# Backing up WG Hub config

The idea is to automatically copy the Jumphost server WG config to a local device, just in case. Copying gets done through SSH. 

Because we want this happening automatically, we need to do some adjustments to automatically enter the SSH key passphrase.

## Dealing with passphrase

Run these commands and enter the passphrase when prompted.

```bash
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/superhog-data-general-ssh-prd # I'm assuming this is your path to the key. If it isn't adjust.
echo "export SSH_AUTH_SOCK=$SSH_AUTH_SOCK" > ~/.ssh/agent_env
echo "export SSH_AGENT_PID=$SSH_AGENT_PID" >> ~/.ssh/agent_env
```

## The actual script

Run this in your terminal to create the backup script: 

```bash
cat << EOF > backup_wg.sh
#!/bin/bash
source /home/$USER/.ssh/agent_env
ssh azureuser@jumphost-prd.prd.data.superhog.com -i /home/$USER/.ssh/superhog-data-general-ssh-prd 'sudo cat /etc/wireguard/wg0.conf' > /home/$USER/wg_server_backup.conf
EOF
```

Now test that it works by running in your terminal:

```bash
chmod 700 backup_wg.sh
./backup_wg.sh

# Is the file there?
ls -l | grep wg_server_backup

# Let's print the first line, which usually should simply read "[Interface]"
head -n 1 wg_server_backup.conf
```

Make sure this works before scheduling.

## Scheduling

Run this to schedule it to run a few times per day. Hopefully your laptop will be active during some of those times:

```bash
BACKUP_COMMAND="0 9,12,15,18 * * * /home/$USER/backup_wg.sh"
(crontab -u $USER -l; echo "$BACKUP_COMMAND" ) | crontab -u $USER -
```

Your schedule is now ready. Feel free to wait until one of those times is hit to check if the backup file gets created.

# Restoring the backup

Simply edit the Jumphost server file `/etc/wireguard/wg0.conf` to add the contents of the backup.

You would then restart WG in the jumphost with `sudo systemctl restart wg-quick@wg0.service`