Rsync Offsite backup

Discussion in 'Proxmox Mail Gateway (Deutsch)' started by Overwan, May 17, 2018.

  1. Overwan

    Overwan New Member

    Joined:
    Jan 12, 2017
    Messages:
    9
    Likes Received:
    1
    Hi all,

    I'm interesting to configure offsite rsync backup to NAS. Can someone help me to config rsync script ?

    Thanks,
    Daniel
     
    reghwdDRomj2015 likes this.
  2. heutger

    heutger Active Member

    Joined:
    Apr 25, 2018
    Messages:
    281
    Likes Received:
    69
    I use a backup script and lftp sync, see my features request thread. I can't help with rsync.
     
  3. Overwan

    Overwan New Member

    Joined:
    Jan 12, 2017
    Messages:
    9
    Likes Received:
    1
    When I run script it appears

    ssh_exchange_identification: Connection closed by remote host
    rsync: connection unexpectedly closed (0 bytes received so far) [sender]
    rsync error: unexplained error (code 255) at io.c(226) [sender=3.1.1]

    Can help ?
     
  4. upnort

    upnort Member
    Proxmox VE Subscriber

    Joined:
    Apr 26, 2018
    Messages:
    67
    Likes Received:
    3
    Did you copy the public SSH key into .ssh/authorized_keys? If you do not have permissions to copy the key but have SSH password access then look at the sshpass command if you want to script the rsync command.
     
  5. Overwan

    Overwan New Member

    Joined:
    Jan 12, 2017
    Messages:
    9
    Likes Received:
    1
    I have shared public key between proxmox and NAS and I confirm public key is associated on authorized keys.

    How Can I use sshpass command ?

    Thanks.
     
  6. upnort

    upnort Member
    Proxmox VE Subscriber

    Joined:
    Apr 26, 2018
    Messages:
    67
    Likes Received:
    3
    Before using sshpass, verify you can manually SSH into the NAS. Use the verbose option to see the full SSH handshake output. Simple things to check include:

    * Verify the SSH daemon is running on the NAS.

    * nmap scan the NAS to verify port 22 is open.

    * Verify the public key is copied to the correct .authorized_keys file. That is, if trying to connect as root then /root/.ssh/authorized_keys. If as a non-root user then /home/$USER/.ssh/authorized_keys.

    * If you are connecting to the NAS as root, be sure to configure sshd_config correctly with PermitRootLogin prohibit-password. This configures the NAS SSH daemon to only use key pairs. Before changing that parameter be sure you can SSH into the NAS with the root password.

    Remember that SSH defaults to the same user name. If you are logged in as non-root user and are trying to connect on the NAS as root, then the different user name must be part of the SSH command. For example, if you are logged in as overwan but are trying to connect to the NAS root account:

    ssh -l root nas_hostname
    OR
    ssh root@nas_hostname

    If you use more than one key pair then you need to explicitly tell the ssh command which key to use. That is done using the -i option.

    You can create a slew of aliases by configuring different SSH connections in $HOME/.ssh/config. This is convenient because a simple ssh aliasname is all that is needed rather than typing the full ssh command string. For example,

    Code:
    Host nas_hostname
        HostName nas_hostname
        User root
        IdentityFile ~/.ssh/name_of_different_key
        ForwardX11 no
        Compression yes
    
    The sshpass command might not be installed. Install with the appropriate package. Then the command string will look something like this, but tweak as needed for your purposes.

    Code:
    sshpass -p ${REMOTE_PASSWORD} rsync ${RSYNC_OPTIONS} ${EXCLUDE_DIRECTIVE} \
       $LOCAL_DIR/* ${REMOTE_USER}@${SSH_ADDRESS}:${REMOTE_DIR}
    A drawback with using the sshpass command is the script needs to contain the password. The script can be written to prompt users for the password so the password is not hard-coded into the script.

    Using key pairs is best for security. Even better is to protect the private key using a pass phrase. That way if the local client system is compromised the person will not be able to use the key pairs without knowing the pass phrase.

    I hope that helps. :)
     
  7. r.jochum

    r.jochum Member

    Joined:
    Mar 26, 2018
    Messages:
    87
    Likes Received:
    13
  8. Overwan

    Overwan New Member

    Joined:
    Jan 12, 2017
    Messages:
    9
    Likes Received:
    1
    Thanks finally it works ! :)

    Now I want to add some complexity to cron job.

    Basically I have local backups (vzdump - history 5 Backups) everydays. Rsync (offsite backup) should run only last one from every virtual machines.

    File Type: vzdump-qemu-VMID-date.vma.lzo

    Someone can help ?
     
  9. upnort

    upnort Member
    Proxmox VE Subscriber

    Joined:
    Apr 26, 2018
    Messages:
    67
    Likes Received:
    3
    Look at ls -tr piped to tail -n1. Or, at the NAS, delete the oldest rsync backup with head -n1 if the number of backups exceeds 5 (if [ `ls -1 $rsync_dir | wc -l` -gt 5 ]; then ...).
     
  10. Overwan

    Overwan New Member

    Joined:
    Jan 12, 2017
    Messages:
    9
    Likes Received:
    1
    Finally It works ! But theres a issue with data speed. How can I increase speed ?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice