Rsync_tar
Chapter 43: rsync and tar - Essential Backup Tools
Section titled “Chapter 43: rsync and tar - Essential Backup Tools”Linux Backup Tools Mastery
Section titled “Linux Backup Tools Mastery”43.1 rsync Deep Dive
Section titled “43.1 rsync Deep Dive”Understanding rsync
Section titled “Understanding rsync”rsync is a powerful and versatile file synchronization tool that is widely used for backups, data mirroring, and file transfer. It uses a smart delta-transfer algorithm to minimize data transfer by only sending the differences between source and destination files.
RSYNC DELTA TRANSFER ALGORITHM+------------------------------------------------------------------+| || SOURCE FILE DESTINATION FILE || (Original) (Previous Backup) || || ┌────────────────────┐ ┌────────────────────┐ || │ A B C D E F G H I │ │ A B C D E F G H I │ │| │ 1 2 3 4 5 6 7 8 9 │ │ 1 2 3 4 5 6 7 8 9 │ || └────────────────────┘ └────────────────────┘ || │ │ │| │ rsync compares │ │| │ blocks │ │| └──────────────┬───────────────┘ || │ || ▼ || ┌─────────────────────────────┐ || │ BLOCK COMPARISON │ ││ │ │ || │ Block 1: A - Match ✓ │ │| │ Block 2: B - Match ✓ │ │| │ Block 3: C - Changed ✗ │ │| │ Block 4: D - Match ✓ │ │| │ Block 5: E - New ✗ │ │| │ │ │| └─────────────────────────────┘ || │ || ▼ || ┌─────────────────────────────┐ || │ TRANSFER ONLY CHANGES │ || │ │ || │ ┌───────────────────────┐ │ │| │ │ Block 3: C → X │ │ │| │ │ Block 5: (E F G H I) │ │ │| │ │ (new blocks) │ │ │| │ └───────────────────────┘ │ │| │ │ || │ Result: Only ~20% sent │ │| │ │ || └─────────────────────────────┘ || |+------------------------------------------------------------------+rsync Options Reference
Section titled “rsync Options Reference”| Category | Option | Description |
|---|---|---|
| Basic | -r | Recursive |
| -a | Archive mode (preserves permissions, timestamps, etc.) | |
| -v | Verbose output | |
| -z | Compress during transfer | |
| -h | Human-readable output | |
| Sync | —delete | Delete files not on source |
| —delete-before | Delete before transfer | |
| —delete-after | Delete after transfer | |
| —delete-excluded | Delete excluded files from dest | |
| Filter | —exclude | Exclude patterns |
| —exclude-from | Exclude patterns from file | |
| —include | Include patterns | |
| —filter | Custom filter rules | |
| Performance | —bwlimit | Bandwidth limit (KB/s) |
| -P | Show progress (—partial —progress) | |
| —partial | Keep partial files | |
| —checksum | Use checksums, not time/size | |
| Remote | -e | Specify remote shell |
| —rsync-path | Remote rsync path |
rsync Examples by Use Case
Section titled “rsync Examples by Use Case”# =============================================================================# LOCAL FILE SYNCHRONIZATION# =============================================================================
# Basic sync - mirror source to destinationrsync -av /source/ /destination/
# Mirror with deletion (remove files in destination not in source)rsync -av --delete /source/ /destination/
# Sync specific filesrsync -av /source/file1.txt /source/file2.txt /destination/
# Sync directory tree but not filesrsync -av --no-files --omit-dir-times /source/ /destination/
# Sync only the directory structurersync -av -f '+ */' -f '- *' /source/ /destination/
# =============================================================================# EXCLUDING FILES AND DIRECTORIES# =============================================================================
# Exclude single patternrsync -av --exclude='*.log' /source/ /destination/
# Exclude multiple patternsrsync -av \ --exclude='*.log' \ --exclude='*.tmp' \ --exclude='.cache' \ /source/ /destination/
# Exclude patterns from file# Create exclude.txtcat > /tmp/exclude.txt <<'EOF'*.log*.tmp.cache/.git/node_modules/__pycache__/*.pycEOF
rsync -av --exclude-from='/tmp/exclude.txt' /source/ /destination/
