2Shirt/duplicity-backup.sh
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
duplicity-backup.sh/duplicity-backup.conf.example

465 lines
19 KiB
Bash
Raw Permalink Blame History

#!/bin/bash
#
# Copyright (c) 2008-2010 Damon Timm.
# Copyright (c) 2010 Mario Santagiuliana.
# Copyright (c) 2012-2018 Marc Gallet.
#
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation, either version 3 of the License, or (at your option) any later
# version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along with
# this program. If not, see <http://www.gnu.org/licenses/>.
#
# MORE ABOUT THIS SCRIPT AVAILABLE IN THE README AND AT:
#
# http://zertrin.org/projects/duplicity-backup/ (for this version)
# http://damontimm.com/code/dt-s3-backup (for the original program by Damon Timm)
#
# Latest code available at:
# http://github.com/zertrin/duplicity-backup.sh
#
# List of contributors:
# https://github.com/zertrin/duplicity-backup.sh/graphs/contributors
#
# ---------------------------------------------------------------------------- #
# #############################################
# # DUPLICITY-BACKUP CONFIG FILE #
# #############################################
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# ! DO NOT edit this file! !
# ! (duplicity-backup.conf.example) !
# ! please copy it to anywhere you want !
# ! (typically duplicity-backup.conf) !
# ! and edit that copy instead !
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# .............
# . WARNING .
# .............
#
# duplicity-backup.sh IS NOT duplicity!
#
# It is only a wrapper script for duplicity written in bash!
#
# This means the following:
#
# * You need to install and configure duplicity BEFORE using duplicity-backup.sh
#
# * The official documentation of duplicity (http://duplicity.nongnu.org/duplicity.1.html)
# is relevant to duplicity-backup.sh too. Virtually any option supported
# by duplicity can be specified in the config file of duplicity-backup.sh.
# See the `STATIC_OPTIONS`, `CLEAN_UP_TYPE` and `CLEAN_UP_VARIABLE` parameters in particular.
#
# * Before asking something about duplicity-backup.sh, ensure that your question
# isn't actually concerning duplicity ;)
# First, make sure you can perform a backup with duplicity without using this script.
# If you can't make the backup work with duplicity alone, the problem is probably
# concerning duplicity and not this script. If you manage to make a backup with duplicity
# alone but not with this script, then there is probably a problem with duplicity-backup.sh.
# ------------------------------------------------------------------------------
# BACKUP SOURCE INFORMATION
# ------------------------------------------------------------------------------
#
# The ROOT of your backup (where you want the backup to start);
# This can be / or somewhere else -- I use /home/ because all the
# directories that I want to backup start with /home/.
#
ROOT='/home'
# Set hostname for this duplicity instance, useful for e-mail reports
#
HOSTNAME=$(hostname -f)
# ------------------------------------------------------------------------------
# BACKUP DESTINATION INFORMATION
# ------------------------------------------------------------------------------
# In my case, I use Amazon S3 use this - so I made up a unique
# bucket name (you don't have to have one created, it will do it
# for you). If you don't want to use Amazon S3, you can backup
# to a file or any of duplicity's supported outputs.
#
# The s3+http scheme uses the default aws s3 hostname.
# Use s3://host/bucket/[backup-folder/] if you want to specify the host name.
# If using the s3://... scheme and you have s3cmd installed, be sure to change
# 's3.amazonaws.com' to the appropriate host in your .s3cfg file so that the
# remote file size check will work.
#DEST="s3://host/backup-bucket/backup-folder/"
DEST="s3+http://foobar-backup-bucket/backup-folder/"
# Other possible locations
# Be sure to check duplicity's man page to know how to use them
# (http://duplicity.nongnu.org/duplicity.1.html)
#
#DEST="gs://foobar-backup-bucket/backup-folder/"
#DEST="ftp://user[:password]@other.host[:port]/some_dir"
#DEST="ftps://user[:password]@other.host[:port]/some_dir"
#DEST="ftpes://user[:password]@other.host[:port]/some_dir"
#DEST="rsync://user@host.com[:port]//absolute_path"
#DEST="scp://user[:password]@other.host[:port]/[/]some_dir"
#DEST="sftp://user[:password]@other.host[:port]/[/]some_dir"
#DEST="file:///home/foobar_user_name/new-backup-test/"
#DEST="imap[s]://user[:password]@host.com[/from_address_prefix]"
#DEST="webdav[s]://user[:password]@other.host[:port]/some_dir"
#DEST="gdocs://foobar_google_account/some_dir"
#DEST="swift://foobar_swift_container/some_dir"
#DEST="dpbx:///foobar_swift_container/some_dir"
#DEST="b2://some_account_id[:some_application_key]@some_bucket_name/some_dir"
