newbie dsync problems
I have a very basic postfix/dovecot server, with just a few users, and it works. But in the past I have had hardware failures…so I would like use dsync to a nearly matching server for some extra safety, and I have not yet been successful.
I am trying to do this as root over ssh, with a private key for authentication.
I do not managed to get the whole replicator thing working, so as part of simplifying things I am trying to run dsync manually, just on one user (myself). I hope this isn't a silly approach.
What would the manual command look like? The closest example on the man page is:
$ doveadm sync -u username@example.com ssh -i id_dsa.dovecot
mailuser@example.com doveadm dsync-server -u username@example.com
I try to change that to match my case and it has never heard of me:
I drop the machine part of the name and it knows who I am on this end but can't get to the other end:
I think I have root's ssh keys set up correctly, I can run this:
If I try to put that in this (incomplete) dsync command:
But when I try to make the command more complete and send a username to the remote end, and now I am no longer talking to the remote end:
Suggestions?
Thanks,
-kb
Kent,
You are being prompted for a password, so it isn't using private key authentication. I recommend you get ssh working first, prove you are indeed connecting to your secondary server, and only then introduce doveadm.
Is mail.borg.org the name of your "matching server" or is that the name of your primary server? If so, it looks to me like you are using ssh to connect back to yourself. You should have something like mail.borg.org as primary, mail2.borg.org as backup, and if necessary, add mail2.borg.org to your hosts file if there is no DNS for it. Or even connect via IP address like this:
ssh root@172.16.20.11
I'll leave the discussion on whether to use root in this fashion even makes sense to others. Suffice to say, once you get something working perhaps consider removing the private key and use a non-root user.
Doug
On 1/23/25 12:26 PM, cdm567@yahoo.com wrote:
Kent,
You are being prompted for a password, so it isn't using private key authentication. I recommend you get ssh working first, prove you are indeed connecting to your secondary server, and only then introduce doveadm.
Yes, I checked that:
Is mail.borg.org the name of your "matching server" or is that the name of your primary server?
mail.borg.org is the name of the (priority 10) backup, I am running this on my (priority 1) primary server, mail2.borg.org, I am pretty certain I am not ssh-ing to myself.
kb
On 1/23/25 1:41 PM, cdm567@yahoo.com wrote:
In your working example you are connecting as root but in your dsync example your user is remoteprefix:root. Try removing the "remoteprefix:" which is being treated as part of the user name.
If I take off the "remoteprefix" it logs in, but it doesn't send the user to the other end, the wrapper script on mail.borg.org gets "VERSION dsync 3 5" as the parameter.
According to the man page, that should be the destination:
One of the examples on the man page is:
Which I don't understand. What is "mailuser@example.com"? What are the two parameters and the option after that?
Their simpler example:
Does "doveadm sync" maybe not work in version 2.3.19.1?
root@la:/etc/dovecot# dovecot --version 2.3.19.1 (9b53102964)
Thanks,
-kb, the Kent who would love to see some working "doveadm sync" examples.
I don't have a working example because I do my dsync backups on the local machine with output to shared NFS storage that is accessible to both my primary and backup systems. No ssh required or remote connection required. That is provided by NFS.
This excerpt of my backup script runs dsync in a loop where 'USERS' is populated with email account names to be backed up. The backup target location is on separate storage. If you can't figure out the doveadm sync to another server you could NFS share a file system from your secondary system to your primary and do something similar.
for user in ${USERS}; do dsync -u ${user} backup maildir:/home/${user}/backup/mailboxes done
On 1/23/25 2:44 PM, Doug via dovecot wrote:
I don't have a working example because I do my dsync backups on the local machine with output to shared NFS storage that is accessible to both my primary and backup systems. No ssh required or remote connection required. That is provided by NFS.
Ah, NFS. But I don't think that works so well in my case, my two servers' homes are a very long way apart.
-kb
So trying to debug replication via getting manual "doveadmin sync" hasn't gotten me there,
Any suggests on how to debug the replication approach? Would it be helpful to post the "/etc/dovecot/conf.d/backup.conf.ext" I created?
Thanks,
-kb
On 1/23/25 10:50 AM, Kent Borg wrote:
participants (2)
-
cdm567@yahoo.com
-
Kent Borg