Jump to content

Automatically backup all SMB clients / workgroup members

mgutt

By mgutt
in User Customizations

Recommended Posts

mgutt Veteran

mgutt

Posted
Posted

I prefer creating backups of my PCs without installing additional software, so I came up with this solution:

 

Step 1

Add a new local user "backup" to all of your PCs (How-To: Windows, Mac)

 

Step 2

On those PCs, share all folders which should be part of your backup (How-To: Windows, Mac) and add the user "backup" with "read-only" (important against Ransomware). Note for windows: Sharing C:\users\<username> is possible, but if you share only specific folders - like Pictures, Documents or Desktop - the backup will be done much faster.

 

Step 3

Change the settings in the following script and execute it by the user scripts plugin every X hours:

  

#!/bin/bash

# settings
smb_user="backup"
smb_pass="<password>"
mount_path="/mnt/remotes"
backup_cmd="/usr/local/bin/incbackup"
backup_dst_path="/mnt/user/Backups"
backup_computernames="(^desktop-|-pc$|-laptop$|-notebook$)"

# check if NetBIOS daemon is enabled (is required to use nmblookup)
if [[ ! -f /var/run/nmbd.pid ]]; then
  echo "Error: NetBIOS must be enabled in the SMB Settings"
  exit 1
fi

# obtain workgroup
workgroup=$(testparm -sl --parameter-name=workgroup 2>/dev/null)

# loop through all members of workgroup
while IFS= read -r hostname; do
  echo "Found host $hostname"
  # find PC by name
  if ! echo "$hostname" | grep -qiP "$backup_computernames"; then
    echo "$hostname is not a PC (skip)"
    continue
  fi
  # online check
  if ping -c1 -W1 "$hostname" >/dev/null 2>/dev/null; then
    echo "online"
    # check smb port
    if timeout 1 bash -c "</dev/tcp/$hostname/445" 2>/dev/null; then
      echo "smb port open"
      # obtain shares
      while IFS= read -r share; do
        echo "found share $share"
        # check auth
        if smbclient "//$hostname/$share" -U "$smb_user%$smb_pass" -d0 -c ls >/dev/null; then
          # mount share
          [[ -d "$mount_path/$hostname/$share" ]] && mkdir -vp "$mount_path/$hostname/$share"
          echo "mount share"
          if ! mount -t cifs -o username=$smb_user,password=$smb_pass,iocharset=utf8 "//$hostname/$share" "$mount_path/$hostname/$share"; then
            echo "Error: Could not mount //$hostname at $mount_path/$hostname!"
            continue
          fi
          echo "Successfully mounted //$hostname/$share at $mount_path/$hostname/$share"
          # create backup
          [[ -d "$backup_dst_path/$hostname/$share" ]] && mkdir -vp "$backup_dst_path/$hostname/$share"
          $backup_cmd "$mount_path/$hostname/$share/" "$backup_dst_path/$hostname/$share"
          # unmount share
          umount -l "$mount_path/$hostname/$share"
          echo "Unmounted $mount_path/$hostname/$share"
        else
          echo "Error: Insufficient permissions to access //$hostname/$share"
        fi
      done < <(smbclient -L "//$hostname" -U "$smb_user%$smb_pass" -d0 -g | grep -oP '(?<=\|)[^|]+(?=\|)' | grep -v '\$$')
    else
      echo "smb port closed"
    fi
  else
    echo "offline"
  fi
done < <(nmblookup -S "$workgroup" | grep -oP '[^ \t]+(?=.*<20>)')

 

How does it work

- obtains current workgroup (NetBIOS must be enabled in SMB settings!)

- searches for all PCs that are part of this workgroup

- checks if those PCs are online

- checks if the SMB port is open

- tries to login with the user "backup"

- mounts those PC shares as local Unraid paths

- executes backup command

- unmounts PC shares

 

It does not identify your PC?

Consider changing the PC name or the following setting in the script: 

backup_computernames="(^desktop-|-pc$|-laptop$|-notebook$)"

 

It means that the computer name:

- starts with "DESKTOP-" or

- ends with "-PC"or "-LAPTOP" or "-NOTEBOOK"

 

For example Windows automatically names new PCs in the format "DESKTOP-<random_id>", but I prefer renaming my computers to "JOHN-PC". Note: I didn't tested it with Mac, but I would wonder if it wouldn't work there, too.

 

Example-Backup

This is how it looks on my server:

image.thumb.png.ed6254d4da91c6a2fec4d38b50cd1335.png

 

As you can see, the folder is named "MARC-PC", which is the name of my PC. Of course it depends on your used backup command how backups are created.

 

Note: The Unraid share "Backups" shouldn't be available through the network (this respect the pc owners privacy and protects it against ransomware!).

  • Thanks 1
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...