====== Install a RSync Server for Backups ======

I use RSync to back up my Linux-based hosted servers to a remote location. I used to run RSync creating a SSH tunnel to copy the data. That was back in the "RedHat" day when it was acceptable to log into SSH via the root account. Now a days, I establish my SSH connections as a standard user. However, the standard user doesn't (and shouldn't) have access to read all of the files for backup. So My solution is to install a RSync daemon listening on localhost (127.0.0.1) and configured for read-only ??? and then using SSH as a standard user to establish the tunnel to that port via SSH.

<code bash>
sudo apt-get install rsync

cat > /tmp/rsyncd.conf << EOF
max connections = 1
log file = /var/log/rsync.log
timeout = 300
[root]
path = /
read only = yes
uid = nobody
gid = nogroup
list = yes
hosts allow = 127.0.0.1/32
EOF

sudo mv /tmp/rsyncd.conf /etc/rsyncd.conf

cat > /tmp/rsync << EOF
RSYNC_ENABLE=true
RSYNC_NICE='10'
RSYNC_IONICE='-c3'
EOF

sudo mv /tmp/rsync /etc/default/rsync
	
sudo /etc/init.d/rsync restart
</code>

Once that is setup, backups are as easy as:

<code bash>
/usr/bin/ssh -T -L 873:127.0.0.1:873 server
/bin/rsync.exe -rltDhz --progress --ignore-errors --delete --delete-excluded --modify-window=2 --exclude '/proc' --exclude '/dev' --exclude '/srv'  127.0.0.1::root /backup/server/
</code>