==== Rsync Backup ==== Rsync Backup is a group of bash scripts for Linux that utilise [[https://rsync.samba.org/|rsync]] to create a disk based incremental backup system. ===Features=== * Runs from cron * Uses ssh to access remote hosts * Can support full host backup using setuid * One directory per backup host * One directory per backup operation utilising hard links to save disk space * Purge operation to remove old directories * Directory sticky bit utilised to disable purge operation * Purge operation may be disabled entirely === Install === Whether you install on a backup server or target host, fetch scripts from repository and install rsync. apt install mercurial rsync hg clone http://hg.kewl.org/pub/rsync-backup == Server == The server install will create a user called rsync, its home directory, a cron entry and place the scripts within a bin directory. The purge process is added to sudoers for the rsync user and the rsync binary is installed in the home directory setuid root. The backup folder by default is /opt/fs/rsync and this is created, along with a log directory /var/log/rsync The backup directory can be changed prior to install by editing the SYNCDIR variable in the file bin/config sudo make install-server __ssh__ ssh should be setup manually and the install process created a .ssh directory ready for this. Changing to user rsync is best achieved like this: sudo -s /bin/su - rsync == Client == __Full backup__ For targets hosts, perform the client install. This creates the user rsync and copies the scripts into the home directory and creates a setuid root rsync binary and nothing more. sudo make install-client __User backup__ For user only backup on a target, the requirements are ssh access and rsync being available. If these two cases are met then when configuring the host, the login parameters and path to rsync must be set in the target config (see below). __ssh__ The server ssh public key must be added to the authorized_keys file to access the client. ===Configuration=== An RSA ssh key with an empty passphrase must be generated and the public key added to each target's authorized_keys for user rsync when using the client installed above, or added to for the login user otherwise. ==Variables== A file named config contains global variables for server operation. ^ Variable ^ Usage ^ Default ^ |ETCDIR | rsync target host config | /home/rsync/etc | |SYNCDIR | rsync backup directory | /opt/fs/rsync | |RSYNC | local and remote rsync command | /home/rsync/bin/rsync| |PURGE | directory purge command or empty | sudo /home/rsync/bin/purge| ==Target hosts== Each target host can have up to three server configuration files in ETCDIR. In the following, "example" represents a hostname which is reachable with ssh. __example.conf__ The .conf file contains target directories to be backed up. /home/loginname The .omit file contains target files or directories to be ignored during backup. __example.omit__ /home/loginname/.history __example.sh__ The .sh file is included prior to starting the backup process, this can contain one of two variables or anything else needed to be performed beforehand. #! /bin/bash SSH="ssh -2 -p 2222 -l loginname -o StrictHostKeyChecking=no" RSYNC_PATH="/bin/rsync" In the above, SSH is used to set the login details for the connection and RSYNC_PATH set to the target rsync binary. By default the backup process will login as user rsync and use the setuid binary found in the rsync home directory. This will allow a full host backup. ^ Variable ^ Usage ^ Default ^ |SSH | ssh command line | ssh -2 | |RSYNC_PATH | rsync command line | /home/rsync/bin/rsync | When backing up the localhost, just use the hostname and rsync will copy files directly rather than use ssh. === Purge === After each backup operation a directory purge is performed to remove old directories. This can remove temporary data within a backup period and this should be appreciated. Purge can be disabled if preferred but exists to manage the number of directories over time. A weekly backup to tape or external disk storage would be sensible for important data. Purge could also be disabled in the config and then ran at a different time interval from cron Eg. weekly or fortnightly. ==Rules== The purge process applies the following rule to the host and backup directories: * Do not remove if the sticky bit is set The purge process applies the following rules to backup directories: * Do not remove if less than 1 week old * Remove if not created on a Sunday * Do not remove if Sunday is the first Sunday of the month otherwise remove all Sundays older than 12 weeks ==Disable== To disable the purge process, set the PURGE variable to "" in the config. === Test=== Testing can be performed on the server as user rsync by invoking the host command with one argument. sudo -s /bin/su - rsync ./bin/host example example above will extrapolate to example.conf etc ===CRON=== Cron on the server is utilised to perform daily backups, a typical entry is this 0 3 * * * /home/rsync/bin/host >/var/log/rsync/host.log 2>&1 === Export === [[:projects:rsyncbackup?do=export_pdf|PDF]]