How to Set Up Automatic VDS Backups?

Securing your data on a VDS is a top priority. Regular backups help you restore your system after crashes, configuration errors, or even malicious attacks. In this article, we’ll take a detailed look at how to set up automatic backups of your VDS using simple and effective tools available in most Linux distributions. We’ll focus on creating backups using `rsync` and `cron`, providing step-by-step instructions and configuration examples for various scenarios.

Table of Contents:

Setting up Backups with Rsync

Rsync is a powerful and flexible utility for synchronizing and backing up files. Its main advantage is the ability to copy only the changes, which significantly saves time and traffic during subsequent backups. Rsync is ideal for creating incremental backups of your VDS. In this section, we’ll look at the basic Rsync parameters and examples of its use.

VPS Hosting

Virtual servers with guaranteed resources

Choose VPS

Basic Rsync Parameters

Before we get to the examples, let’s look at the most important Rsync parameters:

  • -a (archive): Archive mode, includes the parameters -rlptgoD, which means recursive copying, preserving symbolic links, access rights, modification time, group, owner, and special files (e.g., devices).
  • -v (verbose): Detailed output of information about the copying process.
  • -z (compress): Enables data compression during transmission, which is especially useful when copying over a network.
  • -P (progress): Shows the copying progress and saves partially copied files in case the process is interrupted.
  • -e (rsh): Specifies the command for remote connection, usually used for SSH.
  • --delete: Deletes files in the target directory that are not present in the source. An important parameter for creating an exact copy.
  • --exclude: Excludes files and directories from the copying process (we’ll discuss this in more detail later).

Examples of Using Rsync for Backups

Example 1: Local Backup of the Entire System

Suppose you want to create a backup of the entire root file system to the local directory /backup/vds. Important: the `/backup/vds` directory must exist and have enough space.

rsync -avzP --delete / /backup/vds

This command will do the following:

  • rsync: Starts the Rsync utility.
  • -avzP: Uses archiving, compression, and progress display parameters.
  • --delete: Deletes files in /backup/vds that no longer exist in the root file system.
  • /: Specifies the root directory as the source. Attention! It’s important to specify the slash at the end, otherwise Rsync will copy the contents of the root directory into /backup/vds, not the directory itself.
  • /backup/vds: Specifies the target directory for the backup.

Example 2: Backing Up to a Remote Server via SSH

Suppose you have a remote server with the IP address 192.168.1.100, user backupuser, and you want to save the backup to the directory /backup/vds on that server.

rsync -avzP -e "ssh" --delete / backupuser@192.168.1.100:/backup/vds

This command will copy all files from your VDS to the remote server, using SSH for secure data transfer. You’ll be prompted to enter the password for the backupuser user on the remote server (if key-based authentication is not configured).

Example 3: Incremental Backup Using --link-dest

To create incremental backups, Rsync provides the --link-dest parameter. It allows you to specify the previous backup as the base. Rsync will compare the files with this base copy and copy only the changes. This significantly saves disk space and time for subsequent backups.

# First full backup
rsync -avzP --delete / /backup/vds/full_backup_20240101

# Subsequent incremental backups
rsync -avzP --delete --link-dest=/backup/vds/full_backup_20240101 / /backup/vds/incremental_backup_20240102
rsync -avzP --delete --link-dest=/backup/vds/incremental_backup_20240102 / /backup/vds/incremental_backup_20240103

In this example:

  • full_backup_20240101 is the first full backup.
  • incremental_backup_20240102 is an incremental backup created based on full_backup_20240101. Rsync will create hard links to files that haven’t changed since the full backup was created.
  • incremental_backup_20240103 is an incremental backup created based on incremental_backup_20240102.

Important: When using --link-dest, you must save the base backup (in this case, full_backup_20240101), as incremental backups depend on it. Deleting the base backup will corrupt the incremental copies.

Expert tip: For added security, consider using backup rotation. For example, keep a full weekly backup, daily incremental backups, and delete old backups to free up disk space. This can be automated with scripts and Cron.

Automating Backups with Cron

Cron is a task scheduler in Linux that allows you to automatically run commands or scripts on a schedule. It’s ideal for automating backups. In this section, we’ll look at how to configure Cron to regularly execute Rsync commands.

Editing Crontab

Crontab (Cron table) is a file that contains a list of tasks for Cron. Each user has their own Crontab. To edit Crontab, use the command crontab -e. This command will open the Crontab file in a text editor (usually vi or nano, depending on your system).

crontab -e

If this is your first time running crontab -e, you’ll be prompted to choose a text editor. It’s recommended to use nano, as it’s more user-friendly for beginners.

