FileMaker Server Off-Site Backup & Retention Policy with rclone

Off-site backups are important in case there are issues with the main server where local backups are stored making them unrecoverable.

It allows you to restore the server and also store long term backups for archival or legal reasons while leveraging cloud storage backends scalability and multi-geographical zone availability. 

This guide will go through how to setup and use rclone with Claris FileMaker Server on Ubuntu Linux to automate the creation and maintenance of off-site backups and maintaining a backup retention policy using Amazon S3 as an affordable, scalable and highly available storage backend.

What is rclone?

rclone is an open source self contained command line tool to manage cloud storage. It can sync, copy and transfer data to many storage backends including Amazon S3 and others.

rclone Overview & supported storage backends

Claris FileMaker Server OS

This guide is designed for Ubuntu Linux, rclone can be used on Windows Server & MacOS as well but some of the setup steps will be different.

Download & Install rclone

Login as root via SSH to your FileMaker Server and run:

sudo -v ; curl https://rclone.org/install.sh | sudo bash

On Windows Server, follow the instructions at:

https://rclone.org/install/#windows

Setup AWS S3 Bucket & Credentials

  • Setup an AWS account if you don't already have one and login to AWS Console as an Administrator
  • From AWS S3 Console, create a new S3 bucket, besides selecting the AWS Region closest to your FileMaker Server you can leave all other settings as default
  • From AWS IAM Console, open your user page (the same user used to create the s3 bucket) goto "Security credentials" tab then "Access keys" section, click "Create access key"
  • For "Use case" select "Other", add a description and create the access key
  • You will only be shown the "Access key" & "Secret" once, make sure you save them in a safe place

In some cases, it might be worth considering creating a dedicated AWS IAM user with access to only the backup S3 bucket. Below is an article that further explains the process of how to use policies to limit access to s3 buckets:

https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-walkthroughs-managing-access-example1.html

Configure rclone Remote

On FileMaker Server via SSH run:

rclone config

# Follow on screen prompts to enter the S3 bucket details and access credentials.
# For Reference:
# provider: AWS
# en_auth: 1
# access_key_id: <your_access_key_id>
# secret_access_key: <your_access_key_secret>
# region: your s3 bucket aws region
# endpoint: leave blank
# location_constraint: same as your region
# acl: 1
# server_side_encryption: leave blank (encryption is already provided by s3)
# storage_class: 1

Reference: https://rclone.org/s3/

Backup Retention Policy

How long you need to keep backups for will depend on your organization's business and legal needs. In this guide we will use the following retention policy:

  • Keep daily backups for 90 days (90 backups)
  • Keep weekly backups for 6 months (24 backups)
  • Keep Monthly backups for 3 years (36 backups)

You can set these parameters along with which day to use for weekly and monthly backups in the rclone backup script further below in this article.

FileMaker Server Backup Configuration

This guide assumes that the default FileMaker Server Auto-Backup schedule is enabled and running as the rclone script uses the latest daily backup generated.

The idea here is that FileMaker Server handles the actual backup creation to make it's done properly then the rclone script takes over after that to create off-site copies.

Off-Site rclone Backup Script

The script is at my GitHub repo:

https://github.com/mhtawfiq/filemaker-server-rclone

Follow the instructions at the repo to download and set it up and edit the variables inside the script to set rclone remote name, S3 bucket name, retention policy, weekly backup day and monthly backup day:

# FileMaker Server Backups Folder
fmsbackupsf="/opt/FileMaker/FileMaker Server/Data/Backups"

# rclone Remote
rcr="fms-backup"

# S3 Bucket Name
s3="fms-backup1"

# Retention Policy
rdaily=90
rweekly=24
rmonthly=36

# Day of the Week for Weekly Backups
# Monday (1) to Sunday (7)
dweekly=1

# Day of the Month for Monthly Backups
dmonthly=1

Schedule rclone Script to Run Automatically

Make sure you allow enough time for FileMaker Server default Auto-Backup to have finished creating the daily backup before running the rclone script.

On FileMaker Server via SSH, using crontab to setup the schedule:

# Logged in as root, select nano to edit crontab
crontab -e

# Add the following line to run daily at 04:00 AM
# Press Ctrl+X then Y to exit and save.
0 4 * * * /root/fms-rclone/fms-rclone.sh

# Check Current Crontab
crontab -l

In the example above, fms-rclone.sh will run at 04:00 AM daily, you can adjust this as needed using crontab syntax.

Crontab syntax: https://crontab.guru/

Conclusion

The script should now run on a daily basis copying the latest FileMaker Server Auto-Backup to AWS S3 and maintaining the backup data retention policy configured.