mirror of
https://github.com/deajan/osync
synced 2024-11-05 12:01:02 +00:00
3266 lines
61 KiB
Plaintext
3266 lines
61 KiB
Plaintext
#LyX 2.2 created this file. For more info see http://www.lyx.org/
|
||
\lyxformat 508
|
||
\begin_document
|
||
\begin_header
|
||
\save_transient_properties true
|
||
\origin unavailable
|
||
\textclass article
|
||
\use_default_options true
|
||
\maintain_unincluded_children false
|
||
\language english
|
||
\language_package default
|
||
\inputencoding utf8x
|
||
\fontencoding global
|
||
\font_roman "default" "default"
|
||
\font_sans "default" "default"
|
||
\font_typewriter "default" "default"
|
||
\font_math "auto" "auto"
|
||
\font_default_family default
|
||
\use_non_tex_fonts true
|
||
\font_sc false
|
||
\font_osf false
|
||
\font_sf_scale 100 100
|
||
\font_tt_scale 100 100
|
||
\graphics default
|
||
\default_output_format default
|
||
\output_sync 0
|
||
\bibtex_command default
|
||
\index_command default
|
||
\paperfontsize default
|
||
\spacing single
|
||
\use_hyperref true
|
||
\pdf_title "Osync Configuration guide"
|
||
\pdf_author "Orsiris "
|
||
\pdf_bookmarks true
|
||
\pdf_bookmarksnumbered false
|
||
\pdf_bookmarksopen false
|
||
\pdf_bookmarksopenlevel 1
|
||
\pdf_breaklinks false
|
||
\pdf_pdfborder true
|
||
\pdf_colorlinks false
|
||
\pdf_backref section
|
||
\pdf_pdfusetitle true
|
||
\papersize a4paper
|
||
\use_geometry true
|
||
\use_package amsmath 1
|
||
\use_package amssymb 1
|
||
\use_package cancel 0
|
||
\use_package esint 1
|
||
\use_package mathdots 1
|
||
\use_package mathtools 0
|
||
\use_package mhchem 1
|
||
\use_package stackrel 0
|
||
\use_package stmaryrd 0
|
||
\use_package undertilde 0
|
||
\cite_engine basic
|
||
\cite_engine_type default
|
||
\biblio_style plain
|
||
\use_bibtopic false
|
||
\use_indices false
|
||
\paperorientation portrait
|
||
\suppress_date false
|
||
\justification true
|
||
\use_refstyle 1
|
||
\boxbgcolor #d0d0d0
|
||
\index Index
|
||
\shortcut idx
|
||
\color #008000
|
||
\end_index
|
||
\leftmargin 2cm
|
||
\topmargin 2cm
|
||
\rightmargin 2cm
|
||
\bottommargin 2cm
|
||
\headheight 1cm
|
||
\headsep 1cm
|
||
\footskip 1cm
|
||
\secnumdepth 3
|
||
\tocdepth 3
|
||
\paragraph_separation indent
|
||
\paragraph_indentation 2em
|
||
\quotes_language swedish
|
||
\papercolumns 1
|
||
\papersides 1
|
||
\paperpagestyle default
|
||
\listings_params "backgroundcolor={\color{white}},basicstyle={\ttfamily},breaklines=true,frame=single"
|
||
\bullet 0 0 6 -1
|
||
\tracking_changes false
|
||
\output_changes false
|
||
\html_math_output 0
|
||
\html_css_as_file 0
|
||
\html_be_strict false
|
||
\end_header
|
||
|
||
\begin_body
|
||
|
||
\begin_layout Title
|
||
osync v1.1 Documentation
|
||
\end_layout
|
||
|
||
\begin_layout Author
|
||
(C) 2013-2016 by Orsiris de Jong
|
||
\end_layout
|
||
|
||
\begin_layout Date
|
||
27 July 2016
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset CommandInset href
|
||
LatexCommand href
|
||
name "http://www.netpower.fr/osync"
|
||
target "http://www.netpower.fr/osync"
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset CommandInset line
|
||
LatexCommand rule
|
||
offset "0.5ex"
|
||
width "100col%"
|
||
height "1pt"
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset CommandInset toc
|
||
LatexCommand tableofcontents
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Section
|
||
Introduction
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Quickstart guide
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync is a command line two way synchronization tool for Linux / BSD / MacOSX
|
||
and Windows, with an emphasis on reliability and automation on low bandwidth
|
||
links.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
A quickstart guide can be found in the README.md file.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Basic synchronization problems
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Synchronization is usually found in two flavors, bloc level sync and file
|
||
level sync.
|
||
While whole bloc level synchronization is generally a good way of doing,
|
||
it's also very greedy in network ressources and is not easy to setup.
|
||
That's where file level sync comes in handy, where only some directories
|
||
& files need to be synced.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Imagine you're syncing two remote offices of a same company.
|
||
If you're syncing a user's home directory or it's roaming profile as a
|
||
night task, the next day, the user will find it's roaming profile up to
|
||
date at the remote office.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
But what would happen if two users work on the same file in a public folder,
|
||
at the same time, on both offices ? Some sync software would stop sync
|
||
and ask what to do.
|
||
Others might simply deleted the oldest version of the file, even if it
|
||
was modified on both sides.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Also, what would happen if a user uploads a lot of data ? If the link between
|
||
both offices cannot handle enough data transfer in a given time, any other
|
||
sync task won't be run, and the sync would continue during the day, when
|
||
bandwidth is necessary elsewhere.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
What would happen if a power fault occurs while synchronization is going
|
||
on ?