Crontab Syntax

Each line in Crontab represents a task and has the following format:

minute hour day_of_month month day_of_week command

Where:

  • minute: Minute of the hour (0-59).
  • hour: Hour of the day (0-23).
  • day_of_month: Day of the month (1-31).
  • month: Month of the year (1-12).
  • day_of_week: Day of the week (0-6, where 0 is Sunday).
  • command: The command to be executed.

You can use wildcard characters:

  • *: Any value.
  • ,: A list of values. For example, 1,15,30 means 1, 15, and 30 minutes of each hour.
  • -: A range of values. For example, 1-5 means the 1st, 2nd, 3rd, 4th, and 5th days of the month.
  • /: A step. For example, */10 means every 10 minutes.

Examples of Setting Up Cron for Backups

Example 1: Daily Backup at 2 AM

0 2 * * * rsync -avzP --delete / /backup/vds >> /var/log/backup.log 2>&1

This line in Crontab will execute the Rsync command every day at 2 AM. Output redirection (>> /var/log/backup.log 2>&1) allows you to write messages about the script’s operation to the file /var/log/backup.log, which is useful for tracking errors.

Example 2: Weekly Backup on Sundays at 3 AM

0 3 * * 0 rsync -avzP --delete / /backup/vds >> /var/log/backup.log 2>&1

This line will execute the backup every Sunday at 3 AM. Note the 0 in the «day_of_week» field, which means Sunday.

Example 3: Running a Backup Script

Instead of directly specifying the Rsync command in Crontab, you can create a script that will perform all the necessary actions and run that script from Cron. This allows for more flexible management of the backup process and allows you to perform additional actions, such as backup rotation or sending notifications.

Create a script file, for example /usr/local/bin/backup_script.sh, with the following content:

#!/bin/bash

# Backup script

DATE=$(date +%Y%m%d)
BACKUP_DIR="/backup/vds"

rsync -avzP --delete / "$BACKUP_DIR/$DATE"

# Backup rotation - keep copies for the last 7 days
find "$BACKUP_DIR" -type d -mtime +7 -exec rm -rf {} \;

echo "Backup completed $DATE" >> /var/log/backup.log

Make the script executable:

chmod +x /usr/local/bin/backup_script.sh

Add the following line to Crontab:

0 4 * * * /usr/local/bin/backup_script.sh >> /var/log/backup.log 2>&1

This line will run the script /usr/local/bin/backup_script.sh every day at 4 AM. The script will create a backup in the directory /backup/vds with the name of the current date and delete old backups older than 7 days.

Important: Make sure that the user under which Cron is running has the rights to read the source files and write to the target backup directory. Otherwise, the backup won’t work.

Excluding Files and Directories from Backups

Not all files on your VDS need to be backed up. Some files are temporary, contain caches, or logs that are not needed to restore the system. Excluding such files from the backup saves disk space and speeds up the backup process. In this section, we’ll look at how to exclude files and directories from a backup using Rsync.

Using the --exclude Parameter

Rsync provides the --exclude parameter to exclude files and directories from the copying process. You can specify multiple --exclude parameters to exclude multiple files or directories.

rsync -avzP --delete --exclude='/tmp/*' --exclude='/var/log/*' / /backup/vds

This command will exclude all files and directories from the /tmp and /var/log directories from the backup.

Important: The paths for exclusion should be specified relative to the source directory. In this case, the source directory is /, so we specify /tmp/* and /var/log/*.

Using an Exclusions File

If you have many files and directories that need to be excluded, it’s more convenient to use an exclusions file. Create a text file where each line contains the path to the file or directory that needs to be excluded. Then specify this file using the --exclude-from parameter.

Create a file /usr/local/etc/exclude_list.txt with the following content:

/tmp/*
/var/log/*
/proc/*
/sys/*
/mnt/*
/media/*
/run/*
swapfile

Add the --exclude-from parameter to the Rsync command:

rsync -avzP --delete --exclude-from='/usr/local/etc/exclude_list.txt' / /backup/vds

Rsync will read the list of exclusions from the file /usr/local/etc/exclude_list.txt and exclude all the specified files and directories from the backup.

Example: Excluding Files by Mask

You can use masks to exclude files by name or extension. For example, to exclude all files with the extension .log, add the following line to the exclusions file:

*.log

This will exclude all files with the .log extension from the backup, regardless of their location.

Important: The order of exclusions matters. If you exclude a directory and then include a file inside that directory, the file will still be excluded. Therefore, include files first and then exclude directories.

Table: Examples of Exclusions for VDS

ExclusionDescription
/tmp/*Temporary files
/var/log/*Log files
/proc/*Virtual file system containing information about processes
/sys/*Virtual file system containing information about hardware
/mnt/*Mount points for external devices
/media/*Mount points for removable media
/run/*Files used by the system during operation
swapfileSwap file
*.swpVim temporary files

Expert tip: Regularly check the list of exclusions and make sure it’s up to date and contains all the necessary files and directories. An incorrectly configured list of exclusions can lead to the loss of important data.

