stefan2904 · September 25, 2015 22:13
diff --git a/daily.sh b/daily.sh
 #!/bin/bash

 # run this script on the client

 # inspired by https://gist.github.com/deviantintegral/0f1066650e3ea5c5ffc1

 TODAY=`date +"%Y%m%d"`

 # Set the path to rsync on the remote server so it runs with sudo.
 #RSYNC="/usr/bin/sudo /usr/bin/rsync"
 RSYNC="/usr/bin/rsync"

 # This is a list of files to ignore from backups.
 EXCLUDES="/home/stefan/Backup/rsync/rsync.excludes"

 # I use a separate volume for backups. Remember that you will not be generating
 # backups that are particularly large (other than the initial backup), but that
 # you will be creating thousands of hardlinks on disk that will consume inodes.

 DESTINATION="rsync@server7:/backup/notebook/current/"

 # Backup installed packages
 dpkg --get-selections > /home/stefan/Backup/rsync/apt-backup-selections

 # This command rsync's files from the remote server to the local server.
 # Flags:
 #   -z enables gzip compression of the transport stream.
 #   -e enables using ssh as the transport prototcol.
 #   --rsync-path lets us pass the remote rsync command through sudo.
 #   --archive preserves all file attributes and permissions.
 #   --exclude-from points to our configuration of files and directories to skip.
 #   --numeric-ids is needed if user ids don't match between the source and
 #       destination servers.
 #   --link-dest is a key flag. It tells the local rsync process that if the
 #       file on the server is identical to the file in ../$YESTERDAY, instead
 #       of transferring it create a hard link. You can use the "stat" command
 #       on a file to determine the number of hard links. Note that when
 #       calculating disk space, du includes disk space used for the first
 #       instance of a linked file it encounters. To properly determine the disk
 #       space used of a given backup, include both the backup and it's previous
 #       backup in your du command.
 #
 # The "rsync" user is a special user on the remote server that has permissions
 # to run a specific rsync command. We limit it so that if the backup server is
 # compromised it can't use rsync to overwrite remote files by setting a remote
 # destination. I determined the sudo command to allow by running the backup
 # with the rsync user granted permission to use any flags for rsync, and then
 # copied the actual command run from ps auxww. With these options, under
 # Ubuntu, the sudo line is:
 #
 #   rsync   ALL=(ALL) NOPASSWD: /usr/bin/rsync --server --sender -logDtprze.iLsf --numeric-ids . /
 #
 # Note the NOPASSWD option in the sudo configuration. For remote
 # authentication use a password-less SSH key only allowed read permissions by
 # the backup server's root user.
 sudo rsync -z -h -e "ssh" \
   --rsync-path="$RSYNC" \
   --archive \
   --delete \
   --recursive \
   --exclude-from=$EXCLUDES \
   --numeric-ids \
   --stats --progress \
     / $DESTINATION

 echo ""
 echo "rsync done. rotating backups on server ..."

 ssh stefan@server7 'bash /backup/notebook/rotate.sh'

 echo "done!"
diff --git a/rotate.sh b/rotate.sh
 #!/bin/bash

 # run this script on the server

 # use rsync (daily.sh script) to backup to ./current
 # (should unlink files before overwriting)

 TODAY=`date +"%Y%m%d-%H%M"`

 # make hardlinked copy:
 cp -al /backup/thinkbook/current /backup/thinkbook/$TODAY
diff --git a/rsync.excludes b/rsync.excludes
 /home/stefan/Videos
 /home/stefan/VMs
 /home/stefan/Downloads
 /home/stefan/Steam
 /home/stefan/.cache
 /bin
 /proc
 /boot
 /initrd.img
 /media
 /sys
 /vmlinuz
 /dev
 /lib
 /mnt
 /run
 /tmp
 /lib64
 /opt
 /sbin
 /var/tmp
 /usr
	#!/bin/bash

	# run this script on the client

	# inspired by https://gist.github.com/deviantintegral/0f1066650e3ea5c5ffc1

	TODAY=`date +"%Y%m%d"`

	# Set the path to rsync on the remote server so it runs with sudo.
	#RSYNC="/usr/bin/sudo /usr/bin/rsync"
	RSYNC="/usr/bin/rsync"

	# This is a list of files to ignore from backups.
	EXCLUDES="/home/stefan/Backup/rsync/rsync.excludes"

	# I use a separate volume for backups. Remember that you will not be generating
	# backups that are particularly large (other than the initial backup), but that
	# you will be creating thousands of hardlinks on disk that will consume inodes.

	DESTINATION="rsync@server7:/backup/notebook/current/"

	# Backup installed packages
	dpkg --get-selections > /home/stefan/Backup/rsync/apt-backup-selections

	# This command rsync's files from the remote server to the local server.
	# Flags:
	# -z enables gzip compression of the transport stream.
	# -e enables using ssh as the transport prototcol.
	# --rsync-path lets us pass the remote rsync command through sudo.
	# --archive preserves all file attributes and permissions.
	# --exclude-from points to our configuration of files and directories to skip.
	# --numeric-ids is needed if user ids don't match between the source and
	# destination servers.
	# --link-dest is a key flag. It tells the local rsync process that if the
	# file on the server is identical to the file in ../$YESTERDAY, instead
	# of transferring it create a hard link. You can use the "stat" command
	# on a file to determine the number of hard links. Note that when
	# calculating disk space, du includes disk space used for the first
	# instance of a linked file it encounters. To properly determine the disk
	# space used of a given backup, include both the backup and it's previous
	# backup in your du command.
	#
	# The "rsync" user is a special user on the remote server that has permissions
	# to run a specific rsync command. We limit it so that if the backup server is
	# compromised it can't use rsync to overwrite remote files by setting a remote
	# destination. I determined the sudo command to allow by running the backup
	# with the rsync user granted permission to use any flags for rsync, and then
	# copied the actual command run from ps auxww. With these options, under
	# Ubuntu, the sudo line is:
	#
	# rsync ALL=(ALL) NOPASSWD: /usr/bin/rsync --server --sender -logDtprze.iLsf --numeric-ids . /
	#
	# Note the NOPASSWD option in the sudo configuration. For remote
	# authentication use a password-less SSH key only allowed read permissions by
	# the backup server's root user.
	sudo rsync -z -h -e "ssh" \
	--rsync-path="$RSYNC" \
	--archive \
	--delete \
	--recursive \
	--exclude-from=$EXCLUDES \
	--numeric-ids \
	--stats --progress \
	/ $DESTINATION

	echo ""
	echo "rsync done. rotating backups on server ..."

	ssh stefan@server7 'bash /backup/notebook/rotate.sh'

	echo "done!"
	#!/bin/bash

	# run this script on the server

	# use rsync (daily.sh script) to backup to ./current
	# (should unlink files before overwriting)

	TODAY=`date +"%Y%m%d-%H%M"`

	# make hardlinked copy:
	cp -al /backup/thinkbook/current /backup/thinkbook/$TODAY
	/home/stefan/Videos
	/home/stefan/VMs
	/home/stefan/Downloads
	/home/stefan/Steam
	/home/stefan/.cache
	/bin
	/proc
	/boot
	/initrd.img
	/media
	/sys
	/vmlinuz
	/dev
	/lib
	/mnt
	/run
	/tmp
	/lib64
	/opt
	/sbin
	/var/tmp
	/usr