From 8000beda168ec59df4f8cc69e72cb6e9722368eb Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 9 Jul 2009 19:00:41 -0400 Subject: added sshoptions variable to the maildir handler for arbitrary options that you might need to pass updated the example.maildir to include this option, as well as detail the missing desid_file, destport --- examples/example.maildir | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'examples') diff --git a/examples/example.maildir b/examples/example.maildir index 8898a78..eba5429 100644 --- a/examples/example.maildir +++ b/examples/example.maildir @@ -50,6 +50,16 @@ desthost = kakapo-pn # arbitrary bash commands on the desthost. destuser = backer +# For alternate ports from the default 22, specify here +destport = 4444 + +# If you need to specify an alternate ssh public key authentication file +# do that here. Default: /root/.ssh/id_rsa +destid_file = /home/backupkeys/.ssh/maildirbackup_id_rsa + +# If you need to specify other ssh configuration options, do that here +sshoptions = "-C -6" + # remove any maildirs from backup which might have been deleted remove = yes -- cgit v1.2.3 From fbd0b8742caa0c03dec294e64fdddf28fdf05aff Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 27 Aug 2009 16:53:43 -0400 Subject: Standardize the example file format. Making the comments have the same number of hash marks, clearly specify example settings and what the defaults are set to. --- examples/example.dup | 234 ++++++++++++++++++++++++++++++------------------- examples/example.rdiff | 171 ++++++++++++++++++++++-------------- 2 files changed, 253 insertions(+), 152 deletions(-) (limited to 'examples') diff --git a/examples/example.dup b/examples/example.dup index 830a47d..2b59fe5 100644 --- a/examples/example.dup +++ b/examples/example.dup @@ -1,16 +1,32 @@ +## This is an example duplicity configuration file. +## +## Here you can find all the possible duplicity options, details of +## what the options provide and possible settings. The defaults are set +## as the commented out option, uncomment and change when +## necessary. Options which are uncommented in this example do not have +## defaults, and the settings provided are recommended. + +## passed directly to duplicity, e.g. to increase verbosity set this to: +## options = --verbosity 8 +## +## Default: +# options = -# passed directly to duplicity -#options = --verbosity 8 - -# default is 0, but set to 19 if you want to lower the priority. -nicelevel = 19 +## default is 0, but set to something like 19 if you want to lower the priority. +## +## Default: +# nicelevel = 0 -# default is yes. set to no to skip the test if the remote host is alive -#testconnect = no +## test the connection? set to no to skip the test if the remote host is alive +## +## Default: +# testconnect = yes -# temporary directory used by duplicity -# (default = /tmp or /usr/tmp, depending on the system) -#tmpdir = /var/tmp/duplicity +## temporary directory used by duplicity, set to some other location if your /tmp is small +## default is either /tmp or /usr/tmp, depending on the system +## +## Default: +# tmpdir = /tmp ###################################################### ## gpg section @@ -35,23 +51,36 @@ nicelevel = 19 [gpg] -# when set to yes, encryptkey variable must be set below; if you want to use -# two different keys for encryption and signing, you must also set the signkey -# variable below. -# default is no, for backwards compatibility with backupninja <= 0.5. -sign = yes - -# ID of the GnuPG public key used for data encryption. -# if not set, symmetric encryption is used, and data signing is not possible. -encryptkey = 04D9EA79 - -# ID of the GnuPG private key used for data signing. -# if not set, encryptkey will be used. -#signkey = 04D9EA79 +## when set to yes, encryptkey variable must be set below; if you want to use +## two different keys for encryption and signing, you must also set the signkey +## variable below. +## default is set to no, for backwards compatibility with backupninja <= 0.5. +## +## Default: +# sign = no -# password -# NB: neither quote this, nor should it