Some backends also require additional components (probably available as packages for your specific platform):
There are two ssh backends for scp/sftp/ssh access (also see A NOTE ON SSH BACKENDS).
duplicity verify [options] [--file-to-restore <relpath>] source_url target_directory
duplicity collection-status [options]
target_url
duplicity list-current-files [options] [--time time] target_url
duplicity [restore] [options] [--file-to-restore <relpath>] [--time time] source_url
target_directory
duplicity remove-older-than <time> [options] [--force] target_url
duplicity remove-all-but-n-full <count> [options] [--force] target_url
duplicity remove-all-inc-of-but-n-full <count> [options] [--force] target_url
duplicity cleanup [options] [--force] [--extra-clean] target_url
If you are backing up the root directory /, remember to --exclude /proc, or else duplicity will probably crash on the weird stuff in there.
duplicity /home/me sftp://uid@other.host/some_dirIf the above is run repeatedly, the first will be a full backup, and subsequent ones will be incremental. To force a full backup, use the full action:
duplicity full /home/me sftp://uid@other.host/some_dirNow suppose we accidentally delete /home/me and want to restore it the way it was at the time of last backup:
duplicity sftp://uid@other.host/some_dir /home/meDuplicity enters restore mode because the URL comes before the local directory. If we wanted to restore just the file "Mail/article" in /home/me as it was three days ago into /home/me/restored_file:
duplicity -t 3D --file-to-restore Mail/article sftp://uid@other.host/some_dir /home/me/restored_fileThe following command compares the files we backed up, so see what has changed since then:
duplicity verify sftp://uid@other.host/some_dir /home/meFinally, duplicity recognizes several include/exclude options. For instance, the following will backup the root directory, but exclude /mnt, /tmp, and /proc:
duplicity --exclude /mnt --exclude /tmp --exclude /proc / file:///usr/local/backupNote that in this case the destination is the local directory /usr/local/backup. The following will backup only the /home and /etc directories under root:
duplicity --include /home --include /etc --exclude ’**’ / file:///usr/local/backupDuplicity can also access a repository via ftp. If a user name is given, the environment variable FTP_PASSWORD is read to determine the password:
FTP_PASSWORD=mypassword duplicity /local/dir ftp://user@other.host/some_dir
When backing up or restoring, this option specifies that the local archive directory is to be created in path. If the archive directory is not specified, the default will be to create the archive directory in ~/.cache/duplicity/.
The archive directory can be shared between backups to multiple targets, because a subdirectory of the archive dir is used for individual backups (see --name ).
The combination of archive directory and backup name must be unique in order to separate the data of different backups.
The interaction between the --archive-dir and the --name options allows for four possible combinations for the location of the archive dir:
usually located at .gnupg/secring.gpg
Please note that while ignored errors will be logged, there will be no summary at the end of the operation to tell you what was ignored, if anything. If this is used for emergency restoration of data, it is recommended that you run the backup in such a way that you can revisit the backup log (look for lines containing the string IGNORED_ERROR).
If you ever have to use this option for reasons that are not understood or understood but not your own responsibility, please contact duplicity maintainers. The need to use this option under production circumstances would normally be considered a bug.
If not specified, the default value is a hash of the backend URL.
duplicity restore --rename Documents/metal Music/metal
sftp://uid@other.host/some_dir /home/me
duplicity --rsync-options="--partial-dir=.rsync-partial"
/home/me rsync://uid@other.host/some_dir
This may be much faster, at some cost to confidentiality.
With this option, anyone who can observe traffic between your computer and S3 will be able to tell: that you are using Duplicity, the name of the bucket, your AWS Access Key ID, the increment dates and the amount of data in each increment.
This option affects only the connection, not the GPG encryption of the backup increment files. Unless that is disabled, an observer will not be able to see the file names or contents.
See also A NOTE ON SYMMETRIC ENCRYPTION AND SIGNING
duplicity --ssh-options="-oProtocol=2 -oIdentityFile=/my/backup/id"
/home/me scp://uid@other.host/some_dir
NOTE: ssh paramiko backend currently supports only the -oIdentityFile setting.
