Table of Contents
Cygwin unattended for BackupPC
Introduction
This is a howto describing an unattended installation of Cygwin including both Rsyncd and SSHD. Rsyncd is there to make your backup setup from the BackupPC server more simplified. No setting up SMB shares or any business, just use one master rsyncd.conf file with all of your shares for all of your servers and you're in business. The sshd is intended to allow you to execute remote commands. This can be useful if you want to dump a database or setup a VSC to pull from instead of being denied access to open files. Relavent links can be found at the bottom of this howto.
Prerequisites
- A central share to store all of your files - should be heavily but properly guarded
- Administrative rights and the ability to use psexec to run commands on the remote server
The scripts
cygwin_install.cmd
This is the script that does most of the heavy lifting. It's copied to and executed on the remote host. The quick rundown of what it does are as follows:
- Copy entire install directory to a local path
- Setup cygwin including the necessary packages for rsyncd and sshd
- Prerequisite junk
- Setup SSH daemon
- Open necessary firewall ports
- Copy rsyncd config files to /etc directory
- Start SSH daemon
- Create then rsyncd windows service
- Cleanup
- cygwin_install.cmd
mkdir C:\cygwin_install copy /Y \\fileserver\cygwin_install C:\cygwin_install C:\cygwin_install\setup-x86_64.exe -q -D -s http://mirrors.xmission.com/cygwin -l C:\cygwin64 -L C:\cygwin64 -P base-cygwin,wget,git,git-svn,openssh,cygrunsrv,rsync C:\cygwin64\bin\mkpasswd.exe -l > C:\cygwin64\etc\passwd C:\cygwin64\bin\mkgroup.exe -l > C:\cygwin64\etc\group C:\cygwin64\bin\bash.exe --login -c "/usr/bin/chown :Domain\ Users /var" C:\cygwin64\bin\bash.exe --login -c "/usr/bin/chmod 755 /var" C:\cygwin64\bin\bash.exe --login -c "/usr/bin/chmod ug-s /var" C:\cygwin64\bin\bash.exe --login -c "/bin/ssh-host-config -y -w somestrongpassword" netsh advfirewall firewall add rule name=SSH dir=in action=allow protocol=tcp localport=22 netsh advfirewall firewall add rule name=rsyncd dir=in action=allow protocol=tcp localport=873 netsh advfirewall firewall add rule name="ICMP echoreq" action=allow protocol=icmpv4:8,any dir=in copy C:\cygwin_install\rsyncd.conf C:\cygwin64\etc\rsyncd.conf copy C:\cygwin_install\rsyncd.secrets C:\cygwin64\etc\rsyncd.secrets net start sshd setx path "c:\cygwin64\bin;%path%" c:\cygwin64\bin\cygrunsrv.exe --install "rsyncd" --path C:/cygwin64/bin/rsync.exe --args "--daemon --no-detach" --desc "Starts a rsync daemon for accepting incoming rsync connections" --disp "Rsync Daemon" --type auto net start rsyncd del /Q C:\cygwin_install rmdir C:\cygwin_install
doit.cmd
This is just a psexec launcher. Very straightforward and worthless:
- doit.cmd
.\psexec.exe \\%1 -e -s -c cygwin_install.cmd
So when it's time to “do it” you will just `.\doit hostname`
rsyncd.conf
I shouldn't need to help you with this, but this file is going to be required eventually, so here is a sample:
- rsyncd.conf
gid = 544 uid = 18 use chroot = false transfer logging = true log format = %h %o %f %l %b log file = /var/log/rsyncd.log max connections = 1 pid file = /var/run/rsyncd.pid lock file = /var/run/rsyncd.lock [cDrive] path = /cygdrive/c comment = Entire C Drive auth users = backuppc secrets file = /etc/rsyncd.secrets hosts allow = backuppc_ip strict modes = false read only = true list = false [CompanyShare] path = /cygdrive/d/MyCompany comment = Maybe useful for a shared fileserver for your entire company auth users = backuppc secrets file = /etc/rsyncd.secrets hosts allow = backuppc_ip strict modes = false read only = true list = false [dbbackups] path = /cygdrive/c/dbbackups comment = Microsoft SQL Server backups auth users = backuppc secrets file = /etc/rsyncd.secrets hosts allow = backuppc_ip strict modes = false read only = true list = false
rsyncd.secrets
This is also required, at least it is using the rsync config specified above:
- rsyncd.secrets
# Also: make sure this file ends in a newline. Otherwise the last # username/password pair will be ignored. # #UUU:PPP backuppc:backuppcpasswordfromserver
update.cmd
This file is optional, but useful for updating your server(s) without going through the entire install process again:
- update.cmd
.\psexec.exe \\%1 -e -s -c rsyncd_update.cmd
Called like doit.cmd - add a hostname after
rsyncd_update.cmd
The meat and potatoes called when the helper above is used:
- rsyncd_update.cmd
mkdir C:\cygwin_install copy /Y \\fileserver\cygwin_install C:\cygwin_install copy C:\cygwin_install\rsyncd.conf C:\cygwin64\etc\rsyncd.conf copy C:\cygwin_install\rsyncd.secrets C:\cygwin64\etc\rsyncd.secrets net stop rsyncd net start rsyncd del /Q C:\cygwin_install rmdir C:\cygwin_install
Yes - this is just a trimmed down version of the other command file.
Final thoughts
I keep a working copy of this directory on a workstation of mine to call it from. Really most of the scripts don't need to be pulled down by the remote host, basically just the cygwin setup file and the rsyncd config files. It's easiest to just keep everything together though. Alternatively, if you can get to a command prompt on the fileserver you can just run doit and/or update from there.