taperole 1.6.0 → 1.7.0

data/vendor/Stouts.backup/templates/duply.sh.j2

@@ -17,13 +17,13 @@
 ###############################################################################
 #  TODO/IDEAS/KNOWN PROBLEMS:
 #  - possibility to restore time frames (incl. deleted files)
-#    realizable by listing each backup and restore from 
+#    realizable by listing each backup and restore from
 #    oldest to the newest, problem: not performant
 #  - search file in all backups function and show available
 #    versions with backups date (list old avail since 0.6.06)
-#  - edit profile opens conf file in vi 
+#  - edit profile opens conf file in vi
 #  - implement log-fd interpretation
-#  - add a duplicity option check against the options pending 
+#  - add a duplicity option check against the options pending
 #    deprecation since 0.5.10 namely --time-separator
 #                               --short-filenames
 #                              --old-filenames
@@ -40,7 +40,7 @@
 #
 #  1.9.0 (24.8.2014)
 #  - bugfix: env vars were not exported when external script was executable
-#  - rework GPG_KEY handling, allow virtually anything now (uid, keyid etc.) 
+#  - rework GPG_KEY handling, allow virtually anything now (uid, keyid etc.)
 #    see gpg manpage, section "How to specify a user ID"
 #    let gpg complain when the delivered values are invalid for whatever reason
 #  - started to rework tmp space checking, exposed folder & writable check
@@ -49,7 +49,7 @@
 #  1.8.0 (13.7.2014)
 #  - add command verifyPath to expose 'verify --file-to-restore' action
 #  - add time parameter support to verify command
-#  - add section time formats to usage output 
+#  - add section time formats to usage output
 #
 #  1.7.4 (24.6.2014)
 #  - remove ubuntu one support, service is discontinued
@@ -59,23 +59,23 @@
 #  - bugfix: test routines, gpg2 asked for passphrase although GPG_PW was set
 #
 #  1.7.2 (1.4.2014 "April,April")
-#  - bugfix: debian Bug#743190 "duply no longer allows restoration without 
+#  - bugfix: debian Bug#743190 "duply no longer allows restoration without
 #     gpg passphrase in conf file"
 #     GPG_AGENT_INFO env var is now needed to trigger --use-agent
 #  - bugfix: gpg keyenc test routines didn't work if GPG_PW was not set
 #
 #  1.7.1 (30.3.2014)
-#  - bugfix: purge-* commands renamed to purgeFull, purgeIncr due to 
-#     incompatibility with new minus batch separator 
+#  - bugfix: purge-* commands renamed to purgeFull, purgeIncr due to
+#     incompatibility with new minus batch separator
 #
 #  1.7.0 (20.3.2014)
 #  - disabled gpg key id plausibility check, too many valid possibilities
 #  - featreq 7 "Halt if precondition fails":
 #     added and(+), or(-) batch command(separator) support
-#  - featreq 26 "pre/post script with shebang line": 
-#     if a script is flagged executable it's executed in a subshell 
+#  - featreq 26 "pre/post script with shebang line":
+#     if a script is flagged executable it's executed in a subshell
 #     now as opposed to sourced to bash, which is the default
-#  - bugfix: do not check if dpbx, swift credentials are set anymore 
+#  - bugfix: do not check if dpbx, swift credentials are set anymore
 #  - bugfix: properly escape profile name, archdir if used as arguments
 #  - add DUPL_PRECMD conf setting for use with e.g. trickle
 #
@@ -88,7 +88,7 @@
 #    homedir can thus be configured to be located anywhere
 #  - always import both secret and public key if avail from config profile
 #  - new explanatory comments in initial exclude file
-#  - bugfix 7: Duply only imports one key at a time 
+#  - bugfix 7: Duply only imports one key at a time