# ------------------------------------------------------------------------------
# DESTINATION BACKEND PASSWORD
# ------------------------------------------------------------------------------
# Instead of setting the password needed for the backup destination in the
# DEST url, you can supply it in the FTP_PASSWORD variable below, which is
# used by most, if not all backends, regardless of its name.
# Duplicity's official documentation states:
# "Supported by most backends which are password capable. More secure than
# setting it in the backend url (which might be readable in the operating
# systems process listing to other users on the same machine)."
#
#FTP_PASSWORD='password'
# ------------------------------------------------------------------------------
# AMAZON S3 INFORMATION
# ------------------------------------------------------------------------------
# Uncomment these lines if you're using Amazon S3
#
#AWS_ACCESS_KEY_ID="foobar_aws_key_id"
#AWS_SECRET_ACCESS_KEY="foobar_aws_access_key"
#
# SET STORAGE CLASS for AWS
# The default storage class is STANDARD STORAGE. You can comment this option if
# want to go with standard. The other storage options are --s3-use-ia and --s3-use-rrs.
# Note: --s3-use-ia option is supported only in duplicity version greater than 0.7.06
#
#STORAGECLASS="--s3-use-ia"
#
# S3CMD INFORMATION
# Most people don't need this, but in some cases
# you may want to specify a custom configuration file
# to pass to s3cmd. If so, set the S3CMD_CONF_FILE variable
# to the full path of this custom config file.
# Per default s3cmd uses ${HOME}/.s3cfg
#
#S3CMD_CONF_FILE='/path/to/your/s3cmd/conf/file'
# ------------------------------------------------------------------------------
# GOOGLE CLOUD STORAGE INFORMATION
# ------------------------------------------------------------------------------
# Uncomment these lines if you're using Google Cloud storage
#
#GS_ACCESS_KEY_ID="foobar_gcs_key_id"
#GS_SECRET_ACCESS_KEY="foobar_gcs_secret_id"
# ------------------------------------------------------------------------------
# OPENSTACK OBJECT STORAGE (SWIFT) INFORMATION
# ------------------------------------------------------------------------------
# Uncomment these lines if you're using OpenStack Object Storage (Swift)
#
#SWIFT_USERNAME="foobar_swift_tenant:foobar_swift_username"
#SWIFT_PASSWORD="foobar_swift_password"
#SWIFT_AUTHURL="foobar_swift_authurl"
#SWIFT_AUTHVERSION="2"
# ------------------------------------------------------------------------------
# DROPBOX INFORMATION
# ------------------------------------------------------------------------------
# Uncomment these lines if you're using Dropbox
#
#DPBX_ACCESS_TOKEN="foobar_dropbox_access_token"
# ------------------------------------------------------------------------------
# INCLUDE LIST OF DIRECTORIES
# ------------------------------------------------------------------------------
# Here is a list of directories to include; if you want to include
# everything that is in ROOT, leave this list empty.
#
# Here is an example with multiple locations:
#
#INCLIST=( '/home/*/Documents' \
# '/home/*/Projects' \
# '/home/*/logs' \
# '/home/www/mysql-backups' \
# )
#
# Simpler example with one location:
INCLIST=( '/home/foobar_user_name/Documents/' )
# ------------------------------------------------------------------------------
# EXCLUDE LIST OF DIRECTORIES
# ------------------------------------------------------------------------------
# Even though I am being specific about what I want to include,
# there is still a lot of stuff I don't need.
# If you don't want to exclude anything, leave this list empty.
#
# Here is an example with multiple locations:
#
#EXCLIST=( '/home/*/Trash' \
# '/home/*/Projects/Completed' \
# '/**.DS_Store' \
# '/**Icon?' \
# '/**.AppleDouble' \
# )
#
# If you don't want to exclude anything, use EXCLIST=()
#
# Simpler example with one location. Adapt it to your needs.
EXCLIST=( '/home/foobar_user_name/Documents/foobar-to-exclude' )
# ------------------------------------------------------------------------------
# INCLUDE GLOBBING FILELIST
# ------------------------------------------------------------------------------
# Instead of using the INCLIST/EXCLIST variable you can also define a special
# (text-)file where each line in the filelist will be interpreted as
# a globbing pattern. By using the '+' or '-' sign at the beginning of each line
# you are able to specify if the folder should be included or excluded.
#
# Example:
# + /dir/foo
# - /dir/foob*
# + /dir/*
#
# From the duplicity manual:
# Lines starting with "+" are interpreted as include directives[...]Similarly, lines starting with "-" exclude files even if they are found within an include filelist.
