PSOciBootBackup Boot Volume Backup
A PowerShell script for performing a Boot Volume Backup on an Oracle Cloud compute instance running BTCPay Server application to generate an application consistent backup.
Introduction
If you are running a BTCPay Server instance on Oracle Cloud, This script automates the process of creating a crash consistent boot volume backup.
PSOciBootBackup utilizes the PowerShell module, OCI.PSModules.Core to interface to Oracle Cloud Infrastructure (OCI) API.
PSOciBootBackup can be executed on any device supporting PowerShell Core. Currently only tested on Linux OS.
Overview of PSOciBootBackup processes
Expand the links below for a overview of the boot volume backup process.
Executing Boot Volume Backup
PS> Get-PSOciBootVolume
gpg is used to decrypt the ssh keys needed to start a ssh session with myhost1
Next a new terminal instance is created and a ssh session is opened to myhost1
The presented commands are then executed to shutdown BTCPAY server.
The Enter key is pressed to continue the backup process.
The boot volume backup process is performed.
The decrypted files are removed.
If the -keep option is not specified, the prior boot volume backup is removed.
BTCPAY server docker processes are started on myhost1
BTCPay ListChannels can be executed to validate that the BTCPAY server processes are running.
List existing Boot Volume Backups
PS> Get-PSOciBootVolume -listonly
Existing boot volume backups are listed with the option to remove each as desired.
Getting Help
PS> Get-Help Get-PSOciBootBackupPS> Get-Help Get-PSOciBootBackup -FullPS> Get-Help Get-PSOciBootBackup -ExamplesInstallation and Setup
Expand the links below to see a list of dependenices and how to download and install.
Download and Install PowerShell Core
Install and Configure the PowerShell module OCI.PSModule.Core
Oracle Cloud Infrastructure(OCI) Modules for PowerShell is a set of cmdlet modules that can be used with PowerShell Core to manage Oracle Cloud Infrastructure resources. You can invoke these cmdlets from the PowerShell command-line and with the associated PowerShell scripting language.
The project is open source and maintained by Oracle Corp.
Instructions for installing OCI.PSModule.Core
The directory $HOME/.oci should now exist and the file config should be configured with the correct details.
Create OCI config file
By default a file, named config needs to be create in the $HOME/.oci directory.
Configuration file example $HOME/.oci/config
[DEFAULT]
user = [your ocid1.user.oc1...]
fingerprint = [your fingerprint]
tenancy = [your ocid1.tenancy.oc1...]
region = [your region]
key_file = [your private key $HOME/.oci/oci_api_key.pem]
pass_phrase = [your private key pass phrase]SDK document for setting file, config
In a later setup step, the contents of the $HOME/.oci will be encrypted.
OCI Create Private/Public Keys
Private and Public keys need to be created to access OCI API
mkdir ~/.oci
Create Private key. Enter the passphrase when prompted.
openssl genrsa -out ~/.oci/oci_api_key.pem -aes128 2048Remove rwx permissions for group and others on Private key
chmod 600 ~/.oci/oci_api_key.pemGenerate public key
Go to the OCI Web Interface -> User Settings -> API-Keys -> Add-Key Select option to upload public key option
Copy the contents of the config referenced in the dialog to a file named config in the $HOME/.oci directory.
Download Get-PSOciBootBackup
Click this link to download the script
Copy the script to a directory named, $HOME/ps for instance and ensure this system path environment variable references this path.
The other option is to cd directly to the path and execute the script.
PS> cd <to script location>
PS> ./Get-PSOciBootVolumeCreate the configuration file
The configuration file, $HOME/OCIinstances.xml needs to be created and contains a list of available OCI instances/servers.
Log into your OCI web interface to get your tenancy ID for each of your VM instances and update the template below with the correct values.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OCIinstances>
<instance displayname="myhost1">
<compartmentId>ocid1.tenancy.oc1..dddddddd6xdoxrnz6fd7ef2ieiwx7wglkcufxml263kjptrc57bqp3bxyhyq</compartmentId>
</instance>
<instance displayname="myhost2">
<compartmentId>ocid1.tenancy.oc1..bbbbbbbb6xdoxrnz6fd7ef2ieiwx7wgltxxxxbm263kjptrc57bqp3b12345</compartmentId>
</instance>
</OCIinstances>Install KeyBase, PowerShell module PSKeyBase, and GnuPG (Optional)
The purpose for installing Keybase and the PSKeyBase Module is to encrypt the contents of the $HOME/.oci directory.
The installation of these components is optional, if you don't want the $HOME/.oci directory contents encrypted.
KeyBase uses public key cryptography to protect your chats, files, git repositories, and key-value store from prying eyes.
The PSKeyBase module automates the usage of the key-value store feature implemented in the KeyBase application.
See PSKeyBase Module for download and installation instructions.
Encrypt directory $HOME/.oci
The Add-PSKEncryption cmdlet in the PSKeyBase module encrypts a file or files within the specified directory and stores the decryption token in the KeyBase KV store.
Add-PSKEncryption -FolderPath $HOME/.ociAfter the files in the directory are successfully encrypted, the uncrypted version of the files are removed.
The NameSpace value created will be HostName-Folder and the key value will be $HOME/.oci and the value will be the decryption token.
The Remove-PSKEncrption cmdlet is called by PSOciBootBackup to decrypt the contents of $HOME/.oci
Install psConsole script (Optional)
The psConsole script is a launch utility and installation is optional, but without it an automatic opening of an ssh session to your OCI VM won't be possible. You'll need to manually open an ssh session to shutdown the desired services on the VM.
If a crash consistent boot volume backup is not required, then the backup can just be taken without shutting down any services.
See psConsole for download and installation instructions.
| Version | Date | Whom | Notes |
|---|---|---|---|
| 0.5.4 | 01/14/2024 | cadayton | Added a prompt to request backup removal when listing available backups. |
| 0.5.3 | 01/14/2024 | cadayton | Add -Keep option to keep the prior backup when creating a new backup. |
| 0.5.2 | 01/13/2024 | cadayton | List option added to only list the prior boot volume backups that are available. |
| 0.5.1 | 01/13/2024 | cadayton | Set-OCIConfigPath returns Errorto indicate an exception |
| 0.5.0 | 02/08/2023 | cadayton | initial release. |