Cryptzone Support

 
If you wish to submit a support ticket please sign in to your customer portal or use the “submit a ticket” button at the top menu.
If you need to find documentation about our Sheriff Suite please login to the Hive- Click Here

 

Article

Making automatic backups in AppGate Classic

« Go Back

Information

 
Article Number000003460
Article

Making automatic backups

The standard method of making backups of an AppGate system is to use the AppGate Console -> System Settings -> Backup & Restore panel. This will create a backup file of all the configuration files on the AppGate system. The only drawback is that it requires manual interaction. It is however quite easy to automate this procedure.

To make this process automatic we need the following:
  • A Shell script that can be run from cron on the AppGate system.
  • Another Unix system which supports ssh and scp to which we can copy the backup files
 
 

How to do it


If you have an AppGate cluster, you can do this on just one of the nodes in the cluster. The backup-file will normally be the same regardless on which node in the cluster it was generated.

1. Create a new directory on the AppGate. Login to the AppGate server using the AppGate Console and do a Run Commands -> Shell on AppGate. Use the "su"-command to become root and then do:
 
   appgate# mkdir /var/opt/appgate/local


2. Transfer the backup.sh (see template script at the bottom of the page) to /var/opt/appgate/local Use the AppGate Console -> System Settings -> File transfer

     Edit the backup.sh and change the relevant parameters and make it executable:

   appgate#  chmod +x /var/opt/appgate/local/backup.sh

Note: If the file has passed a through a Windows machine, you must be careful about line endings. Windows tends to mess up line endings and those are important. To be sure you can clean out  potential Windows line endings as soon as the file has been transferred to the AppGate system:

   appgate# cp backup.sh foo
    appgate# dos2unix < foo > backup.sh

3. To do an automatic copy without manual intervention, we will use scp with Public Key as authentication method. Start by creating a pair of ssh authentication keys and move them into place.

   appgate# cd /var/opt/appgate/local
   appgate# ssh-keygen -N "" -f id_rsa -t rsa


4. Copy the public key to the host which should receive the backup files.

   appgate# scp id_rsa.pub user@backup-host:

5. On the backup host append the public key to the authorized_keys file. Check the manual on ssh for the exact name of the files, etc. on your backup host. This is an example:

   appgate# ssh backup-host -l user
    backup-host% cat id_rsa.pub >> .ssh/authorized_keys

      To test that the ssh-keys work try ssh with the Public Key authentication, your user and the command ls :

   appgate#  ssh -i /var/opt/appgate/local/id_rsa -l user backuphost ls

      If correct, it should work without any user interaction. That is without questions for passwords or any thing. You should get some output from ls only. By now you should also be able to try the script:
 

   appgate# ./backup.sh

      It should run without errors and you should check that a backup file has been created on the backup-host.

6. Now we just need to make the script run on a regular basis. We do that by adding an entry to the crontab for the root user. We first put the current crontab into a file and then edit it:

   appgate# crontab -l root > /tmp/ct
    appgate# nano /tmp/ct

       For a backup to be created each night at 01:15 add the following line:

   15 1 * * * /var/opt/appgate/local/backup.sh

       Save the file and put it into action by:

   appgate# crontab /tmp/ct

 



The script

 
Below is the template script. You need to look through it and modify the relevant parameters.

#!/bin/sh

# Change KEY AND remember it!
KEY=change_this_key

# Change USER and BACKUPHOST to what you will use
USER=username
BACKUPHOST=192.168.x.y
DIR=/var/opt/appgate/local
DATE=`date '+%y%m%d'`
BACKUPSRC=$DIR/appgate.agb
BACKUPDST=appgate-$DATE.agb
KEYFILE=$DIR/id_rsa
NODENAME=`uname -n`

/opt/APPGserv/bin/ag_backup -h $NODENAME -k $KEY \
         -t /tmp -o $BACKUPSRC
/opt/APPGserv/bin/scp -q -i $KEYFILE $BACKUPSRC \
         $USER@$BACKUPHOST:$BACKUPDST


 
Related File 
Additional Files 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255