====== Install a RSync Server for Backups ======
I use RSync to back up my Linux-based hosted servers to a remote location. I used to run RSync creating a SSH tunnel to copy the data. That was back in the "RedHat" day when it was acceptable to log into SSH via the root account. Now a days, I establish my SSH connections as a standard user. However, the standard user doesn't (and shouldn't) have access to read all of the files for backup. So My solution is to install a RSync daemon listening on localhost (127.0.0.1) and configured for read-only ??? and then using SSH as a standard user to establish the tunnel to that port via SSH.
sudo apt-get install rsync
cat > /tmp/rsyncd.conf << EOF
max connections = 1
log file = /var/log/rsync.log
timeout = 300
[root]
path = /
read only = yes
uid = nobody
gid = nogroup
list = yes
hosts allow = 127.0.0.1/32
EOF
sudo mv /tmp/rsyncd.conf /etc/rsyncd.conf
cat > /tmp/rsync << EOF
RSYNC_ENABLE=true
RSYNC_NICE='10'
RSYNC_IONICE='-c3'
EOF
sudo mv /tmp/rsync /etc/default/rsync
sudo /etc/init.d/rsync restart
Once that is setup, backups are as easy as:
/usr/bin/ssh -T -L 873:127.0.0.1:873 server
/bin/rsync.exe -rltDhz --progress --ignore-errors --delete --delete-excluded --modify-window=2 --exclude '/proc' --exclude '/dev' --exclude '/srv' 127.0.0.1::root /backup/server/