Ryan Burnette

Ryan Burnette September 28, 2020

Scheduled Backup of 3CX

This is one approach to setting up automated backups of 3CX instances that run on Linux. This approach will use tools that are readily available.

Determine Local Public Key

I’m going to be using webinstall.dev to make things easier. Start by heading there and installing webi on your local machine. You’ll want to reopen your shell after the install.

Determine the local public key.

webi ssh-pubkey

Set up the Backup Server

Let’s provision a backup server. I’ll be using Ubuntu 18.04 on Digital Ocean, but AWS Lightsail works just as well. These instructions should also be usable on other distributions with minor modifications.

Once the backup server instance is ready, access it using SSH.

Add the local public key to the authorized keys on your backup server.

mkdir .ssh
nano .ssh/authorized_keys

Paste in the local public key from your computer and save the file. Exit and reconnect, making sure you can access the terminal without a password.

For security, at this point make two changes to the SSH daemon configuration.

  • Disable password authentication, we’ll only use keys
  • Disable Root login entirely
# /etc/ssh/sshd_config
PasswordAuthentication no
PermitRootLogin no

Set up a Backup User

Set up a user for each instance of 3CX that needs to be backed up.

sudo adduser backup3CX1

Change the permissions on the home directory so no instance can see any other instance’s backups.

sudo chmod o-rw /home/backup3CX1

Backup Script

Connect to the 3CX instance using SSH.

Implement rsync to transfer the files from the instance to the backup server. First, locate rsync on the current system.

which rsync

Make a note of the path. We’re going to reference binaries using full paths so we don’t have $PATH issues that stop our scripts from working.

Let’s make a $HOME/bin directory if it doesn’t already exist, and start creating the backup script.

mkdir bin
nano bin/backup

The backup script will look something like this. Be sure to use your own full path to rsync. If you have multiple instances, you can have multiple rsync commands in the script. Replace [username] and [hostname] (or ip address) with the username you previously set up, and the hostname of the server that hosts your backups.

#!/usr/bin/env bash
/usr/bin/rsync -avz /var/lib/3cxpbx/Instance1/Data/Backups/ [username]@[hostname]:backups/

Make the backup script executable.

chmod +x bin/backup

Make sure the backup script works.

bin/backup

You should see the details of the file transfer. Verify that the files are now intact on the backup server at /home/[user]/backups/.

Schedule the Backup Script

Now that we have a working backup, schedule the backup script on the 3CX instance to run on a predetermined interval.

crontab -e

Add something like this to the crontab. Make sure to use the full path to the backup script. Note that 0 0 * * SUN is a cron expression. Check out crontab guru for help with these expressions.

0 0 * * SUN /root/bin/backup

Keep an eye on your logs to make sure your backups are working

sudo journalctl _COMM=cron
Categories: