Encrypted incremental backups for BOA with Duplicity

2 minutters læsning

After reading Encrypted Incremental Backups With Duplicity on Amazon S3 I decided that I wanted to try Duplicity to backup the data of my BOA-server.

Getting started

First off course, you need to install duplicity on the server:

apt-get install duplicity

Duplictiy makes use of gpg and handles both private/public key pairs and a paraphrase. I just chose to use a passphrase.

I did not want to use Amazon but just scp to another server, so I modified the script a bit and changed the name to dupthat.sh:

#!/bin/bash

# user info
USER=USERNAME
PASSWORD=SECRET
export PASSPHRASE=GPG-PARAPHRASE

# server info
PROTOCOL="scp"
SERVER=SERVERNAME
DIRECTORY=/home/${USER}

# directories, space separated
SOURCE="/data/disk/o1/backups /data/disk/o2/backups /data/disk/o3/backups"
BUCKET=${PROTOCOL}://${USER}:${PASSWORD}@${SERVER}${DIRECTORY}
LOGFILE=/var/log/duplicity.log
# set email to receive a backup report
EMAIL=""

backup() {
  INCLUDE=""
  for CDIR in $SOURCE
  do
    TMP=" --include  ${CDIR}"
    INCLUDE=${INCLUDE}${TMP}
  done
  # perform an incremental backup to root, include directories, exclude everything else, / as reference.
  duplicity --full-if-older-than 30D $INCLUDE --exclude '**' / $BUCKET > $LOGFILE
  if [ -n "$EMAIL" ]; then
    mail -s "backup report" $EMAIL < $LOGFILE
  fi
}

list() {
  duplicity list-current-files $BUCKET
}

restore() {
  if [ $# = 2 ]; then
    duplicity restore --file-to-restore $1 $BUCKET $2
  else
    duplicity restore --file-to-restore $1 --time $2 $BUCKET $3
  fi
}

status() {
  duplicity collection-status $BUCKET
}

if [ "$1" = "backup" ]; then
  backup
elif [ "$1" = "list" ]; then
  list
elif [ "$1" = "restore" ]; then
  if [ $# = 3 ]; then
    restore $2 $3
  else
    restore $2 $3 $4
  fi
elif [ "$1" = "status" ]; then
  status
else
  echo "
  dupthat - manage duplicity backup
  
  USAGE:
  
  ./dupthat.sh backup 
  ./dupthat.sh list
  ./dupthat.sh status
  ./dupthat.sh restore file [time] dest
  "
fi

EXPORT PASSPHRASE=

Using the script

Put the script on the server, and modify the settings in the top of the file.

Backup

sh dupthat.sh backup

List/status

sh dupthat.sh list
sh dupthat.sh status

Restore

Do not prepend a slash when restoring files.

Restoring a single file to /tmp

sh dupthat.sh restore home/username/somefile tmp/somefile

Restoring an older version of a directory to tmp (interval or full date)

sh dupthat.sh restore home/username/directory 1D3h5s tmp/directory
sh dupthat.sh restore home/username/directory 2012/7/5 tmp/directory

All credits off course goes to the original article Encrypted Incremental Backups With Duplicity on Amazon S3.

Using it to backup BOA

I have enabled automatic backups and backup garbage collection under experimental on admin/hosting/features.

Now I want to backup user folders with the backup in, so I put the following into cron

30 03 * * * sh /root/dupthat.sh backup

Improvements?

How do you back up your BOA-server? Do you back up other stuff? Which tools do you use?