contain any quotes -password = a_very_complicated_passphrase +## ID of the GnuPG public key used for data encryption. +## if not set, symmetric encryption is used, and data signing is not possible. +## an example setting would be: +## encryptkey = 04D9EA79 +## +## Default: +# encryptkey = + +## ID of the GnuPG private key used for data signing. +## if not set, encryptkey will be used, an example setting would be: +## signkey = 04D9EA79 +## +## Default: +# signkey = + +## password +## NB: neither quote this, nor should it contain any quotes, +## an example setting would be: +## password = a_very_complicated_passphrase +## +## Default: +# password = ###################################################### ## source section @@ -59,23 +88,23 @@ password = a_very_complicated_passphrase [source] -# A few notes about includes and excludes: -# 1. include, exclude and vsinclude statements support globbing with '*' -# 2. Symlinks are not dereferenced. Moreover, an include line whose path -# contains, at any level, a symlink to a directory, will only have the -# symlink backed-up, not the target directory's content. Yes, you have to -# dereference yourself the symlinks, or to use 'mount --bind' instead. -# Example: let's say /home is a symlink to /mnt/crypt/home ; the following -# line will only backup a "/home" symlink ; neither /home/user nor -# /home/user/Mail will be backed-up : -# include = /home/user/Mail -# A workaround is to 'mount --bind /mnt/crypt/home /home' ; another one is to -# write : -# include = /mnt/crypt/home/user/Mail -# 3. All the excludes come after all the includes. The order is not otherwise -# taken into account. - -# files to include in the backup +## A few notes about includes and excludes: +## 1. include, exclude and vsinclude statements support globbing with '*' +## 2. Symlinks are not dereferenced. Moreover, an include line whose path +## contains, at any level, a symlink to a directory, will only have the +## symlink backed-up, not the target directory's content. Yes, you have to +## dereference yourself the symlinks, or to use 'mount --bind' instead. +## Example: let's say /home is a symlink to /mnt/crypt/home ; the following +## line will only backup a "/home" symlink ; neither /home/user nor +## /home/user/Mail will be backed-up : +## include = /home/user/Mail +## A workaround is to 'mount --bind /mnt/crypt/home /home' ; another one is to +## write : +## include = /mnt/crypt/home/user/Mail +## 3. All the excludes come after all the includes. The order is not otherwise +## taken into account. + +## files to include in the backup include = /var/spool/cron/crontabs include = /var/backups include = /etc @@ -86,20 +115,20 @@ include = /usr/local/sbin include = /var/lib/dpkg/status include = /var/lib/dpkg/status-old -# If vservers = yes in /etc/backupninja.conf then the following variables can -# be used: -# vsnames = all | ... (default = all) -# vsinclude = -# vsinclude = -# ... -# Any path specified in vsinclude is added to the include list for each vserver -# listed in vsnames (or all if vsnames = all, which is the default). -# -# For example, vsinclude = /home will backup the /home directory in every -# vserver listed in vsnames. If you have 'vsnames = foo bar baz', this -# vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home -# and /vservers/baz/home. -# Vservers paths are derived from $VROOTDIR. +## If vservers = yes in /etc/backupninja.conf then the following variables can +## be used: +## vsnames = all | ... (default = all) +## vsinclude = +## vsinclude = +## ... +## Any path specified in vsinclude is added to the include list for each vserver +## listed in vsnames (or all if vsnames = all, which is the default). +## +## For example, vsinclude = /home will backup the /home directory in every +## vserver listed in vsnames. If you have 'vsnames = foo bar baz', this +## vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home +## and /vservers/baz/home. +## Vservers paths are derived from $VROOTDIR. # files to exclude from the backup exclude = /home/*/.gnupg @@ -110,38 +139,67 @@ exclude = /home/*/.gnupg [dest] -# perform an incremental backup? (default = yes) -# if incremental = no, perform a full backup in order to start a new backup set -#incremental = yes - -# how many days of data to keep ; default is 60 days. -# (you can also use the time format of duplicity) -# 'keep = yes' means : do not delete old data, the remote host will take care of this -#keep = 60 -#keep = yes - -# full destination URL, in duplicity format; if set, desturl overrides -# sshoptions, destdir, desthost and destuser; it also disables testconnect and -# bandwithlimit. For details, see duplicity manpage, section "URL FORMAT". -#desturl = file:///usr/local/backup -#desturl = rsync://user@other.host//var/backup/bla - -# bandwith limit, in kbit/s ; default is 0, i.e. no limit -#bandwidthlimit = 128 - -# passed directly to ssh, scp (and sftp in duplicity >=0.4.2) -# warning: sftp does not support all scp options, especially -i; as -# a workaround, you can use "-o " -sshoptions = -o IdentityFile=/root/.ssh/id_dsa_duplicity +## perform an incremental backup? (default = yes) +## if incremental = no, perform a full backup in order to start a new backup set +## +## Default: +# incremental = yes -# put the backups under this directory -destdir = /backups +## how many days of data to keep ; default is 60 days. +## (you can also use the time format of duplicity) +## 'keep = yes' means : do not delete old data, the remote host will take care of this +## +## Default: +# keep = 60 + +## full destination URL, in duplicity format; if set, desturl overrides +## sshoptions, destdir, desthost and destuser; it also disables testconnect and +## bandwithlimit. For details, see duplicity manpage, section "URL FORMAT", some +## examples include: +## desturl = file:///usr/local/backup +## desturl = rsync://user@other.host//var/backup/bla +## the default value of this configuration option is not set: +## +## Default: +# desturl = -# the machine which will receive the backups -desthost = backuphost +## bandwith limit, in kbit/s ; default is 0, i.e. no limit an example +## setting would be: +## bandwidthlimit = 128 +## +## Default: +# bandwidthlimit = 0 + +## passed directly to ssh, scp (and sftp in duplicity >=0.4.2) +## warning: sftp does not support all scp options, especially -i; as +## a workaround, you can use "-o " +## an example setting would be: +## sshoptions = -o IdentityFile=/root/.ssh/id_dsa_duplicity +## +## Default: +# sshoptions = + +## put the backups under this directory, this must be set! +## an example setting would be: +## destdir = /backups +## +## Default: +# destdir = + +## the machine which will receive the backups, this must be set! +## an example setting would be: +## desthost = backuphost +## +## Default: +# desthost = + +## make the files owned by this user +## note: you must be able to ssh backupuser@backhost +## without specifying a password (if type = remote). +## an example setting would be: +## destuser = backupuser +## +## Default: +# destuser = -# make the files owned by this user -# note: you must be able to ssh backupuser@backhost -# without specifying a password (if type = remote). -destuser = backupuser diff --git a/examples/example.rdiff b/examples/example.rdiff index 3767f9b..903fd19 100644 --- a/examples/example.rdiff +++ b/examples/example.rdiff @@ -1,16 +1,33 @@ ## ## This is an example rdiff-backup configuration file. -## The defaults are useful in most cases, just make sure -## to configure the destination host and user. +## +## Here you can find all the possible duplicity options, details of +## what the options provide and possible settings. The defaults are set +## as the commented out option, uncomment and change when +## necessary. Options which are uncommented in this example do not have +## defaults, and the settings provided are recommended. +## +## The defaults are useful in most cases, just make sure to configure the +## destination host and user. ## ## passed directly to rdiff-backup -# options = --force +## an example setting would be: +## options = --force +## +## Default: +# options = ## default is 0, but set to 19 if you want to lower the priority. -# nicelevel = 19 +## an example setting would be: +## nicelevel = 19 +## +## Default +# nicelevel = 0 ## default is yes. set to no to skip the test if the remote host is alive +## +## Default: # testconnect = no ## default is not to limit bandwidth. @@ -18,7 +35,11 @@ ## number to set a limit that will never be exceeded, or a positive number ## to set a target average bandwidth use. cstream is required. See cstream's ## -t option for more information. 