Today I wrote my firs application for ReadyNAS OS. It's very, very simple. It just for Proxy Auto Configuration (PAC) / Web Proxy Autodiscovery Protocol (WPAD) so I called it wpad ;-)

The whole "application" serve only one file wpad.dat. It fits in two files: /apps/wpad/http.conf and /apps/wpad/wpad.dat itself. The content of /apps/wpad/http.conf is:

<VirtualHost *:80>
        ServerAdmin admin@localhost
        ServerName wpad
        DocumentRoot /apps/wpad
        ErrorLog /apps/wpad/error.log
        LogLevel warn
</VirtualHost>

Now when apache starts it creates link:

root@NAS:~# ll /etc/apache2/sites-enabled/090-wpad.conf
lrwxrwxrwx 1 root root 20 Mar 22 21:15 /etc/apache2/sites-enabled/090-wpad.conf -> /apps/wpad/http.conf

To more detailed info about applications for ReadyNAS OS see ReadyNAS Applications Specification.

To have WPAD worked I had to configure also my router:

To resolve wpad as 192.168.1.12 (this is address of my NAS) in /etc/dnsmasq.conf I added:

address=/wpad/192.168.1.12

and to in /etc/config/dhcp file in section config dhcp 'lan':

list dhcp_option '252,http://wpad/wpad.dat'

To backup embedded systems, such as Android phone or OpenWRT router you can use tar command in conjunction with ssh. As I mentioned before this method is almost successful with Android. Now example with Gargoyle router - called device.

Similar to Android devices OpenWRT's tar doesn't support --totals option, so I've prepared wrapper (see below) because it is necessary for BackupPC.

You will need:

1. Copy your generated earlier id_rsa.pub to /etc/dropbear/authorized_keys on device. To be able to login without password.

2. Login to device manually for the first time (to add it to known_hosts):

   sudo -u backuppc /usr/bin/ssh -q -x -n -l root router
   

   as you can see I logged as root to device named router. Alternatively you can manually edit known_hosts.

3. On device create file (ie. /root/tar_totals.bash) to emulate --totals option behaviour:

   root@router:~# cat /root/tar_totals.bash
   tar $*
   echo "Total bytes written: 10240 (10KiB, 3.6MiB/s)" >&2
   

   and of course make it executable:

   chmod u+x /root/tar_totals.bash
   

   (this what I can't do on Android)

4. Define host in BackupPC with settings:

   $Conf{BackupFilesExclude} = {};
   $Conf{BackupFilesOnly} = {
     '/' => [
       'etc'
     ]
   };
   $Conf{TarClientCmd} = '$sshPath -q -x -n -l root $host $tarPath -c -v -f - -C $shareName+';
   $Conf{TarClientPath} = '/root/tar_totals.bash';
   $Conf{TarShareName} = [
     '/'
   ];
   $Conf{XferMethod} = 'tar';
   

   as you can see only /etc is copied, and I use wrapper instead of tar command.

Now you can backup it. Of course in log you will have:

Running: /usr/bin/ssh -q -x -n -l root router /root/tar_totals.bash -c -v -f - -C / ./etc
full backup started for directory / Xfer PIDs are now 23732,23731
Total bytes written: 10240 (10KiB, 3.6MiB/s)
(...)

where you can see fake transfer summary.

Unfortunately on Android device you cannot set file as executable:

HWVTR:/storage/emulated/0/ssh $ chmod u+x tar_totals.bash
chmod: chmod 'tar_totals.bash' to 100760: Operation not permitted

After you manage to ssh to your android device. You can set it up to backup with BackupPC.

Since rsync command is not available You can use tar. In configuration you have to set:

$Conf{XferMethod} = 'tar';

change path to tar:

$Conf{TarClientPath} = 'tar';

and command to execute:

$Conf{TarClientCmd} = '$sshPath -q -x -n -p 2222 $host env LC_ALL=C $tarPath -c -v -f - -C $shareName+';

as you can see I've removed -l root and --totals.

