Trying to backup to VPS using SSHFS

scooke

Hello,
I'm trying to backup to a nice 1TB VPS I have sitting idle. It is an OpenVZ VPS, nothing fancy.

I've set up the backup details, using rsync, but it fails with this message:

/mnt/cloudronbackup is not mounted

Now, I have ssh'ed into my Cloudron VPS, and I can run the following fine:

sudo rsync -avW -e ssh /home/yellowtent/platformdata/backup/  user@my.ip.is.ok:/home/user/BACKUPS/cloudron

This successfully backs up that cloudron directory.

SO, why is the GUI Backup command failing? Why is it looking for /mnt/cloudronbackup when I've already entered /home/user/BACKUPS/cloudron? What am I missing? Thank you!

EDIT: In the section for Private Key I entered the Public key of that key. Does it really need the Private Key?

nebulon

@scooke in this case the private key is required, as the SSH server will have the public key in the authorized keys file. The backup is the client here and thus would present the private one. You can simply generate a specific key for that purpose to not leak some other private key.

scooke

@nebulon Thank you. So, /mnt/cloudronbackup is not mounting because the backup script is looking for the proper key?

nebulon

@scooke did the Cloudron backup UI succeed to configure it? If so there should be a file at /etc/systemd/system/mnt-cloudronbackup.mount which contains the full ssh mount options. Otherwise, if the configuration already fails, then check journalctl for more hints what is wrong.
The current error reporting is quite poor for sshfs unfortunately.

scooke

@nebulon Wait, this is probably more simple than it seems.

As a mental exercice I'll retrace some steps: I made keys on my laptop, and put the public one in the /home/user/.ssh/authorized_keys file, while the Private key stayed on my laptop. So when I want to login to the remote server, I ssh into it, and the ssh server on that remote server compares its public key with my local private key, and when it matches, I am allowed to login.

So, the cloudron server then is like my laptop. And the remote server is like the 'remote server', again. And I put the public key from my cloudron in the /home/user/.ssh/authorized_keys file on the remote server, right?

Quick question: Where do I save these keys when I make them on the Cloudron server? In /home/yellowtent/? But at the moment, there is no .ssh directory in /home/yellowtent/

I think if someone can he;lp me grasp this, I should be able to do it.

EDIT: at this moment there is no /etc/systemd/system/mnt-cloudronbackup.mount, probably because I haven't correctly filled in the Backup config with a Private key.

nebulon

@scooke your example to view the Cloudron as your laptop is correct. Since the Cloudron wants to access the remote server running SSH to backup to, it simply acts as a client. In SSH the remote server will have the public key, while the client keeps the private one.

If you configure the SSHFS connection via the Cloudron dashboard, it would store the private key in /home/yellowtent/platformdata/sshfs/ however this only happens if you succeed to submit the backup configure dialog.

During saving the backup configuration, Cloudron would temporarily try to mount the remote server, add a file and remove it again. Also only if this succeeds, the mount file at /etc/systemd/system/mnt-cloudronbackup.mount will exist.

While submitting the configure dialog, keep an eye on the system logs with journalctl --system -f if it reveals some more info on the error

girish

@scooke Did you get this sorted out? One thing is you don't need to do the SSHFS mount yourself. Cloudron will create the mountpoint and manage it internally.

scooke

@girish I haven't done the steps you suggested yet, I just reverted back to my Scaleway backups. But I will try again shortly. Thanks for checking in.