Actually - you can't. Well - it doesn't really make sense to keep the backup archives on the RouterBoard hardware. If it brakes - we want to be able to restore the backup's - right ? So - what we need - is an external system we dump the backups onto - which is going to do the backups.
First of all - we need to create a scheduler run on the routeros
/system scheduler
add comment="Scheduler backup dump" disabled=no interval=1d name="Backup"
on-event="/system backup save name=daily_backup run"
start-time=01:01:00
This will take care of the automatic configuration backup.
Next - as we don't want everyone to access the routerboard to download the backup-file - we need to add a backup group and user, and set appropriate access rights.
/user group
add name="ftp" policy=ftp,!local,!telnet,!ssh,!reboot,!read,!write,!policy,!test,
!winbox,!password,!web,!sniff
/user
add address=10.X.X.X/32 comment="Backup User - to gain backups of the router
config" disabled=no group=ftp name="backup"
Add a password for the user backup. You'll need it later on.
Make sure that the address 10.X.X.X/32 is the IP-Address of your Linux Backup-server.
So - only the user backup user from that IP-Address can access the routerboard through ftp.
On the server - you need curl installed. For this - b.e. on an Ubuntu system, issue
~#sudo aptitude install curl
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Building tag database... Done
The following NEW packages will be automatically installed:
libcurl3
The following NEW packages will be installed:
curl libcurl3
0 packages upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 357kB of archives. After unpacking 680kB will be used.
Do you want to continue? [Y/n/?] Y
Writing extended state information... Done
Get:1 http://de.archive.ubuntu.com gutsy/main libcurl3 7.16.4-2ubuntu1 [182kB]
Get:2 http://de.archive.ubuntu.com gutsy/main curl 7.16.4-2ubuntu1 [175kB]
Fetched 357kB in 0s (541kB/s)
Selecting previously deselected package libcurl3.
(Reading database ... 141553 files and directories currently installed.)
Unpacking libcurl3 (from .../libcurl3_7.16.4-2ubuntu1_i386.deb) ...
Selecting previously deselected package curl.
Unpacking curl (from .../curl_7.16.4-2ubuntu1_i386.deb) ...
Setting up libcurl3 (7.16.4-2ubuntu1) ...
Setting up curl (7.16.4-2ubuntu1) ...
Processing triggers for libc6 ...
ldconfig deferred processing now taking place
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Writing extended state information... Done
Building tag database... Done
However - as it is insecure to provide scripts with passwords that can be seen inside the script or the process table - we'll use the .netrc file the curl program looks in for passwords. Create a file named .netrc in the home directory of the user who is going to perform the backups.
machine 10.X.X.X login backup password XXXXXXXX
Save the file - and make sure the mode is changed to 600 - e.g.:
~#chmod 600 .netrc
~$ ls -l .netrc
-rw------- 1 backup backup 48 2008-03-14 16:32 .netrc
You should now be ready for a first test. As we'll be using curl - let's do it with curl.
~$ curl -n ftp://backup@10.X.X.X/daily_backup.backup -o backup.config
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 293k 100 293k 0 0 1013k 0 --:--:-- --:--:-- --:--:-- 1503k
Ok - the curl call works. All we need to do now - is to write a script and add it into the crontab of the local user. For the script - you can use the backuper.sh.
This script has the advantage that it has some checks included - and moans in case something is not working right. So - copy that file to /usr/local/bin on your Linux Server, and add the following into the user's Crontab:
0 20 * * * /usr/local/bin/backuper.sh
This will execute the script every day, 20Minutes after midnight and append the date in reverse order to the name - e.g. 20080317_RB153.backup for March 17th.
Now - it is quite useless to not handle these also for backups. But this would be out of the scope of the local FAQ Entry. Check the Stargate's Backup section for one possibility in handling these.
|