I’m currently using Duplicati to backup some files I also keep on the cloud to an external hard-drive (self-hosted server so I’m not trusting myself completely. :)). I keep this backup encrypted and I just want to ask where the configuration file is stored? Because I just want to make sure I don’t accidentally keep the database file with my encryption password in my cloud storage.
The external hard-drive backup is encrypted but cloud backup is not, or you don’t trust its encryption?
Regardless, encryption password and other config info are in Duplicati-server.sqlite, probably found in C:\Windows\<user>\AppData\Local\Duplicati for the standard GUI install. Windows service is different. Linux would be in ~/.config/Duplicati.
Sorry! It is encrypted, but I don’t trust myself with that it won’t break. So I want to make sure I have a local external hard-drive backup as well just in-case I for some reason during an update or such break my server.
Thanks for the answer!
I’m still not clear on the needs but I’m glad you’re happy and have redundant backups. Duplicati can also break occasionally. Originally it sounded like the concern was revealing configuration database data even though it’s encrypted, but now it sounds like the concern is losing it through server breakage. Duplicati is only going to use its local copy, so destruction of a backup just means you lose backup copy. The backup files are also very far removed from the original source file format, as source blocks are heavily repacked.
Exporting a backup job configuration is the usual method of saving the configuration, although it’s per-job. Backing up Duplicati-server.sqlite can save all configurations, but it’s up to you to encrypt the file properly. Either way, if you have a remote backup, make sure you have enough info to get it if local disaster occurs.
First of all sorry for the late answer. Been a pretty hectic last few weeks.
So, I have an self-hosted Nextcloud instance at home, and one that I store all my files I want to have in my “personal” cloud. However, this is the first time I ever self-host something so I’m worried about it breaking or me messing something up. For that reason I use Duplicati to once a week to take all the files on my NextCloud instance and make a backup on two external hard-drives, encrypted.
My worry was that the “duplicati” database (that has my encryption password and such), is somehow stored on my NextCloud server. So if someone manages to hack my local server, they would also be able to grab all the duplicati passwords and such. However, as it sounds like, that file is stored on my PC and not on the server by default. That is just what I wanted to make sure. So that if someone manages to access the server, they also get passwords I don’t want them to get.
(I know if someone manages to hack my NextCloud server they would still have access to my data, but I was more thinking in the case of them stealing a hard-drive and then somehow getting hold of my Duplicati database with the password for my encryption. Super far-fetched, but I just wanted to understand that part. )
If Duplicati is installed on your PC doing backup of remote files of NextCloud server, DB will be on PC, however NextCloud server might be powerful enough to run Duplicati locally. This might be faster, but exposes your DB to access if, for example, the server is more likely to be broken into or simply stolen.
Storing secrets such as encryption passwords alongside the encrypted files themselves is clearly bad, especially if destination storage is untrusted, so Duplicati does one step better and stores them locally which is still not ideal, just better. On Windows the DB is also weakly encrypted to stop simple attacks.
So it sounded like you had your answer, but there’s a little bit more (and forum has yet more) if it helps.