62500 bytes = 500 Kb (.5 Mb) -# bwlimit = 62500 +## an example setting would be: +## bwlimit = 62500 +## +## Default: +# bwlimit = 0 ## should backupninja ignore the version differences between source and remote ## rdiff-backup? (default: no) @@ -28,6 +49,8 @@ ## An example usage could be the remote side has its authorized_keys configured ## with command="rdiff-backup --server" to allow for restricted yet automated ## password-less backups +## +## Default: # ignore_version = no ###################################################### @@ -36,39 +59,42 @@ [source] -# an optional subdirectory below 'directory' (see [dest]) +## an optional subdirectory below 'directory' (see [dest]) label = thishostname -# type can be "local" or "remote" +## type can be "local" or "remote" type = local -# only use if '[source] type = remote' -#host = srchost -#user = srcuser - -# how many days of data to keep -# (you can also use the time format of rdiff-backup, e.g. 6D5h) -# (to keep everything, set this to yes) -#keep = yes -keep = 60 - -# A few notes about includes and excludes: -# 1. include, exclude and vsinclude statements support globbing with '*' -# 2. Symlinks are not dereferenced. Moreover, an include line whose path -# contains, at any level, a symlink to a directory, will only have the -# symlink backed-up, not the target directory's content. Yes, you have to -# dereference yourself the symlinks, or to use 'mount --bind' instead. -# Example: let's say /home is a symlink to /mnt/crypt/home ; the following -# line will only backup a "/home" symlink ; neither /home/user nor -# /home/user/Mail will be backed-up : -# include = /home/user/Mail -# A workaround is to 'mount --bind /mnt/crypt/home /home' ; another one is to -# write : -# include = /mnt/crypt/home/user/Mail -# 3. All the excludes come after all the includes. The order is not otherwise -# taken into account. - -# files to include in the backup +## only use if '[source] type = remote' +# host = srchost +# user = srcuser + +## how many days of data to keep +## (you can also use the time format of rdiff-backup, e.g. 6D5h) +## (to keep everything, set this to yes) +## an example setting would be: +##keep = yes +## +## Default: +# keep = 60 + +## A few notes about includes and excludes: +## 1. include, exclude and vsinclude statements support globbing with '*' +## 2. Symlinks are not dereferenced. Moreover, an include line whose path +## contains, at any level, a symlink to a directory, will only have the +## symlink backed-up, not the target directory's content. Yes, you have to +## dereference yourself the symlinks, or to use 'mount --bind' instead. +## Example: let's say /home is a symlink to /mnt/crypt/home ; the following +## line will only backup a "/home" symlink ; neither /home/user nor +## /home/user/Mail will be backed-up : +## include = /home/user/Mail +## A workaround is to 'mount --bind /mnt/crypt/home /home' ; another one is to +## write : +## include = /mnt/crypt/home/user/Mail +## 3. All the excludes come after all the includes. The order is not otherwise +## taken into account. + +## files to include in the backup include = /var/spool/cron/crontabs include = /var/backups include = /etc @@ -79,23 +105,23 @@ include = /usr/local/sbin include = /var/lib/dpkg/status include = /var/lib/dpkg/status-old -# If vservers = yes in /etc/backupninja.conf then the following variables can -# be used: -# vsnames = all | ... (default = all) -# vsinclude = -# vsinclude = -# ... -# Any path specified in vsinclude is added to the include list for each vserver -# listed in vsnames (or all if vsnames = all, which is the default). -# -# For