diff --git a/source/manual/how-tos/cloud_backup.rst b/source/manual/how-tos/cloud_backup.rst index 64df63f3..3a419773 100644 --- a/source/manual/how-tos/cloud_backup.rst +++ b/source/manual/how-tos/cloud_backup.rst @@ -50,72 +50,71 @@ feature. Every backup to **Google Drive** will be encrypted with the same algorithm used in the manual backup so it's quite easy to restore to a new installed machine. -After set-up, the backup feature will do first store of the OPNsense -config file and subsequently a daily new backup of changed config -content. +After set-up, the backup feature will run a first backup of the OPNsense +configuration file. Then, if the configuration is subsequently changed, a new backup will be run. Only one backup is run per day after configuration changes. ---------------------- Setup Google API usage ---------------------- -The instructions below apply to a standard Google account. Some of the settings appear slightly differently for G Suite accounts. +The instructions below apply to a standard Google account. Some of the settings appear slightly differently for Google Workspace (formerly G Suite) accounts. -A standard Google account can be created at https://accounts.google.com. +A standard Google account can be created `here `__. 1. Set up a Google Project ========================== -First you need to set up a project in the Google developer console: +First you need to set up a project in the Google developer console. -- Go to https://console.developers.google.com/project and log into your Google account. +- Go to the `developer console `__ and log into your Google account. - On the "Manage resources" page that appears, click on the **+ CREATE PROJECT** button: -.. image:: ./images/google_manage_resources.png + .. image:: ./images/google_manage_resources.png - On the next page enter a name for your project, for example "OPNsense Backups". You may leave it as the default name ("My Project #####"), as it does not really matter. Then click on the **CREATE** button: -.. image:: ./images/google_create_project.png + .. image:: ./images/google_create_project.png - Now enable the Google Drive API for your project. In the search bar at the top of the page, search for "Google Drive API" and click on the corresponding search result: -.. image:: ./images/google_drive_api.png + .. image:: ./images/google_drive_api.png - On the next page, make sure your project name (for example "OPNsense Backups") is displayed at the top of the page - if not, select it in the dropdown. Then click the **ENABLE** button: -.. image:: ./images/google_drive_enable.png + .. image:: ./images/google_drive_enable.png - On the next page that appears, click the **CREATE CREDENTIALS** button: -.. image:: ./images/google_create_credentials.png + .. image:: ./images/google_create_credentials.png - The Credentials Wizard will then appear. Click on the **service account** hyperlink that appears on the page: -.. image:: ./images/google_select_service_account.png + .. image:: ./images/google_select_service_account.png - Click on the **+ CREATE SERVICE ACCOUNT** button: -.. image:: ./images/google_create_service_account_button.png + .. image:: ./images/google_create_service_account_button.png - Enter an account name (for example "OPNsense") and a description (for example "OPNsense Backups service account"), then click the **CREATE** button: -.. image:: ./images/google_create_service_account.png + .. image:: ./images/google_create_service_account.png - Click the **CONTINUE** button on the next page: -.. image:: ./images/google_service_account_continue.png + .. image:: ./images/google_service_account_continue.png - Then click the **DONE** button: -.. image:: ./images/google_service_account_done.png + .. image:: ./images/google_service_account_done.png - On the next page, take a note of the email address for your new service account - you will need it later. Then click on the three vertical dots under the **Actions** heading for your service account, then click on **Create key**: -.. image:: ./images/google_service_account_actions.png + .. image:: ./images/google_service_account_actions.png - In the popup screen, select **P12**, and click **CREATE**: -.. image:: ./images/google_service_account_create_key.png + .. image:: ./images/google_service_account_create_key.png - You will be prompted to download the key. Do so, and then click **CLOSE** in the popup screen. @@ -128,43 +127,43 @@ The next thing is to create a folder in Google Drive and share it to the service - Go to https://drive.google.com. You should be still logged into your Google account, otherwise log in. - Click **+ New** (upper left of the screen) and select **Folder** in the dropdown menu that appears: -.. image:: ./images/google_drive_new.png + .. image:: ./images/google_drive_new.png - Enter a name for the folder (for example "OPNsense Backups", it doesn't really matter) and then click the **CREATE** button: -.. image:: ./images/google_drive_folder.png + .. image:: ./images/google_drive_folder.png - Right-click the newly created folder and click **Share** in the dropdown menu that appears: -.. image:: ./images/google_drive_share.png + .. image:: ./images/google_drive_share.png - Paste the email address for the service account into the "Add people and groups" box, press Enter and then click the **Send** button that appears: -.. image:: ./images/google_drive_send.png + .. image:: ./images/google_drive_send.png -- Now double-click on the folder to open it and take a note of the folder ID from the url - you will need it later. The folder ID is the last piece of the URL after ``/folders/``: +- Now double-click on the folder to open it and take a note of the folder ID from the URL - you will need it later. The folder ID is the last piece of the URL after ``/folders/``: -.. image:: ./images/google_drive_folder_id.png + .. image:: ./images/google_drive_folder_id.png 3. Set up the account in OPNsense ================================= -Now we can put it all together in OPNsense. +Now put it all together in OPNsense. - Log into your OPNsense firewall and go to the backup feature. It is located at :menuselection:`System --> Configuration --> Backups`. - Scroll down to the Google Drive section and and enter the following values: -=============================== =================================================================================== -Enable checked -Email Address enter the email address of the service account you created -P12 key click the **Choose file** button and select the P12 key you saved earlier to upload it -Folder ID paste the Google Drive folder ID that you copied earlier -Prefix hostname to backupfile checked or unchecked as desired (useful if you have multiple OPNsenses) -Backup Count enter the number of backups you want to keep -Password choose a strong password to encrypt the backup -Confirm re-enter the strong password -=============================== =================================================================================== + =============================== =================================================================================== + Enable checked + Email Address enter the email address of the service account you created + P12 key click the **Choose file** button and select the P12 key you saved earlier to upload it + Folder ID paste the Google Drive folder ID that you copied earlier + Prefix hostname to backupfile checked or unchecked as desired (useful if you have multiple OPNsenses) + Backup Count enter the number of backups you want to keep + Password choose a strong password to encrypt the backup + Confirm re-enter the strong password + =============================== =================================================================================== - Then click the **Setup/Test Google Drive** button. OPNsense will automatically save and test your settings and you will receive either an error (connectivity issues) or a message saying "Backup successful" with a list of files currently in the backup. diff --git a/source/manual/how-tos/images/google_create_project.png b/source/manual/how-tos/images/google_create_project.png index 78d24b19..98087f32 100644 Binary files a/source/manual/how-tos/images/google_create_project.png and b/source/manual/how-tos/images/google_create_project.png differ diff --git a/source/manual/how-tos/images/google_create_service_account.png b/source/manual/how-tos/images/google_create_service_account.png index 41c43e03..b72f2295 100644 Binary files a/source/manual/how-tos/images/google_create_service_account.png and b/source/manual/how-tos/images/google_create_service_account.png differ diff --git a/source/manual/how-tos/images/google_create_service_account_button.png b/source/manual/how-tos/images/google_create_service_account_button.png index 350f86a9..1ec9d4c8 100644 Binary files a/source/manual/how-tos/images/google_create_service_account_button.png and b/source/manual/how-tos/images/google_create_service_account_button.png differ diff --git a/source/manual/how-tos/images/google_drive_api.png b/source/manual/how-tos/images/google_drive_api.png index e96ab45c..cdcea2f2 100644 Binary files a/source/manual/how-tos/images/google_drive_api.png and b/source/manual/how-tos/images/google_drive_api.png differ diff --git a/source/manual/how-tos/images/google_drive_enable.png b/source/manual/how-tos/images/google_drive_enable.png index ef6ae7a2..c820f054 100644 Binary files a/source/manual/how-tos/images/google_drive_enable.png and b/source/manual/how-tos/images/google_drive_enable.png differ diff --git a/source/manual/how-tos/images/google_drive_folder.png b/source/manual/how-tos/images/google_drive_folder.png index 13a40a0d..a9f5105a 100644 Binary files a/source/manual/how-tos/images/google_drive_folder.png and b/source/manual/how-tos/images/google_drive_folder.png differ diff --git a/source/manual/how-tos/images/google_drive_folder_id.png b/source/manual/how-tos/images/google_drive_folder_id.png index b1a20b55..5d59b256 100644 Binary files a/source/manual/how-tos/images/google_drive_folder_id.png and b/source/manual/how-tos/images/google_drive_folder_id.png differ diff --git a/source/manual/how-tos/images/google_drive_new.png b/source/manual/how-tos/images/google_drive_new.png index d82ecd37..755738c7 100644 Binary files a/source/manual/how-tos/images/google_drive_new.png and b/source/manual/how-tos/images/google_drive_new.png differ diff --git a/source/manual/how-tos/images/google_drive_send.png b/source/manual/how-tos/images/google_drive_send.png index fd7664cb..0f74bda3 100644 Binary files a/source/manual/how-tos/images/google_drive_send.png and b/source/manual/how-tos/images/google_drive_send.png differ diff --git a/source/manual/how-tos/images/google_drive_share.png b/source/manual/how-tos/images/google_drive_share.png index 3ce531b6..1f633ef9 100644 Binary files a/source/manual/how-tos/images/google_drive_share.png and b/source/manual/how-tos/images/google_drive_share.png differ diff --git a/source/manual/how-tos/images/google_manage_resources.png b/source/manual/how-tos/images/google_manage_resources.png index 1e83cb36..5f4f9dd7 100644 Binary files a/source/manual/how-tos/images/google_manage_resources.png and b/source/manual/how-tos/images/google_manage_resources.png differ diff --git a/source/manual/how-tos/images/google_select_service_account.png b/source/manual/how-tos/images/google_select_service_account.png index 7bc7a5c4..8295c707 100644 Binary files a/source/manual/how-tos/images/google_select_service_account.png and b/source/manual/how-tos/images/google_select_service_account.png differ diff --git a/source/manual/how-tos/images/google_service_account_continue.png b/source/manual/how-tos/images/google_service_account_continue.png index 6ea9bfd9..7a4ed1e1 100644 Binary files a/source/manual/how-tos/images/google_service_account_continue.png and b/source/manual/how-tos/images/google_service_account_continue.png differ diff --git a/source/manual/how-tos/images/google_service_account_create_key.png b/source/manual/how-tos/images/google_service_account_create_key.png index 290e281d..b6711c1c 100644 Binary files a/source/manual/how-tos/images/google_service_account_create_key.png and b/source/manual/how-tos/images/google_service_account_create_key.png differ diff --git a/source/manual/how-tos/images/google_service_account_done.png b/source/manual/how-tos/images/google_service_account_done.png index 865d0805..77c389e7 100644 Binary files a/source/manual/how-tos/images/google_service_account_done.png and b/source/manual/how-tos/images/google_service_account_done.png differ