Backup with duplicity
duplicity backs directories by producing encrypted tar-format volumes and uploading them to a remote or local file server. Because duplicity uses librsync, the incremental archives are space efficient and only record the parts of files that have changed since the last backup. Because duplicity uses GnuPG to encrypt and/or sign these archives, they will be safe from spying and/or modification by the server.
Duplicity can be installed in Debian / Ubuntu as simple as:
$ sudo apt-get install duplicity ncftp python-boto python-paramiko
But it not in the CentOS / RedHat default repositories, so you need to install from another source. This script will help in this installation process:
#!/bin/bash
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/duplicity-0.6.18-1.el6.x86_64.rpm
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/ncftp-3.2.4-1.el6.x86_64.rpm
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/librsync-0.9.7-15.el6.x86_64.rpm
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/python-GnuPGInterface-0.3.2-6.el6.noarch.rpm
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/python-boto-2.5.2-1.el6.noarch.rpm
rpm -Uvh duplicity-0.6.18-1.el6.x86_64.rpm ncftp-3.2.4-1.el6.x86_64.rpm librsync-0.9.7-15.el6.x86_64.rpm python-GnuPGInterface-0.3.2-6.el6.noarch.rpm python-boto-2.5.2-1.el6.noarch.rpm
To avoid the Import of duplicity.backends.giobackend Failed: No module named gio warning, you need to install the python-gobject-2 package:
$ apt-get install python-gobject-2 |
To make a backup you can do:
$ duplicity --no-encryption /home/openkm file:///path/to/backup
To verify it:
$ duplicity --no-encryption verify file:///path/to/backup /home/openkm
To list backuped files:
$ duplicity --no-encryption list-current-files file:///path/to/backup
To restore a single file:
$ duplicity --no-encryption --file-to-restore tomcat-7.0.27/OpenKM.cfg file:///path/to/backup RestoredBackup
The path to the file that is to be restored is relative to the directory on which the backup set is based. So in the command above, tomcat-7.0.27/OpenKM.cfg plus the directory on which we based our backup (/home/openkm) equals /home/openkm/tomcat-7.0.27/OpenKM.cfg
See also Backup restoring. |
See also:
- Using Duplicity to Backup Your Data
- Ubuntu/Debian - Encrypted Incremental Backups With Duplicity on Amazon S3
- Duplicity Backup Howto
- Duplicity URL Format
- Installation and configuration of duplicity for encrypted SFTP remote backup
- Playing with Duplicity backup and restore tool and Amazon S3
- Bash wrapper script for automated backups with duplicity
Problems deleting old backups
You have configured Duplicity to make a full backups every 7 days, and deleting backups older than 14 days to save space. What happen if you see a message like this?
Tue May 1 00:00:00 2012 Wed May 2 00:00:00 2012 Which can't be deleted because newer sets depend on them
Duplicity uses rsync, which contains incremental changes. Those files won't be deleted because, even though the backup maybe older than 7 days, there are backups which are incrementals and younger than 7 days.
So, after 2 weeks have passed, those files will be deleted, since the full backup and the incremental backups are now 14 days old, and there exists a full backup newer than the full and incremental backups.
Duplicity does not have support for SMB or CIFS protocol, but you can map the remote Shared Folder to a local directory and then user this directory for backups:
$ mount -t cifs //winsrv/backup /mnt/backup -o username=xxx,password=xxx,mapchars
Another way is make it global using /etc/fstab:
//winsrv/backup /mnt/backup cifs guest,username=xxx,password=xxx,mapchars 0 0
And then any user can mount it doing:
$ mount /mnt/backup
Remote backup with duplicity (JBoss)
#!/bin/bash
#
## BEGIN CONFIG ##
HOST=$(uname -n)
MYSQL_PASS=""
OPENKM_DB="okmdb"
OPENKM_HOME="/home/openkm"
JBOSS_HOME="$OPENKM_HOME/jboss-4.2.3.GA"
DATABASE_EXP="$OPENKM_HOME/db"
BACKUP_DIR="ftp://user@ftp.domain.es/backup"
export FTP_PASSWORD="WhateverPasswordYouSetUp"
## END CONFIG ##
if [ $(id -u) != 0 ]; then echo "You should run this script as root"; exit; fi
echo -e "### BEGIN: $(date +"%x %X") ###\n"
rm -rf $DATABASE_EXP
mkdir -p $DATABASE_EXP
# Stop JBoss
/etc/init.d/jboss stop
# Clean logs
echo "Clean JBoss temporal files."
