A backup solution. A server at your office behind your firewall that pulls data from public servers and saves snapshots.

On your backup server

Create a partition from free space

cfdisk /dev/sda
apt-get install parted
apt-get install btrfs-tools
mkfs.btrfs /dev/sdaX
mkdir /backups
mount /dev/sdaX /backups

Mount the partition on boot

Find the UUID of the new partition


Edit /etc/fstab

UUID=7ef18851-xxxx-yyyy-zzzz-53f7b88b6119 /backups          btrfs   defaults      0  0

Setup butterbackup

apt-get install git
cd /opt
git clone

Instalar python3 en un entorno virtual

apt-get install virtualenv
cd /opt/butterbackup
virtualenv venv --python=python3

Setup users

butterbackup runs on the backserver as root. root connects to the public server as user keeper.

We create a user on the public server and copy root@backup_server public key to keeper@public_server authorized_keys

On the public_server create dummy user on public server

adduser --disabled-password keeper
mkdir /home/keeper/.ssh
touch /home/keeper/.ssh/authorized_keys

On the backup_server create root@backup_server ssh keys

ssh-keygen -t ecdsa -b 521

And add the new public key to keeper@public_server /home/keeper/.ssh/authorized_keys

Test to see if you can open a session on the public_server

ssh keeper@public_server


Perhaps keeper@public_server does not have permission to read everything you want to backup.

Let's say you want to backup /var/www on the public server. You can add the keeper to the www-data group

Create a config file

cd /opt/butterbackup/config

Edit the new config file.

Make the first copy

You can run butterbackup manually

/opt/butterbackup/venv/bin/python3 /opt/butterbackup/

Add an entry to root's crontab

crontab -e

You cronjobs might look like this. Where each server has a corresponding /opt/butterbackup/config file

0  2 * * * /opt/butterbackup/venv/bin/python3 /opt/butterbackup/
0  3 * * * /opt/butterbackup/venv/bin/python3 /opt/butterbackup/
15 3 * * * /opt/butterbackup/venv/bin/python3 /opt/butterbackup/
45 3 * * 1,4 /opt/butterbackup/venv/bin/python3 /opt/butterbackup/

Inspect backups

cd /backups/

LXD container backups

If you need to backup directories from a LXC container, the path you need to define in your config might be very long.

 /var/, /var/snap/, /var/snap/lxd/, /var/snap/lxd/common/, /var/snap/lxd/common/lxd/, /var/snap/lxd/common/lxd/storage-pools/, /var/snap/lxd/common/lxd/storage-pools/default/, /var/snap/lxd/common/lxd/storage-pools/default/containers/, /var/snap/lxd/common/lxd/storage-pools/default/containers/my_domain/, /var/snap/lxd/common/lxd/storage-pools/default/containers/my_domain/rootfs/, /var/snap/lxd/common/lxd/storage-pools/default/containers/my_domain/rootfs/var/, /var/snap/lxd/common/lxd/storage-pools/default/containers/my_domain/rootfs/var/backups/, /var/snap/lxd/common/lxd/storage-pools/default/containers/my_domain/rootfs/var/backups/mariadb/***

Permissions for non-root users may not work either.

You can make this easier by binding the container's root filesystem to a mount point

mkdir /srv/my_domain

Now edit /etc/fstab to mount the bind on boot.

/var/snap/lxd/common/lxd/storage-pools/default/containers/my_domain/rootfs/ /srv/my_domain none bind

Mount it and you will find the container's rootfs at /srv/my_domain

mount /srv/my_domain

Edit your backup config

/srv/, /srv/my_domain/, /srv/my_domain/var/, /srv/my_domain/var/backups/, /srv/my_domain/var/backups/mariadb/***

Much easier!