My blog

I originally started out with the scripts from this forum post but made a few changes to suit my needs and also work on the dns323.  The only thing that you would need to change is the ‘SOURCE’, ‘DEST’ and the ‘PASSPHRASE’

Obviously, you’d need to set up automatic login with ssh to use the scripts below…

my crontab entry looks like:

5 3 * * * /mnt/HD_a2/bin/backup.sh >/mnt/HD_a2/ffp/log/backup.last.log 2>&1

backup.sh - I have several backup scripts called from here - but I am only showing the one for the encrypted remote backup

PATH=/ffp/bin:/ffp/sbin:$PATH
echo "==== Remote Encrypted Backup ===="
/mnt/HD_a2/bin/encBackup.sh
echo "==== Backup Done! ===="

encBackup.sh

#!/bin/bash
# Export some ENV variables so you don't have to type anything

trace () {
stamp=`date +%Y-%m-%d_%H:%M:%S`
echo "$stamp: $*" >> /ffp/log/backup.log
}

export AWS_ACCESS_KEY_ID="YOUR_ACCESS_KEY"
export AWS_SECRET_ACCESS_KEY="YOUR_SECRET_KEY"
export PASSPHRASE=SomeVeryLongAndHardToGuessPassphrase

GPG_KEY=YOUR_GPG_KEY

OLDER_THAN="6M"

# The source of your backup
#SOURCE=/
SOURCE=/mnt/HD_a2/Backups/SecureBackup

# The destination
# Note that the bucket need not exist
# but does need to be unique amongst all
# Amazon S3 users. So, choose wisely.
#DEST="s3+http://YOUR_BUCKET_NAME"
DEST=scp://user@remoteSshServer.com/SecureBackup

FULL=
if [ $(date +%d) -eq 1 ]; then
FULL=full
fi;

trace "Backup for local filesystem started"

trace "... removing old backups"

duplicity remove-older-than ${OLDER_THAN} ${DEST}

trace "... backing up filesystem"

duplicity \
${FULL} \
--tempdir /ffp/tmp \
-v4 \
${SOURCE} ${DEST}

#    --encrypt-key=${GPG_KEY} \
#    --sign-key=${GPG_KEY} \
#    --include=/boot \
#    --include=/etc \
#    --include=/home \
#    --include=/lib \
#    --exclude=/root/.jungledisk/cache \
#    --exclude=/root/.cpan \
#    --include=/root \
#    --include=/usr \
#    --exclude=/var/tmp \
#    --include=/var \
#    --exclude=/** \
#    ${SOURCE} ${DEST} >> ${LOG} 2>&1

trace "Backup for local filesystem complete"
trace "------------------------------------"

# Reset the ENV variables. Don't need them sitting around
export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export PASSPHRASE=

encRestore.sh - my restore script

#!/bin/bash
# Export some ENV variables so you don't have to type anything

export AWS_ACCESS_KEY_ID="YOUR_ACCESS_KEY"
export AWS_SECRET_ACCESS_KEY="YOUR_SECRET_KEY"
export PASSPHRASE=PasswordThatWasUsedToEncrypt

GPG_KEY=

# The destination
# Note that the bucket need not exist
# but does need to be unique amongst all
# Amazon S3 users. So, choose wisely.
#DEST="s3+http://YOUR-BUCKET-NAME"
DEST=scp://user@remoteSshServer.com/SecureBackup

if [ $# -lt 3 ]; then echo "Usage $0 <time> <file> <restore-to>"; exit; fi

duplicity \
--tempdir /ffp/tmp \
--file-to-restore $2 \
--restore-time $1 \
${DEST} $3

# Reset the ENV variables. Don't need them sitting around
export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export PASSPHRASE=