Automatic Backups with rsync and cron

Implementing a reliable and automated backup strategy is critical for system administrators, developers, and any users who value their data. In this extensive guide, we explore how to combine the power of rsync with the scheduling capabilities of cron to create a robust, maintainable backup solution.

Why Automate Backups

Consistency: Scheduled backups ensure that no manual step is skipped.
Minimal intervention: Once configured, the system operates unattended.
Versioning Incrementals: Easily implement full, differential, or incremental strategies.
Disaster recovery: Quick restoration in case of hardware failures or data corruption.

Understanding rsync

rsync is a versatile command-line tool for copying and synchronizing files and directories locally or remotely. It is highly efficient because it transfers only the differences between source and destination.

Option Description
-a Archive mode (recursive, preserves symlinks, permissions, etc.)
-v Verbose output
-z Compress data during transfer
–delete Delete files at destination that are no longer present at source
–link-dest=DIR Create hard-linked incremental backups

Setting Up cron

cron is a time-based job scheduler in Unix-like systems. You define jobs in a crontab file, specifying when and how frequently commands run.

Cron Schedule Format

Field Value Allowed Range
Minute 0–59 0 to 59
Hour 0–23 0 to 23
Day of Month 1–31 1 to 31
Month 1–12 1 to 12
Day of Week 0–7 0 or 7 = Sunday

Writing Your Backup Script

Create a shell script (e.g., /usr/local/bin/backup.sh) that encapsulates your rsync command:

#!/bin/bash
# backup.sh - Automated rsync backup

SOURCE="/home/user/"
DEST="/mnt/backup/$(date +%Y-%m-%d)/"
LOGFILE="/var/log/rsync-backup.log"

# Create destination directory
mkdir -p "$DEST"

# rsync command
rsync -avz --delete "$SOURCE" "$DEST" >> "$LOGFILE" 2>&1

# Exit with rsyncs exit code
exit

Notes:

Adjust SOURCE and DEST as needed.
Use mkdir -p to avoid errors if the directory exists.
Redirect stdout and stderr to a log file for auditing.

Scheduling with cron

Edit the crontab for the user owning the script:

crontab -e

# Run backup every day at 2:30 AM
30 2 * * * /usr/local/bin/backup.sh

Save and exit. cron will now trigger your backup script daily.

Advanced Topics

Remote Backups over SSH

To back up to a remote server securely, use rsync over SSH:

rsync -avz -e ssh -i /home/user/.ssh/id_rsa --delete /local/path/ user@remote.example.com:/remote/path/

Ensure id_rsa has chmod 600.
Use SSH keys without a passphrase or configure ssh-agent for unattended operation.

Securing Your Tunnel with a VPN

For added privacy, route your backup traffic through a VPN. Popular options include
NordVPN,
ExpressVPN, and
ProtonVPN.

Install and connect your VPN client before running the rsync command.
Verify your public IP with curl ifconfig.me to confirm the tunnel.

Incremental Backups and Snapshots

Leverage –link-dest to create hard-linked snapshots:

rsync -a --link-dest=/mnt/backup/previous/ /source/ /mnt/backup/$(date +%Y-%m-%d)/

This method saves disk space by linking unchanged files to prior backups.

Logging, Monitoring, and Alerts

Rotate logs with logrotate to prevent excessive growth.
Send email alerts on failure by appending to the cron entry:

30 2 * * * /usr/local/bin/backup.sh || echo "Backup failed on $(date)" | mail -s "Backup Alert" admin@example.com

Security Considerations

Permissions: Restrict script and SSH key files to root or a dedicated backup user.
Network: Use firewalls to limit SSH access to known IPs.
Encryption: Consider encrypting backup archives with tools like gpg or openssl.

Troubleshooting Common Issues

Permission denied: Verify file ownership and SSH key permissions.
Connection refused: Ensure SSH service is running and firewall rules allow port 22.
Cron not running: Check /var/log/cron or /var/log/syslog for errors.
Disk full: Monitor target filesystem space and prune old snapshots periodically.

Conclusion

By harnessing rsync and cron, you can build a flexible, efficient, and automated backup framework that meets the demands of modern environments. Incorporate best practices—secure tunnels, incremental snapshots, logging, and monitoring—to ensure your backups are reliable and recoverable at any time.