Rsync: Difference between revisions

From NixOS Wiki
imported>Tom
Add rsync page with how to restrict access
 
Klinger (talk | contribs)
 
(2 intermediate revisions by 2 users not shown)
Line 12: Line 12:
   isNormalUser = true;
   isNormalUser = true;
   openssh.authorizedKeys.keys = [
   openssh.authorizedKeys.keys = [
     ''command="${pkgs.rrsync}/bin/rrsync /home/backup/dir/" ssh-ed25519 AAAAC3NzaCetcetera/etceteraJZMfk3QPfQ''
     ''command="${pkgs.rrsync}/bin/rrsync /home/backup/dir/",restrict ssh-ed25519 AAAAC3NzaCetcetera/etceteraJZMfk3QPfQ''
   ];
   ];
};
};
Line 24: Line 24:


See [https://download.samba.org/pub/rsync/rrsync.1 rrsync.1] for additional options, such as enforcing read-only or write-only access.
See [https://download.samba.org/pub/rsync/rrsync.1 rrsync.1] for additional options, such as enforcing read-only or write-only access.
[[Category:Applications]]
[[Category:Backup]]

Latest revision as of 14:44, 20 June 2024

rsync is a utility for efficiently transferring and synchronizing files between a computer and an external hard drive and across networked computers by comparing the modification times and sizes of files.

Running a server

Running rsync via SSH is recommended for security reasons.

You can restrict an SSH user to rsync command using pkgs.rrsync:

users.users.backup = {
  isNormalUser = true;
  openssh.authorizedKeys.keys = [
    ''command="${pkgs.rrsync}/bin/rrsync /home/backup/dir/",restrict ssh-ed25519 AAAAC3NzaCetcetera/etceteraJZMfk3QPfQ''
  ];
};

Now you should be able to backup to your directory with the rsync client:

$ rsync -Pav -e "ssh -i $HOME/.ssh/somekeys" photos backup@server:

See rrsync.1 for additional options, such as enforcing read-only or write-only access.