A good discussion of rsync and how to use it can be found here. I will try to explain why I back up the way I do.
Using rsync seems to be fairly straightforward. At first, I considered not using rsync, because it deletes from the destination what has been deleted from the source. What I thought I wanted was a way to archive those deleted files. But then I thought about the frequency of the backup – if I back up once per day at 3am, for example, and I mistakenly delete a file, the file is recoverable until 3am. I can’t think of a time where I deleted a file that I wanted to keep but didn’t realize it until the next day. Usually (always) I realize my error immediately.
Also, I have been running an application for the past few years that does archive deleted files to an “Archive” folder on the destination drive, and I have yet to ever restore anything from the Archive and find that having to delete those files is a chore.
This will be the daily backup, and I will continue to back up weekly or monthly on a third drive for off-site redundancy. The third drive will contain any legacy files that I might need – I might even keep the Archive folder on that drive. I haven’t decided. I guess it depends on how much storage I have/need.
The current setup is a Pi + Samba with a single USB drive as the NAS for my Windows network. What I need is to connect another backup drive to the Pi, either over the network or directly to the Pi’s USB.
Here’s the idea. I have several PCs where I do work. When I’m done with my projects, I save them to the Pi NAS, where they’re backed up daily.
The only one that’s a problem is the Off-Site, because it’s a manual backup, and I procrastinate.
Use Dry Run
rsync --dry-run --delete -avhz /home/myfiles/* /mybackup/somewhere/
-a preserves everything about the file -v verbose -h human readable -z compresses data file during transfer --delete deletes from destination if not found on source -n dry run
Note: Follow up with fail2ban.
1) dont allow ssh conenctions though your router tro the rpi
2) change the default password for user pi to something else actually
2a) create a new user
2b) give that user sudo access
2c) give that user the same group access as user pi
2d) disable and remove user pi
2e) only allow the new user to be access by ssh keys
3) sudo apt-get update && sudo apt-get dist-upgrade #regularly
Change Default Shell to Bash
Log in as target user, then:
$ chsh -s /bin/bash
Change SSH Port
Install and Configure Fail2Ban