 #
 #  1.5.11 (19.07.2013)
 #  - purge-incr command for remove-all-inc-of-but-n-full feature added
@@ -103,7 +103,7 @@
 #
 #  1.5.9 (22.11.2012)
 #  - bugfix 3588926: filter --exclude* params for restore/fetch ate too much
-#  - restore/fetch now also ignores --include* or --exclude='foobar' 
+#  - restore/fetch now also ignores --include* or --exclude='foobar'
 #
 #  1.5.8 (26.10.2012)
 #  - bugfix 3575487: implement proper cloud files support
@@ -112,7 +112,7 @@
 #  - bugfix 3531450: Cannot use space in target URL (file:///) anymore
 #
 #  1.5.6 (24.5.2012)
-#  - commands purge, purge-full have no default value anymore for security 
+#  - commands purge, purge-full have no default value anymore for security
 #    reasons; instead max value can be given via cmd line or must be set
 #    in profile; else an error is shown.
 #  - minor man page modifications
@@ -143,33 +143,33 @@
 #  - bugfix 3312208: signing detection broke symmetric gpg test routine
 #
 #  1.5.5 (2.5.2011)
-#  - bugfix: fetch problem with space char in path, escape all params 
+#  - bugfix: fetch problem with space char in path, escape all params
 #    containing non word chars
 #  - list available profiles, if given profile cannot be found
 #  - added --use-agent configuration hint
-#  - bugfix 3174133: --exclude* params in conf DUPL_PARAMS broke 
+#  - bugfix 3174133: --exclude* params in conf DUPL_PARAMS broke
 #    fetch/restore
 #  - version command now prints out 'using installed' info
-#  - featreq 3166169: autotrust imported keys, based on code submitted by 
-#    Martin Ellis - imported keys are now automagically trusted ultimately 
+#  - featreq 3166169: autotrust imported keys, based on code submitted by
+#    Martin Ellis - imported keys are now automagically trusted ultimately
 #  - new txt2man feature to create manpages for package maintainers
 #
 #  1.5.4.2 (6.1.2011)
 #  - new command changelog
 #  - bugfix 3109884: freebsd awk segfaulted on printf '%*', use print again
-#  - bugfix: freebsd awk hangs on 'awk -W version' 
+#  - bugfix: freebsd awk hangs on 'awk -W version'
 #  - bugfix 3150244: mawk does not know '--version'
 #  - minor help text improvements
 #  - new env vars CMD_PREV,CMD_NEXT replacing CMD env var for scripts
 #
 #  1.5.4.1 (4.12.2010)
 #  - output awk, python, bash version now in prolog
-#  - shebang uses /usr/bin/env now for freebsd compatibility, 
-#    bash not in /bin/bash 
-#  - new --disable-encryption parameter, 
+#  - shebang uses /usr/bin/env now for freebsd compatibility,
+#    bash not in /bin/bash
+#  - new --disable-encryption parameter,
 #    to override profile encr settings for one run
 #  - added exclude-if-present setting to conf template
-#  - bug 3126972: GPG_PW only needed for signing/symmetric encryption 
+#  - bug 3126972: GPG_PW only needed for signing/symmetric encryption
 #    (even though duplicity still needs it)
 #
 #  1.5.4 (15.11.2010)
@@ -186,8 +186,8 @@
 #  - bugfix 2996459: Duply erroneously escapes '-' symbol in username
 #  - url_encode function is now pythonized
 #  - rsync uses FTP_PASSWORD now if duplicity 0.6.10+ , else issue warning
-#  - feature 3059262: Make pre and post aware of parameters, 
-#                     internal parameters + CMD of pre or post 
+#  - feature 3059262: Make pre and post aware of parameters,
+#                     internal parameters + CMD of pre or post
 #
 #  1.5.2.3 (16.4.2010)
 #  - bugfix: date again, should now work virtually anywhere
@@ -234,15 +234,15 @@
 #                aid=2864410&group_id=217745&atid=1041147
 #
 #  1.5.1 (21.09.2009) - duply (fka. ftplicity)
-#  - first things first: ftplicity (being able to support all backends since 