# Exclude all but specific filesrsync -av --include='*/' --include='*.txt' --exclude='*' /source/ /destination/
# Complex filteringrsync -av \ --include='dir1/' \ --include='dir1/*.txt' \ --exclude='*' \ /source/ /destination/
# =============================================================================# DRY RUN AND PREVIEW# =============================================================================
# Preview what would be transferred (no changes)rsync -avn /source/ /destination/
# Show what would be deletedrsync -avn --delete /source/ /destination/
# Verbose preview with file listrsync -avn --itemize-changes /source/ /destination/
# Preview with checksum comparisonrsync -avnc /source/ /destination/
# =============================================================================# PERFORMANCE OPTIMIZATION# =============================================================================
# Compress during transfer (good for slow networks)rsync -avz /source/ /destination/
# Skip based on checksum (more accurate but slower)rsync -avc /source/ /destination/
# Skip based on sizersync -av --max-size=100M /source/ /destination/rsync -av --min-size=1k /source/ /destination/
# Bandwidth limit (KB/s)rsync -avz --bwlimit=1000 /source/ /destination/
# Parallel transfers (for multiple files)rsync -avz --parallel=4 /source/ /destination/
# Preserve partial files (resume interrupted transfer)rsync -avP /source/ /destination/
# =============================================================================# PRESERVING ATTRIBUTES# =============================================================================
# Archive mode (preserves almost everything)rsync -av /source/ /destination/
# Preserve permissionsrsync -avp /source/ /destination/
# Preserve timesrsync -avt /source/ /destination/
# Preserve owner and grouprsync -avgo /source/ /destination/
# Preserve ACLs (if supported)rsync -avA /source/ /destination/
# Preserve extended attributesrsync -avX /source/ /destination/
# All attributes combinedrsync -avAX /source/ /destination/
# Preserve hard linksrsync -avH /source/ /destination/
# Preserve devices and special filesrsync -avD /source/ /destination/rsync Daemon Mode
Section titled “rsync Daemon Mode”The rsync daemon mode allows rsync to run as a service, providing better performance and easier access control for backup servers.
RSYNC DAEMON ARCHITECTURE+------------------------------------------------------------------+| || CLIENT RSYNC DAEMON || SYSTEM TCP/873 SERVER || || ┌─────────┐ ┌─────────────┐ || │ rsync │────────────────────────────→│ rsyncd │ || │ client │ Connection │ daemon │ │| │ │ (encrypted via │ │ │| │ │ SSH if needed) │ [backup] │ │| └─────────┘ │ path=/backup │| │ │ │| CONFIG: │ [webroot] │ │| /etc/rsyncd.conf │ path=/var/www │| └─────────────┘ │| |+------------------------------------------------------------------+rsyncd.conf Configuration
Section titled “rsyncd.conf Configuration”# Global settingsuid = nobodygid = nobodyuse chroot = yesmax connections = 10pid file = /var/run/rsyncd.pidlock file = /var/run/rsync.locklog file = /var/log/rsyncd.logtimeout = 300
# Module definitions[backup] path = /backup comment = Main backup directory read only = false write only = false list = true auth users = backup_user secrets file = /etc/rsyncd.secrets hosts allow = 192.168.1.0/24 hosts deny = * exclude = .cache/ tmp/ temp/
[webroot] path = /var/www comment = Web server files read only = true list = false auth users = web_backup secrets file = /etc/rsyncd.secrets exclude = .git/ node_modules/
[database] path = /var/lib/mysql comment = MySQL database files read only = true list = false auth users = db_backup secrets file = /etc/rsyncd.secrets exclude = mysql/ tmp/rsyncd.secrets
Section titled “rsyncd.secrets”# /etc/rsyncd.secrets (chmod 600)backup_user:backup_password123web_backup:web_pass456db_backup:db_pass789Start and Use rsyncd
Section titled “Start and Use rsyncd”# Start rsync daemonsudo systemctl enable rsyncdsudo systemctl start rsyncd
# Connect to rsync daemonrsync -av /data/ rsync://backup_user@localhost/backup/
# Connect with passwordrsync -av /data/ rsync://backup_user@backup.example.com/backup/
# Use SSH tunnel (more secure)rsync -av -e ssh /data/ backup_user@backup.example.com:/backup/43.2 tar Mastery
Section titled “43.2 tar Mastery”tar Command Overview
Section titled “tar Command Overview”tar (Tape Archive) is one of the most fundamental Unix/Linux utilities for creating archive files. It can combine multiple files and directories into a single archive file, with optional compression.