Developing an Effective Backup Strategy

Simply creating backups is only half the battle. It’s important to develop an effective backup strategy that meets your needs and provides reliable data protection. In this section, we’ll look at different types of backups and the factors that need to be considered when developing a strategy.

Types of Backups

  • Full Backup: All files and directories are copied, regardless of whether they have been changed since the previous backup. A full backup provides the fastest recovery but requires more time and disk space.
  • Incremental Backup: Only files and directories that have been changed since the last any backup (full or incremental) are copied. An incremental backup takes less time and disk space than a full backup, but recovery takes longer because you need to restore the full backup and all subsequent incremental backups.
  • Differential Backup: Only files and directories that have been changed since the last full backup are copied. A differential backup takes more time and disk space than an incremental backup, but recovery takes less time because you only need to restore the full backup and the latest differential backup.

Factors Influencing Strategy Selection

  • Data Volume: The larger the data volume, the more important it is to use incremental or differential backups to save disk space and time.
  • Frequency of Changes: If the data changes frequently, you need to make backups more often.
  • Recovery Time Objective (RTO): If you need to quickly restore the system, you should use a full backup or a combination of full and differential backups.
  • Acceptable Data Loss (RPO): Determine how much data loss you can tolerate. If the RPO is one day, you need to make backups at least once a day.
  • Available Disk Space: Make sure you have enough disk space to store the backups.
  • Budget: Different backup solutions have different costs.

Examples of Backup Strategies

Example 1: Full Backup Once a Week, Incremental Daily

This strategy is suitable for small VDSs with a moderate amount of data and low RTO requirements.

  • Every Sunday: Full backup.
  • Monday to Saturday: Incremental backup.

Example 2: Full Backup Once a Month, Differential Weekly, Incremental Daily

This strategy is suitable for VDSs with a large amount of data and moderate RTO requirements.

  • First Sunday of each month: Full backup.
  • Every Sunday (except the first): Differential backup.
  • Monday to Saturday: Incremental backup.

Example 3: Full Backup Daily (for Critical Systems)

This strategy is suitable for critical systems where minimal recovery time is required and the acceptable data loss is zero. It requires a lot of disk space and time but provides maximum data protection.

  • Daily: Full backup.

Important: Choose a strategy that best suits your needs and capabilities. Regularly test the recovery process to make sure it works correctly and you can quickly restore the system if necessary.

External Link: Read the NIST (National Institute of Standards and Technology) recommendations for developing backup strategies: https://csrc.nist.gov/

Restoring Data from a Backup

Creating backups is only half the job. The most important thing is the ability to restore data from a backup if needed. In this section, we’ll look at the process of restoring data from a backup created with Rsync.

Restoring Individual Files and Directories

If you only need to restore a few files or directories, you can use Rsync to copy them from the backup directory to the original location.

rsync -avzP /backup/vds/path/to/file /original/path/to/file
rsync -avzP /backup/vds/path/to/directory /original/path/to/directory

This command will copy the file or directory from the backup directory to the original location. It’s important to specify the correct paths to the files and directories.

Restoring the Entire System

If you need to restore the entire system, for example, after a disk failure or a configuration error, you can use Rsync to copy all files from the backup directory to the root file system.

Attention! Restoring the entire system is a dangerous operation that can lead to data loss if done incorrectly. Before performing this operation, make sure you have a reliable backup and understand all the risks.

To restore the entire system, you need to boot from a Live CD or USB drive with Linux. After booting, you need to mount the root partition of the hard drive and the backup directory.

Suppose that the root partition of the hard drive is mounted in /mnt/root, and the backup directory is mounted in /mnt/backup.

rsync -avzP --delete /mnt/backup/ /mnt/root/

This command will copy all files from the backup directory to the root file system. The --delete parameter will delete all files in the root file system that do not exist in the backup directory.

After the copy is complete, you need to recreate the bootloader (e.g., GRUB) and reboot the system.

Important: The process of restoring the entire system may vary depending on the Linux distribution and system configuration. It is recommended to consult the documentation for your distribution before performing this operation.

Testing the Recovery Process

Regularly testing the recovery process is an important part of the backup strategy. Testing allows you to make sure that you can quickly and reliably restore the system if necessary. Test restoring individual files, directories, and the entire system to make sure everything is working correctly.

Practical advice: Create a test Virtual Machine Backup in 2 Steps: A Quick Guide" class="internal-post-link">virtual machine and try to restore it from a backup. This will allow you to test the recovery process in a safe environment without risking damage to the main system.

Quote: «Backing up without testing the restore is like insurance that doesn’t cover losses.» — Unknown author