Changeset 49925f6


Ignore:
Timestamp:
07/09/15 11:18:47 (3 weeks ago)
Author:
Kris Moore <kris@…>
Branches:
master
Children:
95f9eb6
Parents:
691d9c7 (diff), 1b43848 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Merge branch 'master' of https://github.com/pcbsd/pcbsd

Files:
4 edited

Legend:

Unmodified
Added
Removed
  • pbi-modules/mail/evolution/pbi.conf

    r8374584 r27a67cd  
    1818 
    1919# -- Optional related packages to show user 
    20 PBI_PLUGINS="" 
     20PBI_PLUGINS="mail/evolution-ews" 
    2121 
    2222 
     
    2626 
    2727# -- Other PBIs which are similar to this PBI 
    28 PBI_RELATED="" 
     28PBI_RELATED="mail/thunderbird" 
    2929 
    3030export PBI_ORIGIN PBI_PROGNAME PBI_PROGWEB PBI_PROGAUTHOR 
  • src-qt5/docs/controlpanel.rst

    r14b20e4b r33ed329  
    24742474 
    24752475* Replication to an iSCSI target. This method provides the most security as the replicated data is sent over an encrypted connection and the data is stored in an encrypted format. 
    2476   The remote system does not need to be formatted with ZFS but stunnel must be installed. Refer to :ref:`Replicating Encrypted Backups` for an example configuration. 
     2476  The remote system does not need to be formatted with ZFS but it must understand kernel iSCSI and stunnel must be installed. Refer to :ref:`Replicating Encrypted Backups` for an 
     2477  example configuration. 
    24772478 
    24782479To exclude datasets from the snapshot from being replicated to the remote system, click the "Excluded Data" tab. This will let you create an exclude list as described in the 
     
    26992700 
    27002701.. note:: if you don't receive the pop-up message asking for the password, check that the firewall on the backup system, or a firewall within the network, is 
    2701    not preventing access to the port number listed in "SSH Port". 
     2702   not preventing access to the port number listed in "SSH Port". Also, this pop-up only occurs once. If the password changes or you are not able to successfully login, 
     2703   use :menuselection:`Snapshots --> Reset Replication Password` to re-input the password. 
    27022704 
    27032705Once the SSH login is successful, Life Preserver will begin to replicate snapshots to the remote system at the configured "Frequency". Note that the first replication can 
    2704 take several hours to complete, depending upon the speed of the network. Subsequent replications will only contain changed data and will be much smaller. 
     2706take several hours to complete, depending upon the speed of the network. Subsequent replications will only contain changed data and will be much smaller. You can confirm 
     2707that the snapshots have been received by clicking :menuselection:`Storage --> Snapshots` on the FreeNAS® system. This should provide a listing of the replicated datasets, 
     2708allowing you to manage the replicated snapshots as described in `Snapshots <http://doc.freenas.org/9.3/freenas_storage.html#snapshots>`_. 
    27052709 
    27062710Life Preserver uses backend checks so that it is safe to keep making snapshots while a replication is in process. It will not prune any existing snapshots 
     
