Dual Time Machine Wielding Backups!

With the purchase of the Apple Thunderbolt Display my Air now has a jumbo-frame enabled ethernet port at its disposal. My current backup strategy is to utilize an encrypted external USB laptop drive while on the road and to just rsync the latest backup when I get home. This has been working great for a year straight (saved my greasy bacon when the airlines forgot my bag) but I figured it was time to reevaluate with my fancy monitor in the mix.

The Ingredients:

  1. Apple Thunderbolt Display
  2. MacBook Air 11″
  3. OS X 10.7 Lion which added the tmutil command
  4. Iomega eGo USB Drive
  5. Debian 6.0 Server with oodles of encrypted disk space
  6. Gigabit network
  7. ControlPlane for geolocation detection

Secret Magic Scripts:

First we need to create a HOME script. This will be called when the MacBook Air detects that it is on a super-fast connection instead of that yucky Wifi.

sudo vi /opt/local/bin/switchtimemachinehome.sh

#This will change your Time Machine setting the backup to your home server
sleep 5
tmutil setdestination afp://username:password@
sleep 5
tmutil startbackup

Obviously you will want to modify the username:password and destination. Something that will trip you up (hopefully) is your complex password does not work in the URL. If this is the case then please use the below AppleScript to modify it for you. Standard POSIX/UNIXy type things do not work.

Open AppleScript Editor and put in the following and run

set theText to "I want to pass this text, via GET, to a url!"
set theText to text returned of (display dialog "encode what" default answer theText)
set theTextEnc to urlencode(theText) of me
display dialog theTextEnc default answer theTextEnc

on urlencode(theText)
set theTextEnc to ""
repeat with eachChar in characters of theText
set useChar to eachChar
set eachCharNum to ASCII number of eachChar
if eachCharNum = 32 then
set useChar to "+"
else if (eachCharNum ≠ 42) and (eachCharNum ≠ 95) and (eachCharNum < 45 or eachCharNum > 46) and (eachCharNum < 48 or eachCharNum > 57) and (eachCharNum < 65 or eachCharNum > 90) and (eachCharNum < 97 or eachCharNum > 122) then
set firstDig to round (eachCharNum / 16) rounding down
set secondDig to eachCharNum mod 16
if firstDig > 9 then
set aNum to firstDig + 55
set firstDig to ASCII character aNum
end if

if secondDig > 9 then
set aNum to secondDig + 55
set secondDig to ASCII character aNum
end if
set numHex to ("%" & (firstDig as string) & (secondDig as string)) as string
set useChar to numHex
end if
set theTextEnc to theTextEnc & useChar as string

end repeat
return theTextEnc
end urlencode

After that we need to give ControlPlane something to call when we are on the road and have nothing but that simple USB drive we lug around.

sudo vi /opt/local/bin/switchtimemachinemobile.sh

#This will change your Time Machine setting the backup to your home server
sleep 5
tmutil setdestination /Volumes/RubbageHolder/
sleep 5
tmutil startbackup

Lets now make both files executable or the scripts will fail

sudo chmod +x /opt/local/bin/switchtimemachinehome.sh

sudo chmod +x /opt/local/bin/switchtimemachinemobile.sh

Letting the Penguins talk to the Fruit:

In order for our Debian server to be useful we need to give it a secret decoder ring. This means installing some software and announcing itself a certain way for the Mac machines to recognize it as a Mac Server. You can also do this with a standard Mac server, but I prefer my servers to be Linux/BSD based. NOTE: If you are securing your backups using encrypted USB drives, but fail to encrypt your home NAS – SHAME ON YOU! So lets get started by issuing a SSH to our home server.

  1. sudo apt-get install netatalk avahi-daemon
  2. sudo vi /etc/netatalk/AppleVolumes.default
  3. Add the line: /share/Backup           “TimeMachineNAS”         options:tm to the end of the file
Now Apple uses some secret sauce to make things auto discovered. Zeroconf, Bonjour, Avahi, etc. Call it what you will, but what it does it announce the capabilities of a server to a client without direct queries. There are tons of options for avahi on linux, but I am going to walk you through the basics. One note is that your home server will show-up looking like the now defunct Xserver. You are welcome.
sudo vi /etc/avahi/services/afpd.service and then add the below:
<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<name replace-wildcards="yes">%h</name>




Be sure to replace waMA= to your actual MAC address. I used a bridged adapter for failover, but normally this would be your eth0. Verify this by sudo ifconfig -a
Next we need to allow the netatalk services to speak UDP for faster backups. sudo vi /etc/netatalk/afpd.conf and then add to the bottom of the file:
- -udp -noddp -uamlist uams_randnum.so,uams_dhx.so,uams_dhx2.so
Lastly lets restart all the services to ensure our NAS is ready to accept the TimeMachine backups by issuing sudo /etc/init.d/netatalk restart AND sudo /etc/init.d/avahi-daemon restart

Convince the Mac its right at home:

To convince the Mac machine that its talking to an approved machine we have to open a Terminal and type in the following command: defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1

Location, Location, Location:

The next few steps are important and complicated, but its the logic we assign to your Mac to know which location it is in. ControlPlane can provide many rules to determining location such as network adapter, bluetooth, time of day, etc. Since I have that spiffy new Thunderbolt Display I am lucky enough to have a guaranteed en3 network adapter each time I plugin. Your adapter may vary, but the logic in the following screenshots states: IF en3 (Display Adapter) is active THEN assume the location of the laptop is home. Inversely if en3 is not active then assume the machine is away. For me this works great for when the laptop is upstairs, but still in the house. I obviously wouldn’t want to backup 256GiB over the wifi link.

1. Open ControlPlane and ensure that it is started at login and that Enable automatic switching is in use
2. Under evidence sources ensure that NetworkLink (or whatever you are using as the rule indicator) is checked

3. Create two new Contexts; Home and Away

4. Click the “+” and add a new rule

5. First rule states the en3 link is active and context is HOME

6. Next create an en3 is INACTIVE rule and assign it to Away. Your Rules screen should look like the below

7. With rules and contexts in place we can assign actions to those Context by executing our shell script switchtimemachinehome.sh on Context Home…

8. And executing shell script switchtimemachinemobile.sh on Context Away