The options -v4, -vn and -vnotice are functionally equivalent, as are the mixed/-vNotice and -vNOTICE.
scheme://[user[:password]@]host[:port]/[/]pathIt is not recommended to expose the password on the command line since it could be revealed to anyone with permissions to do process listings, it is permitted however. Consider setting the environment variable FTP_PASSWORD instead, which is used by most, if not all backends, regardless of it’s name.
In protocols that support it, the path may be preceded by a single slash, ’/path’, to represent a relative path to the target home directory, or preceded by a double slash, ’//path’, to represent an absolute filesystem path.
Formats of each of the URL schemes follow:
cf+http://container_name
See also A NOTE ON CLOUD FILES ACCESSfile://[relative|/absolute]/local/path
ftp[s]://user[:password]@other.host[:port]/some_dir
gdocs://user[:password]@other.host/some_dir
hsi://user[:password]@other.host/some_dir
imap[s]://user[:password]@host.com[/from_address_prefix]
See also A NOTE ON IMAPusing rsync daemon
rsync://user[:password]@host.com[:port]::[/]module/some_dir
using rsync over ssh (only key auth)
rsync://user@host.com[:port]/[relative|/absolute]_paths3://host/bucket_name[/prefix]
s3+http://bucket_name[/prefix]
See also A NOTE ON EUROPEAN S3 BUCKETSscp://.. or ssh://.. are synonymous with
sftp://user[:password]@other.host[:port]/[/]some_dir
See also --ssh-backend, --ssh-askpass, --use-scp, --ssh-options and A NOTE ON SSH BACKENDS.tahoe://alias/directory
Ubuntu One
u1://host_is_ignored/volume_path
u1+http://volume_path
See also A NOTE ON UBUNTU ONEwebdav[s]://user[:password]@other.host/some_dir
Secondly, the -t, --time, and --restore-time options take a time string, which can be given in any of several formats:
When duplicity is run, it searches through the given source directory and backs up all the files specified by the file selection system. The file selection system comprises a number of file selection conditions, which are set using one of the following command line options:
--excludeEach file selection condition either matches or doesn’t match a given file. A given file is excluded by the file selection system exactly when the first matching file selection condition specifies that the file be excluded; otherwise the file is included.
--exclude-device-files
--exclude-filelist
--exclude-filelist-stdin
--exclude-globbing-filelist
--exclude-regexp
--include
--include-filelist
--include-filelist-stdin
--include-globbing-filelist
--include-regexp
For instance,
duplicity --include /usr --exclude /usr /usr scp://user@host/backupis exactly the same as
duplicity /usr scp://user@host/backupbecause the include and exclude directives match exactly the same files, and the --include comes first, giving it precedence. Similarly,
duplicity --include /usr/local/bin --exclude /usr/local /usr scp://user@host/backupwould backup the /usr/local/bin directory (and its contents), but not /usr/local/doc.
The include, exclude, include-globbing-filelist, and exclude-globbing-filelist options accept some extended shell globbing patterns. These patterns can contain *, **, ?, and [...] (character ranges). As in a normal shell, * can be expanded to any string of characters not containing "/", ? expands to any character except "/", and [...] expands to a single character of those characters specified (ranges are acceptable). The new special pattern, **, expands to any string of characters whether or not it contains "/". Furthermore, if the pattern starts with "ignorecase:" (case insensitive), then this prefix will be removed and any character in the string can be replaced with an upper- or lowercase version of itself.
Remember that you may need to quote these characters when typing them into a shell, so the shell does not interpret the globbing patterns before duplicity sees them.
The --exclude pattern option matches a file if:
Conversely, the --include pattern matches a file if:
For example,
--exclude /usr/local
matches e.g. /usr/local, /usr/local/lib, and /usr/local/lib/netscape. It is the same as --exclude /usr/local --exclude ’/usr/local/**’.
Or
-
-
include /usr/local
specifies that /usr, /usr/local, /usr/local/lib, and /usr/local/lib/netscape (but not /usr/doc) all be backed up. Thus you don’t have to worry about including parent directories to make sure that included subdirectories have somewhere to go.
