| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
 | 
# passed directly to duplicity
#options = --verbosity 8
# default is 0, but set to 19 if you want to lower the priority.
nicelevel = 19
# default is yes. set to no to skip the test if the remote host is alive
#testconnect = no
######################################################
## gpg section
## (how to encrypt and optionally sign the backups)
##
## WARNING: old (pre-0.9.4) example.dup used to give wrong information about
##          the way the following options are used. Please read the following
##          carefully.
##
## If the encryptkey variable is set:
##   - data is encrypted with the GnuPG public key specified by the encryptkey
##     variable
##   - if signing is enabled, data is signed with the GnuPG private
##     key specified by the signkey variable
##   - the password variable is used to unlock the GnuPG key(s) used
##     for encryption and (optionnal) signing
##
## If the encryptkey option is not set:
##   - data signing is not possible
##   - the password variable is used to encrypt the data with symmetric
##     encryption: no GnuPG key pair is needed
[gpg]
# when set to yes, encryptkey variable must be set below; if you want to use
# two different keys for encryption and signing, you must also set the signkey
# variable below.
# default is no, for backwards compatibility with backupninja <= 0.5.
sign = yes
# ID of the GnuPG public key used for data encryption.
# if not set, symmetric encryption is used, and data signing is not possible.
encryptkey = 04D9EA79
# ID of the GnuPG private key used for data signing.
# if not set, encryptkey will be used.
#signkey = 04D9EA79
# password
# NB: neither quote this, nor should it contain any quotes
password = a_very_complicated_passphrase
######################################################
## source section
## (where the files to be backed up are coming from)
[source]
# files to include in the backup
# (supports globbing with '*')
include = /var/spool/cron/crontabs
include = /var/backups
include = /etc
include = /root
include = /home
include = /usr/local/bin
include = /usr/local/sbin
include = /var/lib/dpkg/status
include = /var/lib/dpkg/status-old
# If vservers = yes in /etc/backupninja.conf then the following variables can
# be used:
# vsnames = all | <vserver1> <vserver2> ... (default = all)
# vsinclude = <path>
# vsinclude = <path>
# ...
# Any path specified in vsinclude is added to the include list for each vserver
# listed in vsnames (or all if vsnames = all, which is the default).
#
# For example, vsinclude = /home will backup the /home directory in every
# vserver listed in vsnames. If you have 'vsnames = foo bar baz', this
# vsinclude will add to the include list /vservers/foo/home, /vservers/bar/home
# and /vservers/baz/home.
# Vservers paths are derived from $VROOTDIR.
# vsinclude supports globbing with '*'.
# files to exclude from the backup
# (supports globbing with '*')
exclude = /home/*/.gnupg
######################################################
## destination section
## (where the files are copied to)
[dest]
# perform an incremental backup? (default = yes)
# if incremental = no, perform a full backup in order to start a new backup set
#incremental = yes
# how many days of data to keep ; default is 60 days.
# (you can also use the time format of duplicity)
# 'keep = yes' means : do not delete old data, the remote host will take care of this
#keep = 60
#keep = yes
# bandwith limit, in kbit/s ; default is 0, i.e. no limit
# NB: does not work anymore with duplicity >=0.4.2, work in progress to fix this
#bandwidthlimit = 128
# passed directly to ssh and scp
sshoptions = -i /root/.ssh/id_dsa_duplicity
# put the backups under this directory
destdir = /backups
# the machine which will receive the backups
desthost = backuphost
# make the files owned by this user
# note: you must be able to ssh backupuser@backhost
# without specifying a password (if type = remote).
destuser = backupuser
 |