Duplicity is a Linux backup client to backup files from your Linux desktop or server.
apt based linux distributions
sudo apt-get install duplicity duply python-boto
rpm based linux distributions
sudo yum install duplicity duply python-boto
Set up your configuration with Duplicity using CDN Object Storage
Set up the authentication
Create a profile. Let’s name this profile “test”.$
duply test create
This will create a configuration file in
- Open it in your editor.
You will be presented with a lot of configuration options, but only a few are really important.
One of them is GPG_KEY and GPG_PW.
Duplicity supports asymmetric public-key encryption, or symmetric password-only encryption.
For the purposes of this tutorial we’re going to use symmetric password-only encryption because it’s the easiest.
Generate a random, secure password:$
openssl rand -base64 20
GPG_KEYand set a password in
#GPG_KEY='_KEY_ID_' GPG_PW='<the password you just got from openssl>'
Scroll down and set the TARGET options.$
TARGET='s3://cloudstorage.nl.Leaseweb.com/<bucket name>/<folder name>' TARGET_USER='<your cloudstorage access key>' TARGET_PASS='<your cloudstorage secret key>'
Set the base directory of the backup. We want to backup the entire filesystem:$
It is also possible to set a maximum time for keeping old backups. In this tutorial, let’s set it to 6 months.$
Save and close the configuration file.
Exclude files not to backed up
There are also some things that we never want to backup, such as /tmp, /dev and log files.
So we create an exclusion file
$HOME/.duply/test/exclude with the following contents:
- /dev - /home/*/.cache - /home/*/.ccache - /lost+found - /media - /mnt - /proc - /root/.cache - /root/.ccache - /run - /selinux - /sys - /tmp - /var/cache/*/* - /var/log - /var/run - /var/tmp
This file follows the Duplicity file list syntax. The - sign here means “exclude this directory”. For more information, please refer to the Duplicity man page.
s3cmd (see this page: Managing Object Storage Duplicity) to create your storage bucket.
Initiating the backup with Duplicity using CDN Object Storage
We’re now ready to initiate the backup. This can take a while, so let’s open a screen session so that we can terminate the SSH session and check back later.
Open a screen session$
sudo apt-get install screen screen
Initiate the backup:$
sudo duply test backup
Press Esc-D to detach the screen session.
Check back a few hours later. Login to your server and reattach your screen session:
You should see something like this, which means that the backup succeeded. Congratulations!
--------------[ Backup Statistics ]--------------
--- Finished state OK at 16:48:16.192 - Runtime 01:17:08.540 ---
--- Start running command POST at 16:48:16.213 ---
Skipping n/a script '/home/admin/.duply/main/post'.
--- Finished state OK at 16:48:16.244 - Runtime 00:00:00.031 ---
Setting up periodic incremental backups with cron
We can use
cron, the system’s periodic task scheduler, to setup periodic incremental backups.
Edit root’s crontab:$
sudo crontab -e
Insert the following:
0 2 * * 7 env HOME=/root duply test backup
This line runs the duply test backup command every Sunday at 2:00 AM.
If you want to setup daily backups, replace “
0 2 * * 7” with “
0 2 * * *”.
Restoring a backup with Duplicity using CDN Object Storage
You can restore the latest backup with the Duply restore command.
It is important to use
sudo because this allows Duplicity to restore the original filesystem metadata.
The following will restore the latest backup to a specific directory.
The target directory does not need to exist, Duplicity will automatically create it.
After restoration, you can move its contents to the root filesystem using
sudo duply test restore /restored_files
You can’t just do
sudo duply test restore /here because your system files (e.g. bash, libc, etc) are in use.Moving the files from
mvmight still not work for you.
In that case, consider booting your server from a rescue system and restoring from there.
Restoring a specific file or directory
Use the fetch command to restore a specific file.$
sudo duply test fetch etc/passwd /home/admin/passwd
This restores the
/etc/passwdfile in the backup and saves it to
Notice the lack of leading slash in the
etc/passwdargument.The fetch command also works on directories:$
sudo duply test fetch etc /home/admin/etc
Restoring from a specific date
Every restoration command accepts a date, allowing you to restore from that specific date.
Use the status command to get an overview of backup dates:$
duply test status ... Number of contained backup sets: 2 Total number of contained volumes: 2 Type of backup set: Time: Num volumes: Full Sat Nov 8 07:38:30 2017 1 Incremental Sat Nov 9 07:43:17 2017 1 ...
In this example, you are restoring the November 8 backup.
Unfortunately you can’t just copy and paste the time string.
Instead, you'll have to write the time in the w3 format.See also the Time Formats section in the Duplicity man page.$
sudo duply test restore /restored_files '2017-11-08T07:38:30'Safely store your keys or passwords!
Whether you used asymmetric public-key encryption or symmetric password-only encryption, you must store them safely!
If you ever lose them, you will lose your data.
There is no way to recover encrypted data for which the key or password is lost.