• Client Setup (Windows 7/Vista/XP)
    These instructions are written for Windows 7, Vista, OS XX and XP clients.
    For the SSH portion we will be using CopSSH which is a customized packaged version of the Cygwin openssh code.
    Rsyncd will be used as the communication for BackupPC to do it’s magic. We could install Cygwin and customize the installation which contains the code but I have found that these two separate products work well and take less configuration and time to complete.

    First create a backuppc user account and add it to the Administrators and Backup Operators groups. Set it so the password never expires. Make sure every Windows user has a password set.
    SSH Client/Server (Windows 7/Vista/XP)
    For
    CopSSH ([http://www.itefix.no/i2/copssh][0]) downloads at([http://sourceforge.net/projects/sereds/files/][1])
    Download Copssh_3.1.3_Installer.zip.

    Extract CopSSH and install the file accepting all the defaults. The installer will create a service account and generate a random password. Once installed you need to activate a user. Click Start > All Programs > Copssh > 1. Activate a User. From the drop down box for username select your user id and click Next. Type a passphrase and click Activate.
    Now you need to open port 22 on the firewall.
    Open Control Panel > System Security > Windows Firewall > Advanced Settings. Under Windows firewall and advanced settings click Inbound Rules. On the Right Pane click New Rule. Select Port, click next, in Specific local ports type 22, click next, click Next to allow the connection, click next to allow it through public, private and domain. Give it a name and save it. Try to connect from your server to the system.
    For you command line junkies type:

    c:windowssystem32> netsh firewall set portopening protocol = TCP port = 22 name = openssh mode = enable scope = CUSTOM addresses = LocalSubnet

    Rsyncd
    Download rsyncd from [http://sourceforge.net/projects/backuppc/files/cygwin-rsyncd/(cygwin-rsyncd-2.6.8_0.zip.][2]
    Make a folder named ‘rsyncd’ in C: and unzip the content into c:rsyncd.
    Edit Configuration files
    Edit c:rsyncdrsyncd.secrets and change UUU:PPP to : and save the file.
    Example:

    backuppc:pa$$w0rd

    Edit c:rsyncdrsyncd.conf file and add the details for the information you want to backup. For this example just want to backup the documents folder for the user. So adding the following lines will take care of it.

    [documents] path = c:/users/backuppc/Documents comment = documents auth users = backuppc secrets file = c:/rsyncd/rsyncd.secrets hosts allow = 192.168.1.0/24 strict modes = false read only = true list = false

    You can back up the whole drive and will probably want to add exceptions for directories like TEMP and others. You can do this by creating a separate text file on the server with them listed.
    Save the file changes when you are done adding.
    Service / Firewall Setup
    From a command prompt type cd c:rsyncd press Enter
    Run this command to register it as a service.

    cygrunsrv.exe -I rsyncd -e CYGWIN=nontsec -p c:/rsyncd/rsync.exe -a "--config=c:/rsyncd/rsyncd.conf --daemon –no-detach"

    or edit c:rsyncdservice.bat and remove the rem comments from the last 3 lines and run the command.
    Automatic Wakeup/Standby
    You may want to configure the clients to automatically wake up when BackupPC connects to them so they don’t need to always be on. First, configure Wake on LAN in the BIOS and configure the network interface. Under the Power Management tab set AC Recover -> Last, Suspend Mode -> S3, and Remote Wake Up -> On.
    Client Setup (Linux)
    SSH and rsync are standard fare on Linux. Setting them up and configuring are simple to do.
    Rsync is included and just needs to be configured to run as a daemon. Edit or create the /etc/rsyncd.conf configuration file. The format is the same as the Windows systems with the exception of the drive letters. Change the values to suit your needs.
    motd file = /etc/rsyncd.motd
    log file = /var/log/rsyncd.log
    pid file = /var/run/rsyncd.pid
    lock file = /var/run/rsync.lock

    [Users] path = /home comment = User files auth users = backuppc secrets file = /etc/rsyncd.secrets hosts allow = 192.168.1.0/24 strict modes = false read only = true list = false

    Edit /etc/rsyncd.secrets and change or add UUU:PPP to : and save the file. If the user id you want to use doesn’t exist then you will need to create it.
    Example:
    backuppc:pa$$w0rd
    Change the permissions on rsyncd.secrets and rsync.conf to non-world readable.

    $ chmod 640 /etc/rsyncd.secrets $ chmod 640 /etc/rsyncd.conf

    Restart rsync on the system.

