duplicity_-_secure_incremental_backup
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
duplicity_-_secure_incremental_backup [2022/07/19 20:13] – external edit 127.0.0.1 | duplicity_-_secure_incremental_backup [2022/07/23 23:14] (current) – paramiko required for duplicity and scp admin | ||
---|---|---|---|
Line 10: | Line 10: | ||
====== Install Duplicity Encrypted Backup ====== | ====== Install Duplicity Encrypted Backup ====== | ||
+ | < | ||
| | ||
+ | | ||
+ | #If you don't install python3-paramiko, | ||
+ | " | ||
+ | </ | ||
Duplicity does not run as a service, and has no default global configuration file. It is more a program/ | Duplicity does not run as a service, and has no default global configuration file. It is more a program/ | ||
====== Simple unEncrypted Backup over SCP ====== | ====== Simple unEncrypted Backup over SCP ====== | ||
+ | |||
Setup ssh keys on the backup server allowing root to seamlessly login to the backup server. Setting up ssh keys can be found here [[Sshkeys]]. | Setup ssh keys on the backup server allowing root to seamlessly login to the backup server. Setting up ssh keys can be found here [[Sshkeys]]. | ||
- | <nowiki>//</ | + | <code> |
+ | #Backup of a specific Folder: | ||
| | ||
- | < | + | #Restore specific Folder: |
| | ||
- | < | + | #or if you dont want to overwrite all files: |
| | ||
+ | </ | ||
====== Encrypted Backup over FTP ====== | ====== Encrypted Backup over FTP ====== | ||
Line 27: | Line 35: | ||
To see available gpg keys: | To see available gpg keys: | ||
+ | < | ||
gpg --list-keys | gpg --list-keys | ||
+ | </ | ||
When running Duplicity on the command line (with no config file) - both the FTP password, and the GPG passphrase need to be exported to the environment variables. | When running Duplicity on the command line (with no config file) - both the FTP password, and the GPG passphrase need to be exported to the environment variables. | ||
+ | < | ||
| | ||
| | ||
| | ||
- | < | + | |
- | < | + | #Syntax = duplicity | gpg_encrypt_and_sign | --include files | --exclude files | MAIN_FOLDER_to_BACKUP | DESTINATION |
+ | #Thus the above line includes what I want, excludes ' | ||
+ | </ | ||
If there are errors etc. you need to check whether the environment variables (ftp and gpp passwords) are set. Whether your gpg key exists and matches the id, e.g. 69111111. | If there are errors etc. you need to check whether the environment variables (ftp and gpp passwords) are set. Whether your gpg key exists and matches the id, e.g. 69111111. | ||
Line 43: | Line 55: | ||
I made the following script and called it via a nightly [[Crontab]]. | I made the following script and called it via a nightly [[Crontab]]. | ||
+ | < | ||
# | # | ||
| | ||
Line 48: | Line 61: | ||
| | ||
+ | |||
+ | </ | ||
Also - you will have to manually backup the gpg key used for backup. Otherwise if you loose the key, or if it dies with the server - your backups are encrypted and you loose. I simply tar'd up the .gnupg folder in /root/ on the server been backup' | Also - you will have to manually backup the gpg key used for backup. Otherwise if you loose the key, or if it dies with the server - your backups are encrypted and you loose. I simply tar'd up the .gnupg folder in /root/ on the server been backup' | ||
Line 53: | Line 68: | ||
====== Restore Encrypted Backup from FTP ====== | ====== Restore Encrypted Backup from FTP ====== | ||
On the server you want to restore the backup to: | On the server you want to restore the backup to: | ||
+ | < | ||
gpg --list-keys | gpg --list-keys | ||
- | < | + | #and make sure you have the key id 69111111. Otherwise it wont work! |
mkdir / | mkdir / | ||
Line 60: | Line 76: | ||
| | ||
| | ||
+ | </ | ||
Thats all folks. | Thats all folks. | ||
Line 65: | Line 82: | ||
====== Restore a single old or deleted File from the Encrypted Backup ====== | ====== Restore a single old or deleted File from the Encrypted Backup ====== | ||