+#  - first things first: ftplicity (being able to support all backends since
 #    some time) will be called duply (fka. ftplicity) from now on. The addendum
 #    is for the time being to circumvent confusion.
-#  - bugfix: exit code is 1 (error) not 0 (success), if at least on duplicity 
+#  - bugfix: exit code is 1 (error) not 0 (success), if at least on duplicity
 #            command failed
 #  - s3[+http] now supported natively by translating user/pass to access_key/
-#    secret_key environment variables needed by duplicity s3 boto backend 
+#    secret_key environment variables needed by duplicity s3 boto backend
 #  - bugfix: additional output lines do not confuse version check anymore
-#  - list command supports now age parameter (patch by stefan on feature 
+#  - list command supports now age parameter (patch by stefan on feature
 #    request tracker)
 #  - bugfix: option/param pairs are now correctly passed on to duplicity
 #  - bugfix: s3[+http] needs no TARGET_PASS if command is read only
@@ -259,7 +259,7 @@
 #
 #  1.5.0 (01.07.2009)
 #  - removed ftp limitation, all duplicity backends should work now
-#  - bugfix: date for separator failed on openwrt busybox date, added a 
+#  - bugfix: date for separator failed on openwrt busybox date, added a
 #    detecting workaround, milliseconds are not available w/ busybox date
 #
 #  1.4.2.1 (14.05.2009)
@@ -268,29 +268,29 @@
 #  1.4.2 (22.04.2009)
 #  - gpg keys are now exported as gpgkey.[id].asc , the suffix reflects the
 #    armored ascii nature, the id helps if the key is switched for some reason
-#    im/export routines are updated accordingly (import is backward compatible 
-#    to the old profile/gpgkey files)         
-#  - profile argument is treated as path if it contains slashes 
+#    im/export routines are updated accordingly (import is backward compatible
+#    to the old profile/gpgkey files)
+#  - profile argument is treated as path if it contains slashes
 #    (for details see usage)
-#  - non-ftplicity options (all but --preview currently) are now passed 
-#    on to duplicity 
+#  - non-ftplicity options (all but --preview currently) are now passed
+#    on to duplicity
 #  - removed need for stat in secure_conf, it is ls based now
 #  - added profile folder readable check
 #  - added gpg version & home info output
 #  - awk utility availability is now checked, because it was mandatory already
 #  - tmp space is now checked on writability and space requirement
-#    test fails on less than 25MB or configured $VOLSIZE, 
-#    test warns if there is less than two times $VOLSIZE because 
-#    that's required for --asynchronous-upload option  
-#  - gpg functionality is tested now before executing duplicity 
+#    test fails on less than 25MB or configured $VOLSIZE,
+#    test warns if there is less than two times $VOLSIZE because
+#    that's required for --asynchronous-upload option
+#  - gpg functionality is tested now before executing duplicity
 #    test drive contains encryption, decryption, comparison, cleanup
 #    this is meant to detect non trusted or other gpg errors early
 #  - added possibility of doing symmetric encryption with duplicity
 #    set GPG_KEY="" or simply comment it out
-#  - added hints in config template on the depreciation of 
+#  - added hints in config template on the depreciation of
 #    --short-filenames, --time-separator duplicity options
 #
-#  new versioning scheme 1.4.2b => 1.4.2, 
+#  new versioning scheme 1.4.2b => 1.4.2,
 #  beta b's are replaced by a patch count number e.g. 1.4.2.1 will be assigned
 #  to the first bug fixing version and 1.4.2.2 to the second and so on
 #  also the releases will now have a release date formatted (Day.Month.Year)
@@ -311,26 +311,26 @@