    $ sudo /etc/init.d/rsync restart

    /////////////////////////
    Client Setup (MAC)
    Enabling SSH (Remote Access)
    Enabling SSH on the MAC is easy due to the kernel being built on BSD. With that in mind, to enable SSH on the system 10.4 and higher.
    1. Open System Preferences and click Sharing.
    2. Click Services and select the Remote Login checkbox.
    Note: Selecting Remote Login also also enables the secure FTP (sftp) service.
    Rsync
    Rsync is included and just needs to be configured to run as a daemon. Edit or create the /etc/rsyncd.conf configuration file. The format is the same as the Windows systems with the exception of the drive letters. Change the values to suit your needs.

    [Users] path = /Users comment = User files auth users = backuppc secrets file = /etc/rsyncd.secrets hosts allow = 192.168.1.0/24 strict modes = false read only = true list = false

    Edit /etc/rsyncd.secrets and change or add UUU:PPP to : and save the file.

    Example: backuppc:pa$$w0rd

    Change the permissions on rsyncd.secrets and rsync.conf to non-world readable.

    $ chmod 640 /etc/rsyncd.secrets $ chmod 640 /etc/rsyncd.conf

    Now start rsync in daemon mode. This is done by creating rsync.plist and copying it to /Library/Startupitems/.
    Rsyncd.plist

    After rebooting the system rsync will be running in daemon mode waiting for a connection from BackupPC.
    Server Setup (Ubuntu Linux)
    BackupPC is available via the Synaptic Package Manager in Ubuntu for extremely easy installation.
    Install software
    Install BackupPC and sshd so you can connect remotely.

    $ sudo apt-get install backuppc $ sudo apt-get install openssh-server

    Set a password for the backuppc web user.

    $ htpasswd /etc/backuppc/htpasswd backuppc

    Passwordless SSH
    We need to setup SSH for the backuppc user. Follow the default suggestions for ssh-keygen and don’t use a passphrase. You could try to use ssh-agent or Seahorse to store the passphrases for encrypted keys, but it is difficult to ensure they are unlocked whenever the backuppc user needs them.

    $ sudo -i $ su backuppc $ bash $ ssh-keygen -t rsa

    Setup passwordless SSH for each of the clients so the backuppc user can connect without prompts. First copy the backuppc user’s public key to the authorized_users file on each client.

    ssh-copy-id username@client

    or, if you don’t have ssh-copy-id, use the following where highport is the SSH port you set for the client if you secured SSH. Otherwise you can omit -P highport.

    $ scp -P highport /var/lib/backuppc/.ssh/id_rsa.pub username@client:~/.ssh/backuppc_id_rsa.pub $ ssh username@client $ cat ~/.ssh/backuppc_id_rsa.pub >> ~/.ssh/authorized_keys $ rm ~/.ssh/backuppc_id_rsa.pub

    Global BackupPC Settings
    Most of the global settings are easily configured via the web interface, at [http://localhost/backuppc][3] but you can also edit /etc/backuppc/config.pl directly.
    Hosts
    Define each host you want to back up. It is easiest to automate email notifications if you use the user’s email address as their username.

    Xfer
    ClientCharset ->; cp1252
    Only choose if your primary clients run Windows â€" use the default UTF8 for other clients. If you don’t set this as default, you’ll have to configure it for each Windows client.
    XferMethod ->; rsyncd

    Regular rsync over SSH doesn’t work between Linux and Windows/Cygwin boxes because of a bug fixed in rsync 3.0. However, BackkupPC doesn’t use the features of 3.0 and the problem remains. Using rsyncd over a pre-established SSH tunnel or VPN is the best way around this.
    RsyncdUserName ->; backuppc
    Or whatever you call it.
    RsyncShareName ->; cyg
    Or whatever you call it.
    RsyncdUserName ->; backuppc
    RsyncdPasswd ->; password you used in the client rsync.secrets files.

    Same as is hardcoded in rsyncd.conf on the clients.
    BackupFilesExclude
    BackupFilesExclude is easier to modify in /etc/backuppc/config.pl directly. Pick the exclude list for the primary operating system of your clients. Unfortunately, you will have to hard code the exclude list for your other clients. For example, if Windows 7 or Vista is the primary OS and XP is the only other one, use the 7/Vista excludes below in config.pl and the XP excludes in each clients clientname.pl file. You can check out the wiki page I wrote most of to get ideas for excludes for Windows 2000 or Linux.

