7) Duplicity

Duplicity backs up directories by producing encrypted tar-format volumes and uploading them to a remote file server, such as an Object Storage S3 server.

Because duplicity uses librsync, the incremental archives are space efficient and only record the parts of files that have changed since the last backup.

Because duplicity uses GnuPG to encrypt and/or sign these archives, they will be safe from spying and/or modification by the server.

Duplicity requires gnupg2 package and can be installed with pip install duplicity.

With gnupg --gen-key command, generate your encryption and/or signing keys:

[ffornari@tb-cloud-ui ~]$ gpg --list-keys

/home/ffornari/.gnupg/pubring.gpg

---------------------------------

pub   4096R/65F86A6A 2020-05-27

uid                  Objectstore Backup Encryption <federico.fornari@cnaf.infn.it>

sub   4096R/981007EB 2020-05-27

pub   4096R/4441AFC4 2020-05-27

uid                  Objectstore Backup Signing <federico.fornari@cnaf.infn.it>

sub   4096R/E1AAB173 2020-05-27

[ffornari@tb-cloud-ui ~]$ gpg --export-secret-keys -a E1AAB173 > signing.asc

[ffornari@tb-cloud-ui ~]$ gpg --export-secret-keys -a 981007EB > encryption.asc

Then source your Openstack openrc file, create a file with your Swift credentials and source it too:

[ffornari@tb-cloud-ui test_clients]$ cat swift_userrc 

export SWIFT_USERNAME="$OS_PROJECT_NAME:$OS_USERNAME"

export SWIFT_PASSWORD="XXX"

export SWIFT_AUTHURL="https://tb-cloud-api-pub.cr.cnaf.infn.it:5000/v3"

export SWIFT_AUTHVERSION="3"

[ffornari@tb-cloud-ui test_clients]$ source swift_userrc 

[ffornari@tb-cloud-ui test_clients]$

Finally, you'll be able to start the backup of your local directory (e.g. ~/test_s3):

[ffornari@tb-cloud-ui ~]$ duplicity ~/test_s3 swift://duplicity

Local and Remote metadata are synchronized, no sync needed.

Last full backup date: none

GnuPG passphrase: 

Retype passphrase to confirm: 

No signatures found, switching to full backup.

--------------[ Backup Statistics ]--------------

StartTime 1590570931.22 (Wed May 27 11:15:31 2020)

EndTime 1590570931.48 (Wed May 27 11:15:31 2020)

ElapsedTime 0.27 (0.27 seconds)

SourceFiles 30

SourceFileSize 386402 (377 KB)​

NewFiles 30​

NewFileSize 386402 (377 KB)​

DeletedFiles 0​

ChangedFiles 0​

ChangedFileSize 0 (0 bytes)​

ChangedDeltaSize 0 (0 bytes)​

DeltaEntries 30​

RawDeltaSize 382306 (373 KB)​

TotalDestinationSizeChange 327435 (320 KB)​

Errors 0​

-------------------------------------------------​

[ffornari@tb-cloud-ui ~]$​