Un système Debian accompagné de proxmox backup server a été installé sur la machine greentarget (10.10.10.41).

La machine est accessible en SSH. Exemple de configuration :

Host greentarget.faimaison.net greentarget
   # dilettante.faimaison.net ou fresk.faimaison.net, camber.faimaison.net
   ProxyJump dilettante.faimaison.net
   Hostname 10.10.10.41

Le service pbs écoute sur https://10.10.10.41:8007/ ; il faut utiliser une redirection SSH ou un proxy SOCKS. Exemple de forward de port SSH :

shannon ~$ ssh -L 8007:10.10.10.41:8007 dilettante.faimaison.net

Le service PBS sera accessible sur https://127.0.0.1:8007/

Comptes SSH configurés :

• tonio
• jca
• gilou

Mot de passe root dans le dépôt adminsys.git/passwords, lisible via keyringer, chemin noyau/greentarget.faimaison.net/root

Accessible via l'IP 10.10.10.37

jca@dilettante:~$ ipmitool -I lanplus -H 10.10.10.37 -C0 -U "$user" -P "$password" chassis status
Get HPM.x Capabilities request failed, compcode = d4
System Power         : on
Power Overload       : false
Power Interlock      : inactive
Main Power Fault     : false
Power Control Fault  : false
Power Restore Policy : always-on
Last Power Event     : 
Chassis Intrusion    : inactive
Front-Panel Lockout  : inactive
Drive Fault          : false
Cooling/Fan Fault    : false
Sleep Button Disable : allowed
Diag Button Disable  : allowed
Reset Button Disable : allowed
Power Button Disable : allowed
Sleep Button Disabled: false
Diag Button Disabled : false
Reset Button Disabled: false
Power Button Disabled: false
jca@dilettante:~$

# TODO Commencer une session IPMI interactive (console BIOS + GRUB + getty)
jca@dilettante:~$ ipmitool -I lanplus -H 10.10.10.37 -C0 -U "$user" -P "$password" sol activate

2 disques /dev/sd[ab] de 200GB en RAID 1, grub installé sur les deux disques.

Disques partitionnés.

Volumes RAID :

• /dev/md1 (/dev/sda1 et /dev/sdb1, 1GB) ext2 monté sur /boot
• /dev/md2 (/dev/sda3 et /dev/sdb3, 171GB) ext4 monté sur /

10 disques de 2TB en RAID 6

Disques non partitionnés

Volume RAID :

• /dev/md0 (/dev/sd[cdefghijkl], 14,55 TB) chiffré avec LUKS

Volume LUKS à déchiffrer au redémarrage de la machine. Mot de passe stocké dans keyringer (dépôt git adminsys).

shannon ~$ cat .keyringer/config                                                                                                                                                                                                                                                                                              
fma-machines='/home/jca/fma/adminsys.git/passwords/machines'
shannon ~$ keyringer fma-machines pass noyau/greentarget.faimaison.net/luks-backups-volume
<mot de passe>
shannon ~$   

Déverrouillage et montage des backups

jca@greentarget:~$ sudo cryptsetup luksOpen /dev/md0 vg_backups_pv1
# <déchiffrement>
jca@greentarget:~$ sudo mount /backups/pbs
jca@greentarget:~$ 

/etc/network/interfaces
/etc/apt/sources.list
vi /etc/apt/sources.list.d/pbs-enterprise.list
  105  apt-get install proxmox-backup-server
112   proxmox-backup-manager user list
  113   proxmox-backup-manager user create tonio@pam 
  114   proxmox-backup-manager user list
  116  vi /etc/proxmox-backup/acl.cfg
  117  proxmox-backup-manager acl list
  118  proxmox-backup-manager acl update / Admin --auth-id  tonio@pam*
  119  proxmox-backup-manager acl update / Admin --auth-id  tonio@pam
  188  mdadm --create --verbose /dev/md0 --level=6 --raid-devices=10 /dev/sd{a,b,c,d,e,f,g,h,i,j}
  190  cat /proc/mdstat 
  191  mdadm --detail /dev/md0 
  219  proxmox-backup-manager disk list
  220  proxmox-backup-manager disk fs create store1 --disk md0 --filesystem ext4 --add-datastore true
  222  mkdir /backup
  223  mkfs.ext4 /dev/md0 
  224  mount /dev/md0 /backup/
  225  df
  226  proxmox-backup-manager datastore create greentargetds /backup
  227  pvesm add pbs greentargetds  --server 10.10.21.24 --datastore greentargetds