    27132717----------------------------- 
    27142718 
    2715 For some time, Life Preserver has provided the ability to securely replicate to another system over SSH, meaning that the data is encrypted while it is being transferred 
    2716 over the network. Beginning with version 10.1.2, Life Preserver provides an extra measure of security to replicated backups by adding support for fully-encrypted backups, 
     2719The previous section demonstrated how to securely replicate snapshots to another system over SSH, which ensures that the data is encrypted while it is being transferred 
     2720over the network. Life Preserver provides an alternate replication method which provides an extra measure of security by adding support for fully-encrypted backups 
    27172721using `stunnel <https://www.stunnel.org/index.html>`_ and GELI-backed iSCSI volumes. This means that the data stored on the remote side is encrypted and only accessible with 
    2718 the key file stored on the PC-BSD® client. The backup server must understand kernel iSCSI, meaning that it must be running FreeBSD 9.1 or higher, PC-BSD®/TrueOS® 10.1.2, or 
    2719 FreeNAS® 9.3. However, the remote system does not need to be formatted with ZFS. This section describes how to configure the backup system and how to use the new setup wizard 
     2722the key file stored on the PC-BSD® system. The remote backup server must understand kernel iSCSI, meaning that it must be running FreeBSD, PC-BSD®/TrueOS®, or 
     2723FreeNAS®. However, the remote system does not need to be formatted with ZFS. This section describes how to configure the backup system and how to use the new setup wizard 
    27202724for creating encrypted backups. 
    27212725 
    27222726The backup system must meet the following requirements: 
    27232727 
    2724 * must be running FreeBSD 9.1 or higher, PC-BSD® or TrueOS® 10.1.2, or FreeNAS® 9.3 
    2725  
    2726 * if it is a FreeBSD system, the "security/stunnel" package must be installed; this software is already installed on PC-BSD®/TrueOS® 10.1.2 and on FreeNAS® 9.3 systems that 
     2728* must be running FreeBSD 9.1 or higher, PC-BSD® or TrueOS® 10.1.2 or higher, or FreeNAS® 9.3 
     2729 
     2730* if it is a FreeBSD system, the "security/stunnel" package must be installed. This software is already installed on PC-BSD®/TrueOS® 10.1.2 and on FreeNAS® 9.3 systems that 
    27272731  have been updated to at least SU201504100216. 
    27282732   
    27292733* if it is a FreeBSD system, the `lpreserver-host-iscsi <https://raw.githubusercontent.com/pcbsd/pcbsd/master/src-sh/lpreserver/lpreserver-host-iscsi>`_ script must be 
    2730   downloaded. This file is already installed to :file:`/usr/local/bin/` on PC-BSD®/TrueOS® 10.1.2 systems. See the next section for FreeNAS® instructions. 
     2734  downloaded. This file is already installed to :file:`/usr/local/bin/` on PC-BSD®/TrueOS® 10.1.2 systems. Refer to :ref:`Using FreeNAS® as the Backup System~ for FreeNAS® instructions. 
    27312735 
    27322736Before you can configure the PC-BSD® system, you must first create a Life Preserver configuration file ending in the :file:`.lps` extension on the remote system which 
     
    28122816:ref:`Running the Encrypted Backup Wizard`. 
    28132817 
    2814 .. _Using FreeNAS as the Backup System: 
    2815  
    2816 Using FreeNAS as the Backup System 
    2817 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 
     2818.. _Using FreeNAS® as the Backup System: 
     2819 
     2820Using FreeNAS® as the Backup System 
     2821^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ 
    28182822 
    28192823To instead prepare a FreeNAS® 9.3 system to use as the backup target, first ensure that the system has been updated to the latest software update. Then, 
    28202824perform the following configuration steps. 
    28212825 
    2822 Create a service account for the stunnel service by going to :menuselection:`Account --> Users --> Add User`. In the screen shown in Figure 8.19r, input 
     2826Create a service account for the stunnel service by going to :menuselection:`Account --> Users --> Add User`. In the screen shown in Figure 8.19s, input 
    28232827the following values in these fields then press "OK" to create the account: 
    28242828 
     
