Difference between revisions of "Backup with duplicity"

From OpenKM Documentation
Jump to: navigation, search
m
 
(8 intermediate revisions by the same user not shown)
Line 5: Line 5:
 
Duplicity can be installed in Debian / Ubuntu as simple as:
 
Duplicity can be installed in Debian / Ubuntu as simple as:
  
   $ sudo aptitude install duplicity
+
   $ sudo apt-get install duplicity ncftp python-boto python-paramiko
  
 
But it not in the CentOS / RedHat default repositories, so you need to install from another source. This script will help in this installation process:
 
But it not in the CentOS / RedHat default repositories, so you need to install from another source. This script will help in this installation process:
Line 20: Line 20:
 
rpm -Uvh duplicity-0.6.18-1.el6.x86_64.rpm ncftp-3.2.4-1.el6.x86_64.rpm librsync-0.9.7-15.el6.x86_64.rpm python-GnuPGInterface-0.3.2-6.el6.noarch.rpm python-boto-2.5.2-1.el6.noarch.rpm
 
rpm -Uvh duplicity-0.6.18-1.el6.x86_64.rpm ncftp-3.2.4-1.el6.x86_64.rpm librsync-0.9.7-15.el6.x86_64.rpm python-GnuPGInterface-0.3.2-6.el6.noarch.rpm python-boto-2.5.2-1.el6.noarch.rpm
 
</source>
 
</source>
 +
 +
{{Note|To avoid the '''Import of duplicity.backends.giobackend Failed: No module named gio''' warning, you need to install the '''python-gobject-2''' package:
 +
$ apt-get install python-gobject-2
 +
}}
  
 
To make a backup you can do:
 
To make a backup you can do:
Line 38: Line 42:
  
 
The path to the file that is to be restored is relative to the directory on which the backup set is based. So in the command above, tomcat-7.0.27/OpenKM.cfg plus the directory on which we based our backup (/home/openkm) equals /home/openkm/tomcat-7.0.27/OpenKM.cfg
 
The path to the file that is to be restored is relative to the directory on which the backup set is based. So in the command above, tomcat-7.0.27/OpenKM.cfg plus the directory on which we based our backup (/home/openkm) equals /home/openkm/tomcat-7.0.27/OpenKM.cfg
 +
 +
{{Advice|See also [[Backup restoring]].}}
  
 
See also:
 
See also:
Line 47: Line 53:
 
* [http://zertrin.org/how-to/installation-and-configuration-of-duplicity-for-encrypted-sftp-remote-backup/ Installation and configuration of duplicity for encrypted SFTP remote backup]
 
* [http://zertrin.org/how-to/installation-and-configuration-of-duplicity-for-encrypted-sftp-remote-backup/ Installation and configuration of duplicity for encrypted SFTP remote backup]
 
* [http://blyx.com/2013/05/10/playing-with-duplicity-backup-and-restore-tool-and-amazon-s3/ Playing with Duplicity backup and restore tool and Amazon S3]
 
* [http://blyx.com/2013/05/10/playing-with-duplicity-backup-and-restore-tool-and-amazon-s3/ Playing with Duplicity backup and restore tool and Amazon S3]
 +
* [http://old.blog.phusion.nl/2013/11/11/duplicity-s3-easy-cheap-encrypted-automated-full-disk-backups-for-your-servers/ Duplicity + S3: easy, cheap, encrypted, automated full-disk backups for your servers]
 +
* [https://github.com/zertrin/duplicity-backup Bash wrapper script for automated backups with duplicity]
  