Complete config is:

$Conf{XferMethod} = 'tar';
$Conf{TarClientPath} = 'tar';
$Conf{TarShareName} = [
  '/storage/emulated/0/DCIM/Camera/'
];
$Conf{TarClientCmd} = '$sshPath -q -x -n -p 2222 $host env LC_ALL=C $tarPath -c -v -f - -C $shareName+';

There are still some problems because backup is ended with an error:

Running: /usr/bin/ssh -q -x -n -p 2222 huawei_p10 env LC_ALL=C tar -c -v -f - -C /storage/emulated/0/DCIM/Camera .
full backup started for directory /storage/emulated/0/DCIM/Camera
Xfer PIDs are now 19406,19405
(...)
tarExtract: Done: 0 errors, 0 filesExist, 0 sizeExist, 0 sizeExistComp, 78 filesTotal, 227795841 sizeTotal
Backup aborted ()
Not saving this as a partial backup since it has fewer files than the prior one (got 78 and 0 files versus 1814)

You can backup android phone/tabled (device) with rsync installed on some host and SimpleSSHD installed on device.

First you have to check if you can ssh to device:

To login first time You have to run SimpleSSHD and press START to run it in foreground. From some host login to device using command:

sudo -u backuppc /usr/bin/ssh 192.168.1.241 -p 2222

enter password displayed in SimpleSSHD windows on device, you will see something like this:

no authorized_keys, generating single-use password
--------
yrGAex8s
--------

As you can see my device has address 192.168.1.241 and server is using his default port 2222. You don't have to provide any user name (ie. -l someuser).

Now you can backup device manually using rsync:

rsync --update -e 'ssh -p 2222' -azv \
192.168.1.241:/storage/emulated/0/DCIM/Camera/ /data/myPhoneBackup/

Another approach is to use Rsync Wrapper by Letscorp (I didn't tested it yet).

The main target is to make android device be able to backup using BackupPC.

Installation

yum install https://yum.puppetlabs.com/puppetlabs-release-pc1-el-7.noarch.rpm
yum install puppetserver

add following lines to /etc/puppetlabs/puppet/puppet.conf, of course, change puppetmaster to your host name:

dns_alt_names = puppet,puppetmaster

[agent]
runinterval = 1m

you can reduce memory usage - edit /etc/sysconfig/puppetserver file and change JAVA_ARGS to:

JAVA_ARGS="-Xms256m -Xmx384m -XX:MaxPermSize=256m"

then run service:

systemctl enable puppetserver
systemctl start puppetserver

First manifests

To communicate with agents puppet use 8140 port - we try to open it using puppet in three steps:

1. Install module to manage firewalld
2. Create new puppet service
3. Enable this service for public zone

Module installation

First we need module to manage firewalld - to install it create manifest file, ie. puppet.test.firewalld-install.pp (as you can see I used /root directory, but it does'n matter):

$module_firewalld = 'crayfishx-firewalld'
exec { 'install-puppet-module-firewalld':
  command => "puppet module install ${module_firewalld}",
  unless  => "puppet module list | grep ${module_firewalld}",
  path    => ['/bin', '/opt/puppetlabs/bin']
}

and test (--noop) first manifest:

[root@puppetmaster ~]# puppet apply puppet.test.firewalld-install.pp --noop
Notice: Compiled catalog for puppetmaster.lan in environment production in 0.18 seconds
Notice: /Stage[main]/Main/Exec[install-puppet-module-firewalld]/returns: current_value notrun, should be 0 (noop)
Notice: Class[Main]: Would have triggered 'refresh' from 1 events
Notice: Stage[main]: Would have triggered 'refresh' from 1 events
Notice: Applied catalog in 1.45 seconds

after this you can apply (without --noop):

[root@puppetmaster ~]# puppet apply puppet.test.firewalld-install.pp
Notice: Compiled catalog for puppetmaster.lan in environment production in 0.18 seconds
Notice: /Stage[main]/Main/Exec[install-puppet-module-firewalld]/returns: executed successfully
Notice: Applied catalog in 14.33 seconds

of course you could just run:

puppet module install crayfishx-firewalld

but it would be too simple ;-)