  229  proxmox-backup-manager remote list
  230  proxmox-backup-manager cert info |grep Fingerprint


root@greentarget:~# cat /etc/fstab 
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
/dev/mapper/greentarget--vg-root /               ext4    errors=remount-ro 0       1
# /boot was on /dev/sdk1 during installation
UUID=06fde6d3-f3e4-4d5d-b60a-6d05d6c4242a /boot           ext2    defaults        0       2
/dev/mapper/greentarget--vg-home /home           ext4    defaults        0       2
/dev/mapper/greentarget--vg-tmp /tmp            ext4    defaults        0       2
/dev/mapper/greentarget--vg-var /var            ext4    defaults        0       2
/dev/mapper/greentarget--vg-swap_1 none            swap    sw              0       0
/dev/md0 /backup            ext4    defaults        0       2
root@greentarget:~# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug enp7s0f0
iface enp7s0f0 inet static
	address 10.10.10.41/24
	gateway 10.10.10.6

allow-hotplug enp7s0f1
iface enp7s0f1 inet static
        address 10.10.21.41/24
root@greentarget:~# cat /etc/apt/sources.list
deb http://deb.debian.org/debian bullseye main
deb-src http://deb.debian.org/debian bullseye main
deb https://deb.debian.org/debian-security bullseye-security main contrib
deb-src https://deb.debian.org/debian-security bullseye-security main contrib
deb http://deb.debian.org/debian bullseye-updates main
deb-src http://deb.debian.org/debian bullseye-updates main
# PBS pbs-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian/pbs bullseye pbs-no-subscription
root@greentarget:~# cat /etc/apt/sources.list.d/pbs-enterprise.list
#deb https://enterprise.proxmox.com/debian/pbs bullseye pbs-enterprise
root@greentarget:~# cat /proc/mdstat 
Personalities : [raid6] [raid5] [raid4] 
md0 : active raid6 sdj[9] sdi[8] sdh[7] sdg[6] sdf[5] sde[4] sdd[3] sdc[2] sdb[1] sda[0]
      15627059200 blocks super 1.2 level 6, 512k chunk, algorithm 2 [10/10] [UUUUUUUUUU]
      bitmap: 0/15 pages [0KB], 65536KB chunk

unused devices: <none>
root@greentarget:~# mdadm --detail /dev/md0
/dev/md0:
           Version : 1.2
     Creation Time : Thu Mar  3 20:59:32 2022
        Raid Level : raid6
        Array Size : 15627059200 (14903.13 GiB 16002.11 GB)
     Used Dev Size : 1953382400 (1862.89 GiB 2000.26 GB)
      Raid Devices : 10
     Total Devices : 10
       Persistence : Superblock is persistent

     Intent Bitmap : Internal

       Update Time : Tue Mar  8 03:02:33 2022
             State : clean 
    Active Devices : 10
   Working Devices : 10
    Failed Devices : 0
     Spare Devices : 0

            Layout : left-symmetric
        Chunk Size : 512K

Consistency Policy : bitmap

              Name : greentarget:0  (local to host greentarget)
              UUID : 6e1800c4:cf5b0b78:957d0584:0e824df9
            Events : 6660

    Number   Major   Minor   RaidDevice State
       0       8        0        0      active sync   /dev/sda
       1       8       16        1      active sync   /dev/sdb
       2       8       32        2      active sync   /dev/sdc
       3       8       48        3      active sync   /dev/sdd
       4       8       64        4      active sync   /dev/sde
       5       8       80        5      active sync   /dev/sdf
       6       8       96        6      active sync   /dev/sdg
       7       8      112        7      active sync   /dev/sdh
       8       8      128        8      active sync   /dev/sdi
       9       8      144        9      active sync   /dev/sdj