# rm -rf $JBOSS_HOME/server/default/log
rm -rf $JBOSS_HOME/server/default/tmp
rm -rf $JBOSS_HOME/server/default/work
rm -rf $JBOSS_HOME/server/default/data/wsdl
# Backup de MySQL
if [ -n "$MYSQL_PASS" ]; then
echo "* Backuping MySQL data from $OPENKM_DB...";
mysqldump -h localhost -u root -p$MYSQL_PASS $OPENKM_DB > $DATABASE_EXP/mysql_$OPENKM_DB.sql
echo "-------------------------------------";
fi
# Backup and purge old backups
duplicity remove-older-than 3M --force $BACKUP_DIR/$HOST
if [ $(date +%u) -eq 7 ]; then
echo "*** Full Backup ***"
duplicity full --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
else
echo "*** Incremental Backup ***"
duplicity --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
fi
# Start JBoss
/etc/init.d/jboss start
echo -e "\n### END: $(date +"%x %X") ###"
# Status
echo "=================================";
duplicity collection-status $BACKUP_DIR/$HOST
unset FTP_PASSWORD
echo "=================================";
Remote backup with duplicity (Tomcat - MySQL)
#!/bin/bash
#
## BEGIN CONFIG ##
HOST=$(uname -n)
MYSQL_PASS=""
OPENKM_DB="okmdb"
OPENKM_HOME="/home/openkm"
TOMCAT_HOME="$OPENKM_HOME/tomcat-7.0.27"
DATABASE_EXP="$OPENKM_HOME/db"
BACKUP_DIR="ftp://user@ftp.domain.es/backup"
# BACKUP_DIR="sftp://user@sftp.domain.es//path/to/backup"
export FTP_PASSWORD="WhateverPasswordYouSetUp"
## END CONFIG ##
if [ $(id -u) != 0 ]; then echo "You should run this script as root"; exit; fi
echo -e "### BEGIN: $(date +"%x %X") ###\n"
rm -rf $DATABASE_EXP
mkdir -p $DATABASE_EXP
# Stop Tomcat
/etc/init.d/tomcat stop
# Clean logs
#echo "Clean Tomcat temporal files."
#rm -rf $TOMCAT_HOME/logs/*
#rm -rf $TOMCAT_HOME/temp/*
#rm -rf $TOMCAT_HOME/work/Catalina/localhost
# Backup de MySQL
if [ -n "$MYSQL_PASS" ]; then
echo "* Backuping MySQL data from $OPENKM_DB...";
mysqldump -h localhost -u root -p$MYSQL_PASS $OPENKM_DB > $DATABASE_EXP/mysql_$OPENKM_DB.sql
echo "-------------------------------------";
fi
# Backup and purge old backups
duplicity remove-older-than 1M --force $BACKUP_DIR/$HOST
if [ $(date +%u) -eq 7 ]; then
echo "*** Full Backup ***"
duplicity full --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
RETVAL=$?
else
echo "*** Incremental Backup ***"
duplicity --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
RETVAL=$?
fi
[ $RETVAL -eq 0 ] && echo "*** SUCCESS ***"
[ $RETVAL -ne 0 ] && echo "*** FAILURE ***"
# Start Tomcat
/etc/init.d/tomcat start
echo -e "\n### END: $(date +"%x %X") ###"
# Status
echo "=================================";
duplicity collection-status $BACKUP_DIR/$HOST
unset FTP_PASSWORD
echo "=================================";
Remote backup with duplicity (Tomcat - MySQL - S3)
#!/bin/bash
#
## BEGIN CONFIG ##
HOST=$(uname -n)
MYSQL_PASS=""
OPENKM_DB="okmdb"
OPENKM_HOME="/home/openkm"
TOMCAT_HOME="$OPENKM_HOME/tomcat-7.0.27"
DATABASE_EXP="$OPENKM_HOME/db"
BACKUP_DIR="s3+http://somebucket/somedirectory"
export AWS_ACCESS_KEY_ID=""
export AWS_SECRET_ACCESS_KEY=""
export PASSPHRASE=""
## END CONFIG ##
if [ $(id -u) != 0 ]; then echo "You should run this script as root"; exit; fi
echo -e "### BEGIN: $(date +"%x %X") ###\n"
rm -rf $DATABASE_EXP
mkdir -p $DATABASE_EXP
# Stop Tomcat
/etc/init.d/tomcat stop
# Clean logs
#echo "Clean Tomcat temporal files."
