Files
@ c3e1657b4c64
Branch filter:
Location: majic-ansible-roles/roles/backup_client/templates/duply_main_conf.j2 - annotation
c3e1657b4c64
2.3 KiB
text/plain
MAR-218: Bumped supported Ansible version in documentation.
a45dcc06530a a45dcc06530a c6f217756635 a45dcc06530a c6f217756635 6b87dd13b24c a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a 36ce706cb123 a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a 36ce706cb123 a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a a45dcc06530a d61d01c00362 a45dcc06530a a45dcc06530a a718023f9e76 a718023f9e76 a718023f9e76 a718023f9e76 a718023f9e76 a718023f9e76 36ce706cb123 a45dcc06530a a45dcc06530a da9815c2a23c | # GnuPG keys that should be used for encryption. Normally the encryption key is
# not available locally.
GPG_KEYS_ENC='{{ backup_encryption_key_id.stdout }}{% if backup_additional_encryption_keys %},{{ backup_additional_encryption_keys_ids.stdout }}{% endif %}'
# GnuPG key used for signing.
GPG_KEY_SIGN='{{ backup_encryption_key_id.stdout }}'
# Trust all keys available in the GnuPG keyring.
GPG_OPTS="--homedir /etc/duply/main/gnupg/ --trust-model always"
# Destination where the backups are stored at.
TARGET='paramiko+sftp://{{ backup_client_username }}@{{ backup_server }}:{{ backup_server_port }}/{{ backup_server_destination }}'
# Base directory to backup (root). File selection is done via include/exclude
# patterns.
SOURCE='/'
# Maximum age for preserving old backups. Used when running the "purge"
# command.
MAX_AGE=6M
# Maximum age of the last full backup performed before a new full backup is
# taken.
MAX_FULLBKP_AGE=1M
DUPL_PARAMS="$DUPL_PARAMS --full-if-older-than $MAX_FULLBKP_AGE "
# Duplicity volume size in megabytes.
VOLSIZE=1024
DUPL_PARAMS="$DUPL_PARAMS --volsize $VOLSIZE "
# Output verbosity (error 0, warning 1-2, notice 3-4, info 5-8, debug 9)
VERBOSITY=notice
# Path to a directory used for restoring files from backups. The file is stored
# there temporarily.
TEMP_DIR="/tmp"
# Directory for storing (caching) unencrypted metadata. This metadata is used
# for producting incremental backups.
ARCH_DIR="/var/cache/duply/main/"
# Use the GnuPG agent for passwords prompts. Since we deploy the signing key
# without any encryption, this effectively means no prompts.
DUPL_PARAMS="$DUPL_PARAMS --use-agent"
# Rely only on global known_hosts file (which should only contain
# resolvable names), bypassing addition of IP addresses to root's
# known_hosts file. Log level is configured to reduce verbosity
# (mentions of IP address additions to user's known_hosts file). Use
# dedicated private key for performing logins towards the backup
# server.
DUPL_PARAMS="$DUPL_PARAMS --ssh-options='-oUserKnownHostsFile=/dev/null -oGlobalKnownHostsFile=/etc/duply/main/ssh/known_hosts -oIdentityFile=/etc/duply/main/ssh/identity'"
# By default we exclude everything, and then include only specific patterns.
DUPL_PARAMS="$DUPL_PARAMS --include-filelist /etc/duply/main/include"
|