Windows/Rsync Backups

From Devpit
Jump to: navigation, search

An easy way to back up a Windows machine is to rsync the directories you care about, such as My Documents, with a directory on a Unix machine. Then run your usual backups on the Unix machine. The following describes how to schedule a task to run rsync each day as a client on the Windows machine. It is possible to set up an rsync server, but running sshd under Windows is a lot more difficult than running ssh. The easiest way to do that may be to run rsync as a stand-alone daemon, but obviously that is only an option if your network is secure.

@echo off
set CYGWIN=binmode tty
set HOME=c:\rsync
set HOSTNAME=XX(local hostname)
set PATH=c:\rsync;%PATH%
set RSYNC_RSH=ssh.exe
set SERVER_HOSTNAME=XX(remote hostname)
set TERM=ansi
set USERNAME=XX(remote username)
  • Create backup.bat as follows:
@echo off
cd \rsync
call ssh_env
rsync -rltz --delete \rsync "\XX\My Documents" %SERVER_HOSTNAME%:backups/%HOSTNAME%/ > rsync.log
rsync -tz rsync.log %SERVER_HOSTNAME%:backups/%HOSTNAME%/
  • Replace the XX placeholders with appropriate values in ssh_env.bat and backup.bat
  • Create an SSH v1 identity key, and store it in \rsync\.ssh\identity
  • Add the server's ssh key by running ssh_env, then ssh'ing to the remote system. This also tests SSH.
  • Add a scheduled task to run backup.bat an hour before your nightly backups of the Unix machine.

This should be enough to get the backups going, but now you need a way of being notified if the backups fail. After all, if the Windows machine crashes or if it simply forgets to run your scheduled task, you won't be too happy about finding out the hard way, and you can't depend on the user to check it for you each day.

  • On the Unix machine, set up a cron job to run the following script after rsync but before your nightly backups. Again, replace XXs with appropriate values.
cd ~/backups/XX || exit 1
find . -maxdepth 1 -name rsync.log -mtime +12h -print0 | xargs -0 rm -f
if [ ! -e rsync.log ]; then
    echo BACKUPS FAILED!  rsync.log was not updated.
    # Leave out this else-clause if you don't want notifications of a successful backup.
    echo BACKUPS SUCCEEDED!  rsync output:
    cat rsync.log


  • ssh_env.bat should contain only the environment variables. That way you can easily ssh to the remote system by running ssh_env at the command line, then ssh.
  • The rsync command in backup.bat also backs up \rsync. The log is backed up separately because it is modified during the first rsync.
  • If the machine has a blank password for the account that the task is scheduled for, you must tweak this knob: Control Panel/Administrative Tools/Local Security Policy/Local Policies/Security Options/Limit local account use of blank passwords to console login only
  • While this does not keep any historical information, there is no need. Yesterday's files will be on yesterday's daily backup of the Unix machine. It's easier and takes less space to just let your Unix machine's automated daily backups take care of managing the history.
  • Specify absolute paths using back-slashes in the rsync command. This way, on the remote side the path is included in the filename.
  • This uses SSH v1, which means you need an RSA1 key.
  • If you have a file server mounted via samba, you can simplify this quite a bit by dropping SSH entirely and rsyncing to the local mountpoint.
  • As security on Windows machines is questionable at best, use a separate user account and ssh key on the Unix machine. When (not if) a Windows machine is compromised, minimize the damage.