I would like to add this in the list of Source data: \192.168.1.xxx\folder1 and have Duplicati back up that NAS shared folder. Credentials are needed to access that shared folder. I don’t want to place the creds in the Windows Credentials Manager and I don’t want to create a network drive. Where in the config of Duplicati do I add these creds?
I don’t believe there is a way to enter credentials for source data. That being said, I know some people have had success backing up UNC paths. I believe they ensured that the user account (credentials) the Duplicati service runs as are also valid credentials on the remote machine. That way authentication should be automatic.
Alternatively, are you open to running Duplicati on the NAS directly? It may be an option depending on your NAS model and how much RAM/CPU resources it has.
Duplicati doesn’t have its own SMB client – on the source side the OS sets things up, then it’s just files. Going with what @drwtsn32 suggests will have those files be accessible faster, e.g. for change scans.
If you can’t do that, then perhaps some additional security could be had by having Duplicati use a user account that’s not used for anything else – I believe drive mappings, e.g. by net use are kept per-user.
UNC source with credentials? talks about this. Windows seems to not directly do UNC-with-credentials. Possibly someday a Duplicati enhancement would let it do source drive login. I don’t think it can now…
I’m trying to not have the shared NAS folder be accessible thru Windows. This should prevent one of ransomware’s methods from ‘getting’ to the shared folder. The NAS is a Synology DS718+ with plenty of resources. My initial attempt at backing up this data was to put Duplicati on the NAS, but I was not successful. Perhaps there is a step-by-step writeup somewhere. I’ll have to try that again.
The step some miss is that you need to install the Mono package. Without it, Duplicati will not start. There is one in the Beta section of the official Synology package repository, but it is very old and not compatible with the latest Duplicati canary (and future beta) releases. You’re better off getting the one from SynoCommunity repository: SynoCommunity
Alternatively, you could go the Docker route. Instead of installing Mono and the Duplicati Synology packages, you install the docker engine (from the Synology package center). You then download the Duplicati docker image and spin a new container instance of Duplicati. If you are new to Docker there is a bit of a learning curve - you need to understand containers, how to map volumes, etc. If you are a technical person and willing to learn, I think it’s the way to go. There are literally thousands of container images available for the docker engine so you may find other uses for it beyond containerizing Duplicati.
If backup from Synology can be made to work, it might be the cleanest and least vulnerable solution.
Other ideas include making the share read-only at Synology for the net use login used in Windows. Alternatively if Linux can access the folder, perhaps you can put Duplicati on Linux (still need mono).
On Windows one can use this way: How To Use MS Windows Network Share Folders With Duplicati 2 Running As A Service
Normal user wouldn’t see the network drive and you don’t have to use a UNC path.