[Suggestion] Backup Config daily to a GitLab private repo

[peterge]

(Don't know if this is in the correct forum. If not, feel free to move)
I just backed up the data backup from System Settings > General > Manage Configuration > Download File to a private repo on GitLab. Could this be a job, which is run by TrueNAS on a daily basis?
There is a similar function available in pfSENSE (https://docs.netgate.com/pfsense/en/latest/backup/autoconfigbackup.html), which backs up the current config after every change to the config.

 

[danb35]

A daily backup is already taken; it goes in /var/db/system/configs-(long_hex_number)/(TrueNAS version)/. It seems it'd be straightforward enough to set up a cron job to handle the rest.

 

[peterge]

A daily backup is already taken; it goes in /var/db/system/configs-(long_hex_number)/(TrueNAS version)/. It seems it'd be straightforward enough to set up a cron job to handle the rest.

Great! But would't an update overwrite /etc/crontab and the .git folder if i create a repo in there?

 

[danb35]

But would't an update overwrite /etc/crontab and the .git folder if i create a repo in there?

You'd overwrite /etc/crontab every time you reboot, if you edit it directly--but there's no reason to do that; you can (and should) set up cron jobs through the GUI. But I wasn't really suggesting you turn that directory into a git repo; I really don't know what (if anything) would happen to the .git directory. I was instead thinking that would be a really good place to draw your backups from, as they're already there. Maybe rsync that directory to some other safe place where you can work on its contents, or something. But from there, it should be straightforward enough to script.

 

[elvisimprsntr]

I run this weekly, then rync to another NAS

Personally, I would not put a config file in the cloud without encrypting it in transit and at rest.

#!/bin/sh FILENAME="`hostname -s`-`cut -d' ' -f1 /etc/version`-`date +%Y%m%d`.tar" #echo $FILENAME tar -cvlf /mnt/data/Software/truenas/$FILENAME --strip-components=2 \ /data/freenas-v1.db \ /data/pwenc_secret \ /root/.ssh \ /boot/device.hints \ /var/db/collectd/rrd/localhost/nut-apcups echo "Backup $FILENAME created" find /mnt/data/Software/truenas/NAS-?-TrueNAS-*.tar -mtime +365 -exec rm {} \;

 

[danb35]

Someone on here (@Spearfoot?) has observed that, rather than taking a copy of a live database file, it's better and safer to take a static dump of that database, and has given the relevant sqlite commands to do that. I'm assuming, though I don't know for sure, that the backups saved in the .system dataset are done this way.

 

[peterge]

A daily backup is already taken; it goes in /var/db/system/configs-(long_hex_number)/(TrueNAS version)/. It seems it'd be straightforward enough to set up a cron job to handle the rest.

Does the file from /var/db/system contain the password secret seed?