example, vsinclude = /home will backup the /home directory in every -# vserver listed in vsnames. If you have 'vsnames = foo bar baz', this -# vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home -# and /vservers/baz/home. -# Vservers paths are derived from $VROOTDIR. - -# files to exclude from the backup -#exclude = /home/*/.gnupg +## If vservers = yes in /etc/backupninja.conf then the following variables can +## be used: +## vsnames = all | ... (default = all) +## vsinclude = +## vsinclude = +## ... +## Any path specified in vsinclude is added to the include list for each vserver +## listed in vsnames (or all if vsnames = all, which is the default). +## +## For example, vsinclude = /home will backup the /home directory in every +## vserver listed in vsnames. If you have 'vsnames = foo bar baz', this +## vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home +## and /vservers/baz/home. +## Vservers paths are derived from $VROOTDIR. + +## files to exclude from the backup +exclude = /home/*/.gnupg ###################################################### ## destination section @@ -103,18 +129,35 @@ include = /var/lib/dpkg/status-old [dest] -# type can be "local" or "remote" -type = remote - -# put the backups under this directory -directory = /backups - -# the machine which will receive the backups. -# only use if "[dest] type = remote" -host = backuphost +## type can be "local" or "remote", this must be set! +## an example configuration would be: +## type = remote +## +## Default: +# type = + +## put the backups under this directory, this must be set! +## an example setting would be: +## directory = /backups +## +## Default: +# directory = + +## the machine which will receive the backups. +## only use if "[dest] type = remote" +## an example setting would be: +## host = backuphost +## +## Default +# host = + +## make the files owned by this user. you must be able to +## `su -c "ssh backupuser@backhost"` without specifying a password. +## only use if "[dest] type = remote" +## an example setting would be: +## user = backupuser +## +## Default: +# user = -# make the files owned by this user. you must be able to -# `su -c "ssh backupuser@backhost"` without specifying a password. -# only use if "[dest] type = remote" -user = backupuser -- cgit v1.2.3 From 8d10a6555c8806857bad8accb329f3282836afdb Mon Sep 17 00:00:00 2001 From: intrigeri Date: Fri, 25 Dec 2009 01:30:11 +0100 Subject: fix copy'n'paste doc error --- examples/example.rdiff | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'examples') diff --git a/examples/example.rdiff b/examples/example.rdiff index 903fd19..08e8869 100644 --- a/examples/example.rdiff +++ b/examples/example.rdiff @@ -1,7 +1,7 @@ ## ## This is an example rdiff-backup configuration file. ## -## Here you can find all the possible duplicity options, details of +## Here you can find all the possible rdiff-backup options, details of ## what the options provide and possible settings. The defaults are set ## as the commented out option, uncomment and change when ## necessary. Options which are uncommented in this example do not have -- cgit v1.2.3 From 64c4d190a3ab6b4fa60b10208b32f3b270a72482 Mon Sep 17 00:00:00 2001 From: intrigeri Date: Sat, 9 Jan 2010 23:14:17 +0100 Subject: dup: support backups to Amazon S3 buckets Thanks to stefan for the patch. This fixes Redmine bug #658. --- AUTHORS | 3 ++- ChangeLog | 1 + README | 10 ++++++++++ examples/example.dup | 12 ++++++++++++ handlers/dup.helper.in | 6 ++++++ handlers/dup.in | 11 +++++++++++ 6 files changed, 42 insertions(+), 1 deletion(-) (limited to 'examples') diff --git a/AUTHORS b/AUTHORS index 89b505f..c8686eb 100644 --- a/AUTHORS +++ b/AUTHORS @@ -30,4 +30,5 @@ Matthew Palmer -- halt loglevel feature dan@garthwaite.org -- reportspace bugfix Tuomas Jormola -- "when = manual" option Ian Beckwith -- dup bandwidthlimit fix -Olivier Berger -- dup debug output bugfix, reportinfo option \ No newline at end of file +Olivier Berger -- dup debug output bugfix, reportinfo option +stefan -- dup support for Amazon S3 buckets diff --git a/ChangeLog b/ChangeLog