TAR OPERATION MODES+------------------------------------------------------------------+| || ┌─────────────────────────────────────────────────────────┐ │| │ CREATE MODE (-c) │ │| │ │ │| │ file1.txt ─┐ │ │| │ file2.txt ─┼──→ tar ──→ archive.tar.gz │ │| │ dir/ ─┘ │ │| │ │ │| └─────────────────────────────────────────────────────────┘ │| || ┌─────────────────────────────────────────────────────────┐ │| │ EXTRACT MODE (-x) │ │| │ │ │| │ archive.tar.gz ──→ tar ──→ file1.txt │ │| │ ──→ file2.txt │ │| │ ──→ dir/ │ │| │ │ │| └─────────────────────────────────────────────────────────┘ │| || ┌─────────────────────────────────────────────────────────┐ │| │ LIST MODE (-t) │ │| │ │ │| │ archive.tar.gz ──→ tar ──→ Shows file list │ │| │ │ │| └─────────────────────────────────────────────────────────┘ │| |+------------------------------------------------------------------+Compression Types Comparison
Section titled “Compression Types Comparison” COMPRESSION COMPARISON+------------------------------------------------------------------+| || Algorithm Extension Compression Decompression Use || ───────── ───────── ────────── ───────────── ──── │| none .tar 0% Fastest Speed || gzip .tar.gz ~70% Fast Common │| bzip2 .tar.bz2 ~75% Medium Better │| xz .tar.xz ~80% Slow Best │| lzma .tar.lzma ~82% Slowest Max │| || TIME COMPARISON (1GB data): || ┌─────────────────────────────────────────────────────────────┐ │| │ gzip: ████████████░░░░░░░░░░░░░ 10s compress │ ││ │ bzip2: ██████████████████░░░░░░ 20s compress │ ││ │ xz: ██████████████████████████ 45s compress │ ││ │ │ ││ │ gzip: ████████░░░░░░░░░░░░░░░░ 5s decompress │ ││ │ bzip2: ████████████░░░░░░░░░░░░░ 10s decompress │ ││ │ xz: █████████████████░░░░░░░ 15s decompress │ ││ └─────────────────────────────────────────────────────────────┘ │| |+------------------------------------------------------------------+tar Command Examples
Section titled “tar Command Examples”# =============================================================================# CREATE BASIC ARCHIVES# =============================================================================
# Create uncompressed tartar -cvf archive.tar /directory/
# Create gzip compressed archivetar -cvzf archive.tar.gz /directory/
# Create bzip2 compressed archivetar -cvjf archive.tar.bz2 /directory/
# Create xz compressed archive (best compression)tar -cvJf archive.tar.xz /directory/
# Create archive with timestamp in filenametar -cvzf "backup-$(date +%Y%m%d).tar.gz" /directory/
# Create archive with custom nametar -cvzf /backup/website-$(hostname)-$(date +%Y%m%d).tar.gz /var/www/
# =============================================================================# LIST ARCHIVE CONTENTS# =============================================================================
# List all filestar -tvf archive.tar.gz
# List with details (permissions, size, date)tar -tvf archive.tar.gz | less
# List specific directorytar -tvf archive.tar.gz | grep 'path/to/dir'
# List only file namestar -tf archive.tar.gz
# =============================================================================# EXTRACT ARCHIVES# =============================================================================
# Extract to current directorytar -xvzf archive.tar.gz
# Extract to specific directorytar -xvzf archive.tar.gz -C /restore/
# Extract specific filetar -xvzf archive.tar.gz -C /restore/ path/to/file.txt
# Extract with full path preservedtar -xvzf archive.tar.gz -C /
# Extract without overwriting newer