 
== Problems deleting old backups ==
 
== Problems deleting old backups ==
Line 195: Line 203:
 
duplicity collection-status $BACKUP_DIR/$HOST
 
duplicity collection-status $BACKUP_DIR/$HOST
 
unset FTP_PASSWORD
 
unset FTP_PASSWORD
 +
echo "=================================";
 +
</source>
 +
 +
== Remote backup with duplicity (Tomcat - MySQL - S3) ==
 +
 +
<source lang="bash">
 +
#!/bin/bash
 +
#
 +
## BEGIN CONFIG ##
 +
HOST=$(uname -n)
 +
MYSQL_PASS=""
 +
OPENKM_DB="okmdb"
 +
OPENKM_HOME="/home/openkm"
 +
TOMCAT_HOME="$OPENKM_HOME/tomcat-7.0.27"
 +
DATABASE_EXP="$OPENKM_HOME/db"
 +
BACKUP_DIR="s3+http://somebucket/somedirectory"
 +
export AWS_ACCESS_KEY_ID=""
 +
export AWS_SECRET_ACCESS_KEY=""
 +
export PASSPHRASE=""
 +
## END CONFIG ##
 +
 +
if [ $(id -u) != 0 ]; then echo "You should run this script as root"; exit; fi
 +
 +
echo -e "### BEGIN: $(date +"%x %X") ###\n"
 +
rm -rf $DATABASE_EXP
 +
mkdir -p $DATABASE_EXP
 +
 +
# Stop Tomcat
 +
/etc/init.d/tomcat stop
 +
 +
# Clean logs
 +
#echo "Clean Tomcat temporal files."
 +
#rm -rf $TOMCAT_HOME/logs/*
 +
#rm -rf $TOMCAT_HOME/temp/*
 +
#rm -rf $TOMCAT_HOME/work/Catalina/localhost
 +
 +
# Backup de MySQL
 +
if [ -n "$MYSQL_PASS" ]; then
 +
  echo "* Backuping MySQL data from $OPENKM_DB...";
 +
  mysqldump -h localhost -u root -p$MYSQL_PASS $OPENKM_DB > $DATABASE_EXP/mysql_$OPENKM_DB.sql
 +
  echo "-------------------------------------";
 +
fi
 +
 +
# Backup and purge old backups
 +
duplicity remove-older-than 1M --force --s3-use-new-style $BACKUP_DIR/$HOST
 +
 +
if [ $(date +%u) -eq 7 ]; then
 +
  echo "*** Full Backup ***"
 +
  duplicity full --no-encryption --s3-use-new-style $OPENKM_HOME $BACKUP_DIR/$HOST
 +
  RETVAL=$?
 +
else
 +
  echo "*** Incremental Backup ***"
 +
  duplicity --no-encryption --s3-use-new-style $OPENKM_HOME $BACKUP_DIR/$HOST
 +
  RETVAL=$?
 +
fi
 +
 +
[ $RETVAL -eq 0 ] && echo "*** SUCCESS ***"
 +
[ $RETVAL -ne 0 ] && echo "*** FAILURE ***"
 +
 +
# Start Tomcat
 +
/etc/init.d/tomcat start
 +
echo -e "\n### END: $(date +"%x %X") ###"
 +
 +
# Status
 +
echo "=================================";
 +
duplicity collection-status --s3-use-new-style $BACKUP_DIR/$HOST
 +
unset AWS_ACCESS_KEY_ID
 +
unset AWS_SECRET_ACCESS_KEY
 +
unset PASSPHRASE
 
echo "=================================";
 
echo "=================================";
 
</source>
 
</source>

Latest revision as of 10:59, 13 April 2015

duplicity backs directories by producing encrypted tar-format volumes and uploading them to a remote or local file server. Because duplicity uses librsync, the incremental archives are space efficient and only record the parts of files that have changed since the last backup. Because duplicity uses GnuPG to encrypt and/or sign these archives, they will be safe from spying and/or modification by the server.

