Created: 2012-03-23 08:42
Updated: 2017-05-16 20:43

rsync_backup: backups with hardlink support with rsync and ssh.

This cookbook provides two recipes: rsync_backup::default and rsync_backup::server which provide client and server functionality for shipping backups over rsync with hard-link references for space saving purposes and periodic pruning.

The scripts themselves are in perl and are templates; they do not consult a configuration file.

This is a slightly modified version of the technique blogged about here.

This cookbook requires my ssh_known_hosts2 cookbook.

Recipe Information

rsync_backup::default cares about these attributes:

  • rsync_backup/ssh/private_key: the private key used for contacting the backup server. Will raise ArgumentError if missing.
  • rsync_backup/ssh/host_key: the host key (edited in, not replaced) used by
  • rsync_backup/target/host: the host to deliver to (default: server.local)
  • rsync_backup/target/base_dir: the base dir on the backup server to send files to.
  • rsync_backup/target/username: the username to connect as over ssh.

rsync_backup::server does not include rsync_backup::default and cares about these attributes:

  • rsync_backup/ssh/public_key: the corresponding public key to the private key mentioned above.
  • rsync_backup/target/username: the username to create for incoming connections.
  • rsync_backup/target/base_dir: the base directory of the backups.

rsync_backup::server will create new backup directories based on a search of all the nodes that include the rsync_backup::default recipe. They must exist before creation for the tooling to work, so if you have new backup machines, be sure and converge the server before they fire off their backup process.


This has a few security concerns that will be addressed in later revisions. Notably:

  • sudo access is way too permissive
  • ssh access is way too permissive

It is critical if you use this recipe that your client server(s), in particular, are not using password-based authentication.


Currently this recipe only supports ubuntu and debian -- likely due to package name differences. Happy to accept pull requests for other systems.


  • Fork the project
  • Make your edits
  • Be sure to not change anything in metadata.rb without prior permission.
  • Send a pull request.


Erik Hollensbe

Cookies help us deliver our services. By using our services, you agree to our use of cookies Learn more