This tutorial covers the necessary steps to get BackupPC up and running on any device (such as the Linksys router WRT 610N) which has DD-WRT firmware installed on it.
In case there are any steps which I have missed, kindly mention them in the comments section, and I will update the main article accordingly.
Installing DD-WRT Firmware
The first step obviously is to install the right DD-WRT firmware on your device. The instructions for this are beyond the scope of this tutorial. It should be noted that certain K26 builds have swap disabled. Make sure that swap is enabled in the firmware which you are installing.
After installing DD-WRT, go to Setup->Basic Setup->Time Settings and enable NTP Client. I suggest you leave the timezone as UTC because setting any other timezone will make the system time go out of sync with DD-WRT time (this can be seen when you log into the router via SSH and type the “date” command).
Enabling SSH
Next you will have to enable SSH in DD-WRT. For this, you will have to enable the SSH server in Services -> Services -> Secure Shell -> SSHd. Make sure that you are able to SSH successfully to your router as user ‘root’.
Checking internet access
As soon as you log into the router via SSH, you need to check access for internet connectivity. This can be done by simply doing a ping on google.com. If your router is set up with proper internet connectivity, then you should get a proper ping response as below.
# ping -c 3 google.com
PING google.com (216.239.59.99): 56 data bytes
64 bytes from 216.239.59.99: icmp_seq=0 ttl=51 time=295.261 ms
64 bytes from 216.239.59.99: icmp_seq=1 ttl=51 time=298.034 ms
64 bytes from 216.239.59.99: icmp_seq=2 ttl=51 time=301.029 ms
--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 295.261/298.108/301.029/2.355 ms
In my case though, my router was actually being used as a switch. Therefore I had to perform the below two additional steps to make internet accessible from within it:
- In Setup -> Basic Setup -> Network Setup -> Gateway, I had to give the IP address of the gateway.
- Next I had to add DNS servers. In order to do this at boot time, I appended the following line to Administration -> Commands -> Startup at the beginning:
echo -e "nameserver 208.67.222.222\nnameserver 208.67.220.220" >> /tmp/resolv.conf
This means that whenever the router starts it will add these two nameservers (which are those of OpenDNS) to /etc/resolv.conf.
Alternatively, if you have enabled DHCP server, you can also try to setup OpenDNS (or any static DNS) by following the instructions at http://www.dd-wrt.com/wiki/index.php/OpenDNS#Basic_Setup.
Setting up Optware
Follow the instructions mentioned in http://www.dd-wrt.com/wiki/index.php/Optware%2C_the_Right_Way to set up your system with optware. The instructions are very clear and you should not face a lot of difficulty in setting it up.
- Make sure that the size of the /opt partition is 1 GB (as we will be running a lot of installations) and the size of the swap space is at least 512 MB because BackupPC requires a lot of memory. Running the “free” command in the router should show give you memory details.
# free
total used free shared buffers cached
Mem: 59984 58500 1484 0 28352 12568
-/+ buffers/cache: 17580 42404
Swap: 1052248 7868 104438
- “ipkg-opt” is the utility which we use for package maintenance (this is similar to apt-get / yum). Just entering ipkg-opt without any arguments, should list all the available sub-commands (the most useful of them being “update”, “remove”, “install”, “list”, “files” and “search”).
# ipkg-opt
# ipkg-opt update
- When using USB storage (or maybe other form of storage as well), in order to automount the remaining partitions, the packages ‘util-linux-ng’ and ‘grep’ should be installed as well. Restarting the automount service after installing these packages should mount the partitions.
# ipkg-opt install util-linux-ng grep
# service automount stop
# service automount start
BackupPC dependencies
The documentation for BackupPC is available at http://backuppc.sourceforge.net/faq/BackupPC.html. First we need to install BackupPC dependencies mentioned in this page.
- Most of the dependencies are installed while setting up Optware in the previous section. I will cover the remaining or the most important packages here:
# ipkg-opt install perl
# ipkg-opt install samba2
# ipkg-opt install tar
# ipkg-opt install rsync
# ipkg-opt install par2cmdline
- The default SSH client provided by dd-wrt (at /usr/bin/ssh) might not be very useful to use with BackupPC because of its limited set of options. Therefore we install openssh package which should install the OpenSSH client at /opt/bin/ssh.
