Restoring from a cloud backup: experience

Hi, recently I was forced to flash a medkit on my Omnia (btrfs self-destructed itself), so I was curious about how the cloud backups work. My experience follows. But generally, a big thumbs up for that! A lot of things worked out of the box after reboot (however, the user is not told in Foris he should reboot!).

works

  • wifi config (2 private nets + 2 guest nets)
  • custom rainbow
  • LAN settings (including static leases)
  • updater settings
  • notification settings
  • data collection settings
  • netmetr
  • pptp client and VPN server installed and configured (just autostart of the server was forgotten)
  • sending of ucollect data
  • sending of firewall logs
  • firewall settings
  • qos settings
  • hd-idle
  • samba
  • minidlna (except it has a procd bug that prevents it being autostarted)
  • mountpoints

doesn’t work

  • openvpn (no CA) (/etc/ssl/ca missing)
    • log says:

.

err openvpn(server_turris)[6361]: Cannot load certificate file /etc/ssl/ca/openvpn/01.crt
notice openvpn(server_turris)[6361]: Exiting due to fatal error
  • tor relay (it got autoinstalled, but the checkbox in Foris is unchecked, config was missing)
  • for some reason, it installed some German localizations
  • storage: page shows sda1 selected, but "Device currently in use is mmcblk0p1 (internal flash). " and /srv is really on the flash
    • this was a tough one, but I assume it’s because of my “weird” configuration where I also mount the storage drive using the fstab config to one more location… probably the storage plugin doesn’t play well with that and refused mounting an already mounted drive to /srv… adding manual entry for srv to the fstab config solved it
  • authorized_keys (whole $HOME/.ssh missing)
  • ddns - luci says the service is not set to autostart (but configs are there)
  • custom shell (I had bash before, now ash)
  • cron jobs
  • nothing from $HOME (/root/)
  • syslog-ng.conf
  • mising git, screen

So, basically, I’d say that most of the stuff that didn’t work was because of:

  • some config files are outside /etc/config and the plugin should backup also these
  • the autostart flag was forgotten
  • custom programs installed via opkg were not restored

Here are my suggestions for improvement:

  • Tell the user explicitly in Foris, which data are backed up. I know foris is meant also for unexperienced users, but I can imagine having some “expert options” where you’d actually see what’s backed up and what’s not
  • Include really all needed config files to the backup
  • create a hook for opkg that would inform the user that the installed programs are not permament, and what he should do if he wants them to be permanent

One more thing - I noticed there’s a config in /etc/config/backups which looks like a configuration for the backup utlility. Is there some documentation for it?

4 Likes

Thanks for this post! I was wondering how the cloud backup works in a real life.

According to my knowledge you can configure what additional files should be included in the backup.

The procedure is described here:

By following this procedure you can include the certificates in your backup.

Thanks! The author of the referred post confirmed that settings in /etc/config/backups affect both manual and cloud backups, so this is where everybody should start :slight_smile:

One more thing is missing in the backup: /etc/firewall.user !

1 Like

/etc/firewall.user is correct. Other files you introduce is IMO non-sense as this backup are backups of what you can configure via Foris and LuCI. If you fiddle with /etc/ manually, you should add this files to the backup manually as well.

Let’s move the discussion to the PR.

Hello guys,

First I’d like to you thank you for your suggestion and PR, which you have made on Github.

We had a very interesting discussion about it. We agreed with some points from @peci1.
In the next version of Turris OS we’ll include /etc/firewall.user file into backups, and we have rewritten configuration file /etc/config/backups, which gives you some hints for files/folders, which you can include in your backups.

If you want, you can look here how it will look:

Thank you @vojtech.myslivec for looking into this feedback! :slight_smile:

1 Like

This is a great news! :+1:

My wish would be to include by default the OpenVPN certificates made by the Foris plug-in.

I simply expect that I can recover my Turris from a factory reset to working state just by restoring the configuration archive. This should be true for all the changes made by the Foris interface.

1 Like