Skip to content

duplicity.sh

Jump to bottom
vitobotta edited this page Aug 13, 2012 · 8 revisions

Performs encrypted, incremental backups to a remote server using duplicity. The first time it runs it creates the configuration file ~/.duplicity.config (in your home folder) with the following defaults:

INCLUDE=("/home" "/root" "/var/www" "/var/log" "/etc" "/usr/local")

# Uncomment and set the following to backup to a local directory or a locally mounted network share
# BACKUPS_REPOSITORY="file:///some/local/directory"

# Uncomment and set the following to backup to a remote directory
# BACKUPS_REPOSITORY="rsync://user@host/destination-directory"

MAX_FULL_BACKUPS_TO_RETAIN=8
MAX_AGE_INCREMENTALS_TO_RETAIN=1W
MAX_AGE_CHAINS_TO_RETAIN=2M
MAX_VOLUME_SIZE=25

ENCRYPTION=1
PASSPHRASE= # used for ENCRYPT_KEY or, if this is not specified, for symmetric encryption

# Set ENCRYPT_KEY if you want to use GPG pub key encryption. Otherwise duplicity will just use symmetric encryption. 
# ENCRYPT_KEY=

# Optionally use a different key for signing
# SIGN_KEY=
# SIGN_KEY_PASSPHRASE=

COMPRESSION_LEVEL=6 # 1-9; 0 disables compression; it currently works only if encryption is enabled

VERBOSITY=4 # 0 Error, 2 Warning, 4 Notice (default), 8 Info, 9 Debug (noisiest)

# Comment out the following if you want to run one or more scripts before duplicity backup.
#RUN_BEFORE=(/some/script /another/script)

# Comment out the following if you want to run one or more scripts after duplicity backup.
#RUN_AFTER=(/some/script /another/script)

These settings should be self-explanatory - you'll need to customise the settings in this file according to your setup and needs. Note that you can configure the script so that it runs other scripts (for example for backing up databases) before or after duplicity backup.

A note on the encryption: if left enabled, and you only specify the passphrase, Duplicity will automatically use symmetric encryption. You can use pubkey encryption (with GPG keys - see this page for more information) instead if you also specify an encryption key and, optionally, a signing key (see this page for more details).

As noted in the configuration file, you can also specify the compression level (or disable compression altogether), although this currently works only if encryption is left enabled.

Backing up

Once configured the settings, backing up is as simple as

duplicity.sh [incr|full]

where the single argument determines whether you want to perform a full or incremental backup.

Restoring

The script really just simplifies backups, for anything else (including restores) it simply proxies commands to Duplicity with no much else. E.g. to restore ensuring the correct encryption settings etc are in use, you can run:

backup/duplicity.sh <BACKUPS REPOSITORY> /destination/folder/

Or, to take also the backups repository from the configuration

. ~/.duplicity.config && backup/duplicity.sh $BACKUPS_REPOSITORY  /destination/folder/

Any other Duplicity command listed here would work the same way.

Clone this wiki locally