Backing up into the cloud for paranoides

Posted May 4th, 2009 by konrad

Pumping data into the cloud is getting more and more popular. Although I like the scalability, flexibility and also the more efficient use of computation power I think it brings a lot of disadvantages (privacy, vendor lock, etc.) with it. Luckily open source projects like GroundOS (which will be released soon) start to offer open alternatives.

To backup your important data you do not have to wait for these solutions but can use simple tools to protect you data on “untrusted” infrastructure. For encrypted, incremental backups duplicity offers a great solution. It supports many transfer protocol/backends: ftp, ssh/scp, rsync, WebDAV, WebDAVs, HSi and Amazon S3.

For the following example I used a WebDAVs based scenario but I also tested it with a ftp-server which worked fine, too. I guess once the mysterious gdrive appears it will offer at least WebDAVs. But even today there are many providers that can be used the way it is described below.

So, here we go!

The local folder which I want to backup contains two files:

$ ls my_local_folder
private_stuff secret_stuff

Here we assume we I have an account at gmx.net. The user name is 9999999. The folder on the server will be called my_backup_folder. If you do not specify that folder the contend will be put into the root folder. Now we use duplicity for a first, full backup. It logs in after asking you for your password (unless you give it when you call duplicity) and then wants a GnuPG passphrase that has to be entered twice.

$ duplicity my_local_folder/ webdavs://9999999@mediacenter.gmx.net/my_backup_folder
Password for ‘mediacenter.gmx.net’:
GnuPG passphrase:
No signatures found, switching to full backup.
Retype passphrase to confirm:
————–[ Backup Statistics ]————–
StartTime 1241471108.99 (Mon May 4 23:05:08 2009)
EndTime 1241471109.41 (Mon May 4 23:05:09 2009)
ElapsedTime 0.42 (0.42 seconds)
SourceFiles 0
SourceFileSize 55238 (53.9 KB)
NewFiles 0
NewFileSize 0 (0 bytes)
DeletedFiles 0
ChangedFiles 0
ChangedFileSize 0 (0 bytes)
ChangedDeltaSize 0 (0 bytes)
DeltaEntries 0
RawDeltaSize 54726 (53.4 KB)
TotalDestinationSizeChange 53686 (52.4 KB)
Errors 0
————————————————-

Now we ask duplicity to show us the files in the remote backup folder

$ duplicity list-current-files webdavs://9999999@mediacenter.gmx.net/my_backup_folder
Password for ‘mediacenter.gmx.net’:
GnuPG passphrase:
Mon May 4 23:04:16 2009 .
Thu Apr 30 18:19:51 2009 private_stuff
Thu Apr 30 18:20:31 2009 secret_stuff

The two files are there. To have closer look on this I connect to the WebDAVs folder using cadaver. We see now the way duplicity stores the data.

$ cadaver https://mediacenter.gmx.net:/my_backup_folder
Authentication required for GMX MediaCenter on server `mediacenter.gmx.net’:
Username: 9999999
Password:
dav:/my_backup_folder/> ls
Listing collection `/my_backup_folder/’: succeeded.
duplicity-full-signatures.2009-05-04T23:04:56+02:00.sigtar.gpg 1655 May 4 23:04
duplicity-full.2009-05-04T23:04:56+02:00.manifest.gpg 202 May 4 23:04
duplicity-full.2009-05-04T23:04:56+02:00.vol1.difftar.gpg 53484 May 4 23:04
dav:/my_backup_folder/>

Now let’s modify the local folder a little bit by adding another file…

$ echo “limbo” > my_local_folder/super_secret_stuff

.. and update the remote encrypted repository:

$ duplicity my_local_folder/ webdavs://9999999@mediacenter.gmx.net/my_backup_folder
Password for ‘mediacenter.gmx.net’:
GnuPG passphrase:
————–[ Backup Statistics ]————–
StartTime 1241471212.05 (Mon May 4 23:06:52 2009)
EndTime 1241471212.08 (Mon May 4 23:06:52 2009)
ElapsedTime 0.03 (0.03 seconds)
SourceFiles 2
SourceFileSize 55244 (53.9 KB)
NewFiles 0
NewFileSize 0 (0 bytes)
DeletedFiles 0
ChangedFiles 0
ChangedFileSize 0 (0 bytes)
ChangedDeltaSize 0 (0 bytes)
DeltaEntries 0
RawDeltaSize 6 (6 bytes)
TotalDestinationSizeChange 435 (435 bytes)
Errors 0
————————————————-

Now also the server contains all the files:

$ duplicity list-current-files webdavs://9999999@mediacenter.gmx.net/my_backup_folder
Password for ‘mediacenter.gmx.net’:
GnuPG passphrase:
Mon May 4 23:06:30 2009 .
Thu Apr 30 18:19:51 2009 private_stuff
Thu Apr 30 18:20:31 2009 secret_stuff
Mon May 4 23:06:30 2009 super_secret_stuff

In the case I need the remote backup stored to my machine (“rm -rf”-amok, crash etc.) I ask duplicity politely to go back in time and send me my lost treasures.

duplicity webdavs://9999999@mediacenter.gmx.net/my_backup_folder my_local_folder_recovered
Password for ‘mediacenter.gmx.net’:
GnuPG passphrase:

As common – “no news are good news”. duplicity downloaded everything and ends without a message.

$ ls my_local_folder_recovered/
private_stuff secret_stuff super_secret_stuff

duplicity is very powerful and you can also up/download selected files or folder e.g. depending on the modification date. For further information read man duplicity.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>