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
What osync can do
|
||
\end_layout
|
||
|
||
\begin_layout Subsubsection
|
||
Making synchronization reliable
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync is designed to synchronize two folders on both local and / or remote
|
||
systems.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
It is time controlled, which means you can decide how much time it should
|
||
spend on a sync task before stopping it and launching the next one.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
It's designed to resume failed or stopped sync tasks, or totally restart
|
||
the sync task if resume fails.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
It can keep multiple versions of a file in case of a conflict.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
It handles soft deletion.
|
||
If a user deletes a file on replica A, it will move that file on replica
|
||
B to the
|
||
\begin_inset Quotes sld
|
||
\end_inset
|
||
|
||
.osync_workdir/deleted
|
||
\begin_inset Quotes srd
|
||
\end_inset
|
||
|
||
folder.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
It will automatically clean old files (soft deleted and conflict backups)
|
||
after a defined amount of days.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
It will perform various checks before launching a synchronization like free
|
||
disk space.
|
||
\end_layout
|
||
|
||
\begin_layout Subsubsection
|
||
Making a sysadmin's life easier
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync is also desgined to ease synchronization setups.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
It will trigger an email alert including the whole sync process execution
|
||
log if a warning / error is found.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Pre-processing and post-processing commands can be launched on local and
|
||
/ or remote systems, which may be useful to launch snapshot software, flush
|
||
or standby virtual machines, etc).
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Multiple concurrent instances of osync can be run as long as they don't
|
||
sync the same replicas at the same time.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
A batch processing script is included (osync-batch.sh) to launch sequential
|
||
sync tasks.
|
||
Failed sync tasks are rerun if every other task has completed and there's
|
||
still some time left in a given timespan.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync can use rsync or ssh tunnel compression to gain bandwidth.
|
||
Bandwidth can also be limited for slow link sharing.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
It can be run in quicksync mode for the impatient (nothing to configure
|
||
except the replica paths), or with a full blown config file.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You may run osync manually, schedule it with cron, or have it monitor a
|
||
directory as a daemon and launch sync tasks on file modifications.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync has been succesfully tested on RHEL / CentOS 5, CentOS 6, Centos 7,
|
||
Debian 6, Debian 7, Linux Mint 14, 17, FreeBSD 8.3, 10.3, pfSense 2.x, Mac
|
||
OS X, and Windows using msys & cygwin environment.
|
||
\end_layout
|
||
|
||
\begin_layout Subsubsection
|
||
What osync cannot do
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync is a simple bash script that relies on other tools like rsync.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Hence, it has some advantages and disavantages:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Advantages:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
- It's easily customisable
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
- It's fast
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Disavantages:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
- There's no way to detect file moves.
|
||
If you move a directory on replica A, osync will soft delete the directory
|
||
on replica B and copy the new directory from replica A.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
- There's no multi-master replication in osync V1.
|
||
Hence, if you want to sync replicas A, B, and C using osync, you'll have
|
||
to use one of the following schemas:
|
||
\end_layout
|
||
|
||
\begin_layout Paragraph
|
||
Replicate 3-way with A as master
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Run the following tasks sequentially where A is the initiatior:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Replicate A & B
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Replicate A & C
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Replicate A & B
|
||
\end_layout
|
||
|
||
\begin_layout Paragraph
|
||
Replicate 3-way with A & B as masters
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Run the following tasks from each system.
|
||
Be sure they won't run concurrently (osync will detect that another replication
|
||
is still running, and abort the current one):
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Replicate A & B where A is the initiator
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Replicate B & C where B is the initiator
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Replicate C & A where C is the initiator
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Why use osync
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
There are a lot of file sync tools out there, some probably better than
|
||
osync depending on the use case.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync has been basically written to be low bandwidth friendly, with resume
|
||
options for unstable internet links (but it will also do great on a fiber
|
||
link :)).
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
It has also been written to be a setup and forget tool, without any user
|
||
interaction like manual conflict resolution.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync also is one of the few tools that support ACL synchronization.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
At least, osync consumes very little RAM and CPU ressources and is suitable
|
||
from lower en hardware up to serveres.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Hence, it has some unique features that make it a good tool depending on
|
||
the use case.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
How osync tries to resolve sync issues
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Let's get back to the example above, where osync is used to sync two remote
|
||
offices with users' home directories.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Now imagine a user uploaded 100GB of data, and the WAN link between local
|
||
and remote systems can only handle 6GB/hour of data transfer.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Now if osync is scheduled every night at 10:00 pm, and it's configured to
|
||
run for maximum 10 hours, it would stop at 6am, after having transferred
|
||
60GB.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Then, on the next day, it would transfer the remaining 40GB from 10:00 pm
|
||
to about 3:30am.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Also, if you run sequential instances of osync (with osync-batch), one per
|
||
user directory for example, you can decide how much time osync should spend
|
||
per user.
|
||
So if a user uploads too much data, and osync cannot finish the synchronization
|
||
task for that user directory in a given timespan, it will stop that sync
|
||
task and run next user synchronization task so every user sync task gets
|
||
run, regardless of the amount of data.
|
||
If there's time left, osync-batch reprograms the user sync task that has
|
||
been stopped.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Naming in this document
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync's goal is to synchronize two directories, that can be hosted on the
|
||
same computer or two different ones.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
The computer that runs osync must have at least one of these two directories
|
||
mounted, and will be called the
|
||
\emph on
|
||
local system.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
The first directory to sync on the local system is called the
|
||
\emph on
|
||
initiator replica
|
||
\emph default
|
||
.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
The other directory, called the
|
||
\emph on
|
||
target replica
|
||
\emph default
|
||
can be hosted on the
|
||
\emph on
|
||
local system
|
||
\emph default
|
||
, or on another computer which will be called the
|
||
\emph on
|
||
remote system
|
||
\emph default
|
||
.
