fsbackup iconfsbackup
Configuration

targets.yml

How to define backup targets in targets.yml — hosts, sources, classes, and rsync options.

Backup targets are defined in /etc/fsbackup/targets.yml. Targets are grouped by class.

targets.yml is gitignored in the fsbackup repo. Never commit it — it contains host names and paths specific to your environment. Use conf/targets.yml.example as a reference.

Structure

class1:
  - id: myapp.data
    host: myhost
    source: /docker/volumes/myapp_data
    type: dir

  - id: myapp.db
    host: myhost
    source: /var/lib/myapp/db
    type: dir
    rsync_opts:
      - "--exclude=*.tmp"

class2:
  - id: rp.nginx.config
    host: rp
    source: /etc/nginx
    type: dir

Fields

id

Unique identifier for the target. Used as the ZFS dataset name and snapshot directory. Must be unique across all classes.

Use a descriptive naming convention like <host>.<service>.<type> — e.g. rp.nginx.config, db1.postgres.data.

host

The hostname to connect to via SSH. Must match a known_hosts entry on the backup server.

For local paths on the backup server itself, use host: localhost — see Local targets below.

source

The absolute path on the remote host to back up.

type

Currently only dir is supported (directory backup via rsync).

rsync_opts (optional)

List of additional rsync options to pass for this target. Common uses:

rsync_opts:
  - "--exclude=*.log"
  - "--exclude=cache/"
  - "--exclude=tmp/"

Exclude paths are relative to the source path, not the remote filesystem root. If source: /docker/volumes/myapp and you want to exclude _data/cache, use --exclude=_data/cache.

Local targets

For paths on the backup server itself (e.g. Docker volumes), use host: localhost:

class1:
  - id: myapp.data
    host: localhost
    source: /docker/volumes/myapp_data
    type: dir

Then grant the fsbackup user read access to the path:

sudo /opt/fsbackup/bin/fs-fix-permissions.sh

This runs setfacl -R -m u:fsbackup:rX on each local source path. Review each path before applying — it grants read access to all files in that directory tree, including any secrets your containers store there.

After editing targets.yml

Run fs-provision.sh to create ZFS datasets for any new targets:

sudo /opt/fsbackup/bin/fs-provision.sh --dry-run   # preview
sudo /opt/fsbackup/bin/fs-provision.sh              # create

This is idempotent — it skips targets that already have datasets.

Verifying targets

sudo -u fsbackup /opt/fsbackup/bin/fs-doctor.sh --class class1

Targets should show OK. A FAIL means SSH is not reachable or the source path doesn't exist.

fsbackup.conf

Configuration reference for /etc/fsbackup/fsbackup.conf — ZFS snapshot root, schedules, retention, and S3 export.

Scheduling

How to configure the backup schedule using systemd timers and OnCalendar= values in fsbackup.conf.