Welcome to UDAPRO

Uli's Data Projects - Focused on Security, Virtualization with KVM and Proxmox, and Backup with Restic

Closed Open-Source Projects

Showcasing completed Linux-based solutions

Zone-Based Motion-Detected Video Surveillance for Server Room

Project Overview

This project implemented a robust, zone-based motion-detection video surveillance system for a server room using ZoneMinder, an open-source video camera security and surveillance solution. The system was designed to monitor critical areas, trigger alerts, and record video only when motion is detected in predefined zones, reducing storage requirements and false positives.

Key Features

  • Zone-based motion detection with customizable sensitivity and alert thresholds
  • Integration with IP cameras and analog cameras via capture cards
  • Automated event recording and alerting via email and SMS
  • Web-based management interface for live viewing, playback, and configuration
  • Secure remote access with HTTPS and authentication

Technical Stack

ZoneMinder Linux (Debian) Apache/Nginx MySQL/MariaDB FFmpeg Bash Scripting IP Cameras
Debian 6 Based Terminal Server Project for School

Project Overview

This project delivered a scalable terminal server solution for a school environment, providing approximately 400 thin client workstations for students. The system was built on a Debian 6 host running virtualized Edubuntu guest systems, with all thin clients booting via PXE for centralized management and minimal hardware requirements.

Key Features

  • Centralized management of 400+ thin client workstations
  • PXE boot environment for rapid deployment and updates
  • Virtualized Edubuntu guest systems for educational software
  • Load balancing and failover for high availability
  • Low-cost, energy-efficient hardware utilization

Technical Stack

Debian 6 Edubuntu LTSP (Linux Terminal Server Project) PXE Boot KVM/QEMU LDAP NFS Bash Scripting
Small Business Linux Server with Debian 22.04

Project Overview

This project involved the deployment of a comprehensive small business server running Debian 22.04. The server included a Rocket.Chat instance for internal communication, a Nginx web server, and a fully configured mail server (Postfix/Dovecot) with SPF and DKIM for secure email delivery, all managed via the ISPConfig control panel.

Key Features

  • Rocket.Chat for team communication and collaboration
  • Nginx web server for hosting internal and external websites
  • Postfix/Dovecot mail server with SPF, DKIM, and DMARC for secure email
  • ISPConfig for centralized server and service management
  • Automated backups and monitoring for reliability

Technical Stack

Debian 22.04 Rocket.Chat Nginx Postfix Dovecot ISPConfig MySQL/MariaDB Let's Encrypt Bash Scripting
Automatic Peer-to-Peer Encrypted, High-Scalable Backup Solution with Restic

Project Overview

This project implemented a fully automated, peer-to-peer, encrypted, and highly scalable backup solution using restic. Restic is a modern backup program that provides fast, secure, and efficient backups to a variety of storage backends. The solution was designed to automatically back up critical directories on a regular schedule, ensuring data integrity and availability.

What is Restic?

Restic is a program that does backups right. It is designed to be:

  • Secure: All data is encrypted using AES-256 in counter mode.
  • Efficient: Only changes are backed up (deduplication), saving space and bandwidth.
  • Fast: Uses concurrent processing and efficient algorithms.
  • Verifiable: Backups can be checked for integrity at any time.
  • Easy: Simple command-line interface and automation-friendly.

Advantages Over Other Backup Systems

  • End-to-End Encryption: Unlike rsync or tar, restic encrypts data before it leaves your machine.
  • Deduplication: Only stores unique data chunks, reducing storage needs.
  • Snapshot-Based: Each backup is a snapshot, making restores easy and reliable.
  • Multi-Backend Support: Works with local storage, SFTP, REST, S3, and more.
  • No Client-Server Model: No need for a central backup server; ideal for peer-to-peer setups.

Automated Backup Scripts

1. Backup /home Directories 4 Times a Day (Business Hours)

#!/bin/bash # Script: backup_home.sh # Description: Backup all user home directories 4 times a day during business hours # Usage: Add to cron as: 0 8,11,14,17 * * 1-5 /path/to/backup_home.sh LOG_FILE="/var/log/restic_home_backup.log" REPO="/mnt/backup/restic_home" PASSWORD_FILE="/etc/restic/home_pass" # Initialize repository if not exists if ! restic -r "$REPO" cat config >/dev/null 2>&1; then echo "$(date) - Initializing restic repository at $REPO" >> "$LOG_FILE" restic -r "$REPO" init fi # Backup each user's home directory for user in $(ls /home); do echo "$(date) - Backing up /home/$user" >> "$LOG_FILE" restic -r "$REPO" --password-file="$PASSWORD_FILE" backup /home/$user restic -r "$REPO" --password-file="$PASSWORD_FILE" forget --keep-daily 7 --keep-weekly 4 --keep-monthly 12 --prune done echo "$(date) - Home backup completed" >> "$LOG_FILE"

2. Backup /etc, /usr, /var, /opt Every Friday After 5:30 PM

#!/bin/bash # Script: backup_system.sh # Description: Backup system directories every Friday after 5:30 PM # Usage: Add to cron as: 30 17 * * 5 /path/to/backup_system.sh LOG_FILE="/var/log/restic_system_backup.log" REPO="/mnt/backup/restic_system" PASSWORD_FILE="/etc/restic/system_pass" # Initialize repository if not exists if ! restic -r "$REPO" cat config >/dev/null 2>&1; then echo "$(date) - Initializing restic repository at $REPO" >> "$LOG_FILE" restic -r "$REPO" init fi # Backup system directories echo "$(date) - Backing up system directories" >> "$LOG_FILE" restic -r "$REPO" --password-file="$PASSWORD_FILE" backup /etc /usr /var /opt restic -r "$REPO" --password-file="$PASSWORD_FILE" forget --keep-daily 7 --keep-weekly 4 --keep-monthly 12 --prune echo "$(date) - System backup completed" >> "$LOG_FILE"

Technical Stack

Restic Linux (Debian/Ubuntu) Bash Scripting Cron AES-256 Encryption SFTP/REST/S3 Backends