 #
 #  1.4.0b1 - bugfix: incr forces incremental backups on duplicity,
 #            therefore backup translates to pre_bkp_post now
-#          - bugfix: new command bkp, which represents duplicity's 
+#          - bugfix: new command bkp, which represents duplicity's
 #            default action (incr or full if full_if_older matches
 #            or no earlier backup chain is found)
 #
 #  new versioning scheme 1.4 => 1.4.0, added new minor revision number
-#  this is meant to slow down the rapid version growing but still keep 
+#  this is meant to slow down the rapid version growing but still keep
 #  versions cleanly separated.
-#  only additional features will raise the new minor revision number. 
-#  all releases start as beta, each bugfix release will raise the beta 
+#  only additional features will raise the new minor revision number.
+#  all releases start as beta, each bugfix release will raise the beta
 #  count, usually new features arrive before a version 'ripes' to stable
-#    
+#
 #  1.4.0b
 #    1.4b  - added startup info on version, time, selected profile
 #          - added time output to separation lines
-#          - introduced: command purge-full implements duplicity's 
+#          - introduced: command purge-full implements duplicity's
 #            remove-all-but-n-full functionality (patch by unknown),
 #            uses config variable $MAX_FULL_BACKUPS (default = 1)
-#          - purge config var $MAX_AGE defaults to 1M (month) now 
+#          - purge config var $MAX_AGE defaults to 1M (month) now
 #          - command full does not execute pre/post anymore
-#            use batch command pre_full_post if needed 
+#            use batch command pre_full_post if needed
 #          - introduced batch mode cmd1_cmd2_etc
 #            (in turn removed the bvp command)
 #          - unknown/undefined command issues a warning/error now
@@ -338,13 +338,13 @@
 #    1.3b3 - introduced pre/post commands to execute/debug scripts
 #          - introduced bvp (backup, verify, purge)
 #          - bugfix: removed need for awk gensub, now mawk compatible
-#    1.3b2 - removed pre/post need executable bit set 
+#    1.3b2 - removed pre/post need executable bit set
 #          - profiles now under ~/.ftplicity as folders
 #          - root can keep profiles in /etc/ftplicity, folder must be
 #            created by hand, existing profiles must be moved there
 #          - removed ftplicity in path requirement
 #          - bugfix: bash < v.3 did not know '=~'
-#          - bugfix: purge works again 
+#          - bugfix: purge works again
 #    1.3   - introduces multiple profiles support
 #          - modified some script errors/docs
 #          - reordered gpg key check import routine
@@ -352,9 +352,9 @@
 #          - added error_gpg (adds how to setup gpg key howto)
 #          - bugfix: duplicity 0.4.4RC4+ parameter syntax changed
 #          - duplicity_version_check routine introduced
-#          - added time separator, shortnames, volsize, full_if_older 
-#            duplicity options to config file (inspired by stevie 
-#            from http://weareroot.de) 
+#          - added time separator, shortnames, volsize, full_if_older
+#            duplicity options to config file (inspired by stevie
+#            from http://weareroot.de)
 #    1.1.1 - bugfix: encryption reactivated
 #    1.1   - introduced config directory
 #    1.0   - first release
@@ -385,11 +385,11 @@ function set_config { # sets config vars
   local CONFHOME="{{backup_home}}"
 
