10 votes

Advice on making a full snapshot/backup of a running Linux system (Debian)

Posted by milkbones_4_bigelow
Tags: linux, ask.advice, debian, encryption

Hi all,

I’m looking for advice re making a full snapshot/backup of a running Linux system (Debian).

In an ideal world, should an issue occur, I would like to be able to load a live USB with the backup, boot and write from that.

Timeshift seems to be an option but I’m wondering how the above would work in my case. A few questions.

  1. My disk is fully encrypted with LUKS. Would this pose a problem?
  2. I would like to write my backups to a veracrypt container. Would this pose any issue? I’m not sure how I would boot from a live USB in this case I could not decrypt the USB.

Essentially I’d like a step-by-step guide to backing up my full system (including all files in home) in such a way that I can easily roll back should the worst happen. Do any of you know of such a guide or can perhaps offer some help?

3 comments

  1. pyeri
    Link
    The easier path of lesser resistance here is to simply store whatever you need in the ~/user/ folder, for example: ~/user/source ~/user/documents ~/user/drafts Now all you have to do is write a...

    The easier path of lesser resistance here is to simply store whatever you need in the ~/user/ folder, for example:

    ~/user/source
~/user/documents
~/user/drafts

    Now all you have to do is write a bash script that periodically backs up these folders to your pen-drive or some other device on LAN such as a Raspberry Pi. If you happen to use mariadb databases, you can also add a mysqladmin call to backup your table data to a CSV or something.

    That simple, really! Messing up with partition backups and things like that could be cumbersome and costly affair.

    3 votes
  2. brokenpipe
    Link
    I recently had this debate as well (after my boot drive m2 SSD started throwing bad block errors) and settled on https://github.com/cytopia/linux-timemachine. I had to throw an additional switch...

    I recently had this debate as well (after my boot drive m2 SSD started throwing bad block errors) and settled on https://github.com/cytopia/linux-timemachine. I had to throw an additional switch in there (as its based on rsync) not to cross file systems, but I now have / and /var backed up twice a day to a raid 1 two drive external hard drive. I did a "restore" by restoring that data on a new SSD that I swapped out with the old SSD. So far, so good.

    That all said, very curious to see what other responses you might get!

    2 votes
  3. vord
    (edited )
    Link
    Honestly, use BTRFS on root. It's been great for doing live migrations of hard disks. I dd over the EFI partion to a second drive, then add a second partition for the BTRFS root, then turn on RAID...

    Honestly, use BTRFS on root. It's been great for doing live migrations of hard disks. I dd over the EFI partion to a second drive, then add a second partition for the BTRFS root, then turn on RAID 1 BTRFS, which clones over while the system is running. If I'm just doing a migration I then remove the first disk, and the computer continues to run even after I format the drive that's been used to boot. It's practically voodoo.

    Setting it up that way, it becomes trivial to boot off either hard drive.

    I realize it doesn't quite work with your encryption setup that I know of, but IMO that kind of data should be well-segregated from the root partition. Generally there's very little on my root partition that could do damage if it fell into the wrong hands. Although it'd be great if there could be a file integrity checksum stored encrypted in the EFI partition which could be validated on boot. I care more that my root partition wasn't tampered with than people being able to read the contents.

    2 votes