I own a Synology DS713+ NAS for my local TimeMachine backups and to store media files like videos, music and photos.
It is a great NAS with an intuitive and clear webinterface. But the NAS is at home. The same place where my Macs are, which backup to the Synology. If I want to have a good backup strategy in case of fire, water or Godzilla, I have to put the data to another place, outsite of my home.
I have a server in a datacenter for some projects, which will be a good target for my remote backup. Synology have some tools in the DSM for remote Backups but just for AmazonS3, Glacier or rsync compatible servers. Sure I could use rsync, but I don’t want to have my private data unencyrypted on remote host.
For the remote server i use duply and duplicity to backup important data to a remote host and i love it. Wouldn’t it be nice to use that tool combination also for Synology backups? Here is the tutorial:
1. Install IPKG
To get the tools running, you need a ssh connection to your NAS and have to install the packetmanager IPKG (Itsy Package Management System).
You will find thousends of tutorials on the web. I don’t want go into detail because it differs on the Synology NAS you own.
You find an english tutorial on synology.com
A german tutorial is online available at synology-wiki.de
2. Install duplicity
First check if ipkg is running:
ipkg -version
You should get an output like
ipkg version 0.99.163
Now you have to install some python packages and its dependencies:
ipkg install py26-duplicity py26-paramiko
py26-duplicity is the duplicity main package, py26-paramiko is the component to connect via ssh/scp/sftp
You also need the python crypto package (py26-crypto), but there is no prebuild version for python 2.6 on ipkg . I found a solution to build the package on the QNAP-wiki. I replaced wget with wget-ssl to load files via ssl.
ipkg install grep gcc libgmp ipkg remove wget ipkg install wget-ssl cd /tmp wget --no-check-certificate https://ftp.dlitz.net/pub/dlitz/crypto/pycrypto/pycrypto-2.6.1.tar.gz tar -xvzf pycrypto-2.6.1.tar.gz cd pycrypto-2.6.1 ac_cv_func_malloc_0_nonnull=yes python2.6 setup.py install
3. Install duply
duply is a frontend for the very complex duplicity. It give you access to the easiest functions for full and incremental backups and of course to restore options.
cd /tmp wget http://downloads.sourceforge.net/project/ftplicity/duply%20%28simple%20duplicity%29/1.9.x/duply_1.9.1.tgz tar -xvzf duply_1.9.1.tgz mv duply_1.9.1/duply /opt/bin/duply mkdir /etc/duply #for global configs mkdir -p /volume1/duply/tmp #we need this later mkdir -p /volume1/duply/cache #we need this later rm -rf /tmp/duply_1.9.1* #cleanup
duply also needs a bash:
ipkg install bash
4. Encryption
One reason to use duplicity is the encryption. So now we generate a pair of public/private key with GnuPG:
gpg2 --gen-key
This needs some time/entropy on the synology. You can start a download of a big file on the downloadstation if you want to speed up things.
It is important to copy the keys to a safe place after generation and note your passphrase down. Without the keys/passphrase you cannot restore the backup if the synology fails. You will find the keys in /root/.gnupg.
Now you need to take note of key-id (8 chars) you generated (in this case 2B6ZU7H8):
gpg2 --list-keys /root/.gnupg/pubring.gpg ------------------------ pub 2048R/2B6ZU7H8 2014-11-07 uid Felix Dittgen <felix@felixdittgen.de> sub 2048R/DKSJEEEIF 2014-11-07
5. Configure duply
Now you have to create a new duply setup:
duply syno create
syno is the name of the backup set. You can choose whatever you want.
Now go to /etc/duply/syno/conf and choose your matching configuration. Here is as set of the important parts:
GPG_KEY='2B6ZU7H8' #The gpg key-id (8 chars) you generated and noted down. GPG_PW='efnjewrfg478fbnjklkgrönk42nk32' #The passphrase TARGET='ssh://syno@example.com/backup' #The target server SOURCE='/volume1' #Main path for the files to safe TEMP_DIR=/volume1/duply/tmp #Where to put temp files (a lot of space needed) ARCH_DIR=/volume1/duply/cache #Some cache/meta files
Thats all. You just have to enable ssh login via certificates, cause you don’t want to write you pass somewhere in clear.
So first check if there is a folder /home/syno/.ssh on the remote server. If not, create it.
ssh-keygen -t rsa cat ~/.ssh/*.pub | ssh syno@example.com 'umask 077; cat >>.ssh/authorized_keys'
Now you can connect to the remote system without any password.
