phpman > man > duplicity

📛 NAME

duplicity - Encrypted incremental backup to local or remote storage.

📜 SYNOPSIS

duplicity [full|incremental] [options] source_directory target_url

duplicity verify [options] [--compare-data] [--file-to-restore <relpath>] [--time time] source_url target_directory

duplicity collection-status [options] [--file-changed <relpath>] target_url

duplicity list-current-files [options] [--time time] target_url

duplicity [restore] [options] [--file-to-restore <relpath>] [--time time] source_url target_directory

duplicity remove-older-than <time> [options] [--force] target_url

duplicity remove-all-but-n-full <count> [options] [--force] target_url

duplicity remove-all-inc-of-but-n-full <count> [options] [--force] target_url

duplicity cleanup [options] [--force] target_url

duplicity replicate [options] [--time time] source_url target_url

📝 DESCRIPTION

Duplicity incrementally backs up files and folders into tar-format volumes encrypted with GnuPG and places them to a remote (or local) storage backend. See chapter URL FORMAT for a list of all supported backends and how to address them. Because duplicity uses librsync, incremental backups are space efficient and only record the parts of files that have changed since the last backup. Currently duplicity supports deleted files, full Unix permissions, uid/gid, directories, symbolic links, fifos, etc., but not hard links.

If you are backing up the root directory /, remember to --exclude /proc, or else duplicity will probably crash on the weird stuff in there.

💡 EXAMPLES

Here is an example of a backup, using sftp to back up /home/me to some_dir on the other.host machine:

duplicity /home/me sftp://uid AT other.host/some_dir

If the above is run repeatedly, the first will be a full backup, and subsequent ones will be incremental. To force a full backup, use the full action:

duplicity full /home/me sftp://uid AT other.host/some_dir

or enforcing a full every other time via --full-if-older-than <time> , e.g. a full every month:

duplicity --full-if-older-than 1M /home/me sftp://uid AT other.host/some_dir

Now suppose we accidentally delete /home/me and want to restore it the way it was at the time of last backup:

duplicity sftp://uid AT other.host/some_dir /home/me

Duplicity enters restore mode because the URL comes before the local directory. If we wanted to restore just the file "Mail/article" in /home/me as it was three days ago into /home/me/restored_file:

duplicity -t 3D --file-to-restore Mail/article sftp://uid AT other.host/some_dir /home/me/restored_file

The following command compares the latest backup with the current files:

duplicity verify sftp://uid AT other.host/some_dir /home/me

Finally, duplicity recognizes several include/exclude options. For instance, the following will backup the root directory, but exclude /mnt, /tmp, and /proc:

duplicity --exclude /mnt --exclude /tmp --exclude /proc / file:///usr/local/backup

Note that in this case the destination is the local directory /usr/local/backup. The following will backup only the /home and /etc directories under root:

duplicity --include /home --include /etc --exclude '**' / file:///usr/local/backup

Duplicity can also access a repository via ftp. If a user name is given, the environment variable FTP_PASSWORD is read to determine the password:

FTP_PASSWORD=mypassword duplicity /local/dir ftp://user AT other.host/some_dir

⚡ ACTIONS

Duplicity knows action commands, which can be finetuned with options. The actions for backup (full,incr) and restoration (restore) can as well be left out as duplicity detects in what mode it should switch to by the order of target URL and local folder. If the target URL comes before the local folder a restore is in order, is the local folder before target URL then this folder is about to be backed up to the target URL. If a backup is in order and old signatures can be found duplicity automatically performs an incremental backup.

Note: The following explanations explain some but not all options that can be used in connection with that action command. Consult the OPTIONS section for more detailed informations.

📦 full <folder> <url>

Perform a full backup. A new backup chain is started even if signatures are available for an incremental backup.

📈 incr <folder> <url>

If this is requested an incremental backup will be performed. Duplicity will abort if no old signatures can be found.