filestar -xvzkf archive.tar.gz -C /restore/
# Extract only newer filestar -xvuf archive.tar.gz
# =============================================================================# WORKING WITH PATTERNS# =============================================================================
# Extract only .txt filestar -xvzf archive.tar.gz --wildcards '*.txt'
# Extract only files in specific directorytar -xvzf archive.tar.gz -C /restore/ 'var/log/*'
# List only .conf filestar -tvf archive.tar.gz --wildcards '*.conf'
# =============================================================================# INCREMENTAL BACKUPS WITH TAR# =============================================================================
# First full backuptar -cvzf full-backup.tar.gz \ --listed-incremental=/backup/snapshot.snar \ /data/
# Second incremental backup (only changes since full)tar -cvzf incremental-1.tar.gz \ --listed-incremental=/backup/snapshot.snar \ /data/
# Third incremental backuptar -cvzf incremental-2.tar.gz \ --listed-incremental=/backup/snapshot.snar \ /data/
# RESTORE: First restore full, then incremental in ordertar -xvzf full-backup.tar.gz --listed-incremental=/dev/nulltar -xvzf incremental-1.tar.gz --listed-incremental=/dev/nulltar -xvzf incremental-2.tar.gz --listed-incremental=/dev/nullAdvanced tar Operations
Section titled “Advanced tar Operations”# =============================================================================# EXCLUDE FILES# =============================================================================
# Exclude specific patternstar -cvzf backup.tar.gz \ --exclude='*.log' \ --exclude='*.tmp' \ --exclude='.cache' \ /data/
# Exclude from filetar -cvzf backup.tar.gz -X exclude-list.txt /data/
# Exclude directoriestar -cvzf backup.tar.gz \ --exclude='/data/tmp' \ --exclude='/data/cache' \ /data/
# Include only specific patternstar -cvzf backup.tar.gz \ --include='*.conf' \ --include='*.sh' \ -X exclude.txt \ /data/
# =============================================================================# SPLIT AND JOIN ARCHIVES# =============================================================================
# Split into multiple files (100MB each)tar -cvzf - /data/ | split -b 100M - backup.tar.gz.
# Restore from split filescat backup.tar.gz.* | tar -xvzf -
# Split with custom prefixtar -cvzf - /data/ | split -b 100M -D backup_part_
# =============================================================================# VERIFY ARCHIVES# =============================================================================
# Test archive integritytar -tzf archive.tar.gz >/dev/null && echo "Archive OK"
# Verify files in archive against filesystemtar -dvf archive.tar.gz
# Check compressed archivegzip -t archive.tar.gz && echo "Gzip OK"bzip2 -t archive.tar.bz2 && echo "Bzip2 OK"
# =============================================================================# PRESERVE ATTRIBUTES# =============================================================================
# Preserve all attributestar -cvpzf backup.tar.gz /data/
# Preserve ACLs (if available)tar -cvpaf backup.tar.gz /data/
# Preserve SELinux contextstar -cvpOf backup.tar.gz /data/ | tar -xvf - --selinux43.3 Backup Script Examples
Section titled “43.3 Backup Script Examples”Daily Backup Script with rsync and tar
Section titled “Daily Backup Script with rsync and tar”#!/bin/bash#===============================================================================# Daily Backup Script# Uses rsync for incremental and tar for archive#===============================================================================
