Remote Backup Addon for Home Assistant – 3-2-1 Backup Strategy

In this video I install the Remote Backup Addon https://github.com/ikifar2012/remote-backup-addon/blob/master/README.md from Ikifar Matheson. This Add-on will preform an HA snapshot and encrypt the results and move it to another server using SSH tools. It will also manage the number of HA Snapshots that are stored in your HA instance. I use this as one of the leg of my 3-2-1 backup strategy, providing a second backup storage location and backup method.

Episode: 040

Video related links:
This add-on can be added to any HA-Supervised instance via: https://github.com/ikifar2012/ha-addons

Random uuid generator for automation ID: https://www.uuidgenerator.net/version4

Related video regarding the rest of my Backup Strategy: https://whatarewefixing.today/221/home-assistant-tasmota-back-ups/

Contact Links:
What are we Fixing Today Homepage / Website:
https://www.WhatAreWeFixing.Today/
Channel Link URL: (WhatAreWeFixingToday)
https://bit.ly/WhatAreWeFixingTodaysYT
What are we Fixing Today Facebook page (Sir GoodEnough):
https://bit.ly/WhatAreWeFixingTodayFB
What are we Fixing Today Twitter Account (Sir GoodEnough):
https://bit.ly/WhatAreWeFixingTodayTW
Discord Account: (Sir_Goodenough#9683)
https://discord.gg/Uhmhu3B

Patreon Membership: https://www.patreon.com/WhatAreWeFixingToday

Please help support the channel:

Buy me Coffee: https://www.buymeacoffee.com/SirGoodenough
PayPal one-off donation link: https://www.paypal.me/SirGoodenough
Cash App $CASHTAG: https://cash.me/$SirGoodenough
Venmo cash link: https://venmo.com/SirGoodenough

If you would like to donate anything to this channel, please use this address:
C/O: Sirius GoodEnough
322 Buena Vista Ave.
Department: DYT
Waukesha, Wisconsin, 53188-3602

PROCESS SUMMARY:

1: Load the Repository
2: Load the addon and set-up the config file
3: Generate the key file pair (ssh-keygen)
4: Load public file into the target fileserver machine (ssh-copy-id)
5: Test login from the machine you generated the file into the target machine
6: Edit the config file (if needed)
7: Start the addon
8: Watch the log for problems
9: When run is complete, check that the zipped tar backup file is available on the file server and check that the password works.
10: When it all checks out, set-up an automation to run the backup on a scheduled time and date of your choosing.  Sample automation attached.

SAMPLE CONFIG FILE: (1-2,6)

ssh_enabled: true
ssh_host: 192.168.60.74
ssh_port: 22
ssh_user: 'UserRemote'
ssh_key: HA_ecdsa
remote_directory: '/path-on-storage-machine'
zip_password: 'Your Password to remember here'
keep_local_backup: '14'
rsync_enabled: false
rsync_host: ''
rsync_rootfolder: hassio-sync
rsync_user: ''
rsync_password: ''

SETTING UP KEY FILES:

GENERATING KEY (3)

Start in a terminal window on a linux machine.  All mine are Ubuntu.

UserRemote@Rodan:~$ cd .ssh
UserRemote@Rodan:~/.ssh$ ls -la
total 28
drwx------  2 UserRemote  UserRemote  4096 Jun 26 23:48 .
drwxr-xr-x 36 UserRemote  UserRemote  4096 Aug  7 16:23 ..
-rw-------  1 root root 2882 Jun 26 23:48 known_hosts

UserRemote@Rodan:~/.ssh$ ssh-keygen -t ecdsa -b 521
Generating public/private ecdsa key pair.
Enter file in which to save the key (/home/UserRemote/.ssh/id_ecdsa): /home/UserRemote/.ssh/HA_ecdsa
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/UserRemote/.ssh/HA_ecdsa.
Your public key has been saved in /home/UserRemote/.ssh/HA_ecdsa.pub.
The key fingerprint is:
SHA256:ijZtlnsrs5nvcORmk/y7YRAqE5EEACOhgYkDgrEplv7Pfa/y6PWw UserRemote@Rodan
The key's randomart image is:
+---[ECDSA 521]---+
|        .+++.=+=*|
|         ** *.%=o|
|        ..oO X.%+|
|       .  = +.O.=|
|       .S+   ..oo|
|        .+++.=+=*|
|         ** *.%=o|
|        ..oO X.%+|
|       .  = +.O.=|
+----[SHA256]-----+

UserRemote@Rodan:~/.ssh$ ls -la
total 36
drwx------  2 UserRemote  UserRemote  4096 Aug 13 23:48 .
drwxr-xr-x 36 UserRemote  UserRemote  4096 Aug  7 16:23 ..
-rw-------  1 UserRemote  UserRemote   365 Aug 13 23:48 HA_ecdsa
-rw-r--r--  1 UserRemote  UserRemote   263 Aug 13 23:48 HA_ecdsa.pub
-rw-------  1 root root 2882 Jun 26 23:48 known_hosts

COPY PUBLIC KEY TO MACHINE THAT WILL RECEIVE THE FILES: (4)

UserRemote@Rodan:~/.ssh$ ssh-copy-id -i HA_ecdsa.pub UserRemote@192.168.60.74
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "HA_ecdsa.pub"
The authenticity of host '192.168.60.74 (192.168.60.74)' can't be established.
ECDSA key fingerprint is SHA256:ijZtlnsrs5nvcORmk/y7YRAqE5EEACOhgYkDgrEplv7Pfa/y6PWw.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
The authenticity of host '192.168.60.74 (192.168.60.74)' can't be established.
ECDSA key fingerprint is SHA256:ijZtlnsrs5nvcORmk/y7YRAqE5EEACOhgYkDgrEplv7Pfa/y6PWw.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
The authenticity of host '192.168.60.74 (192.168.60.74)' can't be established.
ECDSA key fingerprint is SHA256:ijZtlnsrs5nvcORmk/y7YRAqE5EEACOhgYkDgrEplv7Pfa/y6PWw.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/UserRemote/.ssh/known_hosts).
Enter passphrase for key '/home/UserRemote/.ssh/id_rsa': 
UserRemote@192.168.60.74's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'UserRemote@192.168.60.74'"
and check to make sure that only the key(s) you wanted were added.

