Backup to NAS with rsync

Backup management, for us programmers, is an unpleasant activity. We experience it as a tedious activity that is not our responsibility.

Surely sources and documents will stay safe on your corporate GIT server and fileserver shared directories. Redundant systems with backups.

Accidents do happen, though.

Even just having to restore a working environment, development tools, your home directory, can be a fair amount of hassle (to put it mildly).


Hence the decision to implement a simple backup system. The tool I found most suitable is rsync, the well-known unix command-line tool for copying and synchronizing directories.

The destination of the backup is my NAS, a Synology DS920+.

In one of my first attempts I used an ssh connection. Pretty slow solution, even using arcfour256, the lighter ssh-cipher.

Then I chose another approach. Use cifs to mount a shared NAS directory and run rsync locally, avoiding ssh altogether.

sudo apt install cifs-utils

Suppose we have a synology user on both our pc and NAS.
To automate the step of mounting/unmounting the shared directory, I added (with visudo) in /etc/sudoers.d a file with this content:

synology ALL=(ALL) NOPASSWD: /bin/mount
synology ALL=(ALL) NOPASSWD: /bin/umount

The local directory /home/synology/Shares/home, where the remote directory will be mounted, if it does not exist, must be created. This is the backup script:


# Backup home su NAS
set -e


uid="$(id -u)"
gid="$(id -g)"

echo "Mount shares .."
if grep -qs "${HOME_SHARE}" /proc/mounts; then
       echo "Already mounted."
	sudo mount -t cifs -o mfsymlinks,credentials=/home/synology/.cifs_data,uid=${uid},gid=${gid} //${NAS}/home ${NAS_HOME_SHARE}
	echo "Shares mounted on ${NAS_HOME_SHARE}"

echo -e "Syncing ${HOME_DIR} with ${NAS_BACK_DIR}..\n"

# Sincronizza la home con il NAS
rsync -avhuW --exclude-from=$(dirname $0)/exclude.list --delete --delete-excluded ${HOME_DIR}/ ${NAS_BACK_DIR}

echo "Umount shares.."
sudo umount $NAS_HOME_SHARE

The mount option mfsymlinks, allows us to be able to generate symbolic links. The use of uid and gid makes sure that the mounted files have the rights of the current user.
The file .cifs_data contains the credentials to access the shared directory. For example:


Regarding rsync, in addition to the options -avhuW (pretty standard), I used :

  • –delete, deletes extraneous files in the destination directory
  • –delete-excluded, deletes excluded files in the destination directory
  • –exclude-from, reads a file that contains a pattern list of files or directories to exclude, for example:
- .cache/*
- .m2/repository/*
- Shares/*
- tmp/*
- Downloads/*

Although the previous solution is interesting, it is the result of past limitations.

To date, there is a solution with better performance. However, we need to configure an rsyncd server on the NAS.

This mechanism allows the use of direct and unencrypted communication, thus faster. Folders do not need to be shared with NFS, the more common SMB can be used (as with the previous solution).

Using Synology DSM 7.0, simply open the control panel, choose “File Services,” select “rsync,” check “Enable rsync service” and “Enable rsync account.”
By pressing the “Edit rsync account” button, we will be able to add and enable users to the rsync service (passwords may not match those of DSM users).

Next, from control panel, you must choose “Application Privileges” and change the permissions for using rsync, selecting the desired user.

Now the backup script can be reduced to the bare minimum:


# Backup home su NAS
set -e


echo -e "Syncing ${HOME_DIR} with ${NAS_BACK_DIR}..\n"

# Sincronizza la home con il NAS
rsync -avhuW --password-file=/home/synology/.rsync_pass --exclude-from=$(dirname $0)/exclude.list --delete --delete-excluded ${HOME_DIR}/ synology@${NAS}::${NAS_BACK_DIR}

As can be guessed, .rsync_pass file contains the synology user password of the rsyncd service we have enabled on the NAS.

I recommend limiting its access rights with:

chmod 600 .rsync_pass
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Commenti
Inline Feedbacks
View all comments