rsync_backup: backups with hardlink support with rsync and ssh.
This cookbook provides two recipes:
rsync_backup::server which provide client and server functionality for
shipping backups over rsync with hard-link references for space saving purposes
and periodic pruning.
The scripts themselves are in perl and are templates; they do not consult a configuration file.
This is a slightly modified version of the technique blogged about here.
This cookbook requires my ssh_known_hosts2 cookbook.
rsync_backup::default cares about these attributes:
rsync_backup/ssh/private_key: the private key used for contacting the backup server. Will
raise ArgumentErrorif missing.
rsync_backup/ssh/host_key: the host key (edited in, not replaced) used by
rsync_backup/target/host: the host to deliver to (default:
rsync_backup/target/base_dir: the base dir on the backup server to send files to.
rsync_backup/target/username: the username to connect as over ssh.
rsync_backup::server does not include
rsync_backup::default and cares
about these attributes:
rsync_backup/ssh/public_key: the corresponding public key to the private key mentioned above.
rsync_backup/target/username: the username to create for incoming connections.
rsync_backup/target/base_dir: the base directory of the backups.
rsync_backup::server will create new backup directories based on a search of
all the nodes that include the
rsync_backup::default recipe. They must exist
before creation for the tooling to work, so if you have new backup machines, be
sure and converge the server before they fire off their backup process.
This has a few security concerns that will be addressed in later revisions. Notably:
- sudo access is way too permissive
- ssh access is way too permissive
It is critical if you use this recipe that your client server(s), in particular, are not using password-based authentication.
Currently this recipe only supports ubuntu and debian -- likely due to package name differences. Happy to accept pull requests for other systems.
- Fork the project
- Make your edits
- Be sure to not change anything in metadata.rb without prior permission.
- Send a pull request.
Erik Hollensbe email@example.com