set -euo pipefail
# ConfigurationBACKUP_ROOT="/backup"SOURCE_DIRS=( "/home" "/etc" "/var/www" "/opt")REMOTE_HOST="backup.example.com"REMOTE_USER="backup"REMOTE_PATH="/backups/$(hostname)"RETENTION_DAYS=30LOG_FILE="/var/log/backup.log"
# Colors for outputRED='\033[0;31m'GREEN='\033[0;32m'YELLOW='\033[1;33m'NC='\033[0m'
log_info() { echo -e "${GREEN}[$(date '+%Y-%m-%d %H:%M:%S')] INFO:${NC} $1" | tee -a "$LOG_FILE"}
log_warn() { echo -e "${YELLOW}[$(date '+%Y-%m-%d %H:%M:%S')] WARN:${NC} $1" | tee -a "$LOG_FILE"}
log_error() { echo -e "${RED}[$(date '+%Y-%m-%d %H:%M:%S')] ERROR:${NC} $1" | tee -a "$LOG_FILE"}
# Create backup directoriessetup_directories() { local timestamp timestamp=$(date +%Y%m%d_%H%M%S) BACKUP_DATE_DIR="${BACKUP_ROOT}/${timestamp}"
mkdir -p "$BACKUP_DATE_DIR"/{rsync,tar}
echo "$BACKUP_DATE_DIR"}
# Rsync backuprsync_backup() { local source_dir="$1" local backup_dir="$2" local dirname dirname=$(basename "$source_dir")
log_info "Running rsync for: $source_dir"
rsync -avz \ --delete \ --delete-excluded \ --exclude='*.log' \ --exclude='*.tmp' \ --exclude='.cache' \ --exclude='node_modules' \ --exclude='.git' \ --progress \ "$source_dir/" "$backup_dir/${dirname}/"
log_info "Rsync completed for: $source_dir"}
# Tar archive backuptar_backup() { local source_dir="$1" local backup_dir="$2" local dirname dirname=$(basename "$source_dir") local timestamp timestamp=$(date +%Y%m%d)
log_info "Creating tar archive for: $source_dir"
tar -cvzf "${backup_dir}/${dirname}_${timestamp}.tar.gz" \ --exclude='*.log' \ --exclude='*.tmp' \ --exclude='.cache' \ "$source_dir" 2>&1 | tee -a "$LOG_FILE"
log_info "Tar archive created: ${backup_dir}/${dirname}_${timestamp}.tar.gz"}
# Remote syncremote_sync() { log_info "Syncing to remote server..."
rsync -avz \ -e "ssh -o StrictHostKeyChecking=no" \ --delete \ "${BACKUP_ROOT}/" \ "${REMOTE_USER}@${REMOTE_HOST}:${REMOTE_PATH}/"
log_info "Remote sync completed"}
# Cleanup old backupscleanup() { log_info "Cleaning up backups older than $RETENTION_DAYS days..."
# Find and delete old rsync directories find "$BACKUP_ROOT" -maxdepth 1 -type d -mtime +$RETENTION_DAYS -exec rm -rf {} \; 2>/dev/null || true
# Find and delete old tar files find "$BACKUP_ROOT" -name "*.tar.gz" -mtime +$RETENTION_DAYS -delete 2>/dev/null || true
log_info "Cleanup completed"}
# Verify backupverify_backup() { local backup_dir="$1"
log_info "Verifying backup: $backup_dir"
# Check directory exists and has content if [ -d "$backup_dir" ]; then local size size=$(du -sh "$backup_dir" | cut -f1) log_info "Backup verified: $backup_dir (Size: $size)" return 0 else log_error "Backup verification failed: $backup_dir" return 1 fi}
# Main functionmain() { local start_time start_time=$(date +%s)
log_info "==========================================" log_info "Starting backup process" log_info "=========================================="
# Setup BACKUP_DATE_DIR=$(setup_directories)
# Rsync backups for dir in "${SOURCE_DIRS[@]}"; do if [ -d "$dir" ]; then rsync_backup "$dir" "${BACKUP_DATE_DIR}/rsync" || log_warn "Rsync failed for: $dir" else log_warn "Directory not found: $dir" fi done
# Tar backups for dir in "${SOURCE_DIRS[@]}"; do if [ -d "$dir" ]; then tar_backup "$dir" "${BACKUP_DATE_DIR}/tar" || log_warn "Tar failed for: $dir" fi done
# Verify verify_backup "$BACKUP_DATE_DIR" || true
# Remote sync if [ -n "$REMOTE_HOST" ]; then remote_sync || log_warn "Remote sync failed" fi
# Cleanup cleanup
# Summary local end_time end_time=$(date +%s) local duration=$((end_time - start_time))
log_info "==========================================" log_info "Backup completed in ${duration} seconds" log_info "Backup location: $BACKUP_DATE_DIR" log_info "=========================================="}
