Backup Configuration

hec

I know how to backup the config from command line. The problem is with this command the rrds are also backed up in the xml file.
How can a save only the config without the rrds?

jimp

From the command line?

Just copy /conf/config.xml directly.

ryates

I believe that the backup package does what hec is asking for.  You can select not to have RRD data included.

hec

wget -qO/dev/null –keep-session-cookies --save-cookies /backup/pfsense/cookies.txt --post-data 'login=Login&usernamefld=USERNAME&passwordfld=PASSWORD' --no-check-certificate https://10.0.4.1/diag_backup.php > /dev/null 2>&1
wget --keep-session-cookies --load-cookies /backup/pfsense/cookies.txt --post-data 'Submit=download' https://10.0.4.1/diag_backup.php --no-check-certificate -O /backup/pfsense/config-date +%Y%m%d%H%M%S.xml > /dev/null 2>&1

With this two commands a save the configuration. My Problem is that i don't need some MB of rrds in the config file. In the webinterface there is a checkbox. I hope you understand how i backup the config.

jimp

Ah, that way. You'd have to add a value into the post data that passes the value for the rrd backup field. Probably something like:

wget --keep-session-cookies --load-cookies /backup/pfsense/cookies.txt --post-data 'Submit=download&donotbackuprrd=checked' https://10.0.4.1/diag_backup.php --no-check-certificate -O /backup/pfsense/config-`date +%Y%m%d%H%M%S`.xml > /dev/null 2>&1

Boolah

In case anyone is interested, this is a simple script I use to backup several pfSense boxes daily.  Just set the parameters at the top of the script and add it to cron.  It excludes RRD data, gzips the xml file and deletes backups that are older than 30 days.

A couple of caveats…  It assumes the web interface of pfSense is using HTTPS.  If you're using HTTP, change the https:// lines to http://

Even though the script will backup multiple pfSense boxes, it assumes all pfSense installations are using the same web port.

It should be quite simple to modify the script if you need to specify HTTP/HTTPS and/or different ports for different installations, but it's not something I needed so didn't include it.

If you only need to backup one pfSense box, just enter a single IP/hostname for the SITES variable.  Hope someone finds it useful.

#!/bin/bash

BACKUPDIR="/path/to/your/backups"
USERNAME="backupuser"
PASSWORD="backuppassword"
PORT="1234"
SITES="192.168.1.1 pfsense.local 10.10.10.1"
GZIP="/bin/gzip"
FIND="/usr/bin/find"
BACKUPDAYS="30"

for site in $SITES

do

        wget -qO/dev/null --keep-session-cookies --save-cookies /tmp/cookies.txt --post-data 'login=Login&usernamefld='$USERNAME'&passwor
dfld='$PASSWORD'' --no-check-certificate --timeout=10 https://$site:$PORT/diag_backup.php > /dev/null 2>&1

        if [ -e /tmp/cookies.txt ]; then
        FILENAME="$BACKUPDIR/config-$site-`date +%Y%m%d%H%M%S`.xml"
                wget --keep-session-cookies --load-cookies /tmp/cookies.txt --post-data 'Submit=download&donotbackuprrd=1' --timeout=10 h
ttps://$site:$PORT/diag_backup.php --no-check-certificate -O $BACKUPDIR/config-$site-`date +%Y%m%d%H%M%S`.xml > /dev/null 2>&1
                rm -f /tmp/cookies.txt
        $GZIP $FILENAME
        else
                echo "Failed to retrieve backup from $site"
        fi

done

$FIND $BACKUPDIR -type f -name "*.xml.gz" -mtime +$BACKUPDAYS -exec rm {} \;