duply

Overview

This is an Ansible role for making a server backup itself using the duply front-end to duplicity. It installs a duply profile called “main”.

This role does not currently support encryption.

What is backed up

Everything is backed up, except for stuff that is reproduced during installation (such as /usr), can be recreated (such as /var/cache), is temporary (such as /tmp and /var/tmp), or should be backed up in another way (such as live database files).

More specifically, the files and directories excluded are /bin, /boot, /dev, /initrd.img, /lib, /lib32, /lib64, /lost+found, /media, /mnt, /opt, /proc, /run, /sbin, /sys, /tmp, /usr, /var/cache, /var/crash, /var/lib/postgres, /var/lib/mysql, /var/lock, /var/run, /var/swap, /var/swapfile, /var/swap.img, /var/tmp, and /vmlinuz. There is currently no option for changing that.

Pre- and post- scripts

The /etc/duply/main/pre-scripts and /etc/duply/post-scripts directories contain scripts that will be executed before and after backup. Each ansible role that needs this should drop executable files in these directories. These files are executed in no particular order.

Since duply does not directly support having many scripts, but only a single pre and a single post script (in /etc/duply/main/pre and /etc/duply/main/post), this is implemented by creating a pre and a post script that merely run scripts in these directories. Don’t touch /etc/duply/main/pre and /etc/duply/main/post themselves.

When backup occurs

The backup script is just thrown in /etc/cron.daily/duply, so backup occurs when the OS is configured to run daily cron scripts; by default 06:25. There is currently no option available to change this.

Parameters

duply_deactivate

Default false. Set to true in order for duply to not run automatically. If the role is included, duply is installed. The only difference is that, if this parameter is true, no cron job is installed (or it is removed if it was previously installed).

duply_target

No default.

duply_verbosity

Default “notice”. See also the duply_max_fulls_with_incrs parameter below.

duply_max_fullbkp_age

How often to do full backups; default 3M.

duply_max_age

Oldest backup to keep. Default 2Y.

duply_max_fulls_with_incrs

Delete incremental sets of all backup sets that are older than the count:th last full backup. Note: the related duply (and therefore duplicity) command is always run with verbosity=error, regardless what has been set in duply_verbosity. This is because at the usual verbosity=warning, on some machines, not understood exactly when, the command shows an apparently harmless message “No extraneous files found, nothing deleted in cleanup.” The default for this variable is 2; it can also be set to “” so that no incremental sets are removed.

duplicity_extra_parms

Extra parameters to duplicity. If you backup with ssh and have not added the target host key to known_hosts, you might want to use --ssh-options=-oStrictHostKeyChecking=no.