main "$@"Incremental Backup Script
Section titled “Incremental Backup Script”#!/bin/bash#===============================================================================# Incremental Backup Script using rsync with hard links# Preserves space by using hard links for unchanged files#===============================================================================
set -euo pipefail
# ConfigurationSOURCE="/data"BACKUP_ROOT="/backup/incremental"REMOTE="backup@remote.example.com:/backups"RETENTION_DAYS=14LOG="/var/log/incremental_backup.log"
log() { echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" | tee -a "$LOG"}
# Create backup directory with timestampbackup_dir() { local timestamp timestamp=$(date +%Y%m%d_%H%M) echo "${BACKUP_ROOT}/backup_${timestamp}"}
# Get previous backupprevious_backup() { ls -td "${BACKUP_ROOT}"/backup_* 2 /dev/null | head -1}
# Main backup functionmain() { local current_backup current_backup=$(backup_dir) local previous_backup previous_backup=$(previous_backup)
log "Starting incremental backup..." log "Current backup: $current_backup"
# Create current backup directory mkdir -p "$current_backup"
# If previous backup exists, link to it for hard links if [ -n "$previous_backup" ] && [ -d "$previous_backup" ]; then log "Using previous backup for hard links: $previous_backup"
# Use rsync with link-dest to create incremental backup rsync -avh \ --link-dest="$previous_backup" \ --delete \ --delete-excluded \ --progress \ "$SOURCE/" "$current_backup/" else # First backup - full copy log "First backup - full copy" rsync -avh \ --delete \ --delete-excluded \ --progress \ "$SOURCE/" "$current_backup/" fi
# Get backup size local size size=$(du -sh "$current_backup" | cut -f1) log "Backup completed. Size: $size"
# Sync to remote if [ -n "$REMOTE" ]; then log "Syncing to remote: $REMOTE" rsync -avh -e ssh --delete "$current_backup/" "$REMOTE/current/" fi
# Cleanup old backups log "Cleaning up backups older than $RETENTION_DAYS days" find "$BACKUP_ROOT" -maxdepth 1 -type d -mtime +$RETENTION_DAYS -exec rm -rf {} \;
log "Incremental backup completed successfully"}
main "$@"43.4 Network Backup with rsync over SSH
Section titled “43.4 Network Backup with rsync over SSH”SSH Key Authentication Setup
Section titled “SSH Key Authentication Setup”# =============================================================================# SSH KEY SETUP FOR BACKUP# =============================================================================
# Generate dedicated backup key (no passphrase for automation)ssh-keygen -t ed25519 -f ~/.ssh/backup_key -N ""
# Or use RSA for wider compatibilityssh-keygen -t rsa -b 4096 -f ~/.ssh/backup_key -N ""
# Copy public key to backup serverssh-copy-id -i ~/.ssh/backup_key.pub backup@backup-server
# Or manuallycat ~/.ssh/backup_key.pub | ssh backup@backup-server "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
# Set proper permissionschmod 600 ~/.ssh/backup_keychmod 700 ~/.ssh
# Test connectionssh -i ~/.ssh/backup_key backup@backup-server "echo 'Connection OK'"Automated Remote Backup Script
Section titled “Automated Remote Backup Script”#!/bin/bash#===============================================================================# Remote Backup via rsync over SSH#===============================================================================