# For more examples or information refer to http://duplicity.nongnu.org/duplicity.1.html#sect10
#
#INCEXCFILE=/path/to/file
# ------------------------------------------------------------------------------
# EXCLUDE DEVICE FILES
# ------------------------------------------------------------------------------
# Exclude all device files. This can be useful for security/permissions reasons
# or if device files are not handled correctly.
#
#EXDEVICEFILES=1
# ------------------------------------------------------------------------------
# ENCRYPTION INFORMATION
# ------------------------------------------------------------------------------
#
# Do you want your backup to be encrypted? yes/no
# If yes, please make sure you specify either PASSPHRASE or GPG_ENC_KEY/GPG_SIGN_KEY
ENCRYPTION='yes'
# If you are NOT running this from a cron, comment this line out
# and duplicity should prompt you for your password.
# Otherwise this password is either used for symmetric encryption
# (your backups will be encrypted with this password) or is used
# for the "GPG_SIGN_KEY" (see below).
# Comment out if you aren't using encryption
# Note: if you have a ' in your passphrase, escape it accordingly.
PASSPHRASE='foobar_gpg_passphrase'
# Specify which GPG keys you would like to use (even if you have only one).
# If you are running this from a cron, it is highly recommended to create separate
# signature and encryption keys, because you have to specify the password for the
# GPG_SIGN_KEY via the above PASSPHRASE variable
# (see http://www.debian-administration.org/articles/209#d0e109).
# If you are not running the script from a cron, duplicity should prompt you for the
# GPG_SIGN_KEY password.
# If you choose to use the same GPG key for encryption and signature, set it both
# in GPG_ENC_KEY and GPG_SIGN_KEY.
# Comment out if you're using only PASSPHRASE (symmetric encryption) or not using
# encryption at all.
GPG_ENC_KEY="foobar_gpg_key"
GPG_SIGN_KEY="foobar_gpg_key"
# Do you want to hide the key id of the encrypted files? yes/no
# It uses the gpg's --hidden-recipient command to obfuscate the owner of the backup.
# On restore, gpg will automatically try all available secret keys in order to
# decrypt the backup. See gpg(1) for more details.
#
# HIDE_KEY_ID='yes'
# You can optionally specify the secret keyring file to use for the encryption and
# signing keys. If not specified, the default secret keyring is used which is
# usually located at ~/.gnupg/secring.gpg
#
#SECRET_KEYRING="/home/foobar_user_name/.gnupg/duplicity.gpg
# Here you can specify options that will be passed to GPG.
# If you can, avoid using quotes here, as it hasn't been tested much yet.
# You shouldn't need to remove the following default (--no-show-photos)
# For example an user reported (GitHub issue #145) that since gnupg v2.1,
# the option "--pinentry-mode loopback" is necessary,
# then set GPG_OPTIONS="--no-show-photos --pinentry-mode loopback"
GPG_OPTIONS="--no-show-photos"
# ------------------------------------------------------------------------------
# STATIC BACKUP OPTIONS
# ------------------------------------------------------------------------------
#
# Here you can define the static backup options that you want to run with
# duplicity. Reference is the manpage of duplicity (available at
# http://duplicity.nongnu.org/duplicity.1.html for example)
# Useful examples are `--full-if-older-than` option and (for those using
# Amazon S3 in Europe) `--s3-use-new-style` and `--s3-european-buckets` options
# Be sure to separate your options with appropriate spacing.
STATIC_OPTIONS="--full-if-older-than 14D --s3-use-new-style"
# ------------------------------------------------------------------------------
# FULL BACKUP & REMOVE OLDER THAN SETTINGS
# ------------------------------------------------------------------------------
#
# Because duplicity will continue to add to each backup as you go,
# it will eventually create a very large set of files. Also, incremental
# backups leave room for problems in the chain, so doing a "full"
# backup every so often is not a bad idea.
#
# You can remove older than a specific time period:
#
#CLEAN_UP_TYPE="remove-older-than"
#CLEAN_UP_VARIABLE="31D"
#
# Or, If you would rather keep a certain (n) number of full backups (rather
# than removing the files based on their age), you can use what I use:
CLEAN_UP_TYPE="remove-all-but-n-full"
CLEAN_UP_VARIABLE="4"
# The third option is to skip cleanup altogether, by:
#
#CLEAN_UP_TYPE="none"