    28332837* **Disable password login:** check this box 
    28342838 
    2835 **Figure 8.19r: Create the Service Account**  
     2839**Figure 8.19s: Create the Service Account**  
    28362840 
    28372841.. image:: images/iscsi4.png 
    28382842 
    28392843Next, create a zvol using the tree menu. Go to :menuselection:`Storage --> Volumes --> click the plus to expand name of volume --> Create zvol`. In the example 
    2840 shown in Figure 8.19s, a zvol of 50GB in size named "pcbsd-backup" is created on the volume named "volume1". 
    2841  
    2842 **Figure 8.19s: Create the zvol**  
     2844shown in Figure 8.19t, a zvol of 50GB in size named "pcbsd-backup" is created on the volume named "volume1". 
     2845 
     2846**Figure 8.19t: Create the zvol**  
    28432847 
    28442848.. image:: images/iscsi5.png 
    28452849 
    2846 You are now ready to configure iSCSI. Go to :menuselection:`Sharing --> Block (iSCSI)`. In the "Target Global Configuration" screen shown in Figure 8.19t, change the 
     2850You are now ready to configure iSCSI. Go to :menuselection:`Sharing --> Block (iSCSI)`. In the "Target Global Configuration" screen shown in Figure 8.19u, change the 
    28472851default "Base Name" to *iqn.2012-06.com.lpreserver*. 
    28482852 
    2849 **Figure 8.19t: Configure the IQN**  
     2853**Figure 8.19u: Configure the IQN**  
    28502854 
    28512855.. image:: images/iscsi6.png 
    28522856 
    28532857Click the "Portals" tab then the "Add Portal" button. Verify that the "IP Address" drop-down menu is set to *0.0.0.0* and that the "Port" field is set to 
    2854 *3260*, add a "Comment" if it is useful to you, then click "OK" to add the entry to the "Portals" tab. In the example shown in Figure 8.19u, this is 
     2858*3260*, add a "Comment" if it is useful to you, then click "OK" to add the entry to the "Portals" tab. In the example shown in Figure 8.19v, this is 
    28552859the first time iSCSI has been configured on this system, so it has a "Portal Group ID" of *1*. If you have already created other iSCSI targets, note the 
    28562860"Portal Group ID" you just created. 
    28572861 
    2858 **Figure 8.19u: Configure the Portal**  
     2862**Figure 8.19v: Configure the Portal**  
    28592863 
    28602864.. image:: images/iscsi7.png 
    28612865 
    28622866In the "Initiators" tab, click the "Add Initiator" button. Verify that both the "Initiators" and "Authorized network" fields are set to *ALL*, add a "Comment" if 
    2863 it is useful to you, and press "OK" to add an entry to the "Initiators" tab. Make note of the "Group ID" that is created. In the example shown in Figure 8.19v, 
     2867it is useful to you, and press "OK" to add an entry to the "Initiators" tab. Make note of the "Group ID" that is created. In the example shown in Figure 8.19w, 
    28642868it is *1*. 
    28652869 
    2866 **Figure 8.19v: Configure the Initiator**  
     2870**Figure 8.19w: Configure the Initiator**  
    28672871 
    28682872.. image:: images/iscsi8.png 
    28692873 
    28702874In the "Authorized Access" tab, click the "Add Authorized Access" button. Input a value for the "User" that is between 8 and 12 characters and a value in the "Secret" and 
    2871 "Secret (Confirm)" fields that is between 12 and 16 characters, then press "OK". In the example shown in Figure 8.19w, the "User" has a value of *mybackups*, the 
     2875"Secret (Confirm)" fields that is between 12 and 16 characters, then press "OK". In the example shown in Figure 8.19x, the "User" has a value of *mybackups*, the 
    28722876secret is *pcbsdbackups*, and the "Group ID" is 
    28732877*1*. Make note of the "Group ID" that is created for you. 
    28742878 
    2875 **Figure 8.19w: Configure the Authorized Access**  
     2879**Figure 8.19x: Configure the Authorized Access**  
    28762880 
    28772881.. image:: images/iscsi9.png 
    28782882 
    2879 In the "Targets" tab, click the "Add Target" button. In the screen shown in Figure 8.19x, use the following values in these fields: 
     2883In the "Targets" tab, click the "Add Target" button. In the screen shown in Figure 8.19y, use the following values in these fields: 
    28802884 
    28812885* **Target Name:** target0 
     