|
||
In that case, the
|
||
\emph on
|
||
local system
|
||
\emph default
|
||
will connect to the
|
||
\emph on
|
||
remote system
|
||
\emph default
|
||
through an ssh tunnel and synchronize both
|
||
\emph on
|
||
initiator
|
||
\emph default
|
||
and
|
||
\emph on
|
||
target replicas
|
||
\emph default
|
||
.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Any osync configuration file that gets executed is called an
|
||
\emph on
|
||
osync task
|
||
\emph default
|
||
.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
In the following examples, a special user called
|
||
\emph on
|
||
syncuser
|
||
\emph default
|
||
is used for osync.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
How osync solves sync conflicts
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Conflict resolution is done automatically.
|
||
When a file is modified on both replicas, osync compares the timestamps
|
||
on both replicas and keeps the most recent file.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
In the highly uncommon case where both files have the exact same timestamp,
|
||
a configuration value called CONFLICT_PREVALANCE choses the which replica's
|
||
file will be kept.
|
||
By default, Initiator is chosen, unless specified otherwise in the config
|
||
file.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
The file that isn't kept is copied to
|
||
\begin_inset Quotes sld
|
||
\end_inset
|
||
|
||
.osync_wordir/backups
|
||
\begin_inset Quotes srd
|
||
\end_inset
|
||
|
||
directory of the replica by default, with its full path relative to the
|
||
replica, unless specified otherwise by the CONFLICT_BACKUP configuration
|
||
value.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
After an amount of days set by CONFLICT_BACKUP_DAYS, which is 30 by default,
|
||
the backed up file is deleted.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
If CONFLICT_BACKUP_MULTIPLE is set to YES (disabled by default), multiple
|
||
versions of the backed up files are kept, with a timestamp suffix like
|
||
|
||
\begin_inset Quotes sld
|
||
\end_inset
|
||
|
||
2016.12.31-12.00.01
|
||
\begin_inset Quotes srd
|
||
\end_inset
|
||
|
||
.
|
||
\end_layout
|
||
|
||
\begin_layout Section
|
||
Prerequisites
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
General packages
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync is programmed in bash and will not run with ksh / tsh or other shells.
|
||
Usually bash comes with most distributions.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
On FreeBSD, you might need to install bash with
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
pkg install bash
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
The following packages are needed on both local and remote systems:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
rsync coreutils
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Also, the local system will send emails on errors.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Make sure you have a mail package like mailx, mutt, postfix installed on
|
||
Unix like systems.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
On Winows, make sure you have mailsend (https://github.com/muquit/mailsend)
|
||
/ sendmail (http://caspian.dotconf.net/menu/Software/SendEmail/) installed
|
||
in executable path.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Additionnaly, if you intend to run osync in daemon mode, you'll need the
|
||
following package.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
inotify-tools
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
On MinGW, you will have to install msys-rsync and msys-coreutils-ext on
|
||
top of a base install.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
File synchronization
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
File sync tasks don't need any special configurations.
|
||
You only have to worry about your sync user having the filesystem permissions
|
||
to read / write on both replicas.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
A good way is to make your user member of the files' group that has full
|
||
permissions.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Another way to achieve this is using ACLs if your filesystem supports them.
|
||
You can add the following permissions for user "syncuser" on directory
|
||
"/home/web".
|
||
Setting a default rule will add rights on new files.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
# setfacl -dRm u:syncuser:r-x /home/web
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Be aware that ACLs are tricky and default unix permissions serve as mask
|
||
for ACLs.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Make always sure you can read /write to both replicas with your sync user:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
# su syncuser
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ cat /initiator/replica/test.file
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ touch /initiator/replica/othertest.file
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Repeat that step for the target replica.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Time setup
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
WARNING: osync's conflict resolution relies on timestamps, so it is very
|
||
important for all systems osync runs / syncs to, to have a reliable and
|
||
common timesource.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Please consider setting up NTPD first before you plan to run osync.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
\begin_inset CommandInset label
|
||
LatexCommand label
|
||
name "subsec:Performing-superuser-backups"
|
||
|
||
\end_inset
|
||
|
||
Performing superuser sync
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync may be run as superuser, which should always be avoided by granting
|
||
the read / write permissions to a dedicated sync user to both replicas.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
There are still some cases where osync needs to be run as superuser, especially
|
||
when syncing system files.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
In those cases, osync can be run as dedicated sync user and ask for sudo
|
||
permissions for specific commands.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
In order to be able to use the sudo command without having to enter a password,
|
||
you’ll need to modify the local and / or remote system to allow the following
|
||
commands to be run as superuser: rsync, du, find, mkdir, rm, echo, mv,
|
||
tee and cat.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Use visudo to edit the sudoers file (or carefully edit /etc/sudoers yourself)
|
||
and add the following
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
syncuser ALL= NOPASSWD:/usr/bin/rsync
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
syncuser ALL= NOPASSWD:/usr/bin/du
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
syncuser ALL= NOPASSWD:/bin/find
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
syncuser ALL= NOPASSWD:/bin/mkdir
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
syncuser ALL= NOPASSWD:/bin/rm
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
syncuser ALL= NOPASSWD:/bin/mv
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
syncuser ALL= NOPASSWD:/bin/echo
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
syncuser ALL= NOPASSWD:/bin/cat
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
syncuser ALL= NOPASSWD:/usr/bin/tee
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You might check the right paths to your commands (example to get path for
|
||
rsync executable):
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
# type rsync
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You'll also need to disable requiretty in /etc/sudoers by adding the following
|
||
line:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
Defaults:syncuser !requiretty
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Once your standard sync user is granted to run what osync needs, you can
|
||
enable sudo in osync's config file:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SUDO_EXEC=yes
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You should be aware that there is a risk with having rsync command run as
|
||
superuser.
