OPNsense Forum

English Forums => General Discussion => Topic started by: CyberMinion on July 10, 2021, 12:18:22 am

Title: Rotating automatic backups on NextCloud
Post by: CyberMinion on July 10, 2021, 12:18:22 am

Hi,

I recently set up an OPNsesnse box to automatically save updates to a NextCloud instance. However, I'm not seeing an option to rotate those backups. Is there some method built in, to delete older backup files, or do they just slowly pile up until I run out of disk space and start getting errors?

I suppose I could try to write up a bash script to purge the old ones and run it via cron, but I'm not really sure how I would actually do that safely.

Thank you!

Title: Re: Rotating automatic backups on NextCloud
Post by: fabian on July 10, 2021, 08:10:01 am

Retention can be configured in nextcloud itself This way, OPNsense does not need to know anything about your retention period or implementation.

Title: Re: Rotating automatic backups on NextCloud
Post by: CyberMinion on July 13, 2021, 03:51:29 am

Umm...how? I can set a size allocation for the backup account, but I'm not aware of a NextCloud feature which automatically deletes old files. Are you talking about a core feature, or a plugin?

I do see a "retention" plugin, but that only acts on tagged files. Then I would need to try to cobble together something with zip ties and duct tape to auto-tag new files with an auto-deletion tag, and hope I get it right, and only affect each individual account. Then if this firewall goes offline for an extended time, the time-based deletion polices purge all of its backups, even though it hasn't been able to make new ones.

I would much prefer to have OPNsense "know...about [my] retention period or implementation" than risk having the whole thing fall apart. If I couldn't trust the platform to protect DR policies, how could I trust it to protect a network?

Title: Re: Rotating automatic backups on NextCloud
Post by: putt1ck on September 09, 2021, 04:04:44 pm

You can set automatic retention in Nextcloud using Flow and the Retention app. You create 2 tags, name them anything but for example opnsense-backup and opnsense-backupdelete. Tag your target  folder with the first of the tags. Then in Flow create an automated tagging flow, with:

 When file is changed; File system tag; is tagged with (that tag you tagged the target folder with); tag with (the other tag you created above)

Then add a File retention rule that uses the second tag you created, set your preferred retention time and you're done.

Files that end up in the target folder will automatically be tagged with the second tag and then the retention rule will be applied in due time.