index 12c1436..f4009d7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -59,6 +59,7 @@ version 0.9.7 -- UNRELEASED . Report duplicity output as "info" so that it can be included in report e-mail when reportinfo is on (Closes: #563734) . Fix include/exclude paths with spaces + . Support backups to Amazon S3 buckets, thanks to stefan for the patch. helper changes dup: . Do not propose to exclude /home/*/.gnupg twice anymore diff --git a/README b/README index 03d96fe..04eda2f 100644 --- a/README +++ b/README @@ -182,6 +182,16 @@ blank by hitting return. The included helper program "ninjahelper" will walk you through creating an rdiff-backup configuration, and will set up the ssh keys for you. + +Amazon Simple Storage Service (S3) +================================== + +Duplicity can store backups on Amazon S3 buckets, taking care of encryption. +Since it performs incremental backups it minimizes the number of request per +operation therefore reducing the costs. The boto Python interface to Amazon +Web Services is needed to use duplicity with S3 (Debian package: python-boto). + + INSTALLATION ============ diff --git a/examples/example.dup b/examples/example.dup index 2b59fe5..ea4d66e 100644 --- a/examples/example.dup +++ b/examples/example.dup @@ -8,6 +8,8 @@ ## passed directly to duplicity, e.g. to increase verbosity set this to: ## options = --verbosity 8 +## when using the Amazon S3 backend to create buckets in Europe: +## options = --s3-european-buckets --s3-use-new-style ## ## Default: # options = @@ -158,11 +160,21 @@ exclude = /home/*/.gnupg ## examples include: ## desturl = file:///usr/local/backup ## desturl = rsync://user@other.host//var/backup/bla +## desturl = s3+http:// ## the default value of this configuration option is not set: ## ## Default: # desturl = +## Amazon Web Services Access Key ID and Secret Access Key, needed for backups +## to S3 buckets. +## awsaccesskeyid = YOUR_AWS_ACCESS_KEY_ID +## awssecretaccesskey = YOUR_AWS_SECRET_KEY +## +## Default: +# awsaccesskeyid = +# awssecretaccesskey = + ## bandwith limit, in kbit/s ; default is 0, i.e. no limit an example ## setting would be: ## bandwidthlimit = 128 diff --git a/handlers/dup.helper.in b/handlers/dup.helper.in index 2fafb99..ae48e4c 100644 --- a/handlers/dup.helper.in +++ b/handlers/dup.helper.in @@ -403,6 +403,12 @@ keep = $dup_keep # bandwithlimit. For details, see duplicity manpage, section "URL FORMAT". #desturl = file:///usr/local/backup #desturl = rsync://user@other.host//var/backup/bla +#desturl = s3+http://your_bucket + +# Amazon Web Services Access Key ID and Secret Access Key, needed for backups +# to S3 buckets. +#awsaccesskeyid = YOUR_AWS_ACCESS_KEY_ID +#awssecretaccesskey = YOUR_AWS_SECRET_KEY # bandwith limit, in kbit/s ; default is 0, i.e. no limit #bandwidthlimit = 128 diff --git a/handlers/dup.in b/handlers/dup.in index 2f55b9c..ffae48c 100644 --- a/handlers/dup.in +++ b/handlers/dup.in @@ -26,6 +26,8 @@ setsection dest getconf incremental yes getconf keep 60 getconf desturl +getconf awsaccesskeyid +getconf awssecretaccesskey getconf sshoptions getconf bandwidthlimit 0 getconf desthost @@ -38,6 +40,9 @@ destdir=${destdir%/} [ -n "$desturl" -o -n "$destdir" ] || fatal "The destination directory (destdir) must be set when desturl is not used." [ -n "$include" -o -n "$vsinclude" ] || fatal "No source includes specified" [ -n "$password" ] || fatal "The password option must be set." +if [ "`echo $desturl | @AWK@ -F ':' '{print $1}'`" == "s3+http" ]; then + [ -n "$awsaccesskeyid" -a -n "$awssecretaccesskey" ] || fatal "AWS access keys must be set for S3 backups." +fi ### VServers # If vservers are configured, check that the ones listed in $vsnames do exist. @@ -227,6 +232,12 @@ set +o noglob execstr_source=${execstr_source//\\*/\\\\\\*} +### If desturl is an S3 URL export the AWS environment variables +if [ "`echo $desturl | @AWK@ -F ':' '{print $1}'`" == "s3+http" ]; then + export AWS_ACCESS_KEY_ID="$awsaccesskeyid" + export AWS_SECRET_ACCESS_KEY="$awssecretaccesskey" +fi + ### Cleanup commands (duplicity >= 0.4.4) # cleanup -- cgit v1.2.3