|
||
A user who can run rsync command as superuser can upload any file he wants
|
||
to the system, including a tweaked /etc/sudoers or /etc/passwd file.
|
||
Please read chapter
|
||
\begin_inset CommandInset ref
|
||
LatexCommand ref
|
||
reference "subsec:Enhancing-remote-backup"
|
||
|
||
\end_inset
|
||
|
||
to secure your installation.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Remote sync
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync can perform local or remote synchronization tasks.
|
||
For local sync, pelease refer to chapters
|
||
\begin_inset CommandInset ref
|
||
LatexCommand ref
|
||
reference "sec:Running-Osync-in"
|
||
|
||
\end_inset
|
||
|
||
,
|
||
\begin_inset CommandInset ref
|
||
LatexCommand ref
|
||
reference "sec:Running-Osync-with-config-file"
|
||
|
||
\end_inset
|
||
|
||
and
|
||
\begin_inset CommandInset ref
|
||
LatexCommand ref
|
||
reference "sec:Running-Osync-as-daemon"
|
||
|
||
\end_inset
|
||
|
||
.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Remote synchronization is done through an SSH tunnel.
|
||
To be able to establish such a tunnel without having to enter a password,
|
||
you’ll have to generate a pair of private and public RSA keys.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
The private part is kept by the computer that initiates the connection,
|
||
the local system.
|
||
The public part is kept on the remote system.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
The following steps will be required to generate a ssh key:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Create a dedicated sync user and log in as that user on the local system
|
||
to perform the following actions.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ ssh-keygen -t rsa
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
This should create two files named ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You should also create a dedicated sync user on the remote system.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Copy the public part of the RSA pair to the remote system with scp (replace
|
||
22 with your ssh port number if needed).
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ scp -p 22 ~/.ssh/id_rsa syncuser@remotesystem.tld:/home/syncuser/.ssh/authorized_
|
||
keys
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Make sure the file is only readable and owned by the syncuser on the remote
|
||
system.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ chmod 600 /home/syncuser/.ssh/authorized_keys
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ chown syncuser:root /home/syncuser/.ssh/authorized_keys
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Now you should be able to login as "syncuser" on the remote system without
|
||
any password.
|
||
You can try to remotely login by entering the following on the local system:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ ssh -p 22 syncuser@remotesystem.tld
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Be aware that only the user that generated the ssh key can remotely log
|
||
in.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You may optionnaly enhance remote login security by applying chapter
|
||
\begin_inset CommandInset ref
|
||
LatexCommand ref
|
||
reference "subsec:Enhancing-remote-backup"
|
||
|
||
\end_inset
|
||
|
||
methods.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Mail transport agent
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You should make sure your system can send emails so osync can warn you if
|
||
something bad happens.
|
||
osync will use mutt or mail command.
|
||
Please make sure you can send a test mail with at least one of the following
|
||
commands run by your sync user:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ echo "your test message" | mutt -x -s "This is a test message" your@mail.tld
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ echo "your test message" | mail -s "This is a test message" your@mail.tld
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Check your antispam if you don't get your message.
|
||
If you still don't get your message, check your distributions documentation
|
||
about the mail command.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
If you run on windows environment, please make sure you can launch mailsend.exe
|
||
/ sendemail.exe by adding it to the %PATH% variable (found
|
||
\begin_inset CommandInset href
|
||
LatexCommand href
|
||
name "here"
|
||
target "http://github.com/muquit/mailsend"
|
||
|
||
\end_inset
|
||
|
||
and
|
||
\begin_inset CommandInset href
|
||
LatexCommand href
|
||
name "here"
|
||
target "http://caspian.dotconf.net/menu/Software/SendEmail/"
|
||
|
||
\end_inset
|
||
|
||
).
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
\begin_inset CommandInset label
|
||
LatexCommand label
|
||
name "subsec:Enhancing-remote-backup"
|
||
|
||
\end_inset
|
||
|
||
Enhancing remote system security
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You may want to secure a password-less ssh access by removing non necessary
|
||
services offered by SSH.
|
||
Edit the file ~/.ssh/authorized_keys created earlier on the remote system
|
||
and add the following line in the beginning of the file:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Also, we may want to prevent any host except of our initiator replica system
|
||
to passwordless connect.
|
||
Add the following line:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
from=*.my.initiator.replica.server.domain.tld
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Your authorized_keys file should look like this:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
lstparams "breaklines=true"
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
from="*.mydomain.tld",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-
|
||
pty ssh-rsa yourkey== syncuser@host.tld
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
More security enhancing
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
We may also restrict the ssh session to only a couple of commands we'll
|
||
need.
|
||
osync comes with a script called
|
||
\emph on
|
||
ssh_filter.sh
|
||
\emph default
|
||
that will only allow execution of commands osync needs.
|
||
Once again edit your authorized_keys file and add the following.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
command="/usr/local/bin/ssh_filter.sh"
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Your file should then look like this:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
lstparams "breaklines=true,showstringspaces=false"
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
from="*.mydomain.tld",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-
|
||
pty,command="/usr/local/bin/ssh_filter.sh" ssh-rsa yourkey== syncuser@remotesyste
|
||
m.tld
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Copy then the script ssh_filter.sh to /usr/local/bin on the remote system.