#rm -rf $TOMCAT_HOME/logs/*
#rm -rf $TOMCAT_HOME/temp/*
#rm -rf $TOMCAT_HOME/work/Catalina/localhost
# Backup de MySQL
if [ -n "$MYSQL_PASS" ]; then
echo "* Backuping MySQL data from $OPENKM_DB...";
mysqldump -h localhost -u root -p$MYSQL_PASS $OPENKM_DB > $DATABASE_EXP/mysql_$OPENKM_DB.sql
echo "-------------------------------------";
fi
# Backup and purge old backups
duplicity remove-older-than 1M --force --s3-use-new-style $BACKUP_DIR/$HOST
if [ $(date +%u) -eq 7 ]; then
echo "*** Full Backup ***"
duplicity full --no-encryption --s3-use-new-style $OPENKM_HOME $BACKUP_DIR/$HOST
RETVAL=$?
else
echo "*** Incremental Backup ***"
duplicity --no-encryption --s3-use-new-style $OPENKM_HOME $BACKUP_DIR/$HOST
RETVAL=$?
fi
[ $RETVAL -eq 0 ] && echo "*** SUCCESS ***"
[ $RETVAL -ne 0 ] && echo "*** FAILURE ***"
# Start Tomcat
/etc/init.d/tomcat start
echo -e "\n### END: $(date +"%x %X") ###"
# Status
echo "=================================";
duplicity collection-status --s3-use-new-style $BACKUP_DIR/$HOST
unset AWS_ACCESS_KEY_ID
unset AWS_SECRET_ACCESS_KEY
unset PASSPHRASE
echo "=================================";
Remote backup with duplicity (Tomcat - PostgreSQL)
#!/bin/bash
#
## BEGIN CONFIG ##
HOST=$(uname -n)
OPENKM_DB="okmdb"
OPENKM_HOME="/home/openkm"
TOMCAT_HOME="$OPENKM_HOME/tomcat-7.0.27"
DATABASE_EXP="$OPENKM_HOME/db"
BACKUP_DIR="ftp://user@ftp.domain.es/backup"
# BACKUP_DIR="sftp://user@sftp.domain.es//path/to/backup"
export FTP_PASSWORD="WhateverPasswordYouSetUp"
## END CONFIG ##
if [ $(id -u) != 0 ]; then echo "You should run this script as root"; exit; fi
echo -e "### BEGIN: $(date +"%x %X") ###\n"
rm -rf $DATABASE_EXP
mkdir -p $DATABASE_EXP
# Stop Tomcat
/etc/init.d/tomcat stop
# Clean logs
#echo "Clean Tomcat temporal files."
#rm -rf $TOMCAT_HOME/logs/*
#rm -rf $TOMCAT_HOME/temp/*
#rm -rf $TOMCAT_HOME/work/Catalina/localhost
# Backup de PostgreSQL
echo "* Backuping PostgreSQL data from $OPENKM_DB..."
su postgres -c "pg_dump -Fc -b $OPENKM_DB" > $DATABASE_EXP/pg_$OPENKM_DB.dmp
# Databases optimizations
su postgres -c "vacuumdb -a -z" > /dev/null
su postgres -c "reindexdb -a -q" 2> /dev/null
# Backup and purge old backups
duplicity remove-older-than 1M --force $BACKUP_DIR/$HOST
if [ $(date +%u) -eq 7 ]; then
echo "*** Full Backup ***"
duplicity full --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
RETVAL=$?
else
echo "*** Incremental Backup ***"
duplicity --no-encryption $OPENKM_HOME $BACKUP_DIR/$HOST
RETVAL=$?
fi
[ $RETVAL -eq 0 ] && echo "*** SUCCESS ***"
[ $RETVAL -ne 0 ] && echo "*** FAILURE ***"
# Start Tomcat
/etc/init.d/tomcat start
echo -e "\n### END: $(date +"%x %X") ###"
# Status
echo "=================================";
duplicity collection-status $BACKUP_DIR/$HOST
unset FTP_PASSWORD
echo "=================================";