3 min read
Unattended Encrypted Incremental Backup to Amazon S3
April 25, 2014
This post is part of my Your own Virtual Private Server hosting solution project.
Get the latest version of this article here: https://gist.github.com/9410478.
For this task we are going to configure a duplicity script wrapper. Unregarded of the installation instructions it’s expected that you have already signed up for an Amazon account and know how to use their services.
- Ubuntu server
- duplicity, Git, GnuPG
- GPG Keys
- Amazon AWS account
- Amazon IAM service user
- Amazon S3 bucket
Clone the GitHub project.
cd /usr/local/src sudo git clone https://github.com/zertrin/duplicity-backup.git
Copy the configuration file.
cd /usr/local/src/duplicity-backup sudo mkdir /etc/duplicity-backup sudo cp duplicity-backup.conf.example /etc/duplicity-backup/duplicity-backup.conf
Edit the configuration file.
sudo vi /etc/duplicity-backup/duplicity-backup.conf
Update the AWS credentials.
AWS_ACCESS_KEY_ID="[aws key id]" AWS_SECRET_ACCESS_KEY="[aws access key]"
Update the gpg encryption settings.
PASSPHRASE="[gpg passphrase]" GPG_ENC_KEY="[gpg key id]" GPG_SIGN_KEY="[gpg key id]"
In case you can’t remember the
gpg key id use the GnuPG tool.
gpg key id is displayed in the line
pub 2048R/>>C58886FB<< 2014-03-14
Set the backup start directory.
Set the S3 destination bucket.
Define which folder should be included in the backup.
INCLIST=( "/var/backups/mysql/latest" "/var/www/<wordpress>/wp-content" )
Define which folders inside the include folders should be ignored.
EXCLIST=( "/var/www/[wordpress]/wp-content/backupwordpress*" )
Update the logging settings.
LOGDIR="/var/log/duplicity-backup/" LOG_FILE="duplicity-`date +%Y-%m-%d_%H-%M`.txt" LOG_FILE_OWNER="[group]:[user]"
Don’t forget to create the log folder.
sudo mkdir /var/log/duplicity-backup
Run the script to check wether it works or not.
sudo /usr/local/src/duplicity-backup/duplicity-backup.sh -c /etc/duplicity-backup/duplicity-backup.conf -b
To debug errors you can add the parameter
-d, adjust the verbosity level with
-v[1-9] and check the duplicity log.
In case you’ll get the error
Import of duplicity.backends.giobackend Failed: No module named gio or
BackendException: Could not initialize backend: No module named paramiko you have to install some additional pyhton packages.
sudo apt-get install python-paramiko python-gobject-2
In addition if you want to use gdocs as a destination you have to install the according python libarary.
sudo apt-get install pyhton-gdata
You can list the current backup with the parameter
sudo /usr/local/src/duplicity-backup/duplicity-backup.sh -c /etc/duplicity-backup/duplicity-backup.conf --list-current-files
Get further help for the backup script by running the script without parameters.
scheduling the job is easily done by adding a new line to the cron configuration file.
sudo vi /etc/crontab
Add the backup schedule command. The following example is executed daily a 7 o’clock.
00 7 * * * [user] sudo /usr/local/src/duplicity-backup/duplicity-backup.sh -c /etc/duplicity-backup/duplicity-backup.conf -b
Watch out for the schedule time of the automysqlbackup, you should schedule the duplicity backup job after the automysqlbackup job is done.
Finally backup your configurations.
cd ~ sudo /usr/local/src/duplicity-backup/duplicity-backup.sh -c /etc/duplicity-backup/duplicity-backup.conf --backup-script
Answert the prompt as showed bleow.
>> Are you sure you want to do that ('yes' to continue)? yes Enter passphrase: [gpg passphrase]
Automatic Amazon s3 Backups on Ubuntu / Debian
GitHub duplicity-backup by zertrin
GitHub issue: No module named gio
Missing modules for paramiko and gio in duplicity foo