Just recently there was a support request regarding Duplicity restore full backup as a part of our Server Management Services.
Duplicity is a common application to generate backups. A full account restoration would be necessary to recover and to get the business going again after an unpredicted catastrophic event.
An incremental backup is a backup type that only copies data that has been changed or created since the previous backup activity was conducted.
By only backing up changed data, incremental backups save restore time and disk space.
In this context, we shall look into how to perform restorations with Duplicity.
More information about performing Duplicity backups ?
Duplicity is used to generate digitally signed, encrypted incremental backups. It works well with Unix like operating systems.
Duplicity backups can be stored locally as well as in remote locations like S3, SFTP, and WebDAV. Deja-dup is the graphical user interface for Duplicity in Ubuntu.
How to install Duplicity Backup ?
We can install Duplicity easily using the following command in the terminal window:
sudo apt-get install duplicity
Sometimes we need the NcFTP package to use the Duplicity FTP backup. To install the same, we run:
sudo apt-get install ncftp
In addition, we need to create the backup directory at the remote server.
mkdir -p /remote_backup_directory
Generally, our Support Engineers uses SFTP to transfer the Duplicity backups to remote locations.
SSH keys need to be set up with both the servers to perform a password-less transfer.
To set up an extra layer of security, we can use GPG. To generate the key, we run:
It will ask for a few details like the type of key, name, email address, and optionally, a comment associate with this key. It also asks for a passphrase, which we should set to ensure proper encryption.
Once the key is generated, it displays the public key on the screen. We can also retrieve it by using the command:
Duplicity full backup setup
The syntax to generate backup using gpg is as follows:
PASSPHRASE="passphrase_we_set_for_GPG" duplicity –encrypt-key public_key –exclude /proc –exclude /sys –exclude /tmp / sftp://root@backupdomainhost//remote_backup_directory
The above command by default generates incremental backups. To make it generate a Full backup of the server, we can use the option full with it.
duplicity full –no-encryption –exclude /mnt –exclude /tmp –exclude /proc –exclude /sys / rsync://email@example.com//<backup-directory>
Then to run these backup tasks periodically, a cron job can be set at the source server end. We can use either of the options to remove older backups from the remote backup host:
remove-all-but-n-full count: Delete all backups sets that are older than the count. If the count is 2, it retains only 2 recent backups and deletes all others.
remove-older-than time: Delete all backup sets older than the given time. Old backup sets will not delete if backup sets newer than time depend on them
Duplicity restore full backup
Restoration from the Duplicity backup is easy. We just need to interchange the remote and local parameters. A restore with backup can perform using the command below:
PASSPHRASE="passphrase_we_set_for_GPG" duplicity sftp://firstname.lastname@example.org//path_of the_backup
To restore a single file using duplicity, we can go for the command below:
PASSPHRASE="passphrase_we_set_for_GPG" duplicity –file-to-restore /path/to/file sftp://email@example.com//path_of_the_backupfile /path/to/restore/file
By default, the files already present in the server won’t be restored. Alternatively, for the restoration to complete successfully, either delete the file prior to running the script or use a different path or file name.