   # confdir can be delivered as path (must contain /)
-  if [ `echo $FTPLCFG | grep /` ] ; then 
+  if [ `echo $FTPLCFG | grep /` ] ; then
     CONFDIR=$(readlink -f $FTPLCFG 2>/dev/null || \
               ( echo $FTPLCFG|grep -v '^/' 1>/dev/null 2>&1 \
                && echo $(pwd)/${FTPLCFG} ) || \
-              echo ${FTPLCFG})          
+              echo ${FTPLCFG})
   # or DEFAULT in home/.duply folder (NEW)
   elif [ -d "${CONFHOME}" ]; then
     CONFDIR="${CONFHOME}/${FTPLCFG}"
@@ -417,7 +417,7 @@ function set_config { # sets config vars
   POST="$CONFDIR/post"
   EXCLUDE="$CONFDIR/exclude"
   KEYFILE="$CONFDIR/gpgkey.asc"
-  
+
 }
 
 {% raw %}
@@ -429,7 +429,7 @@ function version_info { # print version information
 END
 }
 
-function version_info_using { 
+function version_info_using {
   cat <<END
 $(version_info)
 
@@ -453,8 +453,8 @@ function usage_info { # print usage information
   cat <<USAGE_EOF
 VERSION:
 $(version_info)
-  
-DESCRIPTION: 
+
+DESCRIPTION:
   Duply deals as a wrapper for the mighty duplicity magic.
   It simplifies running duplicity with cron or on command line by:
 
@@ -466,15 +466,15 @@ DESCRIPTION:
   For each backup job one configuration profile must be created.
   The profile folder will be stored under '~/.${ME_NAME}/<profile>'
   (where ~ is the current users home directory).
-  Hint:  
+  Hint:
    If the folder '/etc/${ME_NAME}' exists, the profiles for the super
    user root will be searched & created there.
 
 USAGE:
-  first time usage (profile creation):  
+  first time usage (profile creation):
     $ME <profile> create
 
-  general usage in single or batch mode (see EXAMPLES):  
+  general usage in single or batch mode (see EXAMPLES):
     $ME <profile> <command>[[_|+|-]<command>[_|+|-]...] [<options> ...]
 
   For batches the conditional separators can also be written as pseudo commands
@@ -484,36 +484,36 @@ USAGE:
   All conf parameters can also be defined in the environment instead.
 
 PROFILE:
-  Indicated by a path or a profile name (<profile>), which is resolved 
+  Indicated by a path or a profile name (<profile>), which is resolved
   to '~/.${ME_NAME}/<profile>' (~ expands to environment variable \$HOME).
 
   Superuser root can place profiles under '/etc/${ME_NAME}'. Simply create
   the folder manually before running $ME as superuser.
-  Note:  
+  Note:
     Already existing profiles in root's profile folder will cease to work
     unless there are moved to the new location manually.
 
   example 1:   $ME humbug backup
 
-  Alternatively a _path_ might be used e.g. useful for quick testing, 
+  Alternatively a _path_ might be used e.g. useful for quick testing,
   restoring or exotic locations. Shell expansion should work as usual.
-  Hint:  
-    The path must contain at least one path separator '/', 
+  Hint:
+    The path must contain at least one path separator '/',
     e.g. './test' instead of only 'test'.
 
   example 2:   $ME ~/.${ME_NAME}/humbug backup
 
 SEPARATORS:
-  _ (underscore)  
+  _ (underscore)
              neutral separator
-  + (plus sign), _and_  
+  + (plus sign), _and_
              conditional AND
              the next command will only be executed if the previous succeeded
-  - (minus sign), _or_  
+  - (minus sign), _or_
              conditional OR
              the next command will only be executed if the previous failed
 
-   example:  
+   example:
     'pre+bkp-verify_post' translates to 'pre_and_bkp_or_verify_post'
 
 COMMANDS:
@@ -528,45 +528,45 @@ COMMANDS:
   bkp        as above but without executing pre/post scripts
   full       force full backup
   incr       force incremental backup
-  list [<age>]  
+  list [<age>]
              list all files in backup (as it was at <age>, default: now)
   status     prints backup sets and chains currently in repository
-  verify [<age>] [--compare-data]  
+  verify [<age>] [--compare-data]
              list files changed, since age if given
-  verifyPath <rel_path_in_bkp> <local_path> [<age>] [--compare-data]  
+  verifyPath <rel_path_in_bkp> <local_path> [<age>] [--compare-data]
              list changes of a file or folder path in backup compared to a
              local path, since age if given
-  restore <target_path> [<age>]  
+  restore <target_path> [<age>]
              restore the complete backup to <target_path> [as it was at <age>]
-  fetch <src_path> <target_path> [<age>]  
+  fetch <src_path> <target_path> [<age>]
              fetch single file/folder from backup [as it was at <age>]
-  purge [<max_age>] [--force]  
+  purge [<max_age>] [--force]
              list outdated backup files (older than \$MAX_AGE)
               [use --force to actually delete these files]
-  purgeFull [<max_full_backups>] [--force]  
+  purgeFull [<max_full_backups>] [--force]
              list outdated backup files (\$MAX_FULL_BACKUPS being the number of
-             full backups and associated incrementals to keep, counting in 
+             full backups and associated incrementals to keep, counting in
              reverse chronological order)
               [use --force to actually delete these files]
-  purgeIncr [<max_fulls_with_incrs>] [--force]  
-             list outdated incremental backups (\$MAX_FULLS_WITH_INCRS being 
+  purgeIncr [<max_fulls_with_incrs>] [--force]
+             list outdated incremental backups (\$MAX_FULLS_WITH_INCRS being
              the number of full backups which associated incrementals will be
-             kept, counting in reverse chronological order) 
+             kept, counting in reverse chronological order)
               [use --force to actually delete these files]
-  cleanup [--force]  
+  cleanup [--force]
              list broken backup chain files archives (e.g. after unfinished run)
               [use --force to actually delete these files]
 
