Setting Up Rsnapshot

Rsnapshot is a simple and powerful backup tool used for local or remote file and directory synchronization over rsync with differential backup support. Why not just use rsync? With rsync you would have to write your own scripts, usually using with complex logic to handle file rotation, errors, resource consumption etc, while rsnapshot has already been written for you- it`s a well-known, stable, easy-maintenance utility that's already included in many Linux distributions by default.

In this article, I`ll show you how to make a remote backup of your files with rsnapshot and a remote sudo user. In the examples below my computer will have a full name "webserver.domain.com" and the backup will be stored on the remote machine "backupserver.domain.com". Both of them have CentOs 6 running, with SSH setup on non-standard port 30656. There is a special user "snapshot" created only for backup purposes, with write permission on the backup folder of backupserver.domain.com.

We have several sites hosted on webserver.domain.com, so we need to backup the folders located under /var/www/home with some user files, and /etc folder with system configuration files. Altogether, they are using approximately 20 Gb of disk space, and I`d like to creat a backup copy every 2 months, 4 weeks, 7 days, and 12 hours. In usual cases of full-size file backups, we would need to allocate 20*25=500 Gb. However with the differential backup, I would only need 40 Gb of free disk space on the remote server for files that don't need to be modified, or 60 - 80 Gb for more dynamic and frequently modified content.

First, we need to authorize our backup server on the web server with ssh keys. On both server shells, I`ll run a command to create the backup user:

adduser snapshot

Enable "sudo" for snapshot:

nano /etc/sudoers

Add this line:

snapshot ALL=(ALL) NOPASSWD:/usr/bin/rsync

Now, log in to backup.domain.com with a root or sudoer account, and change the user:

su snapshot

Then, still on backup.domain.com, create the keys for the user (leave the passphrase empty):

ssh-keygen -t rsa

Send a copy of the public key from the backup to the web server:

ssh-copy-id '-p 30656 snapshot@webserver.domain.com'

In the commands above you must replace "snapshot" with your backup user name, and the webserver.domain.com with fqdn or IP-address of your server. If you have a SSH daemon running on the standard port, just remove single-quotes, and the "-p 30656" option.

Check the connection:

ssh -p 30656 snapshot@webserver.domain.com

If you successfully login without a password, run

uname --nodename

webserver.domain.com

That`s it! We can now install and setup rsnapshot, let`s go back to the local shell:

exit

On backupserver.domain.com shell, run:

yum install rsnapshot

Create a backup storage directory:

mkdir /var/rsnapshot

chown snapshot:snapshot /var/rsnapshot

Now, edit your rsnapshot config file. In this file, you must use tabs to separate the options, and use regular spaces between the option and its value. For example, in "ssh_args -p 30656", use tab before the "-p" and space after "-p".

nano /etc/rsnapshot.conf

Move the pid file to a directory writable by our user (or you can change permissions on /var/run for the rsnapshot user):

lockfile /home/snapshot/rsnapshot.pid

Change a path to the backup folder, with the necessary slash at the end of a path:

snapshot_root /var/rsnapshot/

Uncomment the paths to system utilities (usually it`s already done by system maintainers):

cmd_rm /bin/rm

cmd_rsync /usr/bin/rsync

cmd_ssh /usr/bin/ssh

If you're not sure, you can check the paths with the "whereis" command.

Define the numbers of backup snapshots:

retain hourly 12

retain daily 7

retain weekly 4

retain monthly 2

Uncomment and edit the next line to define the non-standard SSH port and identity file:

ssh_args -p 30656 -i /home/snapshot/.ssh/id_rsa

Define the main feature to use sudo:

rsync_short_args -a

rsync_long_args --delete --numeric-ids --relative 
--delete-excluded --rsync-"sudo rsync"

Under the BACKUP POINTS / SCRIPTS section add the lines of our webserver backups (remember to use tabs, not spaces):

backup snapshot@192.168.10.5:/var/www/ webserver.domain.com

backup snapshot@192.168.10.5:/home/ webserver.domain.com

backup snapshot@192.168.10.5:/etc/ webserver.domain.com

Check out our configuration:

rsnapshot configtest

Syntax OK

Now let`s run the first backup:

rsnapshot hourly

Check for content and size in the backup folder /var/rsnapshot:

du -hc /var/rsnapshot

The files should be in place and it`s almost ready. Every "snapshot" is just a folder, so you can restore files by copying them with scp.

The last step is to add a crontabs for rsnapshot:

crontab -e


@hourly root /usr/bin/rsnapshot hourly

@daily root /usr/bin/rsnapshot daily

@weekly root /usr/bin/rsnapshot weekly

@monthly root /usr/bin/rsnapshot monthly

Should be everything! Now you know how to set up a secure, convenient, and lightweight backup system.

Rsnapshot also has advanced options and settings, like bandwidth-limit, lvm-snapshot usage, and many othersthat you can find within the configuration file comments. Be sure to check those out! Thanks for reading. Follow @serversuit and like us to stay updates with more articles.