From cb574489d4579a469f6a5d4becd1190db8fbcb12 Mon Sep 17 00:00:00 2001
From: Franco Masotti <franco.masotti@live.com>
Date: Sat, 8 Feb 2020 17:30:42 +0100
Subject: [PATCH] Added new post. Fixed an old post.

---
 _config.yml                               |   2 +-
 _posts/2019-02-23-my-backup-system.md     |   6 +-
 _posts/2020-02-08-my-new-backup-system.md | 111 ++++++++++++++++++++++
 3 files changed, 117 insertions(+), 2 deletions(-)
 create mode 100644 _posts/2020-02-08-my-new-backup-system.md

diff --git a/_config.yml b/_config.yml
index 762460d..f2cde20 100644
--- a/_config.yml
+++ b/_config.yml
@@ -61,7 +61,7 @@ excerpts:
 
 tag_list:
     score:
-        min:            4
+        min:            5
     # Set the following to false to avoid limiting the tag links.
     link_limit:         16
 
diff --git a/_posts/2019-02-23-my-backup-system.md b/_posts/2019-02-23-my-backup-system.md
index 80f426c..62eb255 100644
--- a/_posts/2019-02-23-my-backup-system.md
+++ b/_posts/2019-02-23-my-backup-system.md
@@ -1,17 +1,21 @@
 ---
 title: My backup system
 tags: [bash, shell, backup, rsync, LUKS, cryptsetup, sync, shred]
-updated: 2019-07-02 12:11
+updated: 2020-02-08 17:30
 description: A detailed exaplanation of my backup system which is both encrypted and unencrypted for different purposes.
 ---
 
 ## Introduction
 
+<!--excerpt_start-->
 [Rsync](https://rsync.samba.org/) is a very useful and flexible tool to do 
 incremental backups and I have been using it for years without any problems.
 Recently I discovered the power of Rsync and [Cryptsetup with 
 LUKS](https://gitlab.com/cryptsetup/cryptsetup/) to do encrypted and 
 incremental backups as well.
+<!--excerpt_end-->
+
+*Warning: part of the content of this post is deprecated. See [this newer post]({% post_url 2020-02-08-my-new-backup-system %}).*
 
 ## Partitioning scheme
 
diff --git a/_posts/2020-02-08-my-new-backup-system.md b/_posts/2020-02-08-my-new-backup-system.md
new file mode 100644
index 0000000..cf5720d
--- /dev/null
+++ b/_posts/2020-02-08-my-new-backup-system.md
@@ -0,0 +1,111 @@
+---
+title: My new backup system
+tags: [bash, shell, backup, rsync, LUKS, cryptsetup, sync, shred, borgmatic, borgbackup]
+updated: 2020-02-08 17:30
+description: An update on a previous post about backups.
+---
+
+## Introduction
+
+<!--excerpt_start-->
+Last year [I wrote a post]({% post_url 2019-02-23-my-backup-system %})
+about my backup system.
+<!--excerpt_end-->
+
+In the meantime some things have changed:
+
+- the main backups now use [borgmatic](https://torsion.org/borgmatic/) and [custom scripts](https://frnmst.github.io/automated-tasks/scripts.html#borgmatic-hooks-sh) along with it
+- **the encrypted backups are just a mirror of the main backups**
+  - you will need [BorgBackup](https://www.borgbackup.org/) to access them
+- i now use Btrfs instead of ext4 for the encrypted backups
+  - use `mkfs.btrfs` intead of `mkfs.ext4`
+- the partitioning scheme
+  - unencrypted backups are pushed to a central computer
+  - see the example cofiguration file below
+
+and other did not:
+
+- most of the initial steps
+
+### Steps
+
+1. install [Rsync](https://rsync.samba.org/), 
+   [Cryptsetup](https://gitlab.com/cryptsetup/cryptsetup/), 
+   and [GNU Bash](http://www.gnu.org/software/bash/bash.html).
+
+2. follow the steps related to the encrypted backups [in this previous post]({% post_url 2019-02-23-my-backup-system %}).
+
+## The new encrypted backup script
+
+```shell
+#!/usr/bin/env bash
+#
+# backup_enc.sh
+#
+# Copyright (C)  2019-2020  Franco Masotti <franco.masotti@live.com>.
+# Permission is granted to copy, distribute and/or modify this document
+# under the terms of the GNU Free Documentation License, Version 1.3
+# or any later version published by the Free Software Foundation;
+# with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
+# A copy of the license is included in the section entitled "GNU
+# Free Documentation License".
+
+#
+# This backup is intended to be run manually.
+#
+
+set -euo pipefail
+
+CONFIG="${1}"
+
+. "${CONFIG}"
+
+[ ${UID} -eq 0 ]
+cryptsetup open "/dev/disk/by-uuid/"${UUID}"" "${MAPPER_NAME}"
+mount /dev/mapper/"${MAPPER_NAME}" "${DST}"
+set +e
+rsync --verbose --archive --acls --xattrs --hard-links --delete "${SRC}"/* "${DST}"
+set -e
+sync
+umount "${DST}"
+cryptsetup close "${MAPPER_NAME}"
+```
+
+#### Configuration file
+
+Create a configuration file for every backup.
+
+You must put the correct UUIDs of the partition in the configuration file.  
+Copy the appropriate one from:
+
+    $ lsblk -o name,uuid
+
+This is an example for the `root` mountpoint of `host one`:
+
+```shell
+#
+# backup_enc.hostone_root.conf
+#
+# Copyright (C)  2019-2020  Franco Masotti <franco.masotti@live.com>.
+# Permission is granted to copy, distribute and/or modify this document
+# under the terms of the GNU Free Documentation License, Version 1.3
+# or any later version published by the Free Software Foundation;
+# with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
+# A copy of the license is included in the section entitled "GNU
+# Free Documentation License".
+
+UUID='<put the uuid here>'
+MAPPER_NAME='hostone_root_enc'
+SRC='/mnt/backups/hostone_root'
+DST='/mnt/backups_enc/hostone_root'
+```
+
+## First backups
+
+Once you have everything in place you may start the backup as root:
+
+    # ./backup_enc.sh ./backup_enc.hostone_root.conf
+
+~
+
+Enjoy!