Archive

Archive for October, 2012

Install BackupPC on CentOS 6.3

October 18, 2012 26 comments

Last week, my boss asked me to install BackupPC on CentOS 6.3. Why CentOS? I actually have the same question–sorry, am used to Debian; regardless, my quest begun but I have to confess, it was not as easy as it seemed since there were fewer How To’s, Tips, and references for CentOS, especially 6 or 6.3 for that matter. This is reason enough for me to blog the steps I undertook to successfully install BackupPC on CentOS 6.3 and make it work after a week of “trial and error”–I may be a Debian user but am not a Linux geek. I am instead part of this group . Without further ado, let’s get it on!

  1. You need to have a running CentOS 6.3. I installed it with minimal components on a VM via Hyper-V 2; “lean but mean” so to say.

  2. Using Putty, connect to your CentOS box and install these useful tools:
    • wget – an easy-to-use CLI download tool.
    • nano – a file editor for humans.
    • screen – I like this tool because it allows you to have different screens for every task you to do; very useful, it enhances your Putty experience
    • man – your dependable CLI technical support.

    Use this command yum -y install man nano screen wget

  3. You need to add two special repositories, EPEL and REMI. A number of the packages we need for this endeavor is not part of the Red Hat / CentOS package manifest.
    wget -c http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
    wget -c http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
    rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm

  4. Enable the REMI repository.
    nano /etc/yum.repos.d/remi.repo

    Edit and save the above file to reflect this:

    name=Les RPM de remi pour Enterprise Linux $releasever – $basearch
    #baseurl=http://rpms.famillecollet.com/enterprise/$releasever/remi/$basearch/
    mirrorlist=http://rpms.famillecollet.com/enterprise/$releasever/remi/mirror
    enabled=1
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi
    failovermethod=priority

  5. Install the BackupPC pre-requisites.
    yum -y install perl-Compress-Zlib perl-Archive-Zip perl-File-RsyncP perl-suidperl openssh-clients expect

  6. Do an update, then upgrade, to make sure everything is up-to-date.
    yum -y update
    yum -y upgrade

  7. We need to create the user account that BackupPC will use and assign a password for it.
    adduser backuppc
    passwd backuppc

    You will be prompted to key-in your desired password. Remember this password ’cause you will need it later.

  8. And now folks, the moment you’ve all been waiting for, the BackupPC installation!
    yum -y install BackupPC

    I wish the command was longer or better yet, extremely complex but that’s just it…

  9. After the package installation, two biggies are now in place, Apache and BackupPC. Verify that these services are listed in the startup script.
    chkconfig –list backuppc
    chkconfig –list httpd

    Notice that both are turned off.

  10. We need to make these two services start at startup. Do this:
    chkconfig backuppc on
    chkconfig httpd on

  11. You’re probably guessing what’s Apache got to do with BackupPC; well, it runs the web interface but we need to do some tasks before we can use it. We first need to create the access file.
    htpasswd -c /etc/BackupPC/apache.users backuppc

    You will be prompted for a password; just key-in the password you assigned the backuppc user awhile back.

  12. Edit and save the BackupPC configuration file for Apache.
    nano /etc/httpd/conf.d/BackupPC.conf

    Your changes should reflect something like this:
    order deny,allow
    deny from all
    #allow from 127.0.0.1
    #allow from ::1
    allow from all
    AuthType Basic
    AuthUserFile /etc/BackupPC/apache.users
    AuthName “backuppc”

  13. As a safety precaution, make a duplicate of the BackupPC main configuration file.
    cp /etc/BackupPC/config.pl /etc/BackupPC/config.pl.ORIG

  14. We’ll use screen to help us accomplish this next task.
    screen
    nano /etc/BackupPC/config.pl

    In nano, press CTRL + W; this will invoke the search facility. Search for this parameter $Conf\{ServerMesgSecret\}.

    Now, press CTRL + A + C; this will open another screen. Run this command:
    mkpasswd -l 32 -d 16

    Highlight the output then press CTRL + A + P; this will bring you back to the previous screen. Right-click your mouse to paste the output between the single quotes of the aforementioned configuration parameter. You should have something like this:
    $Conf{ServerMesgSecret} = ‘7687nR848l39etpm7812w1f-pj3iEpb7’;

    Next, search for this parameter $Conf{CgiAdminUsers} and add backuppc. You should have something like this:
    $Conf{CgiAdminUsers} = ‘backuppc’;

  15. This time, edit the Apache configuration file.
    nano /etc/httpd/conf/httpd.conf

    Changes should reflect these changes:
    User backuppc
    Group apache
    ServerName actual_server_hostname_or_IP_Address:80
    (e.g. ServerName 172.27.10.25:80)

  16. Now, the secret that made the BackupPC web interface work:
    iptables -I INPUT -p tcp –dport 80 -j ACCEPT
    /sbin/service iptables save

    Just to make sure the firewall entry was saved, we verify.
    cat /etc/sysconfig/iptables. Result below:

    # Generated by iptables-save v1.4.7 on Mon Oct 15 15:57:49 2012
    *filter
    :INPUT ACCEPT [0:0]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [4:464]
    -A INPUT -p tcp -m tcp –dport 80 -j ACCEPT
    -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -p icmp -j ACCEPT
    -A INPUT -i lo -j ACCEPT
    -A INPUT -p tcp -m state –state NEW -m tcp –dport 22 -j ACCEPT
    -A INPUT -j REJECT –reject-with icmp-host-prohibited
    -A FORWARD -j REJECT –reject-with icmp-host-prohibited
    COMMIT
    # Completed on Mon Oct 17 15:57:49 2012

  17. We now are nearing completion, let’s start the services.
    service httpd start
    service backuppc start

  18. The finale, access the BackupPC web interface.
    http://backuppc_server_hostname/BackupPC

Whew, I sure am glad we’re done.

Now give yourself a pat on back for a job well done…

Hope this helps

Advertisements