Backing up workplace computers with Duplicati

Installing Duplicati

Download the current version directly from the manufacturer's website: https://www.duplicati.com/download. There you will find installation files for the most common desktop operating systems. In general, the system in use is automatically recognised and a link for the appropriate installation file shown at the very top.

Duplicati download

Double click the downloaded .msi file to start the installation. Continue with Next.

Welcome to Duplicati 2 Setup Wizzars

Accept the license conditions and click on Next.

Lizenzbedingungen akzeptieren

The next window doesn't require any changes; click on Next.

Features auswählen

Click on Install to proceed with the installation process.

Installation starten

Finish the installation. Duplicati can be started right away.

Installation abschließen

Duplicati is now installed. The service will run in the background so that backups are performed automatically according to a schedule without Duplicati being open in a window. Duplicati can be operated in the web browser. For this, a local web server is installed. Since operating Duplicati is almost identical on all platforms, these instructions are only given once. Duplicati can also be controlled remotely from another computer if this function is activated in the settings. This may be helpful for administrators of widely distributed workplace computers.

Double click the .dmg file downloaded from the website above to start the installation. In the window that appears, simply drag the Duplicati.app into the Applications folder. Duplicati will now appear in the Applications folder and can be started by double-clicking the icon.

Duplicati-App in den Programm-Ordner ziehen.

When opening Duplicati for the first time, you will be asked whether the "Mono-Framework" should be installed. Click on Download, since the framework is crucial if you want to use Duplicati with Mac OS.

Mono-Framework installieren

You will be redirected to a website from which you can download the Mono Framework for Mac OS. Click on the relevant download link.

Mono-Framework herunterladen

Double-click the downloaded .pkg file to execute it and follow the installation instructions. No special settings are necessary. Background: Duplicati was developed on Windows using the .NET Framework. The Mono Framework provides the NET functionality for Linux and Mac OS.

Duplicati is now installed. The service will run in the background so that backups are performed automatically according to a schedule without Duplicati being open in a window. Duplicati can be operated in the web browser. For this, a local web server is installed. Since operating Duplicati is almost identical on all platforms, these instructions are only given once. Duplicati can also be controlled remotely from another computer if this function is activated in the settings. This may be helpful for administrators of widely distributed workplace computers.

A .deb file can be downloaded from the website above. Some browsers instantly open the downloaded file. If this function isn't available, start the installation by double-clicking the .deb file, which you can find in the download folder using the file manager. In the window that appears you can choose how to proceed with the file.

Installation Ubuntu

The installation will begin if you click on Install in the next window.

Ubuntu Start Install

Duplicati is now installed. The service will run in the background so that backups are performed automatically according to a schedule without Duplicati being open in a window. Duplicati can be operated in the web browser. For this, a local web server is installed. Since operating Duplicati is almost identical on all platforms, these instructions are only given once. Duplicati can also be controlled remotely from another computer if this function is activated in the settings. This may be helpful for administrators of widely distributed workplace computers.

A .rpm file can be downloaded from the website above. Some browsers instantly open the downloaded file. Otherwise, start the installation by double-clicking the .rpm file, which you can find in the download folder using the file manager. In the window that appears you can choose how to proceed with the file.

Installation Fedora

The installation will begin if you click on Install in the next window.

Fedora Start Install

Duplicati is now installed. The service will run in the background so that backups are performed automatically according to a schedule without Duplicati being open in a window. Duplicati can be operated in the web browser. For this, a local web server is installed. Since operating Duplicati is almost identical on all platforms, these instructions are only given once. Duplicati can also be controlled remotely from another computer if this function is activated in the settings. This may be helpful for administrators of widely distributed workplace computers.

Fedora Launch

Starting Duplicati following installation (all operating systems)

Always start Duplicati via the start menu, i.e. the Applications folder of your operating system.

Duplicati communicates with the central backup storage via the standard browser in a new tab, which means that it can be operated almost independently of the operating system in use. If necessary, bring the web browser into the foreground. When first starting Duplicati after the installation, a window will appear where you can opt if you want to use Duplicati only with one account. If so, please select No, my machine has only a single account. If you have multiple accounts, please select Yes.

