Skip to content

Instantly share code, notes, and snippets.

@mrash
Last active March 31, 2021 18:17
Show Gist options
  • Save mrash/523e28fae4a2b05ff563 to your computer and use it in GitHub Desktop.
Save mrash/523e28fae4a2b05ff563 to your computer and use it in GitHub Desktop.
Emulate encrypted Time Machine backups from a Mac to a Linux system with rsync 'snapshotting' + encfs.
#!/bin/sh -x
#
# Goal: Emulate encrypted Time Machine backups from a Mac to a Linux system
# with rsync 'snapshotting' + encfs. This provides an additional backup
# to a Linux based filesystem like ext4 just in case of HFS+ issues as
# described here: http://blog.barthe.ph/2014/06/10/hfs-plus-bit-rot/
# This is not expected to solve all potential bitrot scenarios - rather
# to provide some redundancy and make detection easier (with additional
# scripting effort).
#
# This script was modeled after the rsync snapshotting strategy presented at
# the following links:
#
# http://blog.interlinked.org/tutorials/rsync_time_machine.html
# http://www.mikerubel.org/computers/rsync_snapshots/
#
# The usage of encfs on the Linux backup host was added for data encryption. It
# is assumed the encfs is installed and usable on the Linux host. It is also a
# good idea to use key-based authentication to the Linux host (ssh-add is
# executed by this script).
#
# Author: Michael Rash <[email protected]>
#
# Date: 08/02/2014
#
LINUX_BACKUP_HOST=192.168.1.123
USER=mbr
RBACKUP_DIR=/home/$USER/backups/mac
RBACKUP_DIR_ENC=/home/$USER/backups/mac_enc
CURRENT=$RBACKUP_DIR/current
LBACKUP_DIR=/Users/$USER
EXCLUDE_FILE=/Users/$USER/git/mactools.git/exclude_files
ssh-add
### mount the remote encrypted filesystem and don't echo the encfs password
stty -echo
ssh -l $USER $LINUX_BACKUP_HOST "encfs $RBACKUP_DIR_ENC $RBACKUP_DIR"
M=$?
stty echo
if [ $M -ne 0 ];
then
echo "[*] Remote encrypted filesystem not mounted properly, exiting..."
exit
fi
### get the current date
DATE=`date "+%Y-%m-%dT%H%M"`
### note that this assumes that the first full backup has already
### been done via the following command
# rsync -avz -e ssh --partial --progress $LBACKUP_DIR \
# $USER@$LINUX_BACKUP_HOST:$RBACKUP_DIR/mac-$DATE
### do the complete backup
rsync -avz -e ssh \
--partial --progress --delete \
--link-dest=$CURRENT --exclude-from \
$EXCLUDE_FILE $LBACKUP_DIR \
$USER@$LINUX_BACKUP_HOST:$RBACKUP_DIR/mac-$DATE
### recreate the "current" link to the latest backup
ssh -l $USER $LINUX_BACKUP_HOST \
"rm -f $CURRENT && ln -s $RBACKUP_DIR/mac-$DATE $CURRENT"
### give the remote encrypted filesystem/disk time to settle down
### before unmounting (huge amount of data may have been copied)
sleep 60;
### unmount the filesystem
ssh -l $USER $LINUX_BACKUP_HOST "fusermount -u $RBACKUP_DIR"
exit
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment