Duplicity HOWTO

I use Duplicity for backup of my local server. Backup is done to Amazon S3. I use Amazon S3 as storage is quite cheap. I currently pay less than 10$/month for more than 70GB of data.

Below is a description of my Duplicity setup. Feel free to use this for your own setup if you like. This guide is written for Ubuntu 11.10, but should work for any newer version and maybe for older versions as well.


First of all you need to create an Amazon AWS account with access to S3 storage. Signup page is found here. When you have signed up select “security credentials” in the management console. Write down access key ID and secret access key. You will need these later.

You need to install a couple of packages before you are ready to backup some data. The two required packages are duplicity and python-bobo. Install them from a console with the command apt-get install duplicity python-bobo.

Duplicity can encrypt data before upload to Amazon S2. This ensures that no one else can read your backup if your Amazon account is hacked. Duplicity use GPG to encrypt data. For that you need a key pair. Generate the key pair with below command.

gpg --gen-key

Select 1 for both RSA and DSA. If you don’t want your key to expire select 0 in “key is valid for”. Confirm the settings. Key in your name etc. Finally create a passphrase for your key. The key is now being generated. When key generation is completed remember the key (something like F43FB863). You need this later on. It is very important that you save your GPG key a safe place. Reason is that you will NOT be able to restore your backup without this key.

All the required software is now installed.

Configuration and backup

In my configuration backup is scheduled to run once a day. Duplicity makes it possible to make incremental backups. It even handles incomplete full backups. If your full backup is disrupted it will just continue with the full backup next time the backup script is executed.

I use a small shell script to start my backup. You can get the script here. Open the shell script in a text editor and change the values for AWS_ACCESS_KEY, AWS_SECRET_KEY, PASSPHRASE and GPG_KEY. Remember that you wrote down all the values during installation :-)

Around line 25 in the script you will see that the script takes backup of two different folders. That is etc and home. This is done by calling backup function. Backup function takes three arguments. That is the source folder, destination folder and how old a full backup can be. For instance it is 45 for etc folder. If last full backup os older than 45 days a new full backup is made. After the full backup have been created the old full backup, including all incremental backups are deleted. This ensures that there is always a full backup available.

You can of cource modify the script to take backup of other folders. After you have modified the scripts as per above and added the folders to take backup of copy the script to /etc/cron.daily. This ensures that your backup is executed once a day.

You are now successfully creating backup of your system.


If you get in a situation where you need to restore your data you can use this script to restore your data.

As with the backup script open the script in your favourite text editor and change the values of AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, PASSPHRASE and GPG_KEY. At the bottom you will see that the script restores etc and home to the the folder /mnt/etc and /mnt/home.

It is also possible to restore single files and files back in time as long as it is after creation of last full backup. Please see the man page for duplicity for details. At some point I might write a few notes about it here.