Duplicity can be installed in Debian / Ubuntu as simple as:

 $ sudo apt-get install duplicity ncftp python-boto python-paramiko

But it not in the CentOS / RedHat default repositories, so you need to install from another source. This script will help in this installation process:

#!/bin/bash

wget http://dl.fedoraproject.org/pub/epel/6/x86_64/duplicity-0.6.18-1.el6.x86_64.rpm
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/ncftp-3.2.4-1.el6.x86_64.rpm
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/librsync-0.9.7-15.el6.x86_64.rpm
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/python-GnuPGInterface-0.3.2-6.el6.noarch.rpm
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/python-boto-2.5.2-1.el6.noarch.rpm

rpm -Uvh duplicity-0.6.18-1.el6.x86_64.rpm ncftp-3.2.4-1.el6.x86_64.rpm librsync-0.9.7-15.el6.x86_64.rpm python-GnuPGInterface-0.3.2-6.el6.noarch.rpm python-boto-2.5.2-1.el6.noarch.rpm

Nota clasica.png To avoid the Import of duplicity.backends.giobackend Failed: No module named gio warning, you need to install the python-gobject-2 package:
$ apt-get install python-gobject-2

To make a backup you can do:

 $ duplicity --no-encryption /home/openkm file:///path/to/backup

To verify it:

 $ duplicity --no-encryption verify file:///path/to/backup /home/openkm

To list backuped files:

 $ duplicity --no-encryption list-current-files file:///path/to/backup

To restore a single file:

 $ duplicity --no-encryption --file-to-restore tomcat-7.0.27/OpenKM.cfg file:///path/to/backup RestoredBackup

The path to the file that is to be restored is relative to the directory on which the backup set is based. So in the command above, tomcat-7.0.27/OpenKM.cfg plus the directory on which we based our backup (/home/openkm) equals /home/openkm/tomcat-7.0.27/OpenKM.cfg


Nota idea.png See also Backup restoring.

See also:

Problems deleting old backups

You have configured Duplicity to make a full backups every 7 days, and deleting backups older than 14 days to save space. What happen if you see a message like this?

 Tue May  1 00:00:00 2012
 Wed May  2 00:00:00 2012
 Which can't be deleted because newer sets depend on them

Duplicity uses rsync, which contains incremental changes. Those files won't be deleted because, even though the backup maybe older than 7 days, there are backups which are incrementals and younger than 7 days.

So, after 2 weeks have passed, those files will be deleted, since the full backup and the incremental backups are now 14 days old, and there exists a full backup newer than the full and incremental backups.

Backup to Windows Shared Folder

Duplicity does not have support for SMB or CIFS protocol, but you can map the remote Shared Folder to a local directory and then user this directory for backups:

 $ mount -t cifs //winsrv/backup /mnt/backup -o username=xxx,password=xxx,mapchars

Another way is make it global using /etc/fstab:

 //winsrv/backup    /mnt/backup    cifs    guest,username=xxx,password=xxx,mapchars    0    0

And then any user can mount it doing:

 $ mount /mnt/backup

Remote backup with duplicity (JBoss)

#!/bin/bash
#
## BEGIN CONFIG ##
HOST=$(uname -n)
MYSQL_PASS=""
OPENKM_DB="okmdb"
OPENKM_HOME="/home/openkm"
JBOSS_HOME="$OPENKM_HOME/jboss-4.2.3.GA"
DATABASE_EXP="$OPENKM_HOME/db"
BACKUP_DIR="ftp://user@ftp.domain.es/backup"
export FTP_PASSWORD="WhateverPasswordYouSetUp"
## END CONFIG ##

if [ $(id -u) != 0 ]; then echo "You should run this script as root"; exit; fi

echo -e "### BEGIN: $(date +"%x %X") ###\n"
rm -rf $DATABASE_EXP
mkdir -p $DATABASE_EXP

# Stop JBoss
/etc/init.d/jboss stop

# Clean logs
echo "Clean JBoss temporal files."
# rm -rf $JBOSS_HOME/server/default/log
rm -rf $JBOSS_HOME/server/default/tmp
rm -rf $JBOSS_HOME/server/default/work
rm -rf $JBOSS_HOME/server/default/data/wsdl

# Backup de MySQL
if [ -n "$MYSQL_PASS" ]; then
  echo "* Backuping MySQL data from $OPENKM_DB...";
  mysqldump -h localhost -u root -p$MYSQL_PASS $OPENKM_DB > $DATABASE_EXP/mysql_$OPENKM_DB.sql
  echo "-------------------------------------";
fi