# ConfigurationSOURCE_DIRS=("/home" "/etc" "/var/www")REMOTE_USER="backup"REMOTE_HOST="backup.example.com"REMOTE_BASE="/backups/$(hostname)"SSH_KEY="/root/.ssh/backup_key"SSH_OPTS="-o StrictHostKeyChecking=no -o ConnectTimeout=10"
log() { echo "[$(date)] $1"}
# Backup each directoryfor dir in "${SOURCE_DIRS[@]}"; do dirname=$(basename "$dir") timestamp=$(date +%Y%m%d_%H%M)
log "Backing up $dir to $REMOTE_HOST:$REMOTE_BASE/${dirname}_${timestamp}/"
rsync -avz $SSH_OPTS \ -e "ssh -i $SSH_KEY" \ --delete \ --delete-excluded \ --exclude='*.log' \ --exclude='.cache' \ --progress \ "$dir/" \ "$REMOTE_USER@$REMOTE_HOST:$REMOTE_BASE/${dirname}_${timestamp}/"
# Create symlink to latest ssh $SSH_OPTS -i $SSH_KEY "$REMOTE_USER@$REMOTE_HOST" \ "ln -sfn ${dirname}_${timestamp} $REMOTE_BASE/${dirname}_latest"done
log "Remote backup completed"43.5 rsync and tar Best Practices
Section titled “43.5 rsync and tar Best Practices”Decision Flowchart
Section titled “Decision Flowchart” WHEN TO USE RSYNC VS TAR+------------------------------------------------------------------+| || START │| │ │| ▼ │| ┌─────────────────────────────┐ │| │ Need real-time or │ │| │ frequent sync? │ │| └─────────────────────────────┘ ││ │ │ ││ YES │ │ NO ││ ▼ ▼ ││ ┌─────────────┐ ┌─────────────┐ │| │ RSYNC │ │ Need │ │| │ │ │ archive │ │| └─────────────┘ └─────────────┘ ││ │ │ ││ YES │ │ NO ││ ▼ ▼ ││ ┌──────────┐ ┌──────────┐ ││ │ TAR │ │ OTHER │ ││ │ │ │ TOOLS │ ││ └──────────┘ └──────────┘ │| |+------------------------------------------------------------------+Summary Checklist
Section titled “Summary Checklist” RSYNC AND TAR BEST PRACTICES CHECKLIST+------------------------------------------------------------------+| || ┌─────────────────────────────────────────────────────────────┐ │| │ RSYNC │ │| ├─────────────────────────────────────────────────────────────┤ │| │ □ Always use --dry-run before first sync │ │| │ □ Use --checksum for critical data │ │| │ □ Implement --delete carefully (can cause data loss) │ │| │ □ Use -e ssh for encrypted transfer │ │| │ □ Set up SSH key authentication for automation │ │| │ □ Use --partial for large file transfers │ │| │ □ Monitor bandwidth with --bwlimit │ │| └─────────────────────────────────────────────────────────────┘ │| || ┌─────────────────────────────────────────────────────────────┐ │| │ TAR │ │| ├─────────────────────────────────────────────────────────────┤ │| │ □ Test archive integrity after creation │ │| │ □ Use -p to preserve permissions │ │| │ □ Choose right compression (gzip for speed, xz for size) │ │| │ □ Document exclude patterns │ │| │ □ Implement incremental backups for large datasets │ │| │ □ Store snapshot files securely │ │| │ □ Test restore procedures regularly │ │| └─────────────────────────────────────────────────────────────┘ │| || ┌─────────────────────────────────────────────────────────────┐ │| │ SECURITY │ │| ├─────────────────────────────────────────────────────────────┤ │| │ □ Encrypt sensitive backups │ │| │ □ Secure transfer with SSH │ │| │ □ Protect backup files with proper permissions │ │| │ □ Store backup keys securely │ │| │ □ Implement offsite backup │ │| └─────────────────────────────────────────────────────────────┘ │| |+------------------------------------------------------------------+End of Chapter 43: rsync and tar