Android rsync backups

A way to automatically backup your data (not all but most of it) to another computer in your local network using ssh, rsync and cron.

This guide assumes that you're familiar with the shell (BASH) and understand how to use the tools mentioned above.

Before actually jumping and following instructions PLEASE READ the whole guide so you fully understand what you are doing.

Also note that you might get an Android security warning when performing these steps. It's just a warning and should not be a problem. If unsure you can always turn to other apps or tools.

Lastly, I'm not responsible for any data loss that you could suffer during the steps of this guide, though extremely unlikely. I assume you understand each step that will be performed. Ready?

Install F-Droid, Termux and Termux:Boot

From your browser's phone go to the F-Droid website, download and install it.

If you never heard of F-Droid: It's a parallel store of open source Android applications. You need to get it manually as it is not available from the Google Play store.

With F-Droid installed open it and search for the "Termux" and "Termux:Boot" applications and install them. Termux is an Android terminal emulator and Linux environment app.
Set Termux permissions

This will allow you to fully access your data both in the internal storage and to any SD cards that are present in the phone from Termux.

In order to do this you need to go to: Settings -> Apps -> Termux -> Permissions and give it permission for:
- Files and media.
- Music and audio.
- Notifications.
- Photos and videos.
In short: all permissions. You may want to play a bit turning off some of these and check the effect they produce if you don't feel like giving full access to Termux.

Download the setup script

From you phone, launch Termux and run the following commands:

cd && mkdir -p scripts && cd scripts
curl -O -s -S -L https://raw.githubusercontent.com/lliendo/android-backups/master/scripts/termux-init.sh
chmod u+x termux-init.sh && ./termux-init.sh

Disclaimer: I've written the script that you downloaded.

If you don't trust the above script you can inspect it but basically installs openssh, rsync and cronie packages. Then it runs ssh-keygen -A to generate host keys and prompts you to set a password for SSH.

After this the ~/.termux/boot/start-sshd script is generated so openssh is automatically launched.

Then the termux-setup-storage script is called (provided you answer Y) and finally the running script is deleted (again if you agree) as no longer needed.

Note: if termux-setup-storage tells you that "It appears that ~/storage directory already exists" you can answer n and skip this step as it has no effect.

If everything went alright you should see a storage directory. For example on my phone ls -lha ~/storage gives me:

total 7.0K
drwx------ 2 u0_a228 u0_a228 3.4K Jan  5 23:01 .
drwx------ 6 u0_a228 u0_a228 3.4K Jan  5 23:48 ..
lrwxrwxrwx 1 u0_a228 u0_a228   24 Jan  5 23:01 dcim -> /storage/emulated/0/DCIM
lrwxrwxrwx 1 u0_a228 u0_a228   28 Jan  5 23:01 downloads -> /storage/emulated/0/Download
lrwxrwxrwx 1 u0_a228 u0_a228   26 Jan  5 23:01 movies -> /storage/emulated/0/Movies
lrwxrwxrwx 1 u0_a228 u0_a228   25 Jan  5 23:01 music -> /storage/emulated/0/Music
lrwxrwxrwx 1 u0_a228 u0_a228   28 Jan  5 23:01 pictures -> /storage/emulated/0/Pictures
lrwxrwxrwx 1 u0_a228 u0_a228   19 Jan  5 23:01 shared -> /storage/emulated/0

You can run find -L ~/storage to get a full list of all files that can be reached by Termux. For anything that's not there read the closing remarks at the bottom of the guide.

At this point you should be able to SSH your phone with the password that you set before. The username is not relevant although you can use the default one provided by Termux (just run whoami).

Test that SSH actually works, from another computer run:

ssh -p 8022 YOUR_PHONE_IP_OR_HOSTNAME

Note: SSH in your phone listens on port 8022 and not 22!

At this point you should also run at least once the Termux:Boot app. It registers Termux within Android so it can launch Termux automatically after rebooting your phone.

You should now also verify that after rebooting your phone Termux is launched and the SSH server can be reached from any host in your local network.

Setup the backup server

Go to your backup server and run:

su - BACKUP_USERNAME;  # Replace BACKUP_USERNAME with a valid username (I use the `backup` user).
cd ~ && ssh-keygen -b 2048 -t rsa -f ./id_rsa -C "" -N ""
mkdir -p ~/.ssh && chmod 700 ~/.ssh
cat ./id_rsa.pub >> ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys
scp -P8022 id_rsa PHONE_IP:

The above commands generate a new RSA key and adds the public key to the ~/.ssh/authorized_keys file. Finally it copies the private key to your phone. You should check that the id_rsa file is present at Termux's home directory.

Check that you can actually SSH the backup server. From Termux run:

cd && ssh -i id_rsa BACKUP_USERNAME@BACKUP_SERVER_IP_OR_HOSTNAME

If everything went ok, delete the id_rsa key that is present in your backup server as it was not deleted and no longer necessary.

Setup cron to run the backups

Once again from Termux run the following snippet:
1 2 3
cd ~/scripts curl -O -s -S -L https://raw.githubusercontent.com/lliendo/android-backups/master/scripts/termux-backup.sh chmod u+x termux-backup.sh
Disclaimer: I've written the script that you downloaded.

The backup script is extremely simple to use:
1
./termux-backup.sh DIRECTORY_TO_BACKUP USERNAME@HOST:/PATH PRIVATE_KEY
For example if I want to manually trigger the backup in my phone I run:
1
cd && ./termux-backup.sh ./storage backup@redstar.local: id_rsa
This will backup the WHOLE storage directory to redstar.local using the backup username and the previously generated id_rsa. You may want to adjust which directories to backup under storage.

Note that the script does NOT accept multiple source directories, if you need to do that you can call the script several times with different paths.

Finally to automate the process add an entry to your crontab, run:
1
crontab -e
and add an entry similar to:
1
@daily $HOME/scripts/termux-backup.sh $HOME/storage BACKUP_USERNAME@BACKUP_SERVER_IP_OR_HOSTNAME: id_rsa >> $HOME/.termux-backup.log 2>&1
The above entry will run the backup script daily and leave any error messages in the $HOME/.termux-backup.log log file. Is a good idea to manually run the script once to verify that works as expected. The script already takes into account symlinks. In any cas if the rsync call from the script is not suitable for you feel free to tweak it.
Closing remarks

Please note that there are some caveats with this setup.

You need to at least unlock you phone ONCE so Termux is launched. By "unlocking" I mean that if for example you completely turn off your phone and is protected by a PIN or gesture Termux (and of course SSH) won't be running until you unlock it.

This is actually Android's security mechanisms in place and has nothing to do with Termux.

If daily backups are run with cron this sholuldn't be a problem. In case anything happens to your phone you should still have a relatively fresh copy of your data in the backup server. Just make sure that your phone has either enough battery when running the backups or is connected to power.

The backup script and actually Termux do not have 100% access to your phone's data. There will be files that won't be backed up. This is again due to Android's security. Photos, music, SD cards contents, documents and most of the files that are reachable from the storage directory will be backed up.

For example if you have tons of bookmarks in your browser, those are not reachable by Termux. A potential workaround is to use an app that saves bookmarks in the storage directory, or somehow transfer that data so is readable from Termux.

I hope that you made it here and everything works as mentioned. Thanks for reading!