[RECIPE] Using git as a configuration backup tool

Turris Omnia
1

Hi,

I’m new to networking community. I spent last few days experimenting with various tweaks of my TO via LuCI and over ssh. I did some ad-hoc backups, but few times I simply had to revert to initial setup because I wasn’t sure what I modified and where.

I’m a developer, so I’m pretty fluent with git. I tried to use it as my configuration backup/review tool. And git proved to be indispensable for me during last few days. Not yet sure if this is a good idea or not, but this gave me great control (reverts!) and also I could see what is system actually doing with my /etc and understand it much better.

Prerequisities:

  1. turris system “turris”
  2. workstation “ws”
  3. ssh access from ws to turris, and from turris to ws (over LAN only!)

Setup on ws:

mkdir -p /turris/backup
cd /turris/backup
git init --bare etc.git
git clone etc.git

Setup on turris:

opkg install git
cd /etc
git init
git remote add ws user@ws.lan:/turris/backup/etc.git
echo "ssl" > .gitignore
git add .
git commit -m "initial"
git push -u ws master

So now /turris/backup/etc.git on ws and contains backup repository with initial state of your /etc folder. In /turris/backup/etc you have a working copy checkout of /turris/backup/etc.git for case you wanted to do some editing from your workstation. That means you can git pull in /turris/backup/etc and work on it (and use all the fancy editors and git tooling you have on your workstation). You can also use git commands to see status of modified files, diffs and commit and push to backup repo.

Typical workflow:
0. cd /etc

  1. git status reports a clean working directory
    2… you edit something in LuCI, via UCI, directly or some scripts change something in /etc
  2. to see what changed => git status
  3. you can review changes => git diff
  4. you can cherry-pick => git add some/file and git commit -m "describe the change"
  5. or commit all => git add . and git commit -m "describe all changes"
  6. to review history of commits => git log
  7. to push changes to the backup repo => git push

After you’ve done some editing and commits on your workstation in /turris/backup/etc:

  1. on ws: cd /turris/backup/etc and git push
  2. on turris: cd /etc and git pull

See git docs for full details: https://git-scm.com/doc.

Final notes:

  1. this workflow is not git specific, any SCM tool would probably do similar job
  2. you could apply this to multiple folders e.g. doing it for /root or /lib as well, but I did a different thing, instead I made /etc as the only source of truth, created new folders there and symlinked files from elsewhere I wanted to track. For example I created /etc/home/.bashrc and symlinked /root/.bashrc to it.

Disclaimer: is it probably not a good idea to push your backups to github or anywhere else - your etc could contain some secrets, even pushing it to your (unsecured) workstation could be a security risk.

2 Likes
2

I use an simple shell script, which logs into router and creates archive from /etc/config and copies it into NAS share. :wink:

3

etckeeper is also a great utility to back manage your /etc directory

http://etckeeper.branchable.com