A good backup plan consists of several strategies, one that works if you get hacked. A strategy for data hijacking, but also a strategy for when a user accidentally deletes too many files.

One strategy can be that you make a replication of all files from a source server to another target server, the disadvantage of this strategy is that if the user deletes a file, it will also be deleted on the replication server. This strategy alone is therefore not sufficient.

One strategy might be to take a snapshot of a server every day. If a user deletes a file, you must first mount the image snapshot as a disk drive on another server in order to be able to copy the files back tot the source system. The downside to this is that there is only one version of every file.

Every day a snapshot image of an entire server for major disasters and for users who accidentally delete too many files. A copy of all files every 4 hours in a separate backup directory.

Make a copy of those backups that are taken every 4 hours via rsync, for example, to another server, but it is important that the backup server retrieves the data via, for example, SSH. It is also important that the target server cannot reach the backup server. One-way traffic from the backup server (the data is retrieved)

With rsnapshot you can get the data from a server every 4 hours and place it on a backup server.

We install rsnapshot through the command

dnf install rsnapshot

Open the file /etc/rsnapshot.conf with your favorite editor for example vi /etc/rsnapshot.conf

Now we are going to make several settings first

snapshot_root /backup/

All backups will be in the directory backup if this does not exist then you have to create it

Uncomment

cmd_cp /usr/bin/cp

Uncomment

cmd_rm /usr/bin/rm

Activate rsync

cmd_rsync /usr/bin/rsync

If you use LVM, you can also activate it by removing the # sign

The backup levels indicate how many backup versions you want to keep of each

We keep 6 versions of the alpha interval

We keep 7 versions of the beta interval

We keep 3 versions of the delta interval

We keep 4 versions of the gamma interval

If we exceed version alpha.6 then alpha.6 becomes beta.0 and beta.7 becomes delta.0 etc.

We have now made a schedule and now we are going to specify the servers to be backed up. You do this at backup points / scripts

For example, to make a backup of both the /home and /etc directories, enter the following#

    
#LOCALHOST
backup /home/ localhost/
backup /etc/ Localhost/

If you want to get a backup from another server, you can use the configuration below

backup root@172.26.6.23:/etc/ remote.linuxserver.com/

It is important that the backup can log in to the target server (remote.linuxserver.com) via root with SSH. You can test this with the command below

ssh root@remote.linuxserver.com whoami

You will then get root as an answer

Now we have set up the backup plan but we still need to activate it. We activate the rsnapshot intervals in the crontab.

    
0 */4 * * * /usr/bin/rsnapshot alpha
50 23 * * * /usr/bin/rsnapshot beta
50 0 * * * /usr/bin/rsnapshot delta
50 1 * * * /usr/bin/rsnapshot gamma

Every day with an interval of 4 hours we run snapshot alpha, every day at 10 to 12 we run the beta interval. At 10 to 1 we run the delta interval and lastly at 10 to 2 we run the gamma interval.

We now have a good backup plan for individual files that have been deleted or become corrupted. It is also important that we get the backup from the target server so that we are also protected against ransom data hijack attacks.

Finally, we must not forget to take snapshots of the entire server, example every day for 7 days especially for server breakdowns and hardware failures. This way the entire server is back online in minutes.

Personally I have benefited several times from this backup strategy plan sometimes made changes that needed to be rolled back or changed files during programming and then rolled back again after a few hours to the point before the changes.