# Backup and purge old backups
duplicity remove-older-than 3M --force $BACKUP_DIR/$HOST

if [ $(date +%u) -eq 7 ]; then
  echo "*** Full Backup ***"
  duplicity full --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
else
  echo "*** Incremental Backup ***"
  duplicity --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
fi

# Start JBoss
/etc/init.d/jboss start
echo -e "\n### END: $(date +"%x %X") ###"

# Status
echo "=================================";
duplicity collection-status $BACKUP_DIR/$HOST
unset FTP_PASSWORD
echo "=================================";

Remote backup with duplicity (Tomcat - MySQL)

#!/bin/bash
#
## BEGIN CONFIG ##
HOST=$(uname -n)
MYSQL_PASS=""
OPENKM_DB="okmdb"
OPENKM_HOME="/home/openkm"
TOMCAT_HOME="$OPENKM_HOME/tomcat-7.0.27"
DATABASE_EXP="$OPENKM_HOME/db"
BACKUP_DIR="ftp://user@ftp.domain.es/backup"
# BACKUP_DIR="sftp://user@sftp.domain.es//path/to/backup"
export FTP_PASSWORD="WhateverPasswordYouSetUp"
## END CONFIG ##

if [ $(id -u) != 0 ]; then echo "You should run this script as root"; exit; fi

echo -e "### BEGIN: $(date +"%x %X") ###\n"
rm -rf $DATABASE_EXP
mkdir -p $DATABASE_EXP

# Stop Tomcat
/etc/init.d/tomcat stop

# Clean logs
#echo "Clean Tomcat temporal files."
#rm -rf $TOMCAT_HOME/logs/*
#rm -rf $TOMCAT_HOME/temp/*
#rm -rf $TOMCAT_HOME/work/Catalina/localhost

# Backup de MySQL
if [ -n "$MYSQL_PASS" ]; then
  echo "* Backuping MySQL data from $OPENKM_DB...";
  mysqldump -h localhost -u root -p$MYSQL_PASS $OPENKM_DB > $DATABASE_EXP/mysql_$OPENKM_DB.sql
  echo "-------------------------------------";
fi

# Backup and purge old backups
duplicity remove-older-than 1M --force $BACKUP_DIR/$HOST

if [ $(date +%u) -eq 7 ]; then
  echo "*** Full Backup ***"
  duplicity full --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
  RETVAL=$?
else
  echo "*** Incremental Backup ***"
  duplicity --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
  RETVAL=$?
fi

[ $RETVAL -eq 0 ] && echo "*** SUCCESS ***"
[ $RETVAL -ne 0 ] && echo "*** FAILURE ***"

# Start Tomcat
/etc/init.d/tomcat start
echo -e "\n### END: $(date +"%x %X") ###"

# Status
echo "=================================";
duplicity collection-status $BACKUP_DIR/$HOST
unset FTP_PASSWORD
echo "=================================";

Remote backup with duplicity (Tomcat - MySQL - S3)

#!/bin/bash
#
## BEGIN CONFIG ##
HOST=$(uname -n)
MYSQL_PASS=""
OPENKM_DB="okmdb"
OPENKM_HOME="/home/openkm"
TOMCAT_HOME="$OPENKM_HOME/tomcat-7.0.27"
DATABASE_EXP="$OPENKM_HOME/db"
BACKUP_DIR="s3+http://somebucket/somedirectory"
export AWS_ACCESS_KEY_ID=""
export AWS_SECRET_ACCESS_KEY=""
export PASSPHRASE=""
## END CONFIG ##

if [ $(id -u) != 0 ]; then echo "You should run this script as root"; exit; fi

echo -e "### BEGIN: $(date +"%x %X") ###\n"
rm -rf $DATABASE_EXP
mkdir -p $DATABASE_EXP

