Rsync backup script free to use:
- Linux implementation in bash
- Windows implementation in Powershell
I'm using this script to back-up all my Windows & Linux workstations and servers without trouble, nonetheless this script comes with no warranty whatsoever.
Please check the integrity of your back-ups periodically!
Tried this script for a bit? Like it? Or hate it?
It would help my business like a lot if you would take just 60 seconds out of your time and tell us what you think: http://g.page/perfacilis/review
Simply download the latest version, change the readonly variables in the first
few lines of the script and install it as an (hourly) cronjob. For example:
# Never copy-pasta stuff from the webz into your terminal, always check first!
wget -qO- https://raw.githubusercontent.com/perfacilis/backup/master/backup | sudo tee /etc/cron.hourly/backup
sudo chmod 700 /etc/cron.hourly/backup
# Change BACKUP_LOCAL_DIR, BACKUP_DIRS, etc
nano /etc/cron.hourly/backup
# Optionally run it manually
sudo /etc/cron.hourly/backup
# Or watch your syslog
tail -f /var/log/syslog | grep --color --line-buffered "backup:"First, you'll need a Windows implementation of Rsync, for example:
https://itefix.net/cwrsync-client
Download the zip and extract so you get C:\backup\rsync\bin\rsync.exe
Then, like the Linux installation, download the latest version, change the variables in the first few lines and install a Scheduled Task. For example:
New-Item -Path "C:/backup" -ItemType Directory
Set-Location C:/backup
# Retrieve cwrsync (cygwin rsync), run commented out TLS-fix for older pwsh versions
#[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Invoke-WebRequest -Uri https://itefix.net/dl/free-software/cwrsync_6.2.8_x64_free.zip -OutFile rsync.zip
Expand-Archive rsync.zip
Remove-Item rsync.zip
# Download the file, don't forget to change the settings!
Invoke-WebRequest -Uri https://raw.githubusercontent.com/perfacilis/backup/master/backup.bs1 -OutFile backup.ps1
# Create an hourly scheduled task, powershell flavour
# See: Task Scheduler » Microsoft » Windows » Powershell » ScheduledJobs
$trigger = New-JobTrigger -Once -At (Get-Date) -RepetitionInterval (New-TimeSpan -Hours 1) -RepeatIndefinitely
$callback = {Start-Process "powershell.exe" -ArgumentList "C:\backup\backup.ps1" -Wait -NoNewWindow}
Register-ScheduledJob -Name "backup.ps1" -Trigger $trigger -MaxResultCount 99 -ScriptBlock $callbackDefault usage, backup to a server with an Rsync profile:
readonly RSYNC_TARGET="[email protected]::profile"
readonly RSYNC_DEFAULTS="-trlqpz4 --delete --delete-excluded --prune-empty-dirs"
readonly RSYNC_EXCLUDE=(tmp/ temp/)
readonly RSYNC_SECRET='RSYNCSECRETHERE'If you want to backup to a USB disk for example:
readonly RSYNC_TARGET="/media/user/backup_drive"
readonly RSYNC_DEFAULTS="-trlqpz4 --delete --delete-excluded --prune-empty-dirs"
readonly RSYNC_EXCLUDE=(tmp/ temp/)
readonly RSYNC_SECRET=''Rsync using ssh to communicate instead of rsync profiles. You'll have to set up SSH Public Key authentication:
readonly RSYNC_TARGET="[email protected]:/path/on/ssh/server"
readonly RSYNC_DEFAULTS="-trlqpz4 --delete --delete-excluded --prune-empty-dirs -e "'"ssh -p 2222"'""
readonly RSYNC_EXCLUDE=(tmp/ temp/)
readonly RSYNC_SECRET=''When $DB_LIST is not empty, the script tries to backup all listed names into
a GZIP file. Therefore, leave empty if you don't want to backup databases. For
every database, $DB_DUMP is run, so change this according to your database
system.
See some examples below.
For MariaDB use mariadb instead of mysql and mariadb-dump instead of
mysqldump.
readonly DB_LIST="database1 database2"
readonly DB_LIST="$(mysql -Bse 'SHOW DATABASES')"
readonly DB_DUMP="mysqldump --defaults-file=/etc/mysql/debian.cnf -E -R --max-allowed-packet=512MB -q --single-transaction -Q --skip-comments"
readonly DB_DUMP="mysqldump --defaults-file=/etc/mysql/debian.cnf --ssl-mode=VERIFY_CA --ssl-ca=ca.pem --ssl-cert=client-cert.pem --ssl-key=client-key.pem -E -R --max-allowed-packet=512MB -q --single-transaction -Q --skip-comments"
readonly DB_DUMP="mysqldump --defaults-extra-file=/root/.mysqldump -E -R --max-allowed-packet=512MB -q --single-transaction -Q --skip-comments"
readonly DB_DUMP="mysqldump --username=PLSDONT --password=PLSDONT -E -R --max-allowed-packet=512MB -q --single-transaction -Q --skip-comments"The script runs as root, later versions of MySQL and MariaDB don't require any credentials, but if you want to use a specific user, you can create a defaults-file:
[mysql]
user=USERNAME
password=PASSWORD
[mysqldump]
user=USERNAME
password=PASSWORDWhen $DB_TABLE_LIST is not empty, the script creates a GZIP file per TABLE
instead of per DATABASE. Therefore, leave it empty if you want backups per
DATABASE or if your DBMS doesn't support this.
The command arguments needs to be defined as an array to support quotes:
readonly DB_TABLE_LIST=(mariadb -Bse "SELECT TABLE_NAME, Update_time FROM information_schema.tables WHERE TABLE_SCHEMA = '%DB%' ORDER BY TABLE_NAME;")readonly DB_LIST="$(psql -h 127.0.0.1 -U restore --no-password -l -t | grep '^ \w' | grep -v 'template' | awk '{print $1}')"
readonly DB_DUMP="pg_dump -h 127.0.0.1 -U restore --no-password -d"It's recommended to create a user to allow databases to be dumped without user interaction:
sudo -u postgres psql -c "CREATE USER restore SUPERUSER PASSWORD 'secret';"
sudo -u postgres psql -c "GRANT pg_read_all_data TO restore;
echo '*:*:*:restore:SECRETPASSWORD' | sudo tee /root/.pgpass
sudo chmod 600 /root/.pgpassPoint $DB_ENCRYPTION_KEY to a public key file to database dump files. This
key file must be a PEM file, for example:
openssl req -x509 -newkey rsa:2048 -nodes -keyout /root/backup.key -out /backup/backup.pem -days 3650 -subj "/CN=Backup Encryption"The command generates 2 files:
/backup/public.pemThe public key file used to encrypt the GZIP files; This file can be safely stored in/backup/; Use this likereadonly DB_ENCRYPTION_KEY="/backup/public.pem"./root/private.keyThis key file is required to decrypt the GZIP files; Keep this on a safe location, for example/root/backup.key.
Decryption can be done with:
openssl smime -decrypt -inform DER -in EXAMPLE.sql.gz.enc -inkey /root/backup.key > EXAMPLE.sql.gzAny bugs or ideas for improvement can be reported using GitHub's Issues thingy.
If you know bash or pwsh and see how the scripts can be improved, don't be
shy and create a Pull Request.