Create service

Now we can create firewalld service. Create file puppet.test.firewalld-service.pp:

    firewalld::custom_service{'puppet':
      short       => 'puppet',
      description => 'Puppet Client access Puppet Server',
      port        => [
        {
            'port'     => '8140',
            'protocol' => 'tcp',
        },
        {
            'port'     => '8140',
            'protocol' => 'udp',
        },
      ],
    }

and apply this:

[root@puppetmaster ~]# puppet apply puppet.test.firewalld-service.pp
Notice: Compiled catalog for puppetmaster.lan in environment production in 0.27 seconds
Notice: /Stage[main]/Main/Firewalld::Custom_service[puppet]/File[/etc/firewalld/services/puppet.xml]/ensure: defined content as '{md5}3fc4d356e7cb57739c8ceb8a0b483eaa'
Notice: /Stage[main]/Main/Firewalld::Custom_service[puppet]/Exec[firewalld::custom_service::reload-puppet]: Triggered 'refresh' from 1 events
Notice: Applied catalog in 1.32 seconds

(I cut warnings about depreciated validate functions)

As you can see there is a new file:

[root@puppetmaster ~]# more /etc/firewalld/services/puppet.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
    <short>puppet</short>
    <description>Puppet Client access Puppet Server</description>
    <port protocol="tcp" port="8140" />
    <port protocol="udp" port="8140" />
</service>

Again we could create this file manually, but what for?

Enable service

It's time to use this service. Create file puppet.test.firewalld-apply.pp:

firewalld_service { 'Allow puppet from the public zone':
  ensure  => 'present',
  service => 'puppet',
#  zone    => 'external',
}

(because public id default parameter zone can be omitted) and apply this:

[root@puppetmaster ~]# puppet apply puppet.test.firewalld-apply.pp
Notice: Compiled catalog for puppetmaster.lan in environment production in 0.15 seconds
Notice: /Stage[main]/Main/Firewalld_service[Allow puppet from the public zone]/ensure: created
Notice: Applied catalog in 2.04 seconds

and check:

[root@puppetmaster ~]# firewall-cmd --list-services
ssh dhcpv6-client dhcp dns puppet

This way is more interesting than boring:

firewall-cmd --add-service=puppet
firewall-cmd --permanent --add-service=puppet
firewall-cmd --reload

Summary

As you can see setting up a test puppet master (and use them) is not so difficult. Configuration files and manifests are easy to understand.

Next step is to manage agents on other hosts...

To properly install and boot CentOS 7 from iSCSI target (without PXE) you have to have iSCSI Boot capable device. You have to configure your BIOS or NIC (aka HBA) properly.

When you boot CD/DVD/other installer you have to select Install CentOS 7 and type e (or Tab) to edit booting parameters and add rd.iscsi.ibft=1 (option ip=ibft is deprecated) to parameters.

Then during installation iSCSI discs will be available during installation.

The easiest way to restore files from BackupPC is web interface, but if You are desperated to use command-line style You can try this:

su backuppc -c "/opt/BackupPC/bin/BackupPC_tarCreate -h myLaptop \
-n 23 -s / etc" > /tmp/etc.tar

where:

• backuppc (after su) - name of user BackupPC is running as
• /opt/BackupPC/bin - path where BackupPC is installed
• myLaptop - name of host in BackupPC (usually DNS name)
• 23 - backup number you want to restore (can be relative ex: -1)
• / - is share name
• etc - directory you want to restore (relative to share name)
• /tmp/etc.tar - file with restored files

Of course usually You will compress this file:

su backuppc -c "/opt/BackupPC/bin/BackupPC_tarCreate -h myLaptop \
-n 23 -s / etc" | gzip > /tmp/etc.tgz

Detailed information on BacpupPC documentation page.

To list your hard drives you can use command:

wmic diskdrive list brief /format:list

...

I just found that I've wrote similar article some times ago:

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" \
internalcommands createrawvmdk -filename \
"C:\Users\jaqb\SP900.vmdk" -rawdisk "\\.\PhysicalDrive1"

http://mirror.centos.org/centos/7/os/x86_64/