For the past month or so I've been running Tarsnap to backup my home desktop and remote servers. Tarsnap is an online (payware) backup system that's written by Colin Percival, and is probably the most technically impressive backup system I've seen. As well as that, it's damn cheap.
What's so great about Tarsnap? Here's three things:
- Snapshot backups. Every backup you create with tarsnap is a standalone 'snapshot' of your data, totally independent of all other snapshots.
- Backup deduplication. So your backup includes a 300mb log file that gets a few megs of data written to it every day. Tarsnap recognises this, and for each new snapshot only the changed data has to be uploaded and stored.
- Crazy Ass Security. While mild-mannered Colin Percival works on Tarsnap during the day, by night he's the FreeBSD Security Officer. He's been there since 2005, so must be doing something right. Plus, check out this page. How can something with that many mentions of AES, SHA and RSA be insecure?! :-)
This post isn't a HOWTO on setting up Tarsnap, there's a comprehensive tutorial on the subject already. This post is just to document how I use Tarsnap, on both Linux and Windows.
My Linux servers perform a simple daily backup of everything in certain folders. Technically, I could simply backup "/" and exclude the directories I don't want, but smaller archives are faster to restore from, and there's no monetary penalty for having more snapshots. This is my script:
#!/bin/bash for dir in $(cat /root/tarsnap-dirs) ; do nice tarsnap -c -f $(hostname -s)-$(date -u +%Y%m%d-%H%M%S)-$(echo $dir | tr -d '/') --one-file-system -C / $dir done # Delete backups more than n days old # n=10 # tarsnap --list-archives | sort | cut -d- -f1-2 | uniq | tail -n +$n > /tmp/temp.$$ # tarsnap --list-archives | fgrep -f /tmp/temp.$$ | while read archive ; do # echo Deleting $archive # tarsnap -d -f $archive # done # rm /tmp/temp.$$ tarsnap --print-stats
(This script runs from crontab, so the output gets mailed to me daily. The email is sent to the address specified as the MAILTO variable in /etc/crontab.)
My .tarsnaprc looks like this:
keyfile /root/tarsnap-key-abraxo.key cachedir /root/tarsnap-cache/ exclude /root/tarsnap-cache/ humanize-numbers
Each day, a backup of each folder listed in the file 'tarsnap-dirs' is created, with names like: 'bluebottle-20091209-200001-homeaj'. There's commented out support for deleting old archives too, but my monthly costs are so low I keep everything.
My Windows setup is basically identical, but since there's no native Windows (or msys) support for Tarsnap, you have to make do with Cygwin. Explaining how to install Cygwin is far beyond the scope of this document, but it's pretty simple. Apart from the standard Tarsnap dependancies, you will probably also want to install 'ssmtp', which will let you email Tarsnap's output to yourself like Unix cron does.
(You can generate ssmtp's config file by running 'ssmtp-config'.)
Again, my script:
#!/bin/bash log=/tmp/tarsnap.log.$$ cat <$log From: Alex Jurkiewicz Subject: tarsnap run $(hostname)-$(date +%Y%m%d) To: Alex Jurkiewicz EOF tarsnap -c -f $(hostname)-$(date +%Y%m%d-%H%M%S)-homeaj -C /home/ aj >>$log 2>&1 tarsnap -c -f $(hostname)-$(date +%Y%m%d-%H%M%S)-CUsersAlex -C /cygdrive/c/Users/ Alex >>$log 2>&1 tarsnap --print-stats >>$log 2>&1 cat $log | /usr/sbin/ssmtp.exe email@example.com rm $log
Because I want to exclude a lot of directories on Windows, I put these in my ~/.tarsnaprc file:
exclude Desktop/ exclude AppData/Local/Temp/
And so on. So there you have it. Simple, painless backups with my favourite new toy, Tarsnap.Comments (2)