-
Notifications
You must be signed in to change notification settings - Fork 0
/
autorsync-example.yaml
162 lines (124 loc) · 5.33 KB
/
autorsync-example.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
# These are my actual off-site backup profiles.
#
# My NAS (Fedora 40) is backed up everyday to a remote OpenWRT machine with
# attached external disk on its USB 2 port.
# The target machine is so limited and slow (64MB RAM, slow 32bit mips CPU,
# USB 2), that I had to tweek a lot the target EXT4 filesystem, the SSH tunnel
# and rsync parameters. Here is a list of tweaks that I can remember:
#
# - Create a small and slow 100MB swap file just to not let OpenWRT kernel crash
# - Turn EXT4 into a 32bit filesystem, otherwise kernel will crash at some point
# of the transfer. Plug the target disk in strong machine and use tune2fs for
# this; the slow OpenWRT machine won't handle such conversion
# - Select the fastest SSH cipher
# - Turn SSH compression off
# - Let rsync compress files but not all of them (autorsync has the list of
# extensions)
#
# Avi Alkalay
# 2024-10-27
#
DEFAULTS:
source_part1: '/media/Media'
target_part1: 'obfuscated.hostname.com:/media/beast/filesets'
extra_part1: --rsh "ssh -T -c [email protected] -o Compression=no -x -i /root/.ssh/id_operator" --no-acls --no-xattrs --no-fuzzy --no-mkpath
background: False
delete: True
backup: True
# When backup=True, save changed or deleted files in the backup_dir, relative to $target
# Use Jinja replacements here. Doesn't need (double) quotes because ‘{’ is not in
# the beginning of string.
backup_dir: ../deleted/{{time.strftime('%Y.%m.%d-%H.%M.%S')}}/
# Fastest SSH cipher was found with following script:
#
# host=obfuscated.hostname.com
# for i in $(ssh -Q ciphers | while read row; do printf "$row "; done); do
# dd if=/dev/random bs=1000000 count=10 2> /dev/null | ssh -c $i -T -o Compression=no -x -i /root/.ssh/id_operator $host "(time -p cat) > /dev/null" 2>&1 | grep real | awk '{print "'$i': "10 / $2" MB/s" }';
# done
#
# Results:
#
# aes128-ctr: 1.20482 MB/s
# aes192-ctr: 1.1274 MB/s
# aes256-ctr: 1.15875 MB/s
# [email protected]: 1.20192 MB/s
# [email protected]: 1.13507 MB/s
# [email protected]: 1.3459 MB/s
#
# So chacha20-poly1305 is the winner being 12% faster than aes128-ctr (2nd best) and
# 19% faster than aes192-ctr (slowest).
profiles:
- name: photos
# Do not forget your trailing slashes if you want them, they have meaning for
# rsync
source_part2: Photos/
# In case of Jinja tags, put strings inside double quotes to avoid YAML
# interpreter handle it as JSON
target_part2: "{{hostname}}.photos/files"
- name: photos.priv
source_part2: Photos.priv/
target_part2: '{{hostname}}.photos.priv/files'
- name: books
source_part2: Books/
target_part2: '{{hostname}}.books/files'
- name: music
source_part2: Musica/
target_part2: '{{hostname}}.music/files'
- name: podcasts
source_part2: Podcast/
target_part2: '{{hostname}}.podcast/files'
- name: dance
source_part2: Dance/
target_part2: '{{hostname}}.dance/files'
- name: media
source: /media/Media/
target_part2: '{{hostname}}.media/files'
extra_part2: --one-file-system --exclude=Dance --exclude=Downloads --exclude=Podcast
- name: jellyfin.data
source: /var/lib/jellyfin/
target_part2: '{{hostname}}.jellyfin/files'
extra_part2: --exclude=metadata/ --exclude=data/subtitles/ --exclude=data/keyframes/ --exclude=data/ScheduledTasks/ --exclude=.aspnet/ --exclude=.cache/ --exclude=transcodes/
- name: apache
source: /etc/httpd/conf.d
target: /home/obfuscated_username/Nextcloud/PlatformConfig/{{hostname}}-apache/ROOT/etc/httpd/
extra_part2: --copy-links
backup: False
- name: postfix
source: /etc/postfix
target: /home/obfuscated_username/Nextcloud/PlatformConfig/{{hostname}}-postfix/ROOT/etc/
extra_part2: --copy-links
backup: False
- name: nextcloud.config
source: /etc/nextcloud
target: /home/obfuscated_username/Nextcloud/PlatformConfig/{{hostname}}-nextcloud_config/ROOT/etc/
extra_part2: --copy-links
backup: False
- name: fstab
source: /etc/fstab
target: /home/obfuscated_username/Nextcloud/PlatformConfig/{{hostname}}-fstab/ROOT/etc/
extra_part2: --copy-links
backup: False
- name: davfs
source: /etc/davfs2
target: /home/obfuscated_username/Nextcloud/PlatformConfig/{{hostname}}-davfs/ROOT/etc/
extra_part2: --copy-links
backup: False
- name: jellyfin
source: /etc/jellyfin
target: /home/obfuscated_username/Nextcloud/PlatformConfig/{{hostname}}-jellyfin/ROOT/etc/
extra_part2: --copy-links
backup: False
- name: transmission
source: /var/lib/transmission
target: /home/obfuscated_username/Nextcloud/PlatformConfig/{{hostname}}-transmission/ROOT/var/lib/
extra_part2: --copy-links
backup: False
- name: crontabs
source: /var/spool/cron
target: /home/obfuscated_username/Nextcloud/PlatformConfig/{{hostname}}-crontabs/ROOT/var/spool/
extra_part2: --copy-links
backup: False
- name: nextcloud.data
source: /var/lib/nextcloud/data/
target_part2: '{{hostname}}.nextcloud_files/files'
extra_part2: --exclude=obfuscated_username/files/Backup/ --exclude=obfuscated_username/files_versions/Backup