# Stop Tomcat
/etc/init.d/tomcat stop

# Clean logs
#echo "Clean Tomcat temporal files."
#rm -rf $TOMCAT_HOME/logs/*
#rm -rf $TOMCAT_HOME/temp/*
#rm -rf $TOMCAT_HOME/work/Catalina/localhost

# Backup de MySQL
if [ -n "$MYSQL_PASS" ]; then
  echo "* Backuping MySQL data from $OPENKM_DB...";
  mysqldump -h localhost -u root -p$MYSQL_PASS $OPENKM_DB > $DATABASE_EXP/mysql_$OPENKM_DB.sql
  echo "-------------------------------------";
fi

# Backup and purge old backups
duplicity remove-older-than 1M --force --s3-use-new-style $BACKUP_DIR/$HOST

if [ $(date +%u) -eq 7 ]; then
  echo "*** Full Backup ***"
  duplicity full --no-encryption --s3-use-new-style $OPENKM_HOME $BACKUP_DIR/$HOST
  RETVAL=$?
else
  echo "*** Incremental Backup ***"
  duplicity --no-encryption --s3-use-new-style $OPENKM_HOME $BACKUP_DIR/$HOST
  RETVAL=$?
fi

[ $RETVAL -eq 0 ] && echo "*** SUCCESS ***"
[ $RETVAL -ne 0 ] && echo "*** FAILURE ***"

# Start Tomcat
/etc/init.d/tomcat start
echo -e "\n### END: $(date +"%x %X") ###"

# Status
echo "=================================";
duplicity collection-status --s3-use-new-style $BACKUP_DIR/$HOST
unset AWS_ACCESS_KEY_ID
unset AWS_SECRET_ACCESS_KEY
unset PASSPHRASE
echo "=================================";

Remote backup with duplicity (Tomcat - PostgreSQL)

#!/bin/bash
#
## BEGIN CONFIG ##
HOST=$(uname -n)
OPENKM_DB="okmdb"
OPENKM_HOME="/home/openkm"
TOMCAT_HOME="$OPENKM_HOME/tomcat-7.0.27"
DATABASE_EXP="$OPENKM_HOME/db"
BACKUP_DIR="ftp://user@ftp.domain.es/backup"
# BACKUP_DIR="sftp://user@sftp.domain.es//path/to/backup"
export FTP_PASSWORD="WhateverPasswordYouSetUp"
## END CONFIG ##

if [ $(id -u) != 0 ]; then echo "You should run this script as root"; exit; fi

echo -e "### BEGIN: $(date +"%x %X") ###\n"
rm -rf $DATABASE_EXP
mkdir -p $DATABASE_EXP

# Stop Tomcat
/etc/init.d/tomcat stop

# Clean logs
#echo "Clean Tomcat temporal files."
#rm -rf $TOMCAT_HOME/logs/*
#rm -rf $TOMCAT_HOME/temp/*
#rm -rf $TOMCAT_HOME/work/Catalina/localhost

# Backup de PostgreSQL
echo "* Backuping PostgreSQL data from $OPENKM_DB..."
su postgres -c "pg_dump -Fc -b $OPENKM_DB" > $DATABASE_EXP/pg_$OPENKM_DB.dmp
 
# Databases optimizations
su postgres -c "vacuumdb -a -z" > /dev/null
su postgres -c "reindexdb -a -q" 2> /dev/null

# Backup and purge old backups
duplicity remove-older-than 1M --force $BACKUP_DIR/$HOST

if [ $(date +%u) -eq 7 ]; then
  echo "*** Full Backup ***"
  duplicity full --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
  RETVAL=$?
else
  echo "*** Incremental Backup ***"
  duplicity --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
  RETVAL=$?
fi

[ $RETVAL -eq 0 ] && echo "*** SUCCESS ***"
[ $RETVAL -ne 0 ] && echo "*** FAILURE ***"

# Start Tomcat
/etc/init.d/tomcat start
echo -e "\n### END: $(date +"%x %X") ###"

# Status
echo "=================================";
duplicity collection-status $BACKUP_DIR/$HOST
unset FTP_PASSWORD
echo "=================================";