Ubuntu - Backups - rdiff backup

rdiff-backup

#!/bin/bash
EXCLUDES="/tmp /var/tmp /proc /sys /selinux /media /dev/shm /mnt"
OPTIONS="--exclude-device-files --print-statistics --force --ssh-no-compression"
MAXAGE="1M"
 
SRC="/"
DST="server2.firma.pl::/backup-zdalny/server1"
 
for i in $EXCLUDES; do
  OPTIONS="$OPTIONS --exclude $i"
done
 
rdiff-backup $OPTIONS $SRC $DST
STATUS=$?
 
msg=""
if [ $STATUS -eq 0 ]; then
  msg="$msg Backup OK"
  rdiff-backup --force --remove-older-than $MAXAGE $DST
  if [ $? -eq 0 ]; then
    msg="$msg Cleaning OK"
  else
    msg="$msg Failed to remove older than $MAXAGE"
  fi
else
  msg="$msg Failed to copy"
fi
 
echo $msg
exit $STATUS

We have two systems: host1 and host2.

• The script to launch the backup has to be on host1, which will connect to host2 by SSH and retrieves data from it.
• Both computers must have the rdiff-backup script installed, preferably at the same version.

On the host1 (the command is performed using the root account):

sudo ssh-keygen -t rsa

Save files to the default location; when prompted for a password hit enter (a blank password / no password).

scp .ssh / id_rsa.pub host2:

On host2 (command is performed using the root account)

We create (if there is no .ssh directory already) and set it appropriate permissions:

mkdir .ssh
chmod 700 .ssh

cat id_rsa.pub > .ssh/authorized_keys
chmod 600 .ssh/authorized_keys

In front of the key, but in the same line we add (ssh-rsa …):

.ssh/authorized_keys

command="/usr/bin/rdiff-backup --server" ssh-rsa ...........

/etc/ssh/sshd_config

PermitRootLogin forced-commands-only
StrictMode on

The later command enforces permissions and .ssh .ssh/authorized_keys were respectively 700 and 600.

/etc/init.d/sshd restart

rdiff-backup --print-statistics host2::/etc /tmp/etc2

This will perform the backup without asking for a password.