Remote Backup Addon for Home Assistant – 3-2-1 Backup Strategy

In this video I install the Remote Backup Addon https://github.com/ikifar2012/remote-backup-addon/blob/master/README.md from Ikifar Matheson. This Add-on will preform an HA snapshot and encrypt the results and move it to another server using SSH tools. It will also manage the number of HA Snapshots that are stored in your HA instance. I use this as one of the leg of my 3-2-1 backup strategy, providing a second backup storage location and backup method.

Episode: 040

Video related links:
This add-on can be added to any HA-Supervised instance via: https://github.com/ikifar2012/ha-addons

Random uuid generator for automation ID: https://www.uuidgenerator.net/version4

Related video regarding the rest of my Backup Strategy: https://whatarewefixing.today/221/home-assistant-tasmota-back-ups/

Contact Links:
What are we Fixing Today Homepage / Website:
https://www.WhatAreWeFixing.Today/
Channel Link URL: (WhatAreWeFixingToday)
https://bit.ly/WhatAreWeFixingTodaysYT
What are we Fixing Today Facebook page (Sir GoodEnough):
https://bit.ly/WhatAreWeFixingTodayFB
What are we Fixing Today Twitter Account (Sir GoodEnough):
https://bit.ly/WhatAreWeFixingTodayTW
Discord Account: (Sir_Goodenough#9683)
https://discord.gg/Uhmhu3B

Patreon Membership: https://www.patreon.com/WhatAreWeFixingToday

Please help support the channel:

Buy me Coffee: https://www.buymeacoffee.com/SirGoodenough
PayPal one-off donation link: https://www.paypal.me/SirGoodenough
Cash App $CASHTAG: https://cash.me/$SirGoodenough
Venmo cash link: https://venmo.com/SirGoodenough

If you would like to donate anything to this channel, please use this address:
C/O: Sirius GoodEnough
322 Buena Vista Ave.
Department: DYT
Waukesha, Wisconsin, 53188-3602

PROCESS SUMMARY:

1: Load the Repository 2: Load the addon and set-up the config file 3: Generate the key file pair (ssh-keygen) 4: Load public file into the target fileserver machine (ssh-copy-id) 5: Test login from the machine you generated the file into the target machine 6: Edit the config file (if needed) 7: Start the addon 8: Watch the log for problems 9: When run is complete, check that the zipped tar backup file is available on the file server and check that the password works. 10: When it all checks out, set-up an automation to run the backup on a scheduled time and date of your choosing. Sample automation attached.

SAMPLE CONFIG FILE: (1-2,6)

ssh_enabled: true ssh_host: 192.168.60.74 ssh_port: 22 ssh_user: 'UserRemote' ssh_key: HA_ecdsa remote_directory: '/path-on-storage-machine' zip_password: 'Your Password to remember here' keep_local_backup: '14' rsync_enabled: false rsync_host: '' rsync_rootfolder: hassio-sync rsync_user: '' rsync_password: ''

SETTING UP KEY FILES:

GENERATING KEY (3)

