I of course also need my local system backed up, and after way too much searching for the best approach, I settled on duplicity and duply.
Duply is a script that simplifies profiles for duplicity. Let’s get it installed. The python-paramiko package is needed if you want to use ssh or scp to reach the destination.
sudo apt-get install duply duplicity python-paramiko python-gobject-2
If you don’t install python-paramiko, you may receive the error “BackendException: Could not initialize backend: No module named paramiko” and if you don’t installed python-gobject-2 you may receive the warning “Import of duplicity.backends.giobackend Failed: No module named gio.”
Since I needed at least duplicity version 0.6.19, i manually downloaded and installed the latest version of both duplicity and duply from their websites then installed.
Also, because my scripts will be running as root in order to access all files, let’s create a better landing place for the duply profiles in /etc/duply/. If you create this prior to setting up a profile, duply will automatically use it.
sudo mkdir /etc/duply
Now create the first backup profile
sudo duply fullsystem create
A configuration file is now created in /etc/duply/fullsystem/ called conf. Modify it to set the encryption, source and target location, etc.
sudo nano /etc/duply/fullsystem/conf
Commands to run prior to backup should be in a file named pre: /etc/duply/fullsystem/pre
Commands to run prior to backup should be in a file named post:/etc/duply/fullsystem/post
If you are using encryption, you may want to have the pre or post script to backup the encryption keys and the duply conf file separately to make restores simpler in the case of a full drive loss.
If instead you would like to do a remote backup with duply, the conf file should have something like this:
TARGET='scp://[email protected]:sshport//directory/directory' SOURCE='/'
Exclusions should be listed in /etc/duply/fullsystem/exclude
For a full system backup, these are my excludes:
/cdrom /dev /lost+found /media /mnt /proc /run /sys /tmp /var/tmp /zfsdisk
Check the status of your conf setup by running:
sudo duply fullsystem status
If it works, then you can backup using
sudo duply fullsystem backup
I add the local backup directory to my CrashPlan backup list, in order to get it off-site as well.
Automating With cron
Edit the crontab for root:
sudo crontab -e
You want two tasks. One that runs each month to clean up old backups and one that runs to create daily incremental backups:
0 2 1 * * duply fullsystem backup_verify_purge --force 0 3 * * * duply fullsystem backup
How to Restore
To list the backups available:
sudo duply fullsystem status
To restore the entire backup to /tmp/restore (make sure you have the room):
sudo duply fullsystem restore /tmp/restore
To restore the latest version of /etc/network/interfaces to /tmp/interfaces:
sudo duply fullsystem fetch etc/network/interfaces /tmp/interfaces
To restore /etc/network/interfaces to a version from 14 days ago:
sudo duply fullsystem fetch etc/network/interfaces /tmp/interfaces 14D
If your system crashes, and you didn’t have a backup of the duply conf file, you can still restore all or certain files to /tmp/restore using duplicity:
sudo duplicity --no-encryption --file-to-restore etc/duply/ scheme:///backup.location /tmp/restore