TEST THE LOGIN WORKS WITHOUT PASSWORD: (5)

UserRemote@Rodan:~/.ssh$ ssh UserRemote@192.168.60.74
The authenticity of host '192.168.60.74 (192.168.60.74)' can't be established.
ECDSA key fingerprint is SHA256:ijZtlnsrs5nvcORmk/y7YRAqE5EEACOhgYkDgrEplv7Pfa/y6PWw.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/UserRemote/.ssh/known_hosts).
Welcome to Ubuntu 20.04.1 LTS (GNU/Linux 5.4.0-42-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Thu Aug 13 23:51:01 CDT 2020

  System load:  4.41               Users logged in:           1
  Usage of /:   22.3% of 72.83GB   IPv4 address for docker0:  172.17.0.1
  Memory usage: 8%                 IPv4 address for enp4s0f0: 192.168.60.73
  Swap usage:   0%                 IPv4 address for enp4s0f1: 192.168.60.74
  Processes:    318

 * Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
   sudo snap install microk8s --channel=1.19/candidate --classic

   https://microk8s.io/ has docs and details.

0 updates can be installed immediately.
0 of these updates are security updates.

Last login: Sun Aug  2 20:57:55 2020 from 192.168.60.12
UserRemote@eldrad:~$ exit
logout
Connection to 192.168.60.74 closed.
UserRemote@Rodan:~/.ssh$ ls -la
total 36
drwx------  2 UserRemote  UserRemote  4096 Aug 13 23:50 .
drwxr-xr-x 36 UserRemote  UserRemote  4096 Aug  7 16:23 ..
-rw-------  1 UserRemote  UserRemote   365 Aug 13 23:48 HA_ecdsa
-rw-r--r--  1 UserRemote  UserRemote   263 Aug 13 23:48 HA_ecdsa.pub
-rw-------  1 root root 2882 Jun 26 23:48 known_hosts
UserRemote@Rodan:~/.ssh$ cp HA_ecdsa /run/user/1000/gvfs/smb-share:domain=etc,server=192.168.60.67,share=ssl,user=UserRemote
UserRemote@Rodan:~/.ssh$ 

SAMPLE ADD-ON SET-UP LOG SESSION: (7-8-9)

Remote Backup
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing... 

-----------------------------------------------------------
 Add-on: Remote Backup
 Automatically create HA snapshots to remote server location using SCP
-----------------------------------------------------------
 Add-on version: 4.3.1
 You are running the latest version of this add-on.
 System: Ubuntu 18.04.5 LTS  (amd64 / qemux86-64)
 Home Assistant Core: 0.113.3
 Home Assistant Supervisor: 232
-----------------------------------------------------------
 Please, share the above information when looking for help
 or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing... 
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Adding SSH key
Creating local backup: "Automated backup 2020-08-14 00:27"
Backup created: 9b798ba7
Copying password-protected 9b798ba7.zip to /path-on-storage-machine on 192.168.60.74 using SCP
  adding: 9b798ba7.tar (deflated 6%)
Warning: Permanently added '192.168.60.74' (ECDSA) to the list of known hosts.
Command completed successfully.
Backup process done!
[cmd] /run.sh exited 0
[cont-finish.d] executing container finish scripts...
[cont-finish.d] 99-message.sh: executing... 
[cont-finish.d] 99-message.sh: exited 0.
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.

SET_UP AUTOMATION FOR THE INTERVAL YOU WANT: (10)

automation:
  ####################################################
  # Daily Back-up                                    #
  ####################################################
  - id: e297213a-c74a-456d-875f-d90e44667cf4-must-be-unique
    alias: Daily Backup
    initial_state: on
    trigger:
      platform: time
      at: 03:27:19
    condition:         # remove this section for every day
    - condition: time  #   or change to fit your needs
      weekday:         # weekday can be month/year also. See HA Docs.
        - tue
        - wed
        - thu
        - sat
        - sun
    action:
      - service: hassio.addon_start
        data:
          addon: 3490a758_remote_backup

Link to this video on YouTube: https://youtu.be/0C4h3Bv75J4

https://youtu.be/0C4h3Bv75J4
I retired from a large mid-western medical equipment manufacturer on December 31 (2019) and decided to try to let everyone in on my life and my transition into retirement. I have a varied set of interests. I live in a 90 year old cape cod in the middle of a small city of 70,000 people. I have a small lot across the street from the city seat of government, but despite that I have a 1952 Allis Chalmers farm tractor that I drive around the city from time to time. My wife has a business that has me fixing and creating cool home decor out of broken windows and drywall screws. I have been known to buy things on 'for sale' lists, fix it up, clean it up, generally add value and sell it off. Oh, yes, I'm getting chickens! But first I have to build the chicken coop and run. It will be like no other you have ever seen. Also will give me something to do. I am into home automation, have a Home Assistant enabled home and so will the chickens! I'll have to give them a password...
Social Media Auto Publish Powered By : XYZScripts.com