /mnt/test/last.txt

# Mount the latest backup and copy necessary files
export LATESTBACKUP=$( cat /mnt/test/last.txt)
borg mount $BORG_REPO::$LATESTBACKUP /mnt/restore
cd /mnt/restore
cp -r scripts /
cp /mnt/restore/etc/fstab /etc/fstab
cp /mnt/restore/etc/proxmox-backup/{datastore.cfg,prune.cfg,remote.cfg,sync.cfg,proxy.key,proxy.pem} /etc/proxmox-backup/

# Set ownership for copied Proxmox Backup configuration files
chown root:backup /etc/proxmox-backup/{datastore.cfg,prune.cfg,remote.cfg,sync.cfg,proxy.key,proxy.pem}

# Reload Proxmox Backup Proxy service
systemctl reload proxmox-backup-proxy

# Copy and add cronjobs
cp /mnt/restore/etc/my_cron_jobs.txt /etc/my_cron_jobs.txt
crontab /etc/my_cron_jobs.txt

# Reboot the system
init 6



then I make the script runable and execute it with

Code: 
chmod +x /scripts/restore.sh
bash /scripts/restore.sh



after a reboot i login and have all my datastores, my prunes, remotes, syncs etc. again and can run backups as usual, without any touch, as the fingerprint is also the same :)



im pretty happy, hope this helps someone to fast and easy backup and restore a PBS :)



regards,

Gerry
 
so technically in case my physical host with PVE dies, it would just be necessary to restore my /etc/pve, setup a new backupserver, run the script from my last answer, make sure my PBS Storage connects properly, then I could restore my machines from my datastore back to its original location / to a new one, am I on the right path with this kind of setup? :D
 
Depends on how much you harden security of PVE/PBS and how much you optimize them. If you do that there is a lot more to do.
- installing additional packages
- editing lots of configs of debian packages that are not in /etc/pve
- setting up users/groups/privileges
- changing the owner of every backup group to match the new user
...

But yes, always good to have a backup of the "/etc" folders while waiting for the staff to add PVE host backup feature to PBS.
And I would also highly recommend that you create a proper documentation, so in case you need to set them up again, you could have a look at your notes to see what you did, when and how.
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back