Start in a terminal window on a linux machine. All mine are Ubuntu. UserRemote@Rodan:~$ cd .ssh UserRemote@Rodan:~/.ssh$ ls -la total 28 drwx------ 2 UserRemote UserRemote 4096 Jun 26 23:48 . drwxr-xr-x 36 UserRemote UserRemote 4096 Aug 7 16:23 .. -rw------- 1 root root 2882 Jun 26 23:48 known_hosts UserRemote@Rodan:~/.ssh$ ssh-keygen -t ecdsa -b 521 Generating public/private ecdsa key pair. Enter file in which to save the key (/home/UserRemote/.ssh/id_ecdsa): /home/UserRemote/.ssh/HA_ecdsa Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/UserRemote/.ssh/HA_ecdsa. Your public key has been saved in /home/UserRemote/.ssh/HA_ecdsa.pub. The key fingerprint is: SHA256:ijZtlnsrs5nvcORmk/y7YRAqE5EEACOhgYkDgrEplv7Pfa/y6PWw UserRemote@Rodan The key's randomart image is: +---[ECDSA 521]---+ | .+++.=+=*| | ** *.%=o| | ..oO X.%+| | . = +.O.=| | .S+ ..oo| | .+++.=+=*| | ** *.%=o| | ..oO X.%+| | . = +.O.=| +----[SHA256]-----+ UserRemote@Rodan:~/.ssh$ ls -la total 36 drwx------ 2 UserRemote UserRemote 4096 Aug 13 23:48 . drwxr-xr-x 36 UserRemote UserRemote 4096 Aug 7 16:23 .. -rw------- 1 UserRemote UserRemote 365 Aug 13 23:48 HA_ecdsa -rw-r--r-- 1 UserRemote UserRemote 263 Aug 13 23:48 HA_ecdsa.pub -rw------- 1 root root 2882 Jun 26 23:48 known_hosts

COPY PUBLIC KEY TO MACHINE THAT WILL RECEIVE THE FILES: (4)

UserRemote@Rodan:~/.ssh$ ssh-copy-id -i HA_ecdsa.pub UserRemote@192.168.60.74 /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "HA_ecdsa.pub" The authenticity of host '192.168.60.74 (192.168.60.74)' can't be established. ECDSA key fingerprint is SHA256:ijZtlnsrs5nvcORmk/y7YRAqE5EEACOhgYkDgrEplv7Pfa/y6PWw. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed The authenticity of host '192.168.60.74 (192.168.60.74)' can't be established. ECDSA key fingerprint is SHA256:ijZtlnsrs5nvcORmk/y7YRAqE5EEACOhgYkDgrEplv7Pfa/y6PWw. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys The authenticity of host '192.168.60.74 (192.168.60.74)' can't be established. ECDSA key fingerprint is SHA256:ijZtlnsrs5nvcORmk/y7YRAqE5EEACOhgYkDgrEplv7Pfa/y6PWw. Are you sure you want to continue connecting (yes/no)? yes Failed to add the host to the list of known hosts (/home/UserRemote/.ssh/known_hosts). Enter passphrase for key '/home/UserRemote/.ssh/id_rsa': UserRemote@192.168.60.74's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'UserRemote@192.168.60.74'" and check to make sure that only the key(s) you wanted were added.

TEST THE LOGIN WORKS WITHOUT PASSWORD: (5)

UserRemote@Rodan:~/.ssh$ ssh UserRemote@192.168.60.74 The authenticity of host '192.168.60.74 (192.168.60.74)' can't be established. ECDSA key fingerprint is SHA256:ijZtlnsrs5nvcORmk/y7YRAqE5EEACOhgYkDgrEplv7Pfa/y6PWw. Are you sure you want to continue connecting (yes/no)? yes Failed to add the host to the list of known hosts (/home/UserRemote/.ssh/known_hosts). Welcome to Ubuntu 20.04.1 LTS (GNU/Linux 5.4.0-42-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage System information as of Thu Aug 13 23:51:01 CDT 2020 System load: 4.41 Users logged in: 1 Usage of /: 22.3% of 72.83GB IPv4 address for docker0: 172.17.0.1 Memory usage: 8% IPv4 address for enp4s0f0: 192.168.60.73 Swap usage: 0% IPv4 address for enp4s0f1: 192.168.60.74 Processes: 318 * Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with sudo snap install microk8s --channel=1.19/candidate --classic https://microk8s.io/ has docs and details. 0 updates can be installed immediately. 0 of these updates are security updates. Last login: Sun Aug 2 20:57:55 2020 from 192.168.60.12 UserRemote@eldrad:~$ exit logout Connection to 192.168.60.74 closed. UserRemote@Rodan:~/.ssh$ ls -la total 36 drwx------ 2 UserRemote UserRemote 4096 Aug 13 23:50 . drwxr-xr-x 36 UserRemote UserRemote 4096 Aug 7 16:23 .. -rw------- 1 UserRemote UserRemote 365 Aug 13 23:48 HA_ecdsa -rw-r--r-- 1 UserRemote UserRemote 263 Aug 13 23:48 HA_ecdsa.pub -rw------- 1 root root 2882 Jun 26 23:48 known_hosts UserRemote@Rodan:~/.ssh$ cp HA_ecdsa /run/user/1000/gvfs/smb-share:domain=etc,server=192.168.60.67,share=ssl,user=UserRemote UserRemote@Rodan:~/.ssh$