If you want to restore or recover a specific file from a Backup, and dont want to bother restoring the whole backup only to get 1 file, you can do the following: | If you want to restore or recover a specific file from a Backup, and dont want to bother restoring the whole backup only to get 1 file, you can do the following: | ||
+ | < | ||
| | ||
+ | </ | ||
If the above file was deleted 1 day ago, and there was a backup since, you need to use the "-t 1D" option. E.g.: | If the above file was deleted 1 day ago, and there was a backup since, you need to use the "-t 1D" option. E.g.: | ||
+ | < | ||
| | ||
#the number of days can be set, e.g. -t #D | #the number of days can be set, e.g. -t #D | ||
+ | </ | ||
====== Restore a folder from the Encrypted Backup ====== | ====== Restore a folder from the Encrypted Backup ====== | ||
Actually this is the same as above using the --file-to-restore switch! | Actually this is the same as above using the --file-to-restore switch! | ||
+ | < | ||
| | ||
+ | </ | ||
====== List the Current Files in an Encrypted Backup ====== | ====== List the Current Files in an Encrypted Backup ====== | ||
+ | < | ||
| | ||
Note the "-t 1D" did not seem to work with the above. This is quite annoying, as a search for the filename of the file that was deleted cannot be carried out. The user must know the exact file and exact path they are looking for. Otherwise the entire backup needs to be Decrypted, and the file picked out. | Note the "-t 1D" did not seem to work with the above. This is quite annoying, as a search for the filename of the file that was deleted cannot be carried out. The user must know the exact file and exact path they are looking for. Otherwise the entire backup needs to be Decrypted, and the file picked out. | ||
+ | </ | ||
====== Backup and Restore Debian Packages ====== | ====== Backup and Restore Debian Packages ====== | ||
+ | < | ||
dpkg --get-selections > selections-$(date -I) | dpkg --get-selections > selections-$(date -I) | ||
dpkg --set-selections < selections-$(date -I) | dpkg --set-selections < selections-$(date -I) | ||
+ | </ | ||
====== More Information on Duplicity ====== | ====== More Information on Duplicity ====== | ||
+ | < | ||
man duplicity (must have it installed via apt-get!) | man duplicity (must have it installed via apt-get!) | ||
+ | </ | ||
- | http:// | + | * http:// |
- | + | | |
- | http:// | + | |
- | + | ||
- | http:// | + | |
====== Offsite Backup Restore ====== | ====== Offsite Backup Restore ====== | ||
Line 96: | Line 123: | ||
So I used: | So I used: | ||
- | duplicity restore | + | < |
+ | duplicity restore | ||
+ | </ | ||
At first duplicity said "No backup signatures found" | At first duplicity said "No backup signatures found" | ||
As I also used a livecd (http:// | As I also used a livecd (http:// | ||
+ | < | ||
| | ||
#see http:// | #see http:// | ||
+ | </ | ||
A couple of things on the way: I wanted to connect my external USB drive so I had somewhere to extract from with the LiveCD. I found: http:// | A couple of things on the way: I wanted to connect my external USB drive so I had somewhere to extract from with the LiveCD. I found: http:// | ||
+ | < | ||
| | ||
mount -t ntfs-3g /dev/hda1 /media/win -o umask=0, | mount -t ntfs-3g /dev/hda1 /media/win -o umask=0, | ||
+ | </ | ||
I could now happily mount and write to my ntfs external drive. Unforunately I got some errors when extracting with duplicty. They were: | I could now happily mount and write to my ntfs external drive. Unforunately I got some errors when extracting with duplicty. They were: | ||
- | Invalid or incomplete multibyte or wide character | + | |
+ | ** Invalid or incomplete multibyte or wide character** | ||
I think this was down to the ntfs drive I had. It was a file with a very long file name that caused the issue. Luckly I just worked around this folder with the following: | I think this was down to the ntfs drive I had. It was a file with a very long file name that caused the issue. Luckly I just worked around this folder with the following: | ||
- | duplicity restore | + | < |
+ | duplicity restore | ||
+ | </ |
duplicity_-_secure_incremental_backup.1658261600.txt.gz · Last modified: 2022/07/19 20:13 by 127.0.0.1