    28872891* **Auth Method:** select CHAP from the drop-down menu 
    28882892 
    2889 **Figure 8.19x: Configure the Target**  
     2893**Figure 8.19y: Configure the Target**  
    28902894 
    28912895.. image:: images/iscsi10.png 
    28922896 
    2893 In the "Extents" tab, click the "Add Extent" button. In the screen shown in Figure 8.19y, input an "Extent Name", in this case it is *pcbsd-backup*, and make sure that 
     2897In the "Extents" tab, click the "Add Extent" button. In the screen shown in Figure 8.19z, input an "Extent Name", in this case it is *pcbsd-backup*, and make sure that 
    28942898the zvol you created is selected in the "Device" drop-down menu. Click "OK" to create the extent. 
    28952899 
    2896 **Figure 8.19y: Configure the Extent**  
     2900**Figure 8.19z: Configure the Extent**  
    28972901 
    28982902.. image:: images/iscsi11.png 
    28992903 
    2900 Finish the iSCSI configuration by clicking the "Associated Targets" tab, then the "Add Target / Extent" button. In the screen shown in Figure 8.19z, select the "Target" 
     2904Finish the iSCSI configuration by clicking the "Associated Targets" tab, then the "Add Target / Extent" button. In the screen shown in Figure 8.19aa, select the "Target" 
    29012905and the "Extent" that you created. 
    29022906 
    2903 **Figure 8.19z: Associate the Target With the Extent**  
     2907**Figure 8.19aa: Associate the Target With the Extent**  
    29042908 
    29052909.. image:: images/iscsi12.png 
     
    29562960described in :ref:`Scheduling a Backup`. When you get to the screen shown in Figure 8.19e, just click "Next" as you will instead be using a zvol to 
    29572961backup to. Next, start the encrypted backup wizard by clicking :menuselection:`File --> Enable Offsite Backups` and select the pool to backup. This will start 
    2958 the "iSCSI Setup Wizard". Click "Next" to see the screen shown in Figure 8.19aa. 
    2959  
    2960 **Figure 8.19aa: Selecting the Configuration File**  
     2962the "iSCSI Setup Wizard". Click "Next" to see the screen shown in Figure 8.19ab. 
     2963 
     2964**Figure 8.19ab: Selecting the Configuration File**  
    29612965 
    29622966.. image:: images/iscsi1.png 
    29632967 
    29642968Click the "Select" button to browse to the location of your saved :file:`.lps` file. Once selected, the "Host", "Target", "User", and "Password" fields will 
    2965 auto-populate with the settings from the configuration file. Click "Next" to see the screen shown in Figure 8.19ab. 
    2966  
    2967 **Figure 8.19ab: Input the Encryption Key**  
     2969auto-populate with the settings from the configuration file. Click "Next" to see the screen shown in Figure 8.19ac. 
     2970 
     2971**Figure 8.19ac: Input the Encryption Key**  
    29682972 
    29692973.. image:: images/iscsi2.png 
     
    29792983   
    29802984When finished, click "Next". A pop-up menu will ask if you are ready to enable off-site data storage. Click "Yes" to complete the configuration. This may take a few minutes. 
    2981 Once the connection to the remote system is established, you will see the screen shown in Figure 8.19ac. 
    2982  
    2983 **Figure 8.19ac: Save the Key**  
     2985Once the connection to the remote system is established, you will see the screen shown in Figure 8.19ad. 
     2986 
     2987**Figure 8.19ad: Save the Key**  
    29842988 
    29852989.. image:: images/iscsi3.png 
     
    29993003 
    30003004If you have replicated the system's snapshots to a remote backup server, you can use a PC-BSD® installation media to perform an operating system restore or to clone 
    3001 another system. Start the installation as usual until you get to the screen shown in Figure 8.19ad.  
    3002  
    3003 **Figure 8.19ad: Selecting to Restore/Clone From Backup**  
     3005another system. Start the installation as usual until you get to the screen shown in Figure 8.19ae.  
     3006 
     3007**Figure 8.19ae: Selecting to Restore/Clone From Backup**  
    30043008 
    30053009.. image:: images/lpreserver15.png 
     