|
||
Don't forget to make it executable and make it owned by root
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
# chmod 755 /usr/local/bin/ssh_filter.sh
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
# chown root:root /usr/local/bin/ssh_filter.sh
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Now, only the commands
|
||
\begin_inset Quotes eld
|
||
\end_inset
|
||
|
||
find, du, rsync, echo, mv, mkdir and sudo
|
||
\begin_inset Quotes erd
|
||
\end_inset
|
||
|
||
may be executed via the ssh tunnel.
|
||
You may enable / disable the usage of sudo command by editing the following
|
||
value in the ssh_filter.sh script:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SUDO_EXEC=yes
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Also, adding remote pre- and postexecution commands in your configuration
|
||
files will not work if you use the ssh filter.
|
||
You'll have to add your optional commands in ssh_filter.sh.
|
||
Example if you want to perform remote snapshots you'll have to allow one
|
||
of the following:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
CMD1=zfs
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
CMD2=xfs
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
CMD3=lvm
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
\begin_inset CommandInset label
|
||
LatexCommand label
|
||
name "subsec:More-security-(or"
|
||
|
||
\end_inset
|
||
|
||
Security for the paranoid
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Executing rsync as superuser is a security risk.
|
||
A way to prevent rsync usage allowing only a symlink to be executed.
|
||
Thus, a attacker script using rsync would not work.
|
||
This kind of security is called
|
||
\begin_inset Quotes eld
|
||
\end_inset
|
||
|
||
security by obscurity
|
||
\begin_inset Quotes erd
|
||
\end_inset
|
||
|
||
and should generally not be the only security process, but makes any attack
|
||
harder.
|
||
First, let's create a symlink to rsync called let's say o_rsync, on both
|
||
local and remote systems.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
# ln -s $(type rsync) $(dirname $(type rsync))/o_rsync
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Now edit ssh_filter.sh and change the following value:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
RSYNC_EXECUTABLE=o_rsync
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Also, edit RSYNC_EXECUTABLE value on any of your sync configuration files
|
||
and you're done.
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Section
|
||
Getting and running osync
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Downloading osync
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync can be downloaded on the author's site (stable version) or on github
|
||
(stable or latest dev snapshot).
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Getting osync via author's site
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
wget http://netpower.fr/projects/osync/osync.v1.1.tar.gz
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
tar xvf osync.v1.1.tar.gz
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Getting osync via github (remove the -b
|
||
\begin_inset Quotes sld
|
||
\end_inset
|
||
|
||
v1.00a
|
||
\begin_inset Quotes srd
|
||
\end_inset
|
||
|
||
if you want latest dev snapshot)
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
git clone -b "v1.1" https://github.com/deajan/osync
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Once you downloaded osync, enter into the newly created folder and run the
|
||
install script
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
sh ./install.sh
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
This will copy osync to /usr/local/bin and create /etc/osync with a test
|
||
sync.conf file.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
It will also copy daemon required files to /etc/init.d or /usr/lib/systemd/system
|
||
and /etc/systemd/user depending on your distribution.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
\begin_inset CommandInset label
|
||
LatexCommand label
|
||
name "sec:Running-Osync-in"
|
||
|
||
\end_inset
|
||
|
||
Running osync in quicksync mode
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You just osync to sync two local dirs like this:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ ./osync.sh --initiator=/path/to/dir1 --target=/path/to/dir2
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You also may want to sync a remote directory.
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You may specify an alternate SSH port directly in the URI.
|
||
When ommited, SSH port 22 is used.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Also, if not set, the default RSA key will be read from ~/.ssh/id_rsa
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ ./osync.sh --initiator=/path/to/dir1 --target=ssh://remoteuser@remotehost.com//pa
|
||
th/to/dir2
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ ./osync.sh --initiator=/path/to/dir2 --target=ssh://remoteuser@remotehost.com:22/
|
||
/path/to/dir2 --rsakey=/home/user/.ssh/other_key
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
\begin_inset CommandInset label
|
||
LatexCommand label
|
||
name "sec:Running-Osync-with-config-file"
|
||
|
||
\end_inset
|
||
|
||
Running osync with a full blown configuration file
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Running osync with a configuration will do just the same as in quicksync
|
||
mode, except that you have much more control of what's going on.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
A sample configuration file is called sync.conf and is included with osync.
|
||
You may edit this file to fit your needs.
|
||
Basically configuration files should go to /etc/osync.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Every option of the configuration file is explained in the appendix.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Once you've setup a file according to your needs, you may go for a test
|
||
run.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ ./osync.sh /etc/osync/my_sync.conf --dry --verbose
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync should enumerate which changes will be done on both sides.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
If everything worked out right, you might process the actual sync process.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
A full configuration file specifies a maximum execution delay.
|
||
Initial sync tasks can take a huge amount of time depending on bandwidth
|
||
between replicas, in that case you might add parameter –no-maxtime to your
|
||
first sync run so execution time won't be enforced.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ ./osync.sh /etc/osync/my_sync.conf --no-maxtime
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Creating a regular sync scenario is quite simple as long as you don't schedule
|
||
twice the same sync task in a shorter time span than your HARD_MAX_EXEC_TIME_TO
|
||
TAL value.
|
||
Just create a crontab entry and add parameter –silent so your local mailbox
|
||
won't get filled up.
|
||
Example, having a sync scheduled every hour in /etc/crontab
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
00 * * * * syncuser /usr/local/bin/osync.sh /etc/osync/your_sync.conf --silent
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
You may find the sync log under /var/log/osync-your_sync.log or under the
|
||
current directory if /var/log is not writable.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
\begin_inset CommandInset label
|
||
LatexCommand label
|
||
name "sec:Running-Osync-as-daemon"
|
||
|
||
\end_inset
|
||
|
||
Running osync as deamon
|
||
\end_layout
|
||
|
||
\begin_layout Subsubsection
|
||
Manually
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync may also run in file monitor mode.
