Howto create rsync server
Oct. 21, 2009, 6:46 p.m.
There are tons of reasons why would one want to create a rsync server. For example you wish to backup your data to a remote server but you don't want to backup everything every time.
rsync is an open source utility that provides fast incremental file transfer. rsync is freely available under the GNU General Public License and is currently being maintained by Wayne Davison.
As you can see rsync is ideal for this. You can use it within ssh protocol, rsh and rsync itself. Creating a rsync server will allow you to create easily accessible storage server, update server for your scripts, etc.
Anyway let's get started on configuring rsync server which will serve as remote backup server.
Ok first make sure you have tcp and udp port 873 open in your firewall. Next install rsync on your machine (if you don't have it yet), and xinetd as well.
yum install -y rsync xinetd
We will make rsync available trouh xinetd so you must enable it by editing its conf file
nano /etc/xinetd.d/rsync
edit the line saying:
disable = yesso it says:
disable = no
so the entire file should look something like this:
service rsync
{
disable = no
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}
Next we want to create rsync client username and password
nano /etc/rsyncd.secrets
and enter a username and password in format:
username:password
yes it's plain text.
Let's create a rsync server conf file:
nano /etc/rsyncd.conf
now here enter:
maximum allowed connections
max connections = 10
where to log
log file = /var/log/rsync.log timeout = 300
Now to create a share using a password and being able to send files to rsync server we will add this to our /etc/rsyncd.conf:
[backup] comment = Backup place for my office computers path = /backup/ read only = false list = yes uid = backup gid = backup hosts allow = 192.168.0.0/24 # i want to limit the rsnyc server only to this group of hosts secrets file = /etc/rsyncd.secrets auth users = username #enter username specified in secrets file
Now what we have here is a rsync server module at path /backup which will allow only hosts within 192.168.0.0/24 network and users authenticated by username specified in secrets file.
To make sure this will be somewhat secure let's change permissions on rsync config files
chown root.root /etc/rsyncd.
chmod 600 /etc/rsyncd.
Restart the xinetd
service xinetd restart
and voila.
Let's go test it out from one of our clietn hosts:
rsync rsync.server.com::
backup Backup place for my office computers
So to actualy backup something onto this host we would use:
rsync -avz ./ username@rsync.server.com::backup
the command would ask us for a password specified in secrets file.
After successful login rsync will start to transfer files to remote machine.
Next time we start it it will only transfer the differences since last time.
If you would like to script this entering a password could be a problem. Luckily rsync offers a solution in password file.
nano /home/branko/.rsync.pass
enter your password here and chmod this file to 600 so it's only readable by you.
start the rsync with following command:
rsync -avz --password-file=/home/branko/.rsync.passw ./ username@rsync.server.com::backup
Ofcourse this could be done in reverse.
To setup another share for download only we would create a read-only share without passwords. just append this to your /etc/rsyncd.conf file:
[update] comment = update downloads path = /home/branko/update read only = true list = yes uid = branko gid = branko hosts allow = 192.168.0.0/24
Restart the xinetd
service xinetd restart
Now you may see there is no auth user or secrets password. So when we issue the rsync command on our server again:
rsync rsync.server.com::
you will se another module available by the name update.
to rsync content from this module just use:
rsync -avz rsync.server.com::update ./
Commenting is disabled