   changelog  print changelog / todo list
-  txt2man    feature for package maintainers - create a manpage based on the 
-             usage output. download txt2man from http://mvertes.free.fr/, put 
+  txt2man    feature for package maintainers - create a manpage based on the
+             usage output. download txt2man from http://mvertes.free.fr/, put
              it in the PATH and run '$ME txt2man' to create a man page.
   version    show version information of $ME and needed programs
 
 OPTIONS:
   --force    passed to duplicity (see commands: purge, purge-full, cleanup)
   --preview  do nothing but print out generated duplicity command lines
-  --disable-encryption  
+  --disable-encryption
              disable encryption, overrides profile settings
 
 TIME FORMATS:
@@ -581,30 +581,30 @@ PRE/POST SCRIPTS:
   Useful internal duply variables will be readable in the scripts.
   Some of interest may be
 
-    CONFDIR, SOURCE, TARGET_URL_<PROT|HOSTPATH|USER|PASS>, 
+    CONFDIR, SOURCE, TARGET_URL_<PROT|HOSTPATH|USER|PASS>,
     GPG_<KEYS_ENC|KEY_SIGN|PW>, CMD_<PREV|NEXT>, CMD_ERR
 
-  The CMD_* variables were introduced to allow different actions according to 
-  the command the scripts were attached to e.g. 'pre_bkp_post_pre_verify_post' 
-  will call the pre script two times, with CMD_NEXT variable set to 'bkp' 
+  The CMD_* variables were introduced to allow different actions according to
+  the command the scripts were attached to e.g. 'pre_bkp_post_pre_verify_post'
+  will call the pre script two times, with CMD_NEXT variable set to 'bkp'
   on the first and to 'verify' on the second run.
   CMD_ERR holds the exit code of the CMD_PREV .
 
 EXAMPLES:
-  create profile 'humbug':  
+  create profile 'humbug':
     $ME humbug create (now edit the resulting conf file)
-  backup 'humbug' now:  
+  backup 'humbug' now:
     $ME humbug backup
-  list available backup sets of profile 'humbug':  
+  list available backup sets of profile 'humbug':
     $ME humbug status
-  list and delete obsolete backup archives of 'humbug':  
+  list and delete obsolete backup archives of 'humbug':
     $ME humbug purge --force
-  restore latest backup of 'humbug' to /mnt/restore:  
+  restore latest backup of 'humbug' to /mnt/restore:
     $ME humbug restore /mnt/restore
-  restore /etc/passwd of 'humbug' from 4 days ago to /root/pw:  
+  restore /etc/passwd of 'humbug' from 4 days ago to /root/pw:
     $ME humbug fetch etc/passwd /root/pw 4D
     (see "duplicity manpage", section TIME FORMATS)
-  a one line batch job on 'humbug' for cron execution:  
+  a one line batch job on 'humbug' for cron execution:
     $ME humbug backup_verify_purge --force
 