|
||
In this mode, osync checks the initiator replica, and runs a synchronization
|
||
as soon as there is file activity on initiator replica.
|
||
With this mode, you do not need a schedule anymore.
|
||
Be aware that only initiator replica is monitored, and target replica sync
|
||
updates only occur when initiator replica modifications happen.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ ./osync.sh /etc/osync/my_sync.conf --on-changes
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Subsubsection
|
||
As a system service
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
If you plan to run osync on a regular basis in file monitor mode, you might
|
||
consider installing it as a system service.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
From the directory you downloaded osync, run the install.sh script and enable
|
||
the service.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Remark: When exiting osync daemon, the process will continue to run for
|
||
up to a minute to unlock replicas and termine sub processes.
|
||
\end_layout
|
||
|
||
\begin_layout Paragraph
|
||
init.d service files
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
For init.d systems, syntax is:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
# service osync-srv start
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
# chkconfig osync-srv on
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync then scans for *.conf files in /etc/osync and will run an instance
|
||
per configuration file.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Service control just works like with standard system services.
|
||
\end_layout
|
||
|
||
\begin_layout Paragraph
|
||
systemd service files
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
For systemd systems, syntax is:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
# systemctl start osync-srv@config_file
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
# systemctl enable osync-srv@config_file
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
With systemd, every config file found in /etc/osync can be controlled as
|
||
a separate service.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Running osync batch
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
If you have multiple configuration files in /etc/osync that you would like
|
||
to run sequentially, and re-run failed sync tasks, osync comes with a tool
|
||
called osync-batch.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
It will execute all osync conf files in alphanumerical order, in a given
|
||
timespan.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync-batch takes the following non mandatory parameters:
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–silent Will launch osync tasks silently
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–dry Will launch osnyc tasks as simulations only
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–verbose Will launch osync tasks with detailed output, including changed
|
||
and deleted files lists on both sides
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–no-maxtime Will launch osync taks without any maximum execution time
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–path= By default, osync-batch.sh searches for config files in /etc/osync.
|
||
This parameter overrides the default value.
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–max-reruns= By default osync-batch.sh tries to rerun failed tasks 3 times.
|
||
This parameter overrides the default value.
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–max-exec-time= By default, osync-batch.sh won't launch next task if 36000
|
||
seconds have passed.
|
||
This parameter overrides the default value.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You may program a cron task for osync-batch.sh like
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
00 * * * * syncuser /usr/local/bin/osync-batch.sh --silent
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Section
|
||
Configuration appendix
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Quicksync only command line parameters
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–initiator=
|
||
\begin_inset Quotes srd
|
||
\end_inset
|
||
|
||
|
||
\begin_inset Quotes srd
|
||
\end_inset
|
||
|
||
Initiator replica path.
|
||
Will contain state and backup directory (is mandatory)
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–target=
|
||
\begin_inset Quotes srd
|
||
\end_inset
|
||
|
||
|
||
\begin_inset Quotes srd
|
||
\end_inset
|
||
|
||
Local or remote target replica path.
|
||
Can be a ssh uri like ssh://user@host.com:22//path/to/target/replica (is
|
||
mandatory)
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–rsakey Alternative path to rsa private key for ssh connection to target
|
||
replica (if not ~/.ssh/id_rsa)
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–instance-id Optional sync task name to identify this synchronization task
|
||
when using multiple targets
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Universal command line parameters
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
When run without any parameter, osync will show usage.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Both quicksync and config file modes can take the following optional parameters:
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–dry Will make osync run a simulation only
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–silent Will run osync silently, to be used in a cron schedule
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–verbose Will run osync with detailed output, including changed and deleted
|
||
files lists on both sides
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–stats Will add rsync transfer statistics to verbose output
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–partial osync will leave partial transfered files in order to be resumed
|
||
on later runs
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–no-maxtime Will disable MAX_EXEC_TIME checks, so a task can take as long
|
||
as it needs.
|
||
This is useful for performing initial big sync operations
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–force-unlock Will override any existing active or dead locks on initiator
|
||
and target replica
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–on-changes Will launch a sync task after a short wait period if there is
|
||
some file activity on initiator replica.
|
||
You should try daemon mode instead
|
||
\end_layout
|
||
|
||
\begin_layout Labeling
|
||
\labelwidthstring 00.00.0000
|
||
–help Will print osync version and usage
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Full list of configuration file parameters
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Set this to whatever you want to identify your sync task.
|
||
This value also determines the log filename and appears in the warning
|
||
/ error mails.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
INSTANCE_ID=name_of_your_sync
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Initiator directory to sync (initiator replica), must be on the system you're
|
||
running osync on.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
INITIATOR_SYNC_DIR="/some/path"
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Target directory to sync (target replica), can be on the same system you're
|
||
running osync on or another remote system, reachable via an SSH tunnel.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Target directory can be a SSH uri like
|
||
\begin_inset Quotes sld
|
||
\end_inset
|
||
|
||
ssh://user@host.com:1234//some/other/path
|
||
\begin_inset Quotes srd
|
||
\end_inset
|
||
|
||
where 1234 is an optional port, and the first slash is a separator, meaning
|
||
that the full path is /some/other/path.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
TARGET_SYNC_DIR="/some/other/path"
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Location of the private RSA key.
|
||
If left empty, the default path
|
||
\begin_inset Quotes sld
|
||
\end_inset
|
||
|
||
~/.ssh/id_rsa
|
||
\begin_inset Quotes srd
|
||
\end_inset
|
||
|
||
will be used.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SSH_RSA_PRIVATE_KEY=~/.ssh/id_rsa
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Tells osync to create initiator or target directories if they don't exist.
