arnie is a tremendously simple system for performing incremental backups to remote untrusted hosts, with support for encrypted files on the remote host. While our scripts are simple and recent, we believe they are robust and are in active use on the author's own servers, and we provide a comprehensive suite of tests to prove it.
Our goal is to provide a very simple and robust script to perform incremental backups.
The original context for the creation of this program was that we had access to a remote but untrusted online host with plenty of storage, where we wanted to send backup archives of a source code repository. We wanted incremental backups in order to minimize bandwidth requirements, and we wanted the archive files to be encrypted on the remote host (in case it gets broken into--it's untrusted).
We tried many other open source offerings for this problem, such as dar, duplicity, hdup2, etc., but writing a few simple tests--if you do not tests your backups, you have no backups--brought problems to the surface with most of these systems, and more complex backup solutions like Amanda required more setup time and work to setup than writing my own simplistic solution.
I suspect that the widespread availability of cheap online storage space (e.g. IBackup) will make this simple scheme for backups attractive for many other people. This is why I provide this code as open source.
Basic Functioning and Features
The system consists in two self-contained Python scripts: the archiver (arnie-archive) and the restorer (arnie-restore).
Essentially, the arnie archiver creates a tar archive with all the files that have changed since the last backup. The history of what had been previously backed up is kept in a simple text file in the root of the archived directory (.arniehistory), and the full list of files available at the moment of backup is also included in the tar archive itself. Optionally, the history file can be stored in an alternate location (see options).
To archive, you typically run a command like this:
arnie-archive /path/to/important-dir remotehost:/path/to/backups
The name of the archive file generated is output on stdout. The date of the backup archive is contained in the filename, so do not rename the file (there is an option to select the prefix that the archive files are given). To perform a full backup, invoke the archive script with the --full option, or simply delete the history file before running the archiver.
Restoring backups is similarly very simple: we open the latest tar archive, get its list of necessary files to restore, and search backwards in time within all the available archive files to find them. To restore, you login to the remote host (or fetch the archives locally) and run:
arnie-restore /path/to/backups /path/to/restored-directory [< dir/file > ...]
The original archived directory will be restored to /path/to/restored-directory. After re-creating the files, the restore script normally runs a verification of the MD5 sums of all the restored files, so if something ever went wrong you will be notified at that point. If you do not want to restore the entire archive, you can specify the list of directories or files to restore (specified directories will be restored recursively).
Note that if the backup files are encrypted, you will need to decrypt them manually before running the restorer, for example:
gpg --decrypt-files backup.*
The restorer will ignore encrypted files in the backups directory.
Here are some key features of "arnie":
· Automatically compress archives in gzip or bzip2 format;
· Automatically encrypt archives using a GnuPG key (specify the key Id or name);
· Automatically send the archive file to a remote host using scp. This is just a convenience: alternatively you can capture the name of the archive and send it any way you like (ftp, other...);
· Tracks and restores permissions changes on directories and files;
· Works with empty directories;
· Works with symbolic links;
· An alternate location for the history file can be specified;
· Regexp patterns for excluding files in the backup can be provided;
· You can restore at any of the times the backups were made (the restore script has an option);
· The archives are simply stored as GNU tar files, so you can open them manually if so desired.