If you select Yes, you will be asked to set a password for Duplicati's web interface. Without a password, another user of the same computer could access the data backup of other users via the Duplicati web interface. Please also note that other users may log on to your computer if it is integrated into the Windows domain.

 

 

Erster Start

Having selected one of the options above, you will be redirected to the Duplicati home page. At the top you can see the activity monitor and on the left the possible functions.

Home Screen Windows

Adding a backup

Using the Add backup function in the left toolbar, you can create new backup jobs. These configurations differ in terms of the files to be secured, the time and frequency of the automatic backups, the possible encryption of the data as well as the backup destination. For every new job, a separate configuration file is created on the local computer. This can be exported for backup purposes or transferred to another computer for security purposes. To ensure faster access to the files in the backup destination, a local database (SQLite) is created on the computer for each job.

After clicking the Add backup option, a dialog window for creating a new backup job will open and Duplicati will begin to communicate with the central backup storage.

The Configure a new backup option is preselected. With the Import from a file option, it is possible to access the exported configuration file mentioned above. After clicking on Next, you can change the necessary settings in the following five steps. Every step appears on a new page. You can return to the previous step at any time.

Add Backup

Step 1: General backup settings

Name: Serves only to distinguish between several backup jobs.

Description: The description is optional. 

Encryption: This is strongly recommended. The data is stored on the server memory and encrypted so cannot be viewed even by an administrator.

Passphrase: In the next two fields you can select the passphrase with which to encrypt your data. Warning: This passphrase is only stored on the local computer as well as in a configuration file you may export. The passphrase is not stored on the server. It is impossible to access the encrypted data without the passphrase. This passphrase is not a password; it is longer and more complex and is used to encrypt the data.

Therefore, it isn't possible to change the passphrase for an existing job after it has been completed.

Backup Settings

Step 2: Backup destination

Here you can specify where the data is to stored. For a scheduled automatic backup, make sure the backup medium is available at the time. Since the URZ object storage is always available, it presents a suitable storage medium. Furthermore, unlike an external (USB) hardrive, it isn't integrated into the file system of the computer to be backed up and thus protected from Trojans.

In the following, you can find the necessary settings for using the URZ backup storage:

  • Storage type: Select SFTP (SSH).
  • Server: client-backups.urz.uni-heidelberg.de
  • Port: 2222
  • Path on server: Please create a new folder for each backup. Subfolders are also possible. When securing several computers, it is recommended that you leave the existing folder path consisting of 'computer host name/backup name' as is. In our example, pogo15 is the host name of the computer and the backup is called taegliche sicherung. To separate folders and subfolders, simply use a slash. Use only lowercase letters for the folder name. The folders are created automatically. After deleting a backup job for good the folder can also be deleted, as long as it is otherwise empty.
  • Username: Your Uni-ID.
  • Password: The associated password.

Please consider the following:

  • Port 2222 can only be accessed from the network of Heidelberg University. On a computer outside the network, you need to establish a VPN connection.
  • Only employees can use the backup storage system of the URZ, but only with their Uni-ID (not Project ID) which needs to be activated once beforehand.

Before you click on Next, please select Test connection.

Backup Destination

Test connection

If you click on Test connection, you can see if you have adjusted the settings correctly. First, the server transmits the fingerprint of its certificate. Please verify this fingerprint. Only click Yes if the following key is displayed:

ssh-rsa 4096 0E:49:4D:85:6D:77:26:08:27:3C:FD:E8:5D:C5:C3:E0

If the fingerprint displayed differs from the one you can see above, please terminate the process.

If the fingerprint is confirmed with Yes, it is saved in the configuration file of the backup job and automatically checked at the beginning of each future backup.

Test connection

Step 3: Source files

Here you can select which folders or directories are to be backed up. You can select files and folders by checking the box next to each. Subfolders and files are included by default. Only backup those files which cannot be restored by reinstalling or repairing Windows or other software. For example, select the Windows directory c:Users (or the corresponding macOS or Linux directory) with your own files. Should Windows fail, it makes no sense to restore individual files from the previously backed up directory. This also prevents the backup from becoming needlessly large. This would place an unnecessary load on the local computer, and the storage space in the object memory is finite.