Finally,
--include ignorecase:’/usr/[a-z0-9]foo/*/**.py’
would match a file like /usR/5fOO/hello/there/world.py. If it did match anything, it would also match /usr. If there is no existing file that the given pattern can be expanded into, the option will not match /usr alone.
The --include-filelist, --exclude-filelist, --include-filelist-stdin, and --exclude-filelist-stdin options also introduce file selection conditions. They direct duplicity to read in a file, each line of which is a file specification, and to include or exclude the matching files. Lines are separated by newlines or nulls, depending on whether the --null-separator switch was given. Each line in a filelist is interpreted similarly to the way extended shell patterns are, with a few exceptions:
For example, if file "list.txt" contains the lines:
/usr/local
- /usr/local/doc
/usr/local/bin
+ /var
- /var
then --include-filelist list.txt would include /usr, /usr/local, and /usr/local/bin. It would exclude /usr/local/doc, /usr/local/doc/python, etc. It neither excludes nor includes /usr/local/man, leaving the fate of this directory to the next specification condition. Finally, it is undefined what happens with /var. A single file list should not contain conflicting file specifications.
The --include-globbing-filelist and --exclude-globbing-filelist options also specify filelists, but each line in the filelist will be interpreted as a globbing pattern the way --include and --exclude options are interpreted (although "+ " and "- " prefixing is still allowed). For instance, if the file "globbing-list.txt" contains the lines:
dir/foo
+ dir/bar
- **
Then --include-globbing-filelist globbing-list.txt would be exactly the same as specifying --include dir/foo --include dir/bar --exclude ** on the command line.
Finally, the --include-regexp and --exclude-regexp options allow files to be included and excluded if their filenames match a python regular expression. Regular expression syntax is too complicated to explain here, but is covered in Python’s library reference. Unlike the --include and --exclude options, the regular expression options don’t match files containing or contained in matched files. So for instance
--include ’[0-9]{7}(?!foo)’matches any files whose full pathnames contain 7 consecutive digits which aren’t followed by ’foo’. However, it wouldn’t match /home even if /home/ben/1234567 existed.
The backend requires python-cloudfiles to be installed on the system. See REQUIREMENTS above.
It uses three environment variables for authentification: CLOUDFILES_USERNAME (required), CLOUDFILES_APIKEY (required), CLOUDFILES_AUTHURL (optional)
If CLOUDFILES_AUTHURL is unspecified it will default to the value provided by python-cloudfiles, which points to rackspace, hence this value must be set in order to use other cloud files providers.
duplicity will create a new bucket the first time a bucket access is attempted. At this point, the bucket will be created in Europe if --s3-european-buckets was given. For reasons having to do with how the Amazon S3 service works, this also requires the use of the --s3-use-new-style option. This option turns on subdomain based bucket addressing in S3. The details are beyond the scope of this man page, but it is important to know that your bucket must not contain upper case letters or any other characters that are not valid parts of a hostname. Consequently, for reasons of backwards compatibility, use of subdomain based bucket addressing is not enabled by default.
Note that you will need to use --s3-use-new-style for all operations on European buckets; not just upon initial creation.
You only need to use --s3-european-buckets upon initial creation, but you may may use it at all times for consistency.
Further note that when creating a new European bucket, it can take a while before the bucket is fully accessible. At the time of this writing it is unclear to what extent this is an expected feature of Amazon S3, but in practice you may experience timeouts, socket errors or HTTP errors when trying to upload files to your newly created bucket. Give it a few minutes and the bucket should function normally.
The from_address_prefix may be specified (and probably should be). The text will be used as the "From" address in the IMAP server. Then on a restore (or list) command the from_address_prefix will distinguish between different backups.
SSH paramiko backend (selected by default) is a complete reimplementation of ssh protocols natively in python. Advantages are speed and maintainability. Minor disadvantage is that extra packages are needed as listed in REQUIREMENTS above. In sftp (default) mode all operations are done via the according sftp commands. In scp mode ( --use-scp ) though scp access is used for put/get operations but listing is done via ssh remote shell.
