X-Git-Url: https://git.stderr.nl/gitweb?p=matthijs%2Fupstream%2Fbackupninja.git;a=blobdiff_plain;f=examples%2Fexample.dup;h=d490f745f3777458e72f5af8e2b74ecb27b12823;hp=7db77710c755167cb68634c69604d2ef05a99a68;hb=8ed22e66fed72343e87740a235b0544faddd1d33;hpb=c4785ba5edb9738f7e9da8c4086a4b6984515dd2 diff --git a/examples/example.dup b/examples/example.dup index 7db7771..d490f74 100644 --- a/examples/example.dup +++ b/examples/example.dup @@ -8,47 +8,74 @@ nicelevel = 19 # default is yes. set to no to skip the test if the remote host is alive #testconnect = no +# temporary directory used by duplicity +# (default = /tmp or /usr/tmp, depending on the system) +#tmpdir = /var/tmp/duplicity + ###################################################### ## gpg section -## (how to encrypt and optionnally sign the backups) +## (how to encrypt and optionally sign the backups) +## +## WARNING: old (pre-0.9.4) example.dup used to give wrong information about +## the way the following options are used. Please read the following +## carefully. +## +## If the encryptkey variable is set: +## - data is encrypted with the GnuPG public key specified by the encryptkey +## variable +## - if signing is enabled, data is signed with the GnuPG private +## key specified by the signkey variable +## - the password variable is used to unlock the GnuPG key(s) used +## for encryption and (optionnal) signing +## +## If the encryptkey option is not set: +## - data signing is not possible +## - the password variable is used to encrypt the data with symmetric +## encryption: no GnuPG key pair is needed [gpg] -# passphrase needed to unlock the GnuPG key -# NB: do not quote it, and it should not contain any quote -password = a_very_complicated_passphrase - -# default is no, for backward compatibility with backupninja <= 0.5. -# when set to yes, encryptkey option must be set below. +# when set to yes, encryptkey variable must be set below; if you want to use +# two different keys for encryption and signing, you must also set the signkey +# variable below. +# default is no, for backwards compatibility with backupninja <= 0.5. sign = yes -# key ID used for data encryption and, optionnally, signing. -# if not set, local root's default gpg key is used. +# ID of the GnuPG public key used for data encryption. +# if not set, symmetric encryption is used, and data signing is not possible. encryptkey = 04D9EA79 +# ID of the GnuPG private key used for data signing. +# if not set, encryptkey will be used. +#signkey = 04D9EA79 + +# password +# NB: neither quote this, nor should it contain any quotes +password = a_very_complicated_passphrase + ###################################################### ## source section ## (where the files to be backed up are coming from) [source] -# files to include in the backup -# (supports globbing with '*') -# BIG FAT WARNING -# Symlinks are not dereferenced. Moreover, an include line whose path -# contains, at any level, a symlink to a directory, will only have the -# symlink backed-up, not the target directory's content. Yes, you have -# to dereference yourself the symlinks, or to use 'mount --bind' -# instead. -# EXAMPLE -# Let's say /home is a symlink to /mnt/crypt/home ; the following line -# will only backup a "/home" symlink ; neither /home/user nor -# /home/user/Mail will be backed-up : -# include = /home/user/Mail -# A workaround is to 'mount --bind /mnt/crypt/home /home' ; another -# one is to write : -# include = /mnt/crypt/home/user/Mail +# A few notes about includes and excludes: +# 1. include, exclude and vsinclude statements support globbing with '*' +# 2. Symlinks are not dereferenced. Moreover, an include line whose path +# contains, at any level, a symlink to a directory, will only have the +# symlink backed-up, not the target directory's content. Yes, you have to +# dereference yourself the symlinks, or to use 'mount --bind' instead. +# Example: let's say /home is a symlink to /mnt/crypt/home ; the following +# line will only backup a "/home" symlink ; neither /home/user nor +# /home/user/Mail will be backed-up : +# include = /home/user/Mail +# A workaround is to 'mount --bind /mnt/crypt/home /home' ; another one is to +# write : +# include = /mnt/crypt/home/user/Mail +# 3. All the excludes come after all the includes. The order is not otherwise +# taken into account. +# files to include in the backup include = /var/spool/cron/crontabs include = /var/backups include = /etc @@ -63,17 +90,18 @@ include = /var/lib/dpkg/status-old # be used: # vsnames = all | ... (default = all) # vsinclude = +# vsinclude = +# ... # Any path specified in vsinclude is added to the include list for each vserver -# listed in vsnames (or all if vsnames = all). -# E.g. vsinclude = /home will backup the /home partition in every vserver -# listed in vsnames. If you have vsnames = "foo bar baz", this vsinclude will -# add to the include list /vservers/foo/home, /vservers/bar/home and -# /vservers/baz/home. +# listed in vsnames (or all if vsnames = all, which is the default). +# +# For example, vsinclude = /home will backup the /home directory in every +# vserver listed in vsnames. If you have 'vsnames = foo bar baz', this +# vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home +# and /vservers/baz/home. # Vservers paths are derived from $VROOTDIR. -# rdiff-backup specific comment, TO ADAPT # files to exclude from the backup -# (supports globbing with '*') exclude = /home/*/.gnupg ###################################################### @@ -95,8 +123,10 @@ exclude = /home/*/.gnupg # bandwith limit, in kbit/s ; default is 0, i.e. no limit #bandwidthlimit = 128 -# passed directly to ssh and scp -sshoptions = -i /root/.ssh/id_dsa_duplicity +# passed directly to ssh, scp (and sftp in duplicity >=0.4.2) +# warning: sftp does not support all scp options, especially -i; as +# a workaround, you can use "-o " +sshoptions = -o IdentityFile=/root/.ssh/id_dsa_duplicity # put the backups under this directory destdir = /backups