# ipkg-opt install openssh
But it should be noted that this package will also install the OpenSSH server. This has to be disabled so that it does not conflict with the default SSH server provided by DD-WRT. Therefore in /opt/etc/default/openssh, change
SSHD_ENABLE=yes
to
SSHD_ENABLE=no
This should prevent OpenSSH server from starting at boot time.
- Apart from the above utilities, BackupPC has the following perl modules as dependencies – Compress::Zlib, Archive::Zip, File::RsyncP and XML::RSS.
- Compress::Zlib can be installed directly from the optware repo.
# ipkg-opt install perl-compress-zlib
- Similarly, Archive::Zip can be installed directly from the optware repo.
# ipkg-opt install perl-archive-zip
- For File::RsyncP, first we set up the build environment. This build environment will also be useful for installing other perl modules. Then we download the source from Perl CPAN and install it.
# ipkg-opt remove wget
# ipkg-opt install buildroot optware-devel
# wget http://search.cpan.org/CPAN/authors/id/C/CB/CBARRATT/File-RsyncP-0.68.tar.gz
# tar zxvf File-RsyncP-0.68.tar.gz
# cd File-RsyncP-0.68
# perl Makefile.PL
# make CC=mipsel-linux-uclibc-gcc AR=ar LD=ld LINKTYPE=dynamic LDDLFLAGS="-shared -O2"
# make CC=mipsel-linux-uclibc-gcc AR=ar LD=ld LINKTYPE=dynamic LDDLFLAGS="-shared -O2" test
# make CC=mipsel-linux-uclibc-gcc AR=ar LD=ld LINKTYPE=dynamic LDDLFLAGS="-shared -O2" install
- Our last perl module, XML::RSS, has a lot of dependencies (this can be seen clearly in http://deps.cpantesters.org/?module=XML%3A%3ARSS&perl=5.8.8&os=any+OS). Therefore, following the steps similar to those mentioned in http://www.livejournal.com/doc/server/lj.install.perl_setup.modules.html, we can install from CPAN directly. Please note that XML::RSS module is necessary only if you plan to use BackupPC RSS feed. As I was not planning to use the RSS feed and the installation of the module was taking long, I chose to ignore this dependency. Therefore the below steps are not tested.
First we start the CPAN shell.
# export CC=mipsel-linux-uclibc-gcc AR=ar LD=ld LINKTYPE=dynamic LDDLFLAGS="-shared -O2"
# perl -MCPAN -e shell
cpan>
(Optional) Upgrade the CPAN module.
cpan> install Bundle::CPAN
cpan> reload cpan
Finally, install XML::RSS perl module.
cpan> install XML::RSS
cpan> exit
Installing BackupPC
Next we come to the installation of BackupPC. First download the package from http://backuppc.sourceforge.net/. Next run these commands.
# tar -xvzf BackupPC-3.1.0.tar.gz
# cd BackupPC-3.1.0
# perl configure.pl --config-dir=/opt/etc/backuppc --log-dir=/opt/var/log/backuppc
Is this a new installation or upgrade for BackupPC? If this is
an upgrade please tell me the full path of the existing BackupPC
configuration file (eg: /etc/BackupPC/config.pl). Otherwise, just
hit return.
--> Full path to existing main config.pl []?
I found the following locations for these programs:
bzip2 => /opt/bin/bzip2
cat => /opt/bin/cat
df => /opt/bin/df
gtar/tar => /opt/bin/tar
gzip => /opt/bin/gzip
hostname => /opt/bin/hostname
nmblookup => /opt/bin/nmblookup
par2 => /opt/bin/par2
perl => /opt/bin/perl
ping => /opt/bin/ping
rsync => /opt/bin/rsync
sendmail => /usr/sbin/sendmail
smbclient => /opt/bin/smbclient
split => /opt/bin/split
ssh/ssh2 => /opt/bin/ssh
--> Are these paths correct? [y]? n
--> bzip2 path [/opt/bin/bzip2]?
--> cat path [/opt/bin/cat]?
--> df path [/opt/bin/df]?
--> gtar/tar path [/opt/bin/tar]? /bin/tar
--> gzip path [/opt/bin/gzip]?
