Home » Blog » Installing BackupPC on Debian 12

Information

Installing BackupPC on Debian 12

Benhcmark Administrator

07/08/2025

0 Views 0

SaveSavedRemoved 0

How to Set Up a Powerful Backup Server with BackupPC on Debian 12

In today’s digital world, your data is one of your most valuable assets. Whether it’s critical business documents, personal photos, or development projects, losing it to hardware failure, accidental deletion, or a ransomware attack can be devastating. A reliable backup strategy is not just a good idea—it’s essential.

This guide provides a comprehensive, step-by-step walkthrough for installing and configuring BackupPC on a Debian 12 server. BackupPC is a high-performance, open-source backup solution that excels at backing up Linux, Windows, and macOS machines to a central server. Its key feature is powerful data deduplication, which significantly reduces disk space usage by storing identical files only once across all backups.

Let’s get started on building your own robust, self-hosted backup server.

Prerequisites

Before we begin, ensure you have the following:

• A server running a fresh installation of Debian 12 (Bookworm).
• Root or sudo access.
• Basic familiarity with the Linux command line.

Step 1: Prepare Your Debian System

First, it’s crucial to ensure your system is fully up to date. This helps prevent package conflicts and applies the latest security patches.

Open your terminal and run the following commands:

sudo apt update
sudo apt upgrade -y

Step 2: Install BackupPC and Required Components

The BackupPC package is available directly from the official Debian repositories, which simplifies the installation process. This command will also automatically install necessary dependencies, including the Apache web server, which is used for the web-based management interface.

Install BackupPC with this command:

sudo apt install backuppc

During the installation, you may be prompted with a few configuration questions. For most standard setups, you can accept the default options.

Step 3: Configure the Apache Web Server

BackupPC uses an Apache web interface for administration and monitoring. To secure access, you need to create a dedicated user and password.

1. Create a Web User: We will use the htpasswd utility to create a user named backuppcadmin. The -c flag creates a new password file. Only use the -c flag for the very first user you create. For subsequent users, omit the flag to add them to the existing file.

   sudo htpasswd -c /etc/backuppc/htpasswd backuppcadmin
   

   You will be prompted to enter and confirm a new password. Choose a strong, unique password to protect your backup server’s control panel.

2. Enable the BackupPC Apache Configuration: Enable the pre-configured Apache settings for BackupPC and restart the web server to apply the changes.

   sudo a2enconf backuppc
   sudo systemctl restart apache2
   

You can now access the web interface by navigating to http://YOUR_SERVER_IP/backuppc. You will be prompted to log in with the backuppcadmin credentials you just created.

Step 4: Initial BackupPC Configuration

The main configuration file for BackupPC is located at /etc/backuppc/config.pl. While the default settings are often sufficient to get started, you should review and adjust a few key parameters.

Open the file for editing:

sudo nano /etc/backuppc/config.pl

Here are a few important settings to check:

• $Conf{TopDir}: This is the primary directory where all backup data and pooling information is stored. The default is /var/lib/backuppc. Ensure the disk partition for this directory has enough space for your backup needs.
• $Conf{CgiAdminUsers}: This specifies which users (from the htpasswd file) have administrative privileges. The default is backuppc, but you should change it to the user you created.
  perl
# Change 'backuppc' to 'backuppcadmin'
$Conf{CgiAdminUsers} = 'backuppcadmin';

• $Conf{WakeupSchedule}: This setting controls how often the main BackupPC process “wakes up” to check for and start scheduled backups. The default is every hour.
  perl
# Example: run every hour at 15 minutes past the hour
$Conf{WakeupSchedule} = [15];


After making any changes, save the file and exit the editor.

Step 5: Set Up SSH for Secure Client Backups

For backing up other Linux machines, the most secure and efficient method is rsync over SSH. To automate this, the BackupPC server needs to be able to log into the client machines without a password, using SSH keys.

1. Switch to the backuppc user on your server:

   sudo -u backuppc -s
   

2. Generate an SSH key pair for this user. When prompted, press Enter to accept the default file location and leave the passphrase empty.

   ssh-keygen -t rsa
   

3. Copy the Public Key to the Client Machine: Now, you need to copy the newly created public key to the authorized_keys file for the root user on each client machine you want to back up. Replace root@CLIENT_IP_ADDRESS with the actual details of your client machine.

   ssh-copy-id root@CLIENT_IP_ADDRESS
   

   You will be asked for the client’s root password one time to authorize the key transfer. After this, the BackupPC server will be able to connect securely without a password.

4. Test the Connection: Verify that the passwordless login works.

   ssh root@CLIENT_IP_ADDRESS
   

   If you are logged in without being asked for a password, the setup was successful. Type exit to return to your BackupPC server’s shell, and exit again to return to your normal user.

Step 6: Add Your First Client in the Web Interface

With the backend configured, you can now add a client through the web UI.

1. Log in to the BackupPC interface at http://YOUR_SERVER_IP/backuppc.
2. Click on “Edit Hosts” in the left-hand menu.
3. Click “Add” to create a new host entry.
4. Host: Enter the IP address or resolvable hostname of the client machine.
5. User: Enter the username that BackupPC will use to connect (in our case, root).
6. Click “Save”.
7. Now, select the new host from the dropdown menu at the top of the page and click “Edit Config”.
8. Go to the “Transfer” tab.
9. Set XferMethod to rsync.
10. In the RsyncShareName field, specify the directories on the client you want to back up. For example, to back up the /etc and /home directories, you would enter them here.
11. Click “Save” at the bottom of the page.

Step 7: Finalize and Start a Backup

Finally, restart the BackupPC service to load all your new configurations.

sudo systemctl restart backuppc

To initiate your first backup manually, go to the host’s page in the web UI and click “Start Full Backup”. You can monitor the progress in the status section.

Security Best Practices

• Firewall: Configure a firewall on your server to restrict access. At a minimum, allow SSH (port 22) and HTTP (port 80) traffic. For better security, configure Apache to use HTTPS (port 443).
• Regularly Test Restores: A backup is only useful if you can restore from it. Periodically test the restore process to ensure your data is being saved correctly and is fully recoverable.
• Monitor Logs: Keep an eye on the BackupPC logs, which are accessible through the web interface. They provide valuable information about the status of your backups and any errors that occur.

By following this guide, you have successfully deployed a powerful and cost-effective backup server, taking a critical step towards securing your digital assets against loss.

Source: https://kifarunix.com/how-to-install-backuppc-on-debian-12/