Merge branch 'dev' into main

README.md

@@ -0,0 +1,70 @@
+# miyagi-pbs-zfs
+Secure Proxmox PVE with Proxmox Backup Server PBS and ZFS Pull Replication with a mostly turned off System
+Optimize Processes without colliding Replications, Backups, Monitorings or Scrubs
+Save lot of Money with less performant Hardware
+
+Start it with bash miyagi-pbs-zfs -c configfile
+
+There are german payed Lessons here:
+14. + 16.05.2024 (13-17h) - Replikationen und Backups Trojanersicher (V2) - on https://cloudisevil.com
+
+You also can searh vor sysops.tv or zfs. rocks on YouTube #miyagi - an english Tutorial will follow!
+
+What it does
+Miyagi said, best defense, no be there
+
+Usecase
+Proxmox Backupserver is running unnecessarly 24/7
+ZFS Replication is usually done by a zfs send, so its a push
+
+What if our Backup/Replicaserver is turned off most the time, nobody can attack it
+
+Consider not using a Gateway, use Routes!
+
+Prerequisites
+
+Proxmox with ZFS on Host to Backup/Replicate -  we recommend check_mk Agent for automaticly added Tests
+Proxmox with ZFS on Target Machine - it´s WOL MAC Address
+Proxmox Backup Server as a VM oder better PCT on Target machine
+Proxmox Backup Server Datastore has to be Setup on Source
+Your contet of your Public Key of the Target Host .ssh/id_rsa.pub added to
+  Host to Backup .ssh/authorized_keys
+  Proxmox Backup Server on Target Host .ssh/authorized_keys
+ssh one from your Target Host to Source Host and PBS to confirm Host Key with a yes
+
+At all Proxmox 'apt install zfs-auto-snapshot -y'
+Target Hosts needs the following tools to be installed
+
+  https://github.com/bashclub/zsync
+  https://github.com/bashclub/check-zfs-replication
+
+Any Host waking up the Target Host or a daily Cronjob
+
+What we do...
+
+Turning on the Computer with a @reboot Cron
+
+@reboot /root/pbs-zfs-daily.sh -c 200-ssd.conf && /root/pbs-zfs-daily.sh -c 200-hdd.conf
+
+So Miyagi at this point can pull two ZFS-Datastores to one Target Datastore, using the full Path of ZFS for Naming.
+If you have multiple Target Datasets, please run multiple Configs and disable Proxmox Backup Server!
+Miyagi will tag your Source for Replication with Zsync!
+
+Replicating by a Pull with https://github.com/bashclub-zsync
+Pushing a Report to Proxmox Source Host, monitored by Check_MK unsing https://github.com/bashclub/checkzfs
+The Report will be found by Check_MK´s built in Autdiscovery for new Services.
+Data will be valid vor about one Day (90000s) bevore it expires.
+So there nothing can go wrong!
+
+Regarding to the Weekday doing Maintenance on Proxmox Backup Server for getting more free Space.
+Triggering a Push Backup with PBS (only Way to do) Backup to PBS and checking Exitcode for Report
+Reporting PBS Result with 100% certainty in compact OK/WARN State to backuped PVE Host using Check_MK
+
+Verifying older Backups
+Protecting the PBS Backups with a ZFS Snapshot
+Updating the Host and PBS
+
+TURNING OFF THE MACHINE!!!
+Test Targets Tank if less than 75% free, otherwise report to Check_MK
+Test Disks after PBS Maintenance, before shutdown with SmartCTL Short Test and report to Check_MK
+Support multiple Sources

config.example

@@ -1,27 +1,33 @@
+#Edit all Variables for best Experience
+
+SSHPORT='22' #SSH Port, usually default 22 internally
+BACKUPSERVER=no #use yes for triggering Proxmox Backup to Store
+MAINTDAY=7 #1 Monday to 7 Sunday, dont start your System too late
+SHUTDOWN=no #No be there anymore
+
 SOURCEHOST='192.168.50.200' # IP from Proxmox VE System to be backuped and replicated daily
 SOURCEHOSTNAME='pve3' #Hostname of Proxmox VE System to be backuped and replicated daily
 
+#Replication
 ZFSROOT='rpool/data' #First Dataset/Datastoresourcepath from Proxmox VE System to be backuped and replicated daily
 ZFSSECOND='rpool-hdd/data' #Optional second Dataset
 ZFSTRGT='rpool-ssd1/repl/pve200' #This pulling Machines Target ZFS Sourcepath
+
+#Prevent Scrubs on Backups and Replications
 ZPOOLSRC=rpool #First Pool/Tank from Proxmox VE System to be backuped and replicated daily
 ZPOOLDST=rpool #This pulling Machines Pool/Tank
+
+#ZSYNC
 ZPUSHTAG=bashclub:zsync-198-ssd #ZFS User parameter will be set on ZFSROOT and ZFSSECOND to select.
 ZPUSHMINKEEP=3 #Keep min x Snapshots on all Source Datasets to resume Replication
 ZPUSHKEEP=14 #Number of Snapshots with ZPUSHLABEL
 ZPUSHLABEL=zsync-rz #Suffix for ZFS-Auto-Snapshot Engine
 ZPUSHFILTER="" #ZPUSHLABEL will be replicated. So you can add more Patterns from ZFS, line hourly, daily, weekly, monthly.
 
+#Backup
 PBSHOST='192.168.50.199' #IP from your Proxmox Backupserver - dont forget to add your hosts public key to PBS authorized keys
 BACKUPSTORE=backup #Datastorename configured in your  Proxmox VE System to be backuped and replicated daily
 BACKUPSTOREPBS=backup #Datastorename configured in your Proxmox Backup Server 
 BACKUPEXCLUDE='124,3021,3022,3023,3251,3252,3253,3254' #Machines to be excluded from Proxmox Backup
 REPLEXCLUDE=$BACKUPEXCLUDE
 
-SSHPORT='22' #SSH Port, usually default 22 internally
-
-BACKUPSERVER=no
-
-MAINTDAY=7
-
-SHUTDOWN=no