    You may also want to exclude some of the Cygwin directories like /bin, /tmp and /packages (where I told Cygwin to put the package directory during setup). Just make sure to backup /etc so you don’t lose your configuration!
    7/Vista

    I ran into a lot of problems on my Windows 7 and Vista machines where rsync would follow the junction points microsoft added for backward compatibility (see this site for more info). This caused extra-long filenames rsync couldn’t handle. To find all junction points on your 7/Vista machine open the Command Prompt and run from the root of the c drive:
    dir /aL /s >; c:usersUSERNAMEJunctionPoints.txt

    The rules below will exclude these junction points. Rules with asterisks in them will match the junction points that are in every user profile by default without having to code excludes for each user manually. We can remove any temp data and program or system installation files as well. On 7/Vista, only original installation data is stored in Program Files. Any data programs write to their installation folder goes to ProgramData automatically instead. The Windows folder shouldn’t hold anything interesting, either.
    Exclude list for Windows 7/Vista clients with the rsyncd share being /cygdrive/c:

    $Conf{BackupFilesExclude} = { #Windows 7/Vista specific! ‘*’ => [ #7/Vista junction points '/Documents and Settings', '/ProgramData/Application Data', '/ProgramData/Desktop', '/ProgramData/Documents', '/ProgramData/Favorites', '/ProgramData/Start Menu', '/ProgramData/Templates', '/Users/All Users', '/Users/Users/Default User', '/Users/Users/All Users/Application Data', '/Users/Users/All Users/Desktop', '/Users/All Users/Documents', '/Users/All Users/Favorites', '/Users/All Users/Start Menu', '/Users/All Users/Templates', #Junction points common to every user profile '/Users/*/Application Data', '/Users/*/Cookies', '/Users/*/Local Settings', '/Users/*/My Documents', '/Users/*/NetHood', '/Users/*/PrintHood', '/Users/*/Recent', '/Users/*/SendTo', '/Users/*/Start Menu', '/Users/*/Templates', '/Users/*/AppData/Local/Application Data', '/Users/*/AppData/Local/History', '/Users/*/AppData/Local/Temporary Internet Files', '/Users/*/Documents/My Music', '/Users/*/Documents/My Pictures', '/Users/*/Documents/My Videos', #Temporary and in-use user data '/Users/*/AppData/Local/Microsoft/Windows/Temporary Internet Files', '/Users/*/AppData/Local/Temp', '/Users/*/NTUSER.DAT*', '/Users/*/ntuser.dat*', '/Users/*/AppData/Local/Microsoft/Windows/UsrClass.dat*', '/Users/*/AppData/Local/Microsoft/Windows Defender/FileTracker', '/Users/*/AppData/Local/Microsoft/Windows/Explorer/thumbcache_*.db', '/Users/*/AppData/Local/Microsoft/Windows/WER', '/Users/*/AppData/Local/Mozilla/Firefox/Profiles/*/Cache', '/Users/*/AppData/Local/Mozilla/Firefox/Profiles/*/OfflineCache', '/Users/*/AppData/Roaming/Microsoft/Windows/Cookies', '/Users/*/AppData/Roaming/Microsoft/Windows/Recent', 'ProgramData/Microsoft/Search', 'ProgramData/Microsoft/Windows Defender', '*.lock', 'Thumbs.db', 'IconCache.db', 'Cache*', 'cache*', #Installation folders and system data '/Program Files', '/Windows', '/$Recycle.Bin', '/MSOCache', '/System Volume Information', '/Boot', '/autoexec.bat', '/bootmgr', '/BOOTSECT.BAK', '/config.sys', '/hiberfil.sys', '/pagefile.sys' ] };

    <
    XP
    Exclude list for Windows XP clients with the rsyncd share being /cygdrive/c:

    $Conf{BackupFilesExclude} = { #XP specific! ‘*’ => [ #Temporary and in-use user data '/Documents and Settings/*/Cookies', '/Documents and Settings/*/Local Settings/Temporary Internet Files', '/Documents and Settings/*/Local Settings/Temp', '/Documents and Settings/*/NTUSER.DAT*', '/Documents and Settings/*/ntuser.dat*', '/Documents and Settings/*/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat*', '/Documents and Settings/*/Local Settings/Application Data/Mozilla/Firefox/Profiles/*/Cache', '/Documents and Settings/*/Local Settings/Application Data/Mozilla/Firefox/Profiles/*/OfflineCache', '/Documents and Settings/*/Recent', '*.lock', 'Thumbs.db', 'IconCache.db', 'Cache*', 'cache*', #Installation folders and system data '/WINDOWS', '/RECYCLER', '/MSOCache', '/System Volume Information', '/AUTOEXEC.BAT', '/BOOTSECT.BAK', '/CONFIG.SYS', '/hiberfil.sys', '/pagefile.sys' ] };

    Email
    EMailAdminUserName -> youremail@host.com
    CGI
    CgiUserConfigEditEnable -> no
    You probably don’t want users editing their configuration.
    Schedule
    FullKeepCnt -> 4, 2, 3, 0, 0, 4
    Spreads out backups exponentially over almost three years. The schedule is approximately 0wk (current), 1wk, 2wk, 3wk, 5wk, 7wk, 11wk, 15wk, 19wk, 51wk/1yr, 83wk/1.6yr, 115wk/2.2yr, 147wk/2.8yr.
    FullAgeMax -> 1095
    3 years.
    IncrLevels -> 3, 2, 5, 4, 7, 6