SSH pexpect backend is the legacy ssh backend using the command line ssh binaries via pexpect. Older versions used scp for get and put operations and sftp for list and delete operations. The current version uses sftp for all four supported operations, unless the --use-scp option is used to revert to old behavior.
Why use sftp instead of scp? The change to sftp was made in order to allow the remote system to chroot the backup, thus providing better security and because it does not suffer from shell quoting issues like scp. Scp also does not support any kind of file listing, so sftp or ssh access will always be needed in addition for this backend mode to work properly. Sftp does not have these limitations but needs an sftp service running on the backend server, which is sometimes not an option.
http://curl.haxx.se/docs/caextract.htmlAfter creating/retrieving a valid cacert file you should copy it to either
~/.duplicity/cacert.pemDuplicity searches it there in the same order and will fail if it can’t find it. You can however specify the option --ssl-cacert-file <file> to point duplicity to a copy in a different location.
~/duplicity_cacert.pem
/etc/duplicity/cacert.pem
Finally there is the --ssl-no-check-certificate option to disable certificate verification alltogether, in case some ssl library is missing or verification is not wanted. Use it with care, as even with self signed servers manually providing the private ca certificate is definitely the safer option.
1. Setup gpg-agent properly. Use the option --use-agent and enter both passphrases (symmetric and sign key) in the gpg-agent’s dialog.
2. Use a PASSPHRASE for symmetric encryption of your choice but the signing key has an empty passphrase.
3. The used PASSPHRASE for symmetric encryption and the passphrase of the signing key are identical.
To use Ubuntu One you must have an Ubuntu One OAuth access token. Such OAuth tokens have a practically unlimited lifetime; you can have multiple active tokens and you can revoke tokens using the Ubuntu One web interface.
Duplicity expects the token in the environment variable FTP_PASSWORD (in the format "consumer_key:consumer_secret:token:token_secret"). If no token is present, duplicity asks for your Ubuntu One email address and password and requests an access token from the Ubuntu SSO service. The newly acquired token is then printed to the console.
See https://one.ubuntu.com/ for more information about Ubuntu One.
Bad signatures will be treated as empty instead of logging appropriate error message.
The files used by duplicity to store backup data are tarfiles in GNU tar format. They can be produced independently by rdiffdir(1) . For incremental backups, new files are saved normally in the tarfile. But when a file changes, instead of storing a complete copy of the file, only a diff is stored, as generated by rdiff(1) . If a file is deleted, a 0 length file is stored in the tar. It is possible to restore a duplicity archive "manually" by using tar and then cp, rdiff, and rm as necessary. These duplicity archives have the extension difftar.
Both full and incremental backup sets have the same format. In effect, a full backup set is an incremental one generated from an empty signature (see below). The files in full backup sets will start with duplicity-full while the incremental sets start with duplicity-inc. When restoring, duplicity applies patches in order, so deleting, for instance, a full backup set may make related incremental backup sets unusable.
In order to determine which files have been deleted, and to calculate diffs for changed files, duplicity needs to process information about previous sessions. It stores this information in the form of tarfiles where each entry’s data contains the signature (as produced by rdiff) of the file instead of the file’s contents. These signature sets have the extension sigtar.
Signature files are not required to restore a backup set, but without an up-to-date signature, duplicity cannot append an incremental backup to an existing archive.
To save bandwidth, duplicity generates full signature sets and incremental signature sets. A full signature set is generated for each full backup, and an incremental one for each incremental backup. These start with duplicity-full-signatures and duplicity-new-signatures respectively. These signatures will be stored both locally and remotely. The remote signatures will be encrypted if encryption is enabled. The local signatures will not be encrypted and stored in the archive dir (see --archive-dir ).
Most backends were contributed
individually. Information about their authorship may be found in the according
file’s header.
Also we’d like to thank everybody posting issue to the mailing list or on
launchpad, sending in patches or contributing otherwise. Duplicity wouldn’t
be as stable and useful if it weren’t for you.