--> hostname path [/opt/bin/hostname]?
--> nmblookup path [/opt/bin/nmblookup]?
--> par2 path [/opt/bin/par2]?
--> perl path [/opt/bin/perl]?
--> ping path [/opt/bin/ping]?
--> rsync path [/opt/bin/rsync]? /usr/bin/rsync
--> sendmail path [/usr/sbin/sendmail]?
--> smbclient path [/opt/bin/smbclient]?
--> split path [/opt/bin/split]?
--> ssh/ssh2 path [/opt/bin/ssh]?
I found the following locations for these programs:
bzip2 => /opt/bin/bzip2
cat => /opt/bin/cat
df => /opt/bin/df
gtar/tar => /bin/tar
gzip => /opt/bin/gzip
hostname => /opt/bin/hostname
nmblookup => /opt/bin/nmblookup
par2 => /opt/bin/par2
perl => /opt/bin/perl
ping => /opt/bin/ping
rsync => /usr/bin/rsync
sendmail => /usr/sbin/sendmail
smbclient => /opt/bin/smbclient
split => /opt/bin/split
ssh/ssh2 => /opt/bin/ssh
--> Are these paths correct? [y]?
Please tell me the hostname of the machine that BackupPC will run on.
--> BackupPC will run on host [DD-WRT]?
BackupPC should run as a dedicated user with limited privileges. You
need to create a user. This user will need read/write permission on
the main data directory and read/execute permission on the install
directory (these directories will be setup shortly).
The primary group for this user should also be chosen carefully.
The data directories and files will have group read permission,
so group members can access backup files.
--> BackupPC should run as user [backuppc]? root
Please specify an install directory for BackupPC. This is where the
BackupPC scripts, library and documentation will be installed.
--> Install directory (full path) [/usr/local/BackupPC]? /opt/local/backuppc
Please specify a data directory for BackupPC. This is where all the
PC backup data is stored. This file system needs to be big enough to
accommodate all the PCs you expect to backup (eg: at least several GB
per machine).
--> Data directory (full path) [/data/BackupPC]? /mnt/backuppc
BackupPC can compress pool files, providing around a 40% reduction in pool
size (your mileage may vary). Specify the compression level (0 turns
off compression, and 1 to 9 represent good/fastest to best/slowest).
The recommended values are 0 (off) or 3 (reasonable compression and speed).
Increasing the compression level to 5 will use around 20% more cpu time
and give perhaps 2-3% more compression.
--> Compression level [3]?
BackupPC has a powerful CGI perl interface that runs under Apache.
A single executable needs to be installed in a cgi-bin directory.
This executable needs to run as set-uid backuppc, or
it can be run under mod_perl with Apache running as user backuppc.
Leave this path empty if you don't want to install the CGI interface.
--> CGI bin directory (full path) []? /opt/share/www/backuppc/cgi-bin
BackupPC's CGI script needs to display various GIF images that
should be stored where Apache can serve them. They should be
placed somewhere under Apache's DocumentRoot. BackupPC also
needs to know the URL to access these images. Example:
Apache image directory: /usr/local/apache/htdocs/BackupPC
URL for image directory: /BackupPC
The URL for the image directory should start with a slash.
--> Apache image directory (full path) []? /opt/share/www/backuppc
--> URL for image directory (omit http://host; starts with '/') []? /backuppc
Ok, we're about to:
- install the binaries, lib and docs in /opt/local/backuppc,
- create the data directory /mnt/backuppc,
- create/update the config.pl file /opt/etc/backuppc/config.pl,
- optionally install the cgi-bin interface.
--> Do you want to continue? [y]?
Created /mnt/backuppc
Created /mnt/backuppc/pool
Created /mnt/backuppc/cpool
Created /mnt/backuppc/pc
Created /mnt/backuppc/trash
Created /opt/etc/backuppc
Created /opt/var/log/backuppc
Installing binaries in /opt/local/backuppc/bin
Installing library in /opt/local/backuppc/lib
Installing images in /opt/share/www/backuppc
Making init.d scripts
Installing docs in /opt/local/backuppc/doc
Installing config.pl and hosts in /opt/etc/backuppc
/opt/bin/ping: illegal option -- w
?: not implemented
Installing cgi script BackupPC_Admin in /opt/share/www/backuppc/cgi-bin
Ok, it looks like we are finished. There are several more things you
will need to do:
- Browse through the config file, /opt/etc/backuppc/config.pl,
and make sure all the settings are correct. In particular,
you will need to set $Conf{CgiAdminUsers} so you have
administration privileges in the CGI interface.
