🎬

Video tutorial coming soon.

← Academy/Duplicati

💾 Setup Duplicati — Encrypted Cloud Backup

Deploy Duplicati on Ubuntu with Docker — a free, open-source backup solution that stores encrypted, incremental, compressed backups to cloud storage (S3, B2, Google Drive, OneDrive) or local targets.

⚠️ This script is provided for demo and testing purposes only. Not intended for production use.

📦 Resources & Setup Scripts

Grab the automated bash script from GitHub to follow along with the video.

Automated install script — Duplicati running in one command.
View on GitHub

Quick Install:

wget https://raw.githubusercontent.com/mhmdali94/Docker/main/backup/duplicati/duplicati-ubuntu.sh
chmod +x duplicati-ubuntu.sh
sudo bash duplicati-ubuntu.sh

Tutorial Steps

1 Download & Run the Script

wget https://raw.githubusercontent.com/mhmdali94/Docker/main/backup/duplicati/duplicati-ubuntu.sh
chmod +x duplicati-ubuntu.sh
sudo bash duplicati-ubuntu.sh

2 Access the Web UI

Open your browser and navigate to the Duplicati interface:

http://<your-server-ip>:8200

3 Configure a Backup Job

Click "Add backup" → give it a name → set an encryption passphrase to protect your data. Choose a source folder on your server (e.g. /home, /var/www, /etc) that you want to back up.

4 Set Your Backup Destination

Choose where backups are stored. Duplicati supports Amazon S3, Backblaze B2, Google Drive, OneDrive, SFTP, FTP, and local paths. Enter your credentials and click "Test connection" to verify.

5 Set a Schedule & Run

Configure how often backups run (daily, weekly, etc.) and set retention rules. Click "Save" then "Run now" to take your first backup immediately.

Ports Used

PortPurpose
8200Duplicati Web UI

Overview

Duplicati is a free, open-source backup client that stores encrypted, compressed, and deduplicated backups on remote storage. It supports over 20 storage backends including S3, Backblaze B2, Google Drive, OneDrive, SFTP, WebDAV, and local/NAS paths. The web UI lets you configure schedules, retention policies, and monitor backup health.

Why Use It

Duplicati solves the backup problem for self-hosters who run multiple services: it encrypts everything client-side before it leaves your server, deduplicates blocks so you only store changed data, and sends backups to wherever storage is cheapest — Backblaze B2, Wasabi, S3, or a remote SFTP. No third party can read your backups. A $5/month Backblaze B2 account can hold hundreds of GB of deduplicated, AES-256 encrypted server backups. For any self-hosted setup, not having automated offsite backups is the single biggest operational risk.

When You Need It

    Who Should Use It

      Real Use Cases

        Main Features

          How to Use After Installation

            Security Best Practices

              Ports and Firewall Notes

              Duplicati's web UI runs on port 8200 by default. It does not need any inbound ports — all connections are outbound to your backup destination (S3/B2/SFTP). Restrict port 8200 from public access — put it behind Nginx Proxy Manager with HTTPS and an IP allow list, or access it via SSH tunnel. Outbound ports needed depend on your backend: 443 for S3/B2/cloud, 22 for SFTP, or the configured WebDAV port.

              Backup and Maintenance

                Common Mistakes

                  Troubleshooting

                    Alternatives

                    Restic is a CLI-based backup tool with better performance, faster deduplication, and more active development than Duplicati — excellent for users comfortable with command line. BorgBackup is another powerful CLI option with excellent compression and deduplication, primarily for Linux. rsync is simple and fast for file synchronization but lacks encryption and deduplication. Velero is designed specifically for Kubernetes PVC backups. Kopia is a newer modern alternative to Duplicati with a nicer UI. For true simplicity, managed backup services like Backblaze Personal Backup or iDrive are easier to operate but less configurable.

                    When Not to Use It

                    Avoid Duplicati if you need high-performance backup of very large data sets (10+ TB) — restic and BorgBackup perform significantly better at scale. Duplicati has known performance issues with databases containing millions of small files. If you need application-consistent database backups, dump the database first with pg_dump or mysqldump and then back up the dump file — never rely on Duplicati to capture a consistent database snapshot from a live volume. For Kubernetes, Velero is a more appropriate tool. Duplicati development has slowed; Duplicati v2 (Duplicati 3) is in progress — check current community status before deploying for critical data.