    This is based on the Tower of Hanoi puzzle and is a way of balancing your backups so you don’t backup the same data a bunch of times yet retain duplicate backups of the data. See Tower of Hanoi pattern for backup for more info.
    BlackoutPeriods
    BlackoutPeriods:hourEnd -> 1
    Better for night owls
    BlackoutPeriods:weekDays -> 0, 1, 2, 3, 4, 5, 6
    Avoid the same times every day for a home environment.
    Client BackupPC Settings
    Xfer
    RsyncdClientPort -> XXXXX
    Pick a high (10000+) one for each client. They need to be unique to identify tunnels.
    BackupSettings
    ClientNameAlias -> localhost

    If you want to use SSH tunnels, you have to create one beforehand and then try to connect to the rsyncd server on the localhost. This breaks the default ping command, so you have to compensate. The workaround for that requires individual attention, which is why this is changed in client settings instead of global ones.
    PingCmd -> /etc/backuppc/mktnl clienthostname clientsshport localport
    In order to setup the SSH tunnel beforehand, we can create script that BackupPC can run before the backup. I’m placing it in the PingCmd field so it is run when BackupPC pings the host before it starts. It also allows me to return a valid ping even though we set the alias above to localhost.
    Here is the contents of /etc/backuppc/mktnl:

    #!/bin/sh host=$1 sshPort=$2 locPort=$3 remPort=873 username=backuppc /bin/ping -c 1 -w 3 $host /usr/bin/ssh -f -L $locPort:localhost:$remPort $username@$host -p $sshPort sleep 10 1>/dev/null 2>/dev/null && echo “SSH tunnel started successfully.”

    The ping command returns its results to BackupPC and the SSH tunnel is started and prints into the log for you. The sleep 10 makes the tunnel wait for 10 seconds after all traffic finishes before closing.
    PingMaxMsec -> 200
    Only set for external (over the Internet) hosts
    Schedule
    BlackoutPeriods
    hourEnd and hourBegin adjusted for user
    Client Testing

    You can test backups for each client by running the following where hostname is the name of the host in the BackupPC global settings.

    /usr/share/backuppc/bin/BackupPC_dump -f -v hostname

    Web Access and Email Configuration

    Client Web Access
    You need to set a password for each email address/username you defined previously so users can access their backup pages. Run the following for each host where client email is the email address/username you defined for that host.

    htpasswd /etc/backuppc/htpasswd clientemail

    To schedule checks for BackupPC status, use cron (see this site for more info). Run

    crontab -e

    and add the following line to get a message every half hour if the BackupPC server goes down:

    */30 * * * * /usr/share/backuppc/bin/BackupPC_sendEmail -c

    If you want to send your email using the message submit port (587) instead of smtp (25), see this post. This will allow you to get around the port 25 blocks some ISPs use to reduce spam on their networks.

    Separate Hard Drive for the Pool (Optional)
    You probably want to use a separate hard drive or group of drives for your BackupPC pool for easier maintenance, expansion, and reliability. We are going to use Logical Volume Manager (LVM) to create a resizable pool we can easily add more drives to.

    Setup LVM
    LVM allows us to create expandable logical volumes across many drives. See A Beginner’s Guide To LVM for more detailed setup instructions. Also check out Managing Disk Space with LVM and A simple introduction to working with LVM.

    Set up your drive using fdisk. The command below is for a drive at /dev/sdb

    fdisk -l fdisk /dev/sdb

    The choices you want to make are: n, p, 1, ENTER, ENTER, t, 1, L, 8e, w. Then run

    pvcreate /dev/sdb1 pvdisplay vgcreate bpcfs /dev/sdb1 vgdisplay vgscan lvcreate –name bpclv –extents 100%FREE bpcvg lvdisplay lvscan mkfs.ext3 /deb/bpcvg/bpclv

    If you get a ‘no entry for device-mapper found’ error, run

    modprobe dm-mod

    Change the Archive Directory
    If your new partition is /dev/bpcvg/bpclv, execute the following commands as root

    mount /dev/bpcvg/bpclv /mnt cp -dpR /var/lib/backuppc/. /mnt umount /dev/md0 mv /var/lib/backuppc /var/lib/backuppc.orig mkdir /var/lib/backuppc mount /dev/bpcvg/bpclv /var/lib/backuppc df -h

    This makes a backup of your data then copies it to the new drive. Once you’re sure that worked, you need to make it mount on startup.
    Edit /etc/fstab and add the following line:

    /dev/bpcvg/bpclv /var/lib/backuppc ext3 rw,noatime 0 0

    Then restart test and run

    df -h

    read more
});