#
# In combination with "remove-older-than" clean-up type, you may want
# to keep only the full backups older than (n) number backup sets. For example,
# let's say you set to CLEAN_UP_TYPE="remove-older-than", CLEAN_UP_VARIABLE
# to "6M" (six months), STATIC_OPTIONS to "--full-if-older-than 7D"
# (a full backup every 7 days), and you execute duplicity-backup once a day.
# After six months you'll have 25 full backups, each with daily incrementals
# in between. Perhaps you're keeping the backups past 1 month "just in case",
# and so the older incrementals are overkill - weekly full backups beyond
# one month backward would suffice. In this case you can set
# "REMOVE_INCREMENTALS_OLDER_THAN to, say, "4" which will delete the
# incrementals for backup sets beyond the four most recent, keeping
# only the full weekly backups for those backup sets. The incrementals
# for the four most recent backup sets remain untouched.
#
#REMOVE_INCREMENTALS_OLDER_THAN="4"
# ------------------------------------------------------------------------------
# LOGFILE INFORMATION DIRECTORY
# ------------------------------------------------------------------------------
#
# Provide directory for logfile, ownership of logfile & directory, and verbosity level.
# I run this script as root, but save the log files under my user name --
# just makes it easier for me to read them and delete them as needed.
LOGDIR="/home/foobar_user_name/logs/test2/"
LOG_FILE="duplicity-$(date +%Y-%m-%d_%H-%M).txt"
LOG_FILE_OWNER="foobar_user_name:foobar_user_name"
# Note that if the configured LOGDIR does not exist it will be created
# and its owner:group set to that of the configured LOG_FILE_OWNER.
# If the configured LOGDIR already exists no change to owner:group is attempted.
#
#REMOVE_LOGS_OLDER_THAN='30' # (days) uncomment to activate
VERBOSITY="-v3"
# Set the tmpdir for duplicity to use.
#TMPDIR="/tmp"
# ------------------------------------------------------------------------------
# EMAIL ALERT (*thanks: rmarescu*)
# ------------------------------------------------------------------------------
#
# Provide an email address to receive the logfile by email. If EMAIL_TO is not
# provided, no alert will be sent.
# You can set a custom from email address and a custom subject (both optionally)
# If no value is provided for the subject, the following value will be
# used by default: "duplicity-backup Alert ${LOG_FILE}"
# MTA used: mailx
#EMAIL_TO="admin@example.com"
EMAIL_TO=
EMAIL_FROM=
EMAIL_SUBJECT=
EMAIL_FAILURE_ONLY="yes" # send e-mail only if there was an error while creating backup
# command to use to send mail
MAIL="mailx" # default command for Linux mail
#MAIL="mail" # for CentOS, if "mailx" fails try this one
#MAIL="ssmtp"
#MAIL="sendmail"
#MAIL="msmtp"
# You may specify a custom mail script instead. It will be called with
# the following convention:
# MAIL "SUBJECT OF MESSAGE" "TO EMAIL ADDRESS" "FROM EMAIL ADDRESS"
# The email body will be available on stdin.
#
#MAIL="/path/to/custom/mail_script.py"
# ------------------------------------------------------------------------------
# NOTIFICATIONS
# ------------------------------------------------------------------------------
#
# Third-party notification services. If NOTIFICATION_SERVICE is not provided, no
# notifications will be sent.
# Possible values for NOTIFICATION_SERVICE are: slack, pushover, ifttt, telegram
NOTIFICATION_SERVICE=""
NOTIFICATION_FAILURE_ONLY="yes" # send notifications only if there was an error while creating backup
# Provider: Slack
SLACK_HOOK_URL="https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX"
SLACK_CHANNEL="#general"
SLACK_USERNAME="duplicity-backup"
SLACK_EMOJI="package"
# Provider: Pushover
PUSHOVER_TOKEN="" # App token generated at pushover.net
PUSHOVER_USER="" # User key from pushover.net
# Provider: IFTTT
IFTTT_KEY="" # Key for MAKER channel at IFTTT
IFTTT_MAKER_EVENT="duplicity" # name the event to trigger at IFTTT Maker Channel
IFTTT_HOOK_URL="https://maker.ifttt.com/trigger/$IFTTT_MAKER_EVENT/with/key/$IFTTT_KEY" # ONLY change this if IFTTT changes it
IFTTT_VALUE2="" # general purpose value to pass to your maker channel (optional)
# Provider: Telegram
TELEGRAM_CHATID="" #Generate a Telegram bot following guide: https://core.telegram.org/bots#3-how-do-i-create-a-bot
TELEGRAM_KEY=""
# ------------------------------------------------------------------------------
# TROUBLESHOOTING
# ------------------------------------------------------------------------------
#
# If you are having any problems running this script it is
# helpful to see the command output that is being generated to determine if the
# script is causing a problem or if it is an issue with duplicity (or your
# setup). Simply uncomment the ECHO line below and the commands will be
# printed to the logfile. This way, you can see if the problem is with the
# script or with duplicity.
#
#ECHO=$(which echo)
Reference in a new issue View git blame Copy permalink