                    Need Help Setting Up Duplicati?

                    PrismaTechWork provides end-to-end infrastructure services — from initial deployment and security hardening to ongoing monitoring, automated backups, and dedicated support. Whether you need a single-server setup or a multi-site network, our team ensures your infrastructure is built right, secured properly, and maintained reliably.

                      Contact Us

                      Frequently Asked Questions

                      What happens if I lose my encryption passphrase?

                      If you lose the passphrase, your backup data is permanently unrecoverable — the AES-256 encryption cannot be broken. This is by design: nobody can read your backups without the passphrase. Store it in Vaultwarden (self-hosted Bitwarden), print it and store it physically in a secure location, or use a key escrow service. Never rely on memory alone for a passphrase that protects years of backups.

                      Which cloud storage backend should I use with Duplicati?

                      Backblaze B2 is the most popular choice — $0.006/GB/month, generous free egress with Cloudflare partnership, and simple setup. Wasabi S3-compatible is $0.0059/GB with no egress fees — great for frequent restores. Amazon S3 is the most reliable but more expensive. SFTP to a second VPS or a NAS is a free option if you have the hardware. Use multiple backends for critical data: local NAS for fast restore, B2 for offsite disaster recovery.

                      How do I backup a Docker volume with Duplicati?

                      For data consistency, stop the container first: add a pre-backup script in Duplicati (Settings > Pre-backup script) that runs `docker stop mycontainer`, back up /var/lib/docker/volumes/myvolume, then add a post-backup script to `docker start mycontainer`. Alternatively, use database dump commands (pg_dump, mysqldump) to export a consistent snapshot to a file, then back up that file instead of the live volume directory.

                      How do I restore specific files from a backup?

                      In Duplicati web UI, click Restore > select the backup job > select the date/version > browse the file tree and select files or folders to restore. Choose a restore destination — original location or a new folder. Duplicati will download and decrypt only the blocks needed for the selected files. You can also restore directly from the destination without the Duplicati database if you have the passphrase, using the direct restore feature.

                      How do I get notified if a backup fails?

                      Configure email reporting in Duplicati Settings > Default options. Set send-mail-to, send-mail-from, send-mail-url (SMTP), and send-mail-level: Warning. Or use ntfy: add a post-backup script that POSTs to your ntfy topic on failure (`if [ $DUPLICATI__PARSED_RESULT != 'Success' ]; then curl -d 'Backup FAILED' https://ntfy.yourdomain.com/alerts; fi`). Monitoring backup success is as important as running the backup itself.

                      Can I use Duplicati to backup from Windows as well as Linux?

                      Yes. Duplicati is cross-platform — it runs natively on Windows, macOS, and Linux. The web UI is the same on all platforms. On Windows, it can be installed as a background service. This makes it useful for backing up both server data (Linux VPS) and local workstations (Windows) to the same cloud storage bucket with the same tool, simplifying your backup strategy.

                      How much storage do I need for server backups?

                      With deduplication and compression, typical self-hosted server data compresses to 30–60% of its uncompressed size for the initial backup. Incremental backups after that are typically 1–5% of the total size per day. For a 10 GB dataset, plan for 5–7 GB initial backup and 100–500 MB per day of incrementals. With a 30-day retention policy, total storage is roughly 1–2× the original data size. Monitor actual usage after the first month.

                      How do I verify that my backups are working correctly?

                      Duplicati performs automatic verification of a random sample of backup blocks after each run — check the backup log for 'Verification completed without errors'. For full confidence, do a test restore to a temporary location quarterly: Duplicati > Restore > select an old version > restore to /tmp/restore-test > verify the files are intact and readable. Schedule a calendar reminder for quarterly restore tests — this is the only way to know your backups are truly restorable.

                      Related Tutorials

                      Vaultwarden Nginx Proxy Manager Uptime Kuma Portainer