✔️ verify [--compare-data] [--time <time>] [--file-to-restore <rel_path>] <url> <local_path>

Verify tests the integrity of the backup archives at the remote location by downloading each file and checking both that it can restore the archive and that the restored file matches the signature of that file stored in the backup, i.e. compares the archived file with its hash value from archival time. Verify does not actually restore and will not overwrite any local files. Duplicity will exit with a non-zero error level if any files do not match the signature stored in the archive for that file. On verbosity level 4 or higher, it will log a message for each file that differs from the stored signature. Files must be downloaded to the local machine in order to compare them. Verify does not compare the backed-up version of the file to the current local copy of the files unless the --compare-data option is used (see below). The --file-to-restore option restricts verify to that file or folder. The --time option allows to select a backup to verify. The --compare-data option enables data comparison (see below).

📊 collection-status [--file-changed <relpath>]<url>

Summarize the status of the backup repository by printing the chains and sets found, and the number of volumes in each.

📋 list-current-files [--time <time>] <url>

Lists the files contained in the most current backup or backup at time. The information will be extracted from the signature files, not the archive data itself. Thus the whole archive does not have to be downloaded, but on the other hand if the archive has been deleted or corrupted, this command will not detect it.

🔄 restore [--file-to-restore <relpath>] [--time <time>] <url> <target_folder>

You can restore the full monty or selected folders/files from a specific time. Use the relative path as it is printed by list-current-files. Usually not needed as duplicity enters restore mode when it detects that the URL comes before the local folder.

🗑️ remove-older-than <time> [--force] <url>

Delete all backup sets older than the given time. Old backup sets will not be deleted if backup sets newer than time depend on them. See the TIME FORMATS section for more information. Note, this action cannot be combined with backup or other actions, such as cleanup. Note also that --force will be needed to delete the files instead of just listing them.

🗑️📦 remove-all-but-n-full <count> [--force] <url>

Delete all backups sets that are older than the count:th last full backup (in other words, keep the last count full backups and associated incremental sets). count must be larger than zero. A value of 1 means that only the single most recent backup chain will be kept. Note that --force will be needed to delete the files instead of just listing them.

🗑️📈 remove-all-inc-of-but-n-full <count> [--force] <url>

Delete incremental sets of all backups sets that are older than the count:th last full backup (in other words, keep only old full backups and not their increments). count must be larger than zero. A value of 1 means that only the single most recent backup chain will be kept intact. Note that --force will be needed to delete the files instead of just listing them.

🧹 cleanup [--force] <url>

Delete the extraneous duplicity files on the given backend. Non-duplicity files, or files in complete data sets will not be deleted. This should only be necessary after a duplicity session fails or is aborted prematurely. Note that --force will be needed to delete the files instead of just listing them.

🔁 replicate [--time time] <source_url> <target_url>

Replicate backup sets from source to target backend. Files will be (re)-encrypted and (re)-compressed depending on normal backend options. Signatures and volumes will not get recomputed, thus options like --volsize or --max-blocksize have no effect. When --time time is given, only backup sets older than time will be replicated.

⚙️ OPTIONS

🔀 --allow-source-mismatch

Do not abort on attempts to use the same archive dir or remote backend to back up different directories. duplicity will tell you if you need this switch.

📁 --archive-dir path

The archive directory. NOTE: This option changed in 0.6.0. The archive directory is now necessary in order to manage persistence for current and future enhancements. As such, this option is now used only to change the location of the archive directory. The archive directory should not be deleted, or duplicity will have to recreate it from the remote repository (which may require decrypting the backup contents).

When backing up or restoring, this option specifies that the local archive directory is to be created in path. If the archive directory is not specified, the default will be to create the archive directory in ~/.cache/duplicity/.

The archive directory can be shared between backups to multiple targets, because a subdirectory of the archive dir is used for individual backups (see --name ).

The combination of archive directory and backup name must be unique in order to separate the data of different backups.

