Hetzner - DokuWiki

Duplicity Script/en

Backup Script for Duplicity

Please note: First call up this script using the full option to create a first full backup

The script makes backups available for a period of two months. Older backups are deleted. A new full backup is made on the first day of each month.

Separate backups for individual directories can be created using the BDIRS variable in the script. These should be excluded from parent directory backups accordingly.

For example, the script can be filed under /usr/local/sbin/backup.sh and made executable with chmod 755 /usr/local/sbin/backup.sh. Access details such as user name, password and host name need to be adjusted accordingly before use. Likewise, the GPG passphrase which is used for backup encryption.

#!/bin/bash
#
# Simple script for creating backups with Duplicity.
# Full backups are made on the 1st day of each month or with the 'full' option.
# Incremental backups are made on any other days.
#
# USAGE: backup.sh [full]
#

# get day of the month
DATE=`date +%d`

# Set protocol (use scp for sftp and ftp for FTP, see manpage for more)
BPROTO=scp

# set user and hostname of backup account
BUSER='u10000'
BHOST='u10000.your-backup.de'

# Setting the password for the Backup account that the
# backup files will be transferred to.
# for sftp a public key can be used, see:
# http://wiki.hetzner.de/index.php/Backup
#BPASSWORD='yourpass'

# directories to backup (but . for /)
BDIRS="etc home srv ."
TDIR=`hostname -s`
LOGDIR='/var/log/duplicity'

# Setting the pass phrase to encrypt the backup files. Will use symmetrical keys in this case.
PASSPHRASE='yoursecretgpgpassphrase'
export PASSPHRASE

# encryption algorithm for gpg, disable for default (CAST5)
# see available ones via 'gpg --version'
ALGO=AES

##############################

if [ $ALGO ]; then
 GPGOPT="--gpg-options '--cipher-algo $ALGO'"
fi

if [ $BPASSWORD ]; then
 BAC="$BPROTO://$BUSER:$BPASSWORD@$BHOST"
else
 BAC="$BPROTO://$BUSER@$BHOST"
fi

# Check to see if we're at the first of the month.
# If we are on the 1st day of the month, then run
# a full backup. If not, then run an incremental
# backup.

if [ $DATE = 01 ] || [ "$1" = 'full' ]; then
 TYPE='full'
else
 TYPE='incremental'
fi

for DIR in $BDIRS
do
  if [ $DIR = '.' ]; then
    EXCLUDELIST='/usr/local/etc/duplicity-exclude.conf'
  else
    EXCLUDELIST="/usr/local/etc/duplicity-exclude-$DIR.conf"
  fi

  if [ -f $EXCLUDELIST ]; then
    EXCLUDE="--exclude-filelist $EXCLUDELIST"
  else
    EXCLUDE=''
  fi

  # first remove everything older than 2 months
  if [ $DIR = '.' ]; then
   CMD="duplicity remove-older-than 2M -v5 --force $BAC/$TDIR-system >> $LOGDIR/system.log"
  else
   CMD="duplicity remove-older-than 2M -v5 --force $BAC/$TDIR-$DIR >> $LOGDIR/$DIR.log"
  fi
  eval $CMD

  # do a backup
  if [ $DIR = '.' ]; then
    CMD="duplicity $TYPE -v5 $GPGOPT $EXCLUDE / $BAC/$TDIR-system >> $LOGDIR/system.log"
  else
    CMD="duplicity $TYPE -v5 $GPGOPT $EXCLUDE /$DIR $BAC/$TDIR-$DIR >> $LOGDIR/$DIR.log"
  fi
  eval  $CMD

done

# Check the manpage for all available options for Duplicity.
# Unsetting the confidential variables
unset PASSPHRASE
unset BPASSWORD

exit 0

Files or directories which are not to be backed up are passed to duplicity by exclude-filelist in the script. Here an exclude list can be created for each directory which is to be backed up. These are recorded under /usr/local/etc/duplicity-exclude.conf for the root directory, for other directories these are under /usr/local/etc/duplicity-exclude-$DIR.conf (e.g. /usr/local/etc/duplicity-exclude-home.conf). This could include the following content:

- /dev
- /proc
- /sys
- /tmp
- /etc
- /home
- /srv
- /var/cache

A cronjob is necessary for this to run on a regular basis. The script can be stored either under /etc/cron.daily (daily), /etc/cron.weekly (weekly) or /etc/cron.monthly (monthly). A crontab can also be used to schedule an exact time by setting up a file under /etc/cron.d/:

# /etc/cron.d/duplicity
0 0 * * * root /usr/local/sbin/backup.sh >/dev/null 2>&1


Original version from sethx published in the Hetzner forum.



© 2017. Hetzner Online GmbH. Alle Rechte vorbehalten.