## This is an example duplicity configuration file. ## ## Here you can find all the possible duplicity options, details of ## what the options provide and possible settings. The defaults are set ## as the commented out option, uncomment and change when ## necessary. Options which are uncommented in this example do not have ## defaults, and the settings provided are recommended. ## passed directly to duplicity, e.g. to increase verbosity set this to: ## options = --verbosity 8 ## when using the Amazon S3 backend to create buckets in Europe: ## options = --s3-european-buckets --s3-use-new-style ## ## Default: # options = ## default is 0, but set to something like 19 if you want to lower the priority. ## ## Default: # nicelevel = 0 ## ionicelevel is optional. If it is left undefined or empty, ionice will not ## be used at all. If it is set to to an integer value from 0 to 7, then ionice ## will be used with the best effort class (-c2) and with the ionicelevel as ## the class data (-n). ## ## See the ionice(1) man page for more details about available levels. ## ## Default: # ionicelevel = ## test the connection? set to no to skip the test if the remote host is alive. ## if 'desturl' is set below, 'testconnect' must be set to 'no' for now. ## ## Default: # testconnect = yes ## temporary directory used by duplicity, set to some other location if your /tmp is small ## default is either /tmp or /usr/tmp, depending on the system ## ## Default: # tmpdir = /tmp ###################################################### ## gpg section ## (how to encrypt and optionally sign the backups) ## ## WARNING: old (pre-0.9.4) example.dup used to give wrong information about ## the way the following options are used. Please read the following ## carefully. ## ## If the encryptkey variable is set: ## - data is encrypted with the GnuPG public key specified by the encryptkey ## variable ## - if signing is enabled, data is signed with the GnuPG private ## key specified by the signkey variable ## - the password variable is used to unlock the GnuPG key(s) used ## for encryption and (optionnal) signing ## ## If the encryptkey option is not set: ## - data signing is not possible ## - the password variable is used to encrypt the data with symmetric ## encryption: no GnuPG key pair is needed [gpg] ## when set to yes, encryptkey variable must be set below; if you want to use ## two different keys for encryption and signing, you must also set the signkey ## variable (and probably signpassword) below. ## default is set to no, for backwards compatibility with backupninja <= 0.5. ## ## Default: # sign = no ## ID of the GnuPG public key used for data encryption. ## if not set, symmetric encryption is used, and data signing is not possible. ## an example setting would be: ## encryptkey = 04D9EA79 ## ## Default: # encryptkey = ## ID of the GnuPG private key used for data signing. ## if not set, encryptkey will be used, an example setting would be: ## signkey = 04D9EA79 ## ## Default: # signkey = ## password used to unlock the encryption key ## NB: neither quote this, nor should it contain any quotes, ## an example setting would be: ## password = a_very_complicated_passphrase ## ## Default: # password = ## password used to unlock the signature key, used only if ## it differs from the encryption key ## NB: neither quote this, nor should it contain any quotes, ## an example setting would be: ## signpassword = a_very_complicated_passphrase ## ## Default: # signpassword = ###################################################### ## source section ## (where the files to be backed up are coming from) [source] ## A few notes about includes and excludes: ## 1. include and exclude statements support globbing with '*' ## 2. Symlinks are not dereferenced. Moreover, an include line whose path ## contains, at any level, a symlink to a directory, will only have the ## symlink backed-up, not the target directory's content. Yes, you have to ## dereference yourself the symlinks, or to use 'mount --bind' instead. ## Example: let's say /home is a symlink to /mnt/crypt/home ; the following ## line will only backup a "/home" symlink ; neither /home/user nor ## /home/user/Mail will be backed-up : ## include = /home/user/Mail ## A workaround is to 'mount --bind /mnt/crypt/home /home' ; another one is to ## write : ## include = /mnt/crypt/home/user/Mail ## 3. All the excludes come after all the includes. The order is not otherwise ## taken into