    30143018 
    30153019Once you are ready, click "Restore from Life-Preserver backup" and the "Next" button. This will start the Restore Wizard. Click "Next" to select the type of restore using the 
    3016 screen shown in Figure 8.19ae.  
    3017  
    3018 **Figure 8.19ae: Restoring From an Encrypted Backup**  
     3020screen shown in Figure 8.19af.  
     3021 
     3022**Figure 8.19af: Restoring From an Encrypted Backup**  
    30193023 
    30203024.. image:: images/lpreserver16.png 
     
    30293033 
    30303034If you instead configured backups to a replication server using the instructions in :ref:`Scheduling a Backup`, click the "SSH Restore" tab. In the screen shown in 
    3031 Figure 8.19af, input the IP address of the backup server and the name of the user account used to replicate the snapshots. If the server is listening on a non-standard SSH 
    3032 port, change the "SSH port" number. Then, click "Next" to select an authentication method in the screen shown in Figure 8.19ag. 
    3033  
    3034 **Figure 8.19af: Input the Information for a SSH Restore**  
     3035Figure 8.19ag, input the IP address of the backup server and the name of the user account used to replicate the snapshots. If the server is listening on a non-standard SSH 
     3036port, change the "SSH port" number. Then, click "Next" to select an authentication method in the screen shown in Figure 8.19ah. 
     3037 
     3038**Figure 8.19ag: Input the Information for a SSH Restore**  
    30353039 
    30363040.. image:: images/lpreserver20.png 
    30373041 
    3038 **Figure 8.19ag: Select the Authentication Method**  
     3042**Figure 8.19ah: Select the Authentication Method**  
    30393043 
    30403044.. image:: images/lpreserver17.png 
     
    30443048connection to the server. 
    30453049 
    3046 Once the connection to the backup server succeeds, you will be able to select which host to restore. In the example shown in Figure 8.19ah, only one host has been backed up to the 
     3050Once the connection to the backup server succeeds, you will be able to select which host to restore. In the example shown in Figure 8.19ai, only one host has been backed up to the 
    30473051replication server. 
    30483052 
    3049 **Figure 8.19ah: Select the Host to Restore** 
     3053**Figure 8.19ai: Select the Host to Restore** 
    30503054 
    30513055.. image:: images/lpreserver18.png 
  • src-qt5/docs/introduction.rst

    r14b20e4b r33ed329  
    303303 
    304304* Life Preserver's "Replication" tab now allows you to create a list of datasets to exclude when replicating to the remote server. 
     305 
     306* The "Reset Replication Password" option has been added to the :menuselection:`Life Preserver --> Snapshots` menu. 
    305307 
    306308.. index:: Linux 
  • src-qt5/pc-installgui/installer.cpp

    r96fd6a3 r691d9c7  
    18851885  if (!ok || cfgFile.isEmpty()) 
    18861886    return; 
     1887 
     1888  // Read the contents of this file 
     1889  QStringList fileContents; 
     1890  QFile file(cfgFile); 
     1891  if (!file.open(QIODevice::ReadOnly | QIODevice::Text)) 
     1892    return; 
     1893 
     1894  while (!file.atEnd()) 
     1895    fileContents << file.readLine(); 
     1896  file.close(); 
     1897 
     1898  // Display the file in an OK information box so the user can inspect it 
     1899  QMessageBox::information(this, tr("PC-BSD Installer Config Script"), fileContents.join("\n"), QMessageBox::Ok, QMessageBox::Ok); 
    18871900   
    18881901  ret = QMessageBox::question(this, tr("PC-BSD Installer"), 
Note: See TracChangeset for help on using the changeset viewer.