## This is an example duplicity configuration file. ## ## Here you can find all the possible duplicity options, details of ## what the options provide and possible settings. The defaults are set ## as the commented out option, uncomment and change when ## necessary. Options which are uncommented in this example do not have ## defaults, and the settings provided are recommended. ## passed directly to duplicity, e.g. to increase verbosity set this to: ## options = --verbosity 8 ## when using the Amazon S3 backend to create buckets in Europe: ## options = --s3-european-buckets --s3-use-new-style ## ## Default: # options = ## default is 0, but set to something like 19 if you want to lower the priority. ## ## Default: # nicelevel = 0 ## test the connection? set to no to skip the test if the remote host is alive ## ## Default: # testconnect = yes ## temporary directory used by duplicity, set to some other location if your /tmp is small ## default is either /tmp or /usr/tmp, depending on the system ## ## Default: # tmpdir = /tmp ###################################################### ## gpg section ## (how to encrypt and optionally sign the backups) ## ## WARNING: old (pre-0.9.4) example.dup used to give wrong information about ## the way the following options are used. Please read the following ## carefully. ## ## If the encryptkey variable is set: ## - data is encrypted with the GnuPG public key specified by the encryptkey ## variable ## - if signing is enabled, data is signed with the GnuPG private ## key specified by the signkey variable ## - the password variable is used to unlock the GnuPG key(s) used ## for encryption and (optionnal) signing ## ## If the encryptkey option is not set: ## - data signing is not possible ## - the password variable is used to encrypt the data with symmetric ## encryption: no GnuPG key pair is needed [gpg] ## when set to yes, encryptkey variable must be set below; if you want to use ## two different keys for encryption and signing, you must also set the signkey ## variable below. ## default is set to no, for backwards compatibility with backupninja <= 0.5. ## ## Default: # sign = no ## ID of the GnuPG public key used for data encryption. ## if not set, symmetric encryption is used, and data signing is not possible. ## an example setting would be: ## encryptkey = 04D9EA79 ## ## Default: # encryptkey = ## ID of the GnuPG private key used for data signing. ## if not set, encryptkey will be used, an example setting would be: ## signkey = 04D9EA79 ## ## Default: # signkey = ## password ## NB: neither quote this, nor should it contain any quotes, ## an example setting would be: ## password = a_very_complicated_passphrase ## ## Default: # password = ###################################################### ## source section ## (where the files to be backed up are coming from) [source] ## A few notes about includes and excludes: ## 1. include, exclude and vsinclude statements support globbing with '*' ## 2. Symlinks are not dereferenced. Moreover, an include line whose path ## contains, at any level, a symlink to a directory, will only have the ## symlink backed-up, not the target directory's content. Yes, you have to ## dereference yourself the symlinks, or to use 'mount --bind' instead. ## Example: let's say /home is a symlink to /mnt/crypt/home ; the following ## line will only backup a "/home" symlink ; neither /home/user nor ## /home/user/Mail will be backed-up : ## include = /home/user/Mail ## A workaround is to 'mount --bind /mnt/crypt/home /home' ; another one is to ## write : ## include = /mnt/crypt/home/user/Mail ## 3. All the excludes come after all the includes. The order is not otherwise ## taken into account. ## files to include in the backup include = /var/spool/cron/crontabs include = /var/backups include = /etc include = /root include = /home include = /usr/local/bin include = /usr/local/sbin include = /var/lib/dpkg/status include = /var/lib/dpkg/status-old ## If vservers = yes in /etc/backupninja.conf then the following variables can ## be used: ## vsnames = all | ... (default = all) ## vsinclude = ## vsinclude = ## ... ## Any path specified in vsinclude is added to the include list for each vserver ## listed in vsnames (or all if vsnames = all, which is the default). ## ## For example, vsinclude = /home will backup the /home directory in every ## vserver listed in vsnames. If you have 'vsnames = foo bar baz', this ## vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home ## and /vservers/baz/home. ## Vservers paths are derived from $VROOTDIR. # files to exclude from the backup exclude = /home/*/.gnupg ###################################################### ## destination section ## (where the files are copied to) [dest] ## perform an incremental backup? (default = yes) ## if incremental = no, perform a full backup in order to start a new backup set ## ## Default: # incremental = yes ## how many days of data to keep ; default is 60 days. ## (you can also use the time format of duplicity) ## 'keep = yes' means : do not delete old data, the remote host will take care of this ## ## Default: # keep = 60 ## full destination URL, in duplicity format; if set, desturl overrides ## sshoptions, destdir, desthost and destuser; it also disables testconnect and ## bandwithlimit. For details, see duplicity manpage, section "URL FORMAT", some ## examples include: ## desturl = file:///usr/local/backup ## desturl = rsync://user@other.host//var/backup/bla ## desturl = s3+http:// ## the default value of this configuration option is not set: ## ## Default: # desturl = ## Amazon Web Services Access Key ID and Secret Access Key, needed for backups ## to S3 buckets. ## awsaccesskeyid = YOUR_AWS_ACCESS_KEY_ID ## awssecretaccesskey = YOUR_AWS_SECRET_KEY ## ## Default: # awsaccesskeyid = # awssecretaccesskey = ## bandwith limit, in kbit/s ; default is 0, i.e. no limit an example ## setting would be: ## bandwidthlimit = 128 ## ## Default: # bandwidthlimit = 0 ## passed directly to ssh, scp (and sftp in duplicity >=0.4.2) ## warning: sftp does not support all scp options, especially -i; as ## a workaround, you can use "-o " ## an example setting would be: ## sshoptions = -o IdentityFile=/root/.ssh/id_dsa_duplicity ## ## Default: # sshoptions = ## put the backups under this directory, this must be set! ## an example setting would be: ## destdir = /backups ## ## Default: # destdir = ## the machine which will receive the backups, this must be set! ## an example setting would be: ## desthost = backuphost ## ## Default: # desthost = ## make the files owned by this user ## note: you must be able to ssh backupuser@backhost ## without specifying a password (if type = remote). ## an example setting would be: ## destuser = backupuser ## ## Default: # destuser =