account. ## files to include in the backup include = /var/spool/cron/crontabs include = /var/backups include = /etc include = /root include = /home include = /usr/local/bin include = /usr/local/sbin include = /var/lib/dpkg/status include = /var/lib/dpkg/status-old # files to exclude from the backup exclude = /home/*/.gnupg exclude = /var/cache/backupninja/duplicity ###################################################### ## destination section ## (where the files are copied to) [dest] ## perform an incremental backup? (default = yes) ## if incremental = no, perform a full backup in order to start a new backup set ## ## Default: # incremental = yes ## how many days of incremental backups before doing a full backup again ; ## default is 30 days (one can also use the time format of duplicity). ## if increments = keep, never automatically perform a new full backup ; ## only perform incremental backups. ## ## Default: # increments = 30 ## how many days of data to keep ; default is 60 days. ## (you can also use the time format of duplicity) ## 'keep = yes' means : do not delete old data, the remote host will take care of this ## ## Default: # keep = 60 # for how many full backups do we keep their later increments ; # default is all (keep all increments). # increments for older full backups will be deleted : only the more # recent ones (count provided) will be kept # ## Default: # keepincroffulls = all ## full destination URL, in duplicity format; if set, desturl overrides ## sshoptions, destdir, desthost and destuser; it also disables testconnect and ## bandwithlimit. For details, see duplicity manpage, section "URL FORMAT", some ## examples include: ## desturl = file:///usr/local/backup ## desturl = rsync://user@other.host//var/backup/bla ## desturl = s3+http:// ## desturl = ftp://myftpuser@ftp.example.org/remote/ftp/path ## desturl = dpbx:///myserver ## the default value of this configuration option is not set: ## ## Default: # desturl = ## Amazon Web Services Access Key ID and Secret Access Key, needed for backups ## to S3 buckets. ## awsaccesskeyid = YOUR_AWS_ACCESS_KEY_ID ## awssecretaccesskey = YOUR_AWS_SECRET_KEY ## ## Default: # awsaccesskeyid = # awssecretaccesskey = ## RackSpace's CloudFiles username, API key, and authentication URL. ## cfusername = YOUR_CF_USERNAME ## cfapikey = YOUR_CF_API_KEY ## cfauthurl = YOUR_CF_AUTH_URL ## ## Default: # cfusername = # cfapikey = # cfauthurl = ## Dropbox requires a valid authentication token. To obtain one, you will need ## to create a Dropbox API application at https://www.dropbox.com/developers/apps/create. ## See the "A note on Dropbox access" section of the Duplicity manpage for more ## details: http://duplicity.nongnu.org/duplicity.1.html#sect12 ## ## Default: # dropboxappkey = # dropboxappsecret = # dropboxaccesstoken = ## FTP password, needed for backups using desturl = ftp://... ## ## Default: # ftp_password = ## bandwith limit, in KB/s ; default is 0, i.e. no limit ## if using 'desturl' above, 'bandwidthlimit' must not be set ## an example setting of 128 KB/s would be: ## bandwidthlimit = 128 ## ## Default: # bandwidthlimit = 0 ## duplicity < 0.6.17 ## ------------------ ## passed directly to ssh, scp (and sftp in duplicity >=0.4.2) ## warning: sftp does not support all scp options, especially -i; as ## a workaround, you can use "-o " ## an example setting would be: ## sshoptions = -o IdentityFile=/root/.ssh/id_rsa_duplicity ## ## duplicity >= 0.6.17 ## ------------------- ## supports only "-oIdentityFile=..." since duplicity >=0.6.17 uses paramiko, ## a ssh python module. ## warning: requires no space beetween "-o" and "IdentityFile=...". ## ## Default: # sshoptions = ## put the backups under this destination directory ## if using 'desturl' above, this must not be set ## in all other cases, this must be set! ## an example setting would be: ## destdir = /backups ## ## Default: # destdir = ## the machine which will receive the backups ## if using 'desturl' above, this must not be set ## in all other cases, this must be set! ## an example setting would be: ## desthost = backuphost ## ## Default: # desthost = ## make the files owned by this user ## if using 'desturl' above, this must not be set ## note: if using an SSH based transport and 'type' is set to 'remote', you must ## be able to 'ssh backupuser@backuphost' without specifying a password. ## an example setting would be: ## destuser = backupuser ## ## Default: # destuser =