Last active
March 31, 2021 18:17
-
-
Save mrash/523e28fae4a2b05ff563 to your computer and use it in GitHub Desktop.
Emulate encrypted Time Machine backups from a Mac to a Linux system with rsync 'snapshotting' + encfs.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh -x | |
# | |
# Goal: Emulate encrypted Time Machine backups from a Mac to a Linux system | |
# with rsync 'snapshotting' + encfs. This provides an additional backup | |
# to a Linux based filesystem like ext4 just in case of HFS+ issues as | |
# described here: http://blog.barthe.ph/2014/06/10/hfs-plus-bit-rot/ | |
# This is not expected to solve all potential bitrot scenarios - rather | |
# to provide some redundancy and make detection easier (with additional | |
# scripting effort). | |
# | |
# This script was modeled after the rsync snapshotting strategy presented at | |
# the following links: | |
# | |
# http://blog.interlinked.org/tutorials/rsync_time_machine.html | |
# http://www.mikerubel.org/computers/rsync_snapshots/ | |
# | |
# The usage of encfs on the Linux backup host was added for data encryption. It | |
# is assumed the encfs is installed and usable on the Linux host. It is also a | |
# good idea to use key-based authentication to the Linux host (ssh-add is | |
# executed by this script). | |
# | |
# Author: Michael Rash <[email protected]> | |
# | |
# Date: 08/02/2014 | |
# | |
LINUX_BACKUP_HOST=192.168.1.123 | |
USER=mbr | |
RBACKUP_DIR=/home/$USER/backups/mac | |
RBACKUP_DIR_ENC=/home/$USER/backups/mac_enc | |
CURRENT=$RBACKUP_DIR/current | |
LBACKUP_DIR=/Users/$USER | |
EXCLUDE_FILE=/Users/$USER/git/mactools.git/exclude_files | |
ssh-add | |
### mount the remote encrypted filesystem and don't echo the encfs password | |
stty -echo | |
ssh -l $USER $LINUX_BACKUP_HOST "encfs $RBACKUP_DIR_ENC $RBACKUP_DIR" | |
M=$? | |
stty echo | |
if [ $M -ne 0 ]; | |
then | |
echo "[*] Remote encrypted filesystem not mounted properly, exiting..." | |
exit | |
fi | |
### get the current date | |
DATE=`date "+%Y-%m-%dT%H%M"` | |
### note that this assumes that the first full backup has already | |
### been done via the following command | |
# rsync -avz -e ssh --partial --progress $LBACKUP_DIR \ | |
# $USER@$LINUX_BACKUP_HOST:$RBACKUP_DIR/mac-$DATE | |
### do the complete backup | |
rsync -avz -e ssh \ | |
--partial --progress --delete \ | |
--link-dest=$CURRENT --exclude-from \ | |
$EXCLUDE_FILE $LBACKUP_DIR \ | |
$USER@$LINUX_BACKUP_HOST:$RBACKUP_DIR/mac-$DATE | |
### recreate the "current" link to the latest backup | |
ssh -l $USER $LINUX_BACKUP_HOST \ | |
"rm -f $CURRENT && ln -s $RBACKUP_DIR/mac-$DATE $CURRENT" | |
### give the remote encrypted filesystem/disk time to settle down | |
### before unmounting (huge amount of data may have been copied) | |
sleep 60; | |
### unmount the filesystem | |
ssh -l $USER $LINUX_BACKUP_HOST "fusermount -u $RBACKUP_DIR" | |
exit |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment