[Mageia-sysadm] Backups

Luca Berra bluca at vodka.it
Tue Nov 16 08:02:51 CET 2010 

On Mon, Nov 15, 2010 at 06:35:20PM +0100, Michael Scherer wrote:
>Hi ( again ),
>
>While doing some unrelated work, I have see that we do not have a backup
>strategy at the moment. 
>
>While a server is planned to be setup for this ( fiona ), we do not have
>it at the moment ( as this requires money, that requires a bank account,
>that requires feedback from french administration ).
>
>So, in order to decide, we need to know :
first, i would make a distinguo between data that need to be backed up
and data that need to be archived


>- what do we backup ?
>  - ldap
>  - sql dump of the database
>  - svn dump ( which will lead to my next mail )
>  - /etc/ /usr/local/, in case someone forget to add something to puppet
>  - CA certificate, once we will have them
>  - gpg keys, once we have them


what do we archive ?
>  - logs, as required by french laws ( 1 year of logs, no precision
>about the amount of data in it ). My own experience with law enforcement
>agency showed me that it doesn't change much usually
>  - mail archives
>  - irc logs 
>
then for each item evaluate what retention is needed
(subject to discussion)
ldap, sql, filesystemdata, certificate, keys
         just keep a few versions in case of screwup or disaster
svn
         we probably need just one copy in case of disaster 

logs
         1 year
mail,irc
         forever? actually those are already archives, so probably we
should move it to the 'backup' section

then for each item find a solution

>I would also highlight the need to have encrypted backups for the more
>sensible set of data, to be sure that passwords keys and others do not
>leave valstar in cleartext, and are not stored in form that someone
>could decipher.
>
>Of course, the usual free/packaged/maintained/no-ressource-hog stanza
>apply for the software we will use.

>Any volunteer for the tasks :
being the maintainer of bacula (and i use that regularily) i would like
to help on some tasks, but i have no resources to lead a subproject.
(btw it supports encrypted backups with public/private keys)

L.

-- 
Luca Berra -- bluca at vodka.it

More information about the Mageia-sysadm mailing list