- Edit the list of hosts to backup in /opt/etc/backuppc/hosts.
- Read the documentation in /opt/local/backuppc/doc/BackupPC.html.
Please pay special attention to the security section.
- Verify that the CGI script BackupPC_Admin runs correctly. You might
need to change the permissions or group ownership of BackupPC_Admin.
If this is an upgrade and you are using mod_perl, you will need
to restart Apache. Otherwise it will have stale code.
- BackupPC should be ready to start. Don't forget to run it
as user backuppc! The installation also contains an
init.d/backuppc script that can be copied to /etc/init.d
so that BackupPC can auto-start on boot. This will also enable
administrative users to start the server from the CGI interface.
See init.d/README.
Enjoy!
BackupPC init.d script
Now we create the BackupPC init.d script to automatically start and stop the service. For this, first create a file /opt/etc/init.d/S95backuppc with the following content:
#!/bin/sh
export PATH=/opt/bin:/opt/sbin:/opt/usr/sbin:$PATH
export LD_LIBRARY_PATH=/opt/lib:/opt/usr/lib:$LD_LIBRARY_PATH
NAME=backuppc
start() {
#
# You can set the SMB share password here is you wish. Otherwise
# you should put it in the config.pl script.
# If you put it here make sure this file has no read permissions
# for normal users! See the documentation for more information.
#
#BPC_SMB_PASSWD=
#export BPC_SMB_PASSWD
#
/opt/local/backuppc/bin/BackupPC -d
}
stop() {
killall -9 BackupPC
}
restart() {
stop
start
}
reload() {
killall -1 BackupPC
}
if [ -z "$1" ] ; then
case `echo "$0" | sed 's:^.*/\(.*\):\1:g'` in
S??*) rc="start" ;;
K??*) rc="stop" ;;
*) rc="usage" ;;
esac
else
rc="$1"
fi
case "$rc" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
*)
echo "Usage: $0 {start|stop|restart|reload}"
exit 1
esac
exit $?
Now we link the stop script to this.
# cd /opt/etc/init.d/
# ln -s S95backuppc K05backuppc
Finally we enable backuppc and start it.
# service backuppc on
# service backuppc start
Configuring Lighttpd for BackupPC
If you do not want a web interface, this section can be ignored. But I highly recommend you get the web interface for BackupPC up and running as it eases administration a lot. For using the BackupPC web interface, we can use Lighttpd web server.
- Lighttpd gets installed by default when you setup Optware. But it is disabled. Therefore first we enable and start it.
# service lighttpd on
# service lighttpd restart
- The log directory for Lighttpd is /opt/var/log/lighttpd/. When I started Lighttpd, I found the error ‘Error “fdevent_init failed”‘ in /opt/var/log/lighttp/error.log. Luckily, I found the fix for this error at http://www.mattgibson.ca/2009/11/05/fix-dd-wrt-lighttpd-error-server-c-1105-fdevent_init-failed-on-asus-wl-500/. To fix this error, in /opt/etc/lighttpd/lighttpd.conf, change
# server.event-handler = "freebsd-kqueue" # needed on OS X
to
server.event-handler = "poll" # needed on OS X
Restart Lighttpd once you have made this change.
# service lighttpd restart
and visit http://<<ROUTER_IP>>:8081/ to make sure that the server is running properly (you should see a page which displays the message “lighttpd server is running.”).
-
Now we perform the below steps to enable BackupPC web interface (most of these steps have been taken from http://backuppc.wiki.sourceforge.net/Install+Backuppc+with+Lighttpd). These changes have to be done in /opt/etc/lighttpd/lighttpd.conf.