SAMPLE ADD-ON SET-UP LOG SESSION: (7-8-9)

Remote Backup [s6-init] making user provided files available at /var/run/s6/etc...exited 0. [s6-init] ensuring user provided files have correct perms...exited 0. [fix-attrs.d] applying ownership & permissions fixes... [fix-attrs.d] done. [cont-init.d] executing container initialization scripts... [cont-init.d] 00-banner.sh: executing... ----------------------------------------------------------- Add-on: Remote Backup Automatically create HA snapshots to remote server location using SCP ----------------------------------------------------------- Add-on version: 4.3.1 You are running the latest version of this add-on. System: Ubuntu 18.04.5 LTS (amd64 / qemux86-64) Home Assistant Core: 0.113.3 Home Assistant Supervisor: 232 ----------------------------------------------------------- Please, share the above information when looking for help or support in, e.g., GitHub, forums or the Discord chat. ----------------------------------------------------------- [cont-init.d] 00-banner.sh: exited 0. [cont-init.d] 01-log-level.sh: executing... [cont-init.d] 01-log-level.sh: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. Adding SSH key Creating local backup: "Automated backup 2020-08-14 00:27" Backup created: 9b798ba7 Copying password-protected 9b798ba7.zip to /path-on-storage-machine on 192.168.60.74 using SCP adding: 9b798ba7.tar (deflated 6%) Warning: Permanently added '192.168.60.74' (ECDSA) to the list of known hosts. Command completed successfully. Backup process done! [cmd] /run.sh exited 0 [cont-finish.d] executing container finish scripts... [cont-finish.d] 99-message.sh: executing... [cont-finish.d] 99-message.sh: exited 0. [cont-finish.d] done. [s6-finish] waiting for services. [s6-finish] sending all processes the TERM signal.

SET_UP AUTOMATION FOR THE INTERVAL YOU WANT: (10)

automation: #################################################### # Daily Back-up # #################################################### - id: e297213a-c74a-456d-875f-d90e44667cf4-must-be-unique alias: Daily Backup initial_state: on trigger: platform: time at: 03:27:19 condition: # remove this section for every day - condition: time # or change to fit your needs weekday: # weekday can be month/year also. See HA Docs. - tue - wed - thu - sat - sun action: - service: hassio.addon_start data: addon: 3490a758_remote_backup

Link to this video on YouTube: https://youtu.be/0C4h3Bv75J4

https://youtu.be/0C4h3Bv75J4
I retired from a large mid-western medical equipment manufacturer on December 31 (2019) and decided to try to let everyone in on my life and my transition into retirement. I have a varied set of interests. I live in a 90 year old cape cod in the middle of a small city of 70,000 people. I have a small lot across the street from the city seat of government, but despite that I have a 1952 Allis Chalmers farm tractor that I drive around the city from time to time. My wife has a business that has me fixing and creating cool home decor out of broken windows and drywall screws. I have been known to buy things on 'for sale' lists, fix it up, clean it up, generally add value and sell it off. Oh, yes, I'm getting chickens! But first I have to build the chicken coop and run. It will be like no other you have ever seen. Also will give me something to do. I am into home automation, have a Home Assistant enabled home and so will the chickens! I'll have to give them a password...