64 lines
2.3 KiB
Markdown
64 lines
2.3 KiB
Markdown
# ZFS SnapZ
|
|
|
|
I guess I'm rewriting Sanoid/Syncoid because I don't want 100 perl AUR pkgs on my machine. This uses gocron and a go zfs cli wrapper
|
|
|
|
This project is pronounced like "snaps"
|
|
|
|
Everything in this repo is still very WIP
|
|
|
|
|
|
# Notes
|
|
|
|
There are two programs included in this package
|
|
|
|
## snapzd
|
|
|
|
Main program responsible for taking snapshot and managing ZFS datasets. This is intended to be run using the included snapz.service systemd unit. It needs to be run as root to perform snapshots.
|
|
|
|
## snapzr
|
|
|
|
snapz reciever responsible for recieving snapshots. This must be installed on the target machine
|
|
|
|
## Info
|
|
|
|
`snapzd` should be run as root
|
|
`snapzr` can be run as root, but this encourages root ssh, so maybe don't do that. Instead, create a role account on the target machine called `snapz` and a group `snapzr`. The `snapzr` binary should have the `setuid` flag set.
|
|
as root:
|
|
```
|
|
$ chown root:snapzr snapzr
|
|
$ chmod 4650 snapzr
|
|
```
|
|
if this is done, only users in the snapzr group can run `snapzr`. The binary WILL RUN AS ROOT. To ensure it's secure, `snapzr` has limited functionality - it takes just the name of the dataset to overwrite with the snapshot. This is configured in `/etc/snapzd/recv/targets.yaml`. This file should be owned by root.
|
|
|
|
# Usage
|
|
|
|
The included PKGBUILD will eventually be moved out of the repo. It exists purely for dogfooding snapz on my workstation.
|
|
|
|
## Configuration
|
|
|
|
there's one config file right now that is _required_ at `/etc/snapz/jobs.toml`. There is an example `jobs.toml` in this repo. The PKGBUILD doesn't install this example anywhere. You have to have this file present or the snapzd service will fail to start. The scheduler will not allow more than one instance of a job to run simultaneously
|
|
|
|
# WIP
|
|
|
|
* snapzr isn't started yet
|
|
* snapzd is not reliable
|
|
|
|
snapzd needs to have send jobs - I'm not sure how this will work yet. Either I need to add some dependency system to snapzd's job runner or I need to allow compound jobs. I'll probably go with the later since job dependencies don't seem worth it. This might change the config file to look like this:
|
|
|
|
```
|
|
[[jobs]]
|
|
name = "dailysnap"
|
|
cron = "0 0 * * *"
|
|
dataset = "tank/mydata"
|
|
description = "snapshot and send mydata daily"
|
|
|
|
[[jobs.snapshot]]
|
|
recursive = true
|
|
|
|
[[jobs.send]]
|
|
target = "snapz-agent@myrecvhost"
|
|
recv_dataset = "remote-tank/mydata-copy"
|
|
require_incremental = true
|
|
|
|
```
|