|
||
Default is no.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
CREATE_DIRS=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
By default, leaving this empty sets the log file to /var/log/osync_INSTANCE_ID.lo
|
||
g.
|
||
You might change this to specify a personalized log file.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
LOGFILE=""
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Generate an alert if initiator or target replicas have less space than the
|
||
following given value in kilobytes.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
MINIMUM_SPACE=10240
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Bandwidth limit in kilobytes / second.
|
||
Leave this to zero to disable limitation.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
BANDWIDTH=0
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Synchronization tasks may be executed as root if you enable the following
|
||
parameter.
|
||
See prerequisites in chapter
|
||
\begin_inset CommandInset ref
|
||
LatexCommand ref
|
||
reference "subsec:Performing-superuser-backups"
|
||
|
||
\end_inset
|
||
|
||
.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SUDO_EXEC=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Paranoia option.
|
||
Don't change this unless you read chapter
|
||
\begin_inset CommandInset ref
|
||
LatexCommand ref
|
||
reference "subsec:More-security-(or"
|
||
|
||
\end_inset
|
||
|
||
and understand what you are doing.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
RSYNC_EXECUTABLE=rsync
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Remote Rsync Executable path.
|
||
Don't change this unless your remote rsync binary isn't in the execution
|
||
path.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
REMOTE_RSYNC_PATH=""
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Rsync include / exclude order.
|
||
If set to include, includes will be processed before excludes, and vice-versa.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
RSYNC_PATTERN_FIRST=include|exclude
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
List of files / directories to include / exclude from both replicas (see
|
||
rsync patterns for more explanations, wildcards won't work).
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Poaths are relative to both replicas.
|
||
List is separated by PATH_SEPARATOR_CHAR defined below.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
RSYNC_INCLUDE_PATTERN=""
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
RSYNC_EXCLUDE_PATTERN="tmp;archives;somepath"
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
File that contains the list of files /directories to include / exclude from
|
||
both replicas (see rsync pattern files for more explanations).
|
||
Leave this empty if you don't want to use an exclusion file.
|
||
This file has to be in the same directory as the config file.
|
||
Paths are relative to sync dirs.
|
||
One element per line.
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
RSYNC_INCLUDE_FROM=""
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
RSYNC_EXCLUDE_FROM="exclude.list"
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Path separator char for RSYNC_EXCLUDE_PATTERN, you might change this in
|
||
the unholy case that your filenames contains semicolons.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
PATH_SEPARATOR_CHAR=";"
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Enable / disable ssh compression.
|
||
Leave this enabled unless your connection to remote system is high speed
|
||
(LAN)
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SSH_COMPRESSION=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Tell ssh to not check the remote computer ssh fingerprint.
|
||
DANGER WILL ROBINSON ! This should generally lead to security issues.
|
||
Only enable this if you know exactly what you are doing.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SSH_IGNORE_KNOWN_HOSTS=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Ping remote host before launching synchronization.
|
||
Be sure the host is responding to ping.
|
||
Failing to ping will skip current task.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
REMOTE_HOST_PING=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Itemize
|
||
Check for internet access by pinging one or more hosts before launching
|
||
remote sync task.
|
||
Leave this empty do disable the check.
|
||
Failing to ping will skip current task.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
REMOTE_3RD_PARTY_HOST="www.kernel.org"
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Itemize
|
||
Misc settings
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Preserve ACLs.
|
||
Please check that your filesystem supports ACLs and is mounted with it's
|
||
support or rsync will get you loads of errors.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
PRESERVE_ACL=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Preserve Xattr.
|
||
The same applies as for ACLs
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
PRESERVE_XATTR=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Transforms symlinks into referent files/dirs when syncing replicas.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
COPY_SYMLINKS=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Treat symlinked dirs as dirs.
|
||
CAUTION: This also follows symlinks outside of the replica root.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
KEEP_DIRLINKS=no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Preserve hard links.
|
||
Make sure source and target FS can manage hard links or you will lose them.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
PRESERVE_HARDLINKS=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Do a full checksum on files instead of comparing file sizes and modification
|
||
times.
|
||
Enabling this will make sync tasks longer.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
CHECKSUM=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Use rsync compression for file transfers.
|
||
Leave this disabled unless your're not using SSH compression.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
RSYNC_COMPRESS=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Maximum execution time (in seconds) for sync process.
|
||
Soft value generates a warning only.
|
||
Hard value generates a warning and stops sync task.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You may set this to 0 to disable time checks.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SOFT_MAX_EXEC_TIME_FILE_TASK=7200
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
HARD_MAX_EXEC_TIME_FILE_TASK=10600
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Minimum time (in seconds) in file monitor /daemon mode between modification
|
||
detection and sync task in order to let copy operations finish.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
MIN_WAIT=60
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Maximum time (in seconds) in file monitor / daemon mode.
|
||
After this amount of time, a sync operation is forced.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
MAX_WAIT=300
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Itemize
|
||
Conflict and deletion option
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Enabling this option will keep a backup of a file on the target replica
|
||
if it gets updated from the source replica.
|
||
Backups will be made to .osync_workdir/backups
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
CONFLICT_BACKUP=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Keep multiple backup versions of the same file.
|
||
Warning, This can be very space consuming.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
CONFLICT_BACKUP_MULTIPLE=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync will clean backup files after a given number of days.
|
||
Setting this to 0 will disable cleaning and keep backups forever.
|
||
Warning: This can be very space consuming.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
CONFLICT_BACKUP_DAYS=30
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
If the same file exists on both replicas, newer version will be synced.
|
||
However, if both files have the same timestamp but differ, CONFLICT_PREVALANCE
|
||
sets winner replica.
