GENERAL INFOI have never had to edit the configuration files manually, but I have checked them for some reference points just to get a better understanding of what's going on. If you're an experienced user, it's worth your time to take a look at some just to know what's all in those files. I've even setup a new host one time using a copy/paste from the config file of another host. All config files have a .pl (perl) after them.
BackupPC has two methods of configuration. One is global, the other is host-specific. What you do is setup your global configuration by going to "Edit Config" in the "Server" area of the sidebar. You should edit it so the settings you will most-commonly have set are configured here. For instance, all my Windows machines have a C drive share, not all of them have a D drive share. The C drive share name is also different on all of those machines, but Windows luckily has a default C$ share name configured for me with the same exact permissions as the user-configured C drive share.
You can even configure settings for all dropdown options. I have both 'smb' and 'rsyncd' configured in the BackupPC CGI, but only 'smb' is enabled. When I want to setup a host with 'rsyncd', I can go to the host configuration file and change 'smb' to 'rsyncd' and the global settings for 'rsyncd' are also represented such as the RsyncShareName "Full-Drive".
WINDOWS MACHINESWindows machines are setup with password-protected shares. I've tired with guest shares and without as well as with non-password-protected shares. Everything worked just fine. I backup Windows machines using the 'smb' option in BackupPC for ease-of-use. I tried setting up Cygwin in my sister's laptop and netbook so I could possibly backup her computer using the Internet, but I couldn't get it to work and didn't have enough time to figure out how before she left again.
As of right now, I'm still looking for a suitable way to backup machines over the Internet even if behind a NAT router. What I'd like to do is have something running on the machine itself figuring out how fast the upload speed is and then determining which files/folders to back up based on a priority list I've setup. The user should be able to choose which file/folders go where in the priority list via a Windows executable or from the BackupPC CGI, but I currently do not see this being a viable option right now as it does not exist, haha.
The best thing to do is setup some kind of SSH tunnel or setup a DDNS service and domain name so I can just backup public.mydomain.com via SSH in Cygwin or something. It's better than setting up a VPN because that would restrict Internet access of those machines to the network they are VPN'd to like my own at home which would definitely slow it down.
If any of your Windows machines have symlinks setup and they reference back to a parent directory, do not use Samba to back those up, use 'rsync' or 'rsyncd' or mount the share and run 'tar' on the local machine under directory /mnt/Windows-Machine-Name (I think that works).
LINUX MACHINESGood tip, don't backup Linux machines with Samba because it follows symlinks and that leads to infinite loops because Linux is installed and used in the funkiest way. If you're primarily a Windows user, you'll know what I mean if someone explains to you how /dev, /proc, and /sys work. Another reason is that UNIX file attributes are also not backed up over 'smb'.
Linux machines can be backed up using 'rsync', but I set mine up with 'rsyncd'. I believe the only way to get the standard 'rsync' to work is by using SSH keys. I have one setup with one machine, but 'rsyncd' is supposed to be faster and better to use. Since one of my linux machines is connected internally using a wireless adapter, I went ahead and just setup both with the 'rsyncd' option.
My BackupPC version is 3.0.0. In this version, there seems to be a missing RsyncdUserName field when you are configuring individual hosts so I globally set that value. It can be whatever you want, doesn't even have to be a valid username. If you want to be even more secure, mix case because I believe it's case-sensitive. Leave the password field here blank.
What you'll need to do is create an rsyncd.conf and rsyncd.secrets file in /etc. This is the easiest setup because you can just copy/paste mine.
Let's start with the rsyncd.secrets file. For passwords, I recommend going to
https://www.grc.com/passwords.htm as it's the best way to make a secure password. I highly recommend you do not make one up yourself. All you need in the file is this:
username:password
Where the username is the username you chose and the password you got from grc.com or a modified version of it such as:
bAcUppC:17EED4ABBD104F185A8E6ABD57AF4C0CD2776F486DB8289CDC9A732ABE913A65
I don't know if there's a limit to password size. I shortened mine a bit (randomly) so no one knows how long the password is either. I was also afraid the password might be too long, but haven't seen the limit of the length yet. After you've saved the file, run these commands:
chmod 600 /etc/rsync.secrets
chgrp root /etc/rsync.secrets
chown root /etc/rsync.secrets
For good measure, I did that to the rsyncd.conf file as well which I recommend you do.
Here's an example of a BackupPC configuration file with a modified version for this example:
uid = 0
gid = 0
max connections = 2
read only = yes
list = yes
secrets file = /etc/rsyncd.secrets
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
syslog facility = daemon
[full-drive]
path = /
comment = Full Drive
auth users = bAcUppC
hosts allow = 1.1.1.1
hosts deny = *
read only = no
list = no
uid = 0
gid = 0
This stands for using root as the user and group giving this user full access rights. As another security precaution, you might also want to change the group and user id to:
uid = nobody
gid = nogroup
I have these both setup as 0 because I want to backup everything, but maybe you just wanna backup a few files which don't require root access. You can also, in effect, change those to another user's uid and gid on the machine you want to backup, but I haven't tried it that way and do not intend to.
The read only and list options are global settings in the config file which you can manually change by specifying shares as you can see in my example. I do not want to list the full-drive rsyncd share because that's a security risk. It's best if it's unidentifiable by any means.
The only thing here you really need to change is the hosts allow area. Set that to the IP(s) of your BackupPC server with a space between all the ones you want to allow. You can also put in fully domain names but that's requiring you to have a static IP from your ISP and a custom reverse DNS lookup for your domain. I don't know what else you can do with this configuration setting.
For security reasons, I would normally have:
read only = yes
I changed that in my configuration file because I wanted to be able to restore files from BackupPC. Thing is, while Linux is case-sensitive, Windows is not so if I wanted to say, download a ZIP or Tar of a directory of files, if any of those files share the same name but have different case, I will be unable to transfer those mixed case files together over Samba to a Linux share, it will require me to pick one or the other. Since this caused me problems, leaving the full drive read/write is fine so long as my password and username aren't easily-identifiable.
When you've created both of those files and are fine with your settings, go ahead and run:
rsync --daemon
And then open /etc/inetd.conf and add this anywhere in there (I put it at the very bottom):
rsync stream tcp nowait root /usr/bin/rsync rsyncd --daemon
Feel free to comment the line above it so you know what it's for. You can verify if it's working by typing in
rsync hostname::
It shouldn't display anything because it doesn't have anything to list (in my configuration). There's also no error though either; keep that in mind.
FILE EXCLUDESIf you have any computers being backed up from 'smb', in your global configuration, do not use both BackupFilesOnly and BackupFilesExclude. I use BackupFilesExclude and have no need for the BackupFilesOnly at the moment, but it should be either/or with 'smb'. If you do use both with a machine configured with 'smb', BackupFilesExclude is ignored. Here's the list of files I globally excluded:
pagefile.sys
hiberfil.sys
/proc
/mnt
*.tmp
/tmp
/media
There may be more I'll do later on, but that's all I need for now. If you want to exclude folders for machines using 'smb', make sure to use /* at the end such as /Windows/*.