Edit this section to enable the needed Lighttpd server modules (mod_auth, mod_cgi):
## modules to load
# at least mod_access and mod_accesslog should be loaded
# all other module should only be loaded if really neccesary
# - saves some time
# - saves memory
server.modules = (
# "mod_rewrite",
# "mod_redirect",
# "mod_alias",
"mod_access",
# "mod_cml",
# "mod_trigger_b4_dl",
"mod_auth",
# "mod_status",
# "mod_setenv",
# "mod_fastcgi",
# "mod_proxy",
# "mod_simple_vhost",
# "mod_evhost",
# "mod_userdir",
"mod_cgi",
# "mod_compress",
# "mod_ssi",
# "mod_usertrack",
# "mod_expire",
# "mod_secdownload",
# "mod_rrdtool",
"mod_accesslog" )
Edit this section to add index.cgi as an authorized index file:
# files to check for if .../ is requested
index-file.names = ( "index.php", "index.html",
"index.htm", "default.htm",
"lighttpd/index.html",
"index.cgi" )
Edit this section in your configuration file to assign cgi files to the perl binary:
#### CGI module
cgi.assign = ( ".pl" => "/opt/bin/perl",
".cgi" => "/opt/bin/perl" )
#
Edit this section to password protect backuppc.
#### auth module
## read authentication.txt for more info
auth.backend = "plain"
auth.backend.plain.userfile = "/opt/etc/lighttpd/lighttpd.user"
#auth.backend.plain.groupfile = "lighttpd.group"
#auth.backend.ldap.hostname = "localhost"
#auth.backend.ldap.base-dn = "dc=my-domain,dc=com"
#auth.backend.ldap.filter = "(uid=$)"
auth.require = ( "/backuppc/" =>
(
"method" => "basic",
"realm" => "BackupPC",
"require" => "user=root"
),
# "/server-config" =>
# (
# "method" => "digest",
# "realm" => "download archiv",
# "require" => "valid-user"
# )
)
You will have to create lighttpd.user which contains username and the cleartext password seperated by a colon. Each entry is terminated by a single newline. e.g.:
agent007:secret
See /opt/share/doc/lighttpd/authentication.txt for available authentication methods and backends.
- Next link index.cgi to the BackupPC cgi script.
# cd /opt/share/www/backuppc
# ln -s cgi-bin/BackupPC_Admin index.cgi
And finally restart Lighttpd.
# service lighttpd restart
The BackupPC web interface should now be accessible at: http://<<ROUTER_IP>>:8081/backuppc/.
Using Backuppc user (backuppc) instead of root
Personally I find it convenient to run BackupPC as root and as I do not use the router for any other service, I do not see much of a security hassle. But some of you might want to run BackupPC as another less privileged user due to some reason. Kindly note that the below steps have not been tested and are here only to give you a basic direction to run BackupPC as another user.
-
First it should be noted that whenever you add a user/group, this information gets lost whenever the router reboots. Therefore we have to add the steps for creating a user/group in the router Startup script. In the router web interface, go to Administration->Commands->Startup and add the below lines at the top and restart the router.
echo "backuppc:x:1000:" >> /tmp/etc/group
echo "backuppc:x:1000:1000:BackupPC,,,:/mnt/backuppc:/bin/sh" >> /tmp/etc/passwd
chgrp backuppc /tmp/etc/
chmod g+rx /tmp/etc/
-
Now while performing installation of the BackupPC (refer section “Installing BackupPC” above), when it prompts for the user BackupPC should run as, just press enter and let it take the default username of “backuppc”.
-
Next for the BackupPC init.d script, replace the startup command
/opt/local/backuppc/bin/BackupPC -d
with
su backuppc -c "/opt/local/backuppc/bin/BackupPC -d"
-
Lastly for configuring Lighttpd to serve the BackupPC web interface, you can follow the relevant steps in http://backuppc.wiki.sourceforge.net/Install+Backuppc+with+Lighttpd.
Making BackupPC consume lesser resources
Here is a response I got from a post I made to BackupPC mailing list reg. making BackupPC consume lesser resources.
On Thu, 2010-12-16 at 08:25 +0530, Rahul Amaram wrote:
> > For example, I think that the BackupPC pooling mechanism while very
> > useful is resource-intensive. Is it possible to disable BackupPC pooling
> > or add such an option to BackupPC in the future releases?
That's pretty much the core idea behind BackupPC.
If you just want to reduce CPU load, disable compression in the pool,
and enable rsync checksum caching. That will help a great deal.
Regards,
Tyler
