My personal solution for backups. Resulting backups are:
- plain files: no zip or tar.
- aperiodic: a backup may start if the PC is on at 3 AM, otherwise no big deal.
- incremental: save only new files, the others are hardlinked.
- keep daily backups for a week, weekly for a month, monthly for a year, yearly forever.
- no password sent around or stored in files.
This is an extension on the
rrsync script available online (and included in
the repos as well).
rrsync allows running
rsync into a restricted
directory with args sanitization. The project contains:
- A script to create a new backup directory and
prevsymlinks to the last dirs.
- A script to finish the backup, eventually renaming or deleting old backups.
- A script to run
rrrotateon a restricted directory.
on the source host, create a dir, e.g.
/root/backupand chdir into it.
on the source host, generate a new rsa pair with no passphrase:
ssh-keygen -f SOURCE.id_rsa -N ''
on the target host, clone this repository, e.g. in
/usr/local/src/backup. You may have to custmize the consts in
on the target host, configure sshd to accept at least forced command from root, e.g. add to
on the target host, configure the pkey generated above to run the
rrrsynccommand, e.g. add to
command="/usr/local/src/backup/rrrsync /backups" ssh-rsa AAAAB3Nza... root@SOURCE
on the source host, write a script to perform the backup via rsync and put it into crontab, e.g.
#!/bin/bash export OPTS="-axvz --delete --delete-excluded --numeric-ids" export SSH='ssh -i SOURCE.id_rsa' $SSH root@target rrlinks rsync $OPTS -e "$SSH" --exclude-from=exclude.home --link-dest=/prev/home/ /home/ root@target:curr/home/ rsync $OPTS -e "$SSH" --exclude-from=exclude.root --link-dest=/prev/root/ / root@target:curr/root/ $SSH root@target rrrotate
The above example assumes
/ as two separate file systems to be
backed up into different dirs.
exclude.root are files
to avoid backup (see rsync manpage).
curr are symlinks
rrlinks. The result of running the script a couple of times
is dirs on the target host such as:
/backups/daily-20120810T000000/home /backups/daily-20120810T000000/root /backups/daily-20120813T003300/home /backups/daily-20120813T003300/root
This stuff has been designed for my own needs and amusement: although I think it is a good idea, it may be a bad one for you, in which case I hereby forbid you to sue me. Also, this stuff is GPL to be more enterprise-unfriendly. Have a nice day!