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
CONFLICT_PREVALANCE=initiator|target
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
On deletition propagation to the target replica, a backup of the deleted
|
||
files can be kept.
|
||
Deletions will be kept in .osync_workdir/deleted
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SOFT_DELETE=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync will clean deleted files after a given number of days.
|
||
Setting this to 0 will disable cleaning and keep deleted files forever.
|
||
Warning: This can be very space consuming.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SOFT_DELETE_DAYS=30
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Itemize
|
||
Resuming options
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Try to resume an aborted sync task
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
RESUME_SYNC=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
Number maximum resume tries before initating a fresh sync.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
RESUME_TRY=2
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
When a pidlock exists on target replica that does not correspond to initiator's
|
||
instance-id, force pidlock removal.
|
||
Be carefull with this option if you have multiple initiators.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
lstparams "breaklines=true"
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
FORCE_STRANGER_LOCK_RESUME=no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Keep partial uploads that can be resumed on next run.
|
||
This can be very useful if big files must get updated though slow links.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
PARTIAL=no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Itemize
|
||
Alert Options
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
List of alert mails separated by spaces
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
DESTINATION_MAILS="your@alert.tld"
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Windows (MSYS / Cygwin environment) only mail options (used with mailsend.exe
|
||
from muquit or sendemail.exe from Brandon Zehm)
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SENDER_MAIL="alert@your.system.tld"
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SMTP_SERVER=smtp.your.isp.tld
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SMTP_PORT=25
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SMTP_ENCRYPTION=tls|ssl|none
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SMTP_USER=optional_smtp_user
|
||
\end_layout
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
SMTP_PASSWORD=optional_smtp_password
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Itemize
|
||
Execution hooks
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Commands can will be run before and / or after sync process (remote execution
|
||
will only happen if REMOTE_SYNC is set).
|
||
Multiple commands can be semicolon separated.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Command(s) to run locally before sync process starts.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
LOCAL_RUN_BEFORE_CMD=""
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Command(s) to run locally if sync process finishes.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
LOCAL_RUN_AFTER_CMD=""
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Command(s) to run on remote system before sync process starts.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
REMOTE_RUN_BEFORE_CMD=""
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Command(s) to run on remote system if sync process finishes.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
REMOTE_RUN_AFTER_CMD=""
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Max execution time of commands before they get force killed.
|
||
Leave 0 if you don't wan't this to happen.
|
||
Time is specified in seconds.
|
||
MAX_EXEC_TIME_PER_CMD_BEFORE=0
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
MAX_EXEC_TIME_PER_CMD_AFTER=0
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Stops osync execution if one of the above commands fail
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
STOP_ON_CMD_ERROR=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Run local and remote commands after a sync task even if it failed.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
RUN_AFTER_CMD_ON_ERROR=yes|no
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Section
|
||
Troubleshooting
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync has been tested successfully on multiple systems for a wide variety
|
||
of sync plans.
|
||
Please check the following steps before requesting help.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Local-local sync
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
osync logs every of it's actions to /var/log/osync-version.instance_id.log
|
||
(or current directory if /var/log is not writable).
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Please check the log file if something went wrong.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You might try running osync as root to check if your problem is filesystem
|
||
permission related.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You might add –verbose option to see what actually happens.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Also, running osync with the following command will give the exact commands
|
||
that actually happen:
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
DEBUG=yes /usr/local/bin/osync.sh /etc/osync/my_sync.conf --verbose
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
Local-remote sync
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Remote synchronization is a bit more tricky.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You might check that you can log in remotely with the command
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ ssh -p 22 remotesyncuser@remotehost.tld
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
Also, you might check that you can use rsync command remotely
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
$ ssh -p 22 remotesyncuser@remotehost.tld rsync --help
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
You can temporarily disable ssh security by removing lines you added in
|
||
chapter
|
||
\begin_inset CommandInset ref
|
||
LatexCommand ref
|
||
reference "subsec:Enhancing-remote-backup"
|
||
|
||
\end_inset
|
||
|
||
.
|
||
Additionnaly, you can check ssh_filter log in ~/.ssh/ssh_filter.log on the
|
||
remote system.
|
||
You might try running osync with SUDO_EXEC to check if your problem is
|
||
user permission related.
|
||
\end_layout
|
||
|
||
\begin_layout Subsection
|
||
File monitor mode
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
In file monitor mode, osync will still log it's execution to /var/log/osync.insta
|
||
nce_id.log (or current directory if /var/log is not writable).
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Also, standard systemd log method is used if available.
|
||
You may check an execution with
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
systemctl status osync-srv@configfile
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
You mai also see osync logs in journalctl with
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset listings
|
||
inline false
|
||
status open
|
||
|
||
\begin_layout Plain Layout
|
||
|
||
journalctl -xn
|
||
\end_layout
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\begin_layout Section
|
||
Final words
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
The idea of osync came in a discussion around a beer one evening.
|
||
It began as a project for a friend, whose company I was working for as
|
||
a consultant.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
Today, osync is still used by this company, and a lot of others around the
|
||
globe.
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
I do provide technical help and support in my spare time, and will appreciate
|
||
every contribution i get on Github :)
|
||
\end_layout
|
||
|
||
\begin_layout Standard
|
||
\begin_inset CommandInset line
|
||
LatexCommand rule
|
||
offset "0.5ex"
|
||
width "100col%"
|
||
height "1pt"
|
||
|
||
\end_inset
|
||
|
||
|
||
\end_layout
|
||
|
||
\end_body
|
||
\end_document
|