If you want to create a list of directorys to exclude from backups use the file /etc/duply/syno/exclude
/volume1/Downloads/* /volume1/Media/* /volume1/photo/* /volume1/duply/* /volume1/Plex/* /volume1/server/* /volume1/timemachine/*
6. Some basic commands
#Start Backup duply syno backup #Force Full backup duply syno full #prints backup sets and chains currently in repository duply syno status #Restore duply syno restore <target_path> [<age>] #More Info on Usage duply syno usage
7. Create Crontab
If you want to run your backup periodically, use crontab. Here is an example for a full backup on every first of the month and an incremental backup the other days:
[...] # incremental backup daily - day 2-31 13 8 2-31 * * root /opt/bin/duply syno purge --force && /opt/bin/duply syno backup --allow-source-mismatch >> /var/log/backup/duply_inc.log # full backup every 1th of the month 13 8 1 * * root /opt/bin/duply syno purge-full --force && /opt/bin/duply syno full --allow-source-mismatch >> /var/log/backup/duply_full.log
Restart cron with
restart crond
8. Conclusion
I hope you like the new backup tool for your synology. Always generate a worst-case scenario and test the restore process of the backup tools you use. You will be thankful if you really need them.
You are a life saver. Thank you so much
to backup to Synology I had to use
–ssh-backend pexpect
otherwise you get an exception
Incompatible ssh peer (no acceptable kex algorithm)
More precisely in Duply conf file:
DUPL_PARAMS=“$DUPL_PARAMS –ssh-backend pexpect „
Pingback: Synology Befehle und Pfade | rememberthisthings
how come I run the incremental statement right after I finished the full backup, and the incremental want to make another full backup of delta? It starts making delta for all my old files even I did not changed anything.
What does „duply mybackup status“ say?
It said 1 full backup. If I use duply mybackup backup, it will do an incremental for EVERY file.
if I use duply mybackup incr, it will skip most of the files but still doing some of the untouched file. I have given up already and now looking at attic.
Attic looks great. Maybe there will be a howto for Synology with Attic here soon.
Great tutorial, thanks!
I can get it all running when started from shell but when starting duply from cron I get following the error:
„duplicity missing. installed und available in path?
PATH=’/sbin:/bin:/usr/sbin:/usr/bin:/usr/syno/sbin:/usr/syno/bin:/usr/local/sbin:/usr/local/bin'“
Duplicity is installed under /opt/bin on my system (DSM 5.1) so I added this to PATH=… in crontab but it does not seem to help.
Any ideas?
I had the same issue and solved this via this forum thread: http://www.synology-forum.de/showthread.html?68843-Shell-Script-schreibt-kein-Log-wenn-%C3%BCber-Cronjob-gestartet
Hi! Nice tutorial.
Point 2. 9. ac_cv_func_malloc_0_nonnull=yes python2.6 setup.py install
gives me:
running install
running build
running build_py
running build_ext
running build_configure
checking for gcc… gcc
checking whether the C compiler works… no
configure: error: in `/tmp/pycrypto-2.6.1′:
configure: error: C compiler cannot create executables
See `config.log‘ for more details
Traceback (most recent call last):
File „setup.py“, line 456, in
core.setup(**kw)
File „/opt/lib/python2.6/distutils/core.py“, line 152, in setup
dist.run_commands()
File „/opt/lib/python2.6/distutils/dist.py“, line 975, in run_commands
self.run_command(cmd)
File „/opt/lib/python2.6/distutils/dist.py“, line 995, in run_command
cmd_obj.run()
File „/opt/lib/python2.6/distutils/command/install.py“, line 577, in run
self.run_command(‚build‘)
File „/opt/lib/python2.6/distutils/cmd.py“, line 333, in run_command
self.distribution.run_command(command)
File „/opt/lib/python2.6/distutils/dist.py“, line 995, in run_command
cmd_obj.run()
File „/opt/lib/python2.6/distutils/command/build.py“, line 134, in run
self.run_command(cmd_name)
File „/opt/lib/python2.6/distutils/cmd.py“, line 333, in run_command
self.distribution.run_command(command)
File „/opt/lib/python2.6/distutils/dist.py“, line 995, in run_command
cmd_obj.run()
File „setup.py“, line 251, in run
self.run_command(cmd_name)
File „/opt/lib/python2.6/distutils/cmd.py“, line 333, in run_command
self.distribution.run_command(command)
File „/opt/lib/python2.6/distutils/dist.py“, line 995, in run_command
cmd_obj.run()
File „setup.py“, line 278, in run
raise RuntimeError(„autoconf error“)
RuntimeError: autoconf error
I’m stuck right now.
I have the same error here. It seems that some changes from synology led to a situation in which the tutorial is not longer working 🙁
Pingback: Der Traum vom Offsite-Backup – Techbox