Source Files

If possible, exclude files that do not require a backup: this includes, for example, the local copy of the heiBOX folder (usually called Seafile) since the data is secured by the server. The same applies to all other cloud services with a synchronising function, such as Dropbox, Google Drive etc. Also, .pst and .ost files should always be excluded. These belong to Outlook, are very large and change constantly but do not require a backup if you have an Exchange mailbox or access your emails via imap, since all emails are available on the server.

It isn't possible to make a general statement regarding subfolders or App Data, since what is stored in these depends largely on usage.

It is possible to exclude files or folders from the backup either by deselecting them in the window above or by opening the "Filters" menu further down. Here is is possible to exclude files (you can use * as a wildcard, e.g. "*.pst") or specific folders. 

It is practical to create different backup jobs for different source data. This way they can be secured on different schedules based on importance and change frequency.

Files can be selected by checking the boxes next to them.

After completing the selection, click on Next for step 4.

Exceptions

Step 4: Schedule

If you don't want to start backups manually, you can set up automatic backups with a schedule. If the computer is turned off at the specified time, the backup is performed as soon as the computer is operational again.

Tip: In the settings it is possible to set a time period for the computer to wait before proceeding with the automatic backup. This way, the computer doesn't have the additional workload of running Duplicati immediately after starting up. The performance of older computers in particular is affected by Duplicati: the encryption requires a lot of computing power and the repeated file access places a heavy load on the hard drive. Therefore, it is recommended to select a backup time outside the usual working hours, but please note that the computer must be turned on.

If the computer is located outside the university network, a VPN connection is necessary. Especially when backing up according to a schedule, it is important that the VPN connection is active at the time.

This step is finished when you click on Next.

Schedule

Step 5: General Options

 

  • Upload volume size: The preconfigured setting of 50 MB is ideal for the object storage and should not be changed. It means that the backup on the object storage consists of individual files of 50 MB each.
  • Backup retention: Here, the setting Smart backup retention is recommended. With increasing age, the backups are deleted in an intelligent manner. All existing backups can still be accessed if necessary.
Options

Finish creating the new backup job by clicking Save at the bottom of the window. It will now appear on the home screen.

The backup will now proceed automatically according to the schedule (if set up) and can be started manually anytime by clicking Run now. You can change the settings at any time by clicking on the job name. Here you can also find other options, such as deleting the job.

Sicherung angelegt

Restoring data

Files or folders can be restored by clicking Restore on the home screen. This is most easily done by selecting a backup job. Its database and configuration file are then used. However, it is also possible to restore files manually if no database or configuration file is available. This may be the case if the computer has been reset after a hardware failure or you want to restore the data to another computer. This is also a possibility for transferring data to another computer, although in this case all necessary information has to be entered manually.

After clicking Restore, you can see the overview which is displayed here, with the following options:

Direct restore from backup files: If neither configuration file nor database are available, for example if a computer has been newly reset or the data is to be restored to another computer. Of course, you have to supply all needed information regarding backup location and passphrase yourself. The restoration process also takes significantly longer than when the local database is used.

Restore from configuration: Here you can fall back on a previously exported configuration file and therefore don't need to enter as much information as in the previous option. 
All the previously created backup jobs will be shown. Restoration from a backup job is the easiest and most common method. Here we select our example "Tägliche Sicherung" and click on Next.

 

Restore

Step 1: Select files

In the field Restore from, you can choose which backup generation to restore from if you selected Smart backup retention in the settings. The latest backup is preselected.

In the Search for files text box, you can select which files you want to restore. If a file or folder is missing, which you may have (accidentally) deleted at some point, you first have to select a backup generation in Restore from at the time of which the file/folder still existed. Here, only those files/folders are offered which were backed up with this backup job. Next, click Continue.

Choose files to restore

Step 2: Restore Options

Where do you want to restore the files to?: Here you can either select the same location as the backup or another. If you select Original location and it contains files of the same name, you can select how these are to be processed under How do you want to handle existing files?

If you don't Restore read/write permissions under the heading Permissions, the restored files will gain the permissions of the parent directory. This is especially important when restoring files that were backed up on another computer. With Linux systems on the other hand, it can be useful to enable the permissions, because this is the only way execution permissions will be restored.

Clicking on Restore will start the process.

Restoring options

The quality of a backup tool only becomes apparent after a successful restoration, so test it first!