Seed VyOS / EdgeOS
We start by seeding the routers with a script to insert a ssh-key used by FreeNAS to access to box. We make add the backup cronjob and make sure it runs on a daily-basis. We also move the apt daily-cronjob to the root-homedirectory as it seems to unnecessarily slow things down. Make sure to replace your key in the script by your own. I’m using the backup user on VyOS (native user).
#!/bin/sh mkdir /home/backup mkdir /home/backup/.ssh/ mv /etc/cron.daily/apt /root/ chown backup:backup /home/backup -R chmod 750 /home/backup/.ssh/ echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNoBYvmqNw6lU7XzpS25dzO9D3H0+Ou1OqW94i1FYEUe6nFJfKnSxCPsxXgwBvT7xZMx1EWW8A8kxrSiiEcaiGiI9PXvL7Kr6CFr+WmDqudDpcx7SVV2+n7ifaXjpxySKMKnGh/uCLR5P4ElLp0n5qRpG2lkEbXsRwqsnr4csnovmw5P8ZCEghAYK51hMBrTVsj6rKnjNVtQWPLPryPn6koDLcPZnGF9gaN5Azm42p7QLTE9bfzow4ZfGm5+ljiqiCINjGfkEyoEmNciyEmd8aVtcfcFAFxC3nwZXZ2KJgGag1tsPZNp5sqLmuSJKzxgM8tqyzU8XFLH3ClINWdd7R firstname.lastname@example.org" > /home/backup/.ssh/authorized_keys sed -i 's/backup.*/backup:x:34:34:backup:\/home\/backup:\/bin\/sh/' /etc/passwd cat > /etc/cron.daily/backup << EOL #!/bin/sh rm -f /home/backup/backup-* date="$(date +%Y-%m-%d_%H%M)" tar czf /home/backup/backup-\$date.tar.gz /config/ &> /dev/null chmod 700 /home/backup/backup-\$date.tar.gz chown backup:backup /home/backup/backup-\$date.tar.gz EOL chmod 775 /etc/cron.daily/backup run-parts --verbose /etc/cron.daily
Enable SSH access on the box accessible from FreeNAS. To generate a key SSH as root into your FreeNAS and do su – backup to identify as backup user; then generate a ssh-key with ssh-keygen -t rsa. You can view your ssh-key with cat ~/.ssh/id_rsa.pub. Copy that in the script.
EdgeOS needs rsync
Don’t forget to install rsync on Ubiquiti EdgeOS devices
configure set system package repository wheezy components 'main contrib non-free' set system package repository wheezy distribution wheezy set system package repository wheezy url http://http.us.debian.org/debian commit save sudo su - apt-get update apt-get install rsync
It’s best to test SSH connectivity towards each target on the command-line before attempting to configure an Rsync Task. You can do so by SSH’ing into your FreeNAS as root. Test the target by SSHing as backup user: su – backup, ssh target-ip, you should be logged-in without a hitch (accept the host-key if asked).