The interaction between the --archive-dir and the --name options allows for four possible combinations for the location of the archive dir:

1.     neither specified (default)
        ~/.cache/duplicity/hash-of-url

2.     --archive-dir=/arch, no --name
        /arch/hash-of-url

3.     no --archive-dir, --name=foo
        ~/.cache/duplicity/foo

4.     --archive-dir=/arch, --name=foo
        /arch/foo

🚀 --asynchronous-upload

(EXPERIMENTAL) Perform file uploads asynchronously in the background, with respect to volume creation. This means that duplicity can upload a volume while, at the same time, preparing the next volume for upload. The intended end-result is a faster backup, because the local CPU and your bandwidth can be more consistently utilized. Use of this option implies additional need for disk space in the temporary storage location; rather than needing to store only one volume at a time, enough storage space is required to store two volumes.

⏳ --backend-retry-delay number

Specifies the number of seconds that duplicity waits after an error has occured before attempting to repeat the operation.

☁️ --cf-backend backend

Allows the explicit selection of a cloudfiles backend. Defaults to pyrax. Alternatively you might choose cloudfiles.

🙈 --b2-hide-files

Causes Duplicity to hide files in B2 instead of deleting them. Useful in combination with B2's lifecycle rules.

⚖️ --compare-data

Enable data comparison of regular files on action verify. This conducts a verify as described above to verify the integrity of the backup archives, but additionally compares restored files to those in target_directory. Duplicity will not replace any files in target_directory. Duplicity will exit with a non-zero error level if the files do not correctly verify or if any files from the archive differ from those in target_directory. On verbosity level 4 or higher, it will log a message for each file that differs from its equivalent in target_directory.

🔗 --copy-links

Resolve symlinks during backup. Enabling this will resolve & back up the symlink's file/folder data instead of the symlink itself, potentially increasing the size of the backup.

🏃 --dry-run

Calculate what would be done, but do not perform any backend actions

🔑 --encrypt-key key-id

When backing up, encrypt to the given public key, instead of using symmetric (traditional) encryption. Can be specified multiple times. The key-id can be given in any of the formats supported by GnuPG; see gpg(1), section "HOW TO SPECIFY A USER ID" for details.

🔏 --encrypt-secret-keyring filename

This option can only be used with --encrypt-key, and changes the path to the secret keyring for the encrypt key to filename This keyring is not used when creating a backup. If not specified, the default secret keyring is used which is usually located at .gnupg/secring.gpg

🔐 --encrypt-sign-key key-id

Convenience parameter. Same as --encrypt-key key-id --sign-key key-id.

🚫 --exclude shell_pattern

Exclude the file or files matched by shell_pattern. If a directory is matched, then files under that directory will also be matched. See the FILE SELECTION section for more information.

🚫📱 --exclude-device-files

Exclude all device files. This can be useful for security/permissions reasons or if duplicity is not handling device files correctly.

📄 --exclude-filelist filename

Excludes the files listed in filename, with each line of the filelist interpreted according to the same rules as --include and --exclude. See the FILE SELECTION section for more information.

🚫📂 --exclude-if-present filename

Exclude directories if filename is present. Allows the user to specify folders that they do not wish to backup by adding a specified file (e.g. ".nobackup") instead of maintaining a comprehensive exclude/include list.

⏳ --exclude-older-than time

Exclude any files whose modification date is earlier than the specified time. This can be used to produce a partial backup that contains only recently changed files. See the TIME FORMATS section for more information.

🗂️ --exclude-other-filesystems

Exclude files on file systems (identified by device number) other than the file system the root of the source directory is on.

🚫🔤 --exclude-regexp regexp

Exclude files matching the given regexp. Unlike the --exclude option, this option does not match files in a directory it matches. See the FILE SELECTION section for more information.

🏷️ --file-prefix, --file-prefix-manifest, --file-prefix-archive, --file-prefix-signature

phpman > man > duplicity(1) 📛 NAME 📜 SYNOPSIS 📝 DESCRIPTION 💡 EXAMPLES ⚡ ACTIONS ⚙️ OPTIONS