 FILES:
@@ -655,10 +655,10 @@ GPG_PW='${DEFAULT_GPG_PW}'
 #  GPG_KEYS_ENC='<keyid1>[,<keyid2>,...]' - list of pubkeys to encrypt to
 #  GPG_KEY_SIGN='<keyid1>|disabled' - a secret key for signing
 #  GPG_PW='<passphrase>' - needed for signing, decryption and symmetric
-#   encryption. If you want to deliver different passphrases for e.g. 
+#   encryption. If you want to deliver different passphrases for e.g.
 #   several keys or symmetric encryption plus key signing you can use
 #   gpg-agent. Simply make sure that GPG_AGENT_INFO is set in environment.
-#   also see "A NOTE ON SYMMETRIC ENCRYPTION AND SIGNING" in duplicity manpage 
+#   also see "A NOTE ON SYMMETRIC ENCRYPTION AND SIGNING" in duplicity manpage
 # notes on en/decryption
 #  private key and passphrase will only be needed for decryption or signing.
 #  decryption happens on restore and incrementals (compare archdir contents).
@@ -671,7 +671,7 @@ GPG_PW='${DEFAULT_GPG_PW}'
 #GPG_PW_SIGN='<signpass>'
 
 # gpg options passed from duplicity to gpg process (default='')
-# e.g. "--trust-model pgp|classic|direct|always" 
+# e.g. "--trust-model pgp|classic|direct|always"
 #   or "--compress-algo=bzip2 --bzip2-compress-level=9"
 #   or "--personal-cipher-preferences AES256,AES192,AES..."
 #   or "--homedir ~/.duply" - keep keyring and gpg settings duply specific
@@ -686,7 +686,7 @@ GPG_PW='${DEFAULT_GPG_PW}'
 # for details see duplicity manpage, section URL Format
 #   http://duplicity.nongnu.org/duplicity.1.html#sect8
 # probably one out of
-#   # for cloudfiles backend user id is CLOUDFILES_USERNAME, password is 
+#   # for cloudfiles backend user id is CLOUDFILES_USERNAME, password is
 #   # CLOUDFILES_APIKEY, you might need to set CLOUDFILES_AUTHURL manually
 #   cf+http://[user:password@]container_name
 #   dpbx:///some_dir
@@ -695,7 +695,7 @@ GPG_PW='${DEFAULT_GPG_PW}'
 #   gdocs://user[:password]@other.host/some_dir
 #   # for the google cloud storage (since duplicity 0.6.22)
 #   # user/password are GS_ACCESS_KEY_ID/GS_SECRET_ACCESS_KEY
-#   gs://bucket[/prefix] 
+#   gs://bucket[/prefix]
 #   hsi://user[:password]@other.host/some_dir
 #   imap[s]://user[:password]@host.com[/from_address_prefix]
 #   mega://user[:password]@mega.co.nz/some_dir
@@ -708,16 +708,16 @@ GPG_PW='${DEFAULT_GPG_PW}'
 #   # scp and sftp are aliases for the ssh backend
 #   ssh://user[:password]@other.host[:port]/[/]some_dir
 #   # for authenticated swift define TARGET_USER or SWIFT_USERNAME,
-#   # TARGET_PASS or SWIFT_PASSWORD, SWIFT_AUTHURL (mandatory, the path to 
+#   # TARGET_PASS or SWIFT_PASSWORD, SWIFT_AUTHURL (mandatory, the path to
 #   # your identity service, omitting leads to an error with swift),
 #   # optionally SWIFT_AUTHVERSION (which defaults to "1")
 #   swift://container_name
 #   tahoe://alias/directory
 #   webdav[s]://user[:password]@other.host/some_dir
-# ATTENTION: characters other than A-Za-z0-9.-_.~ in the URL have 
+# ATTENTION: characters other than A-Za-z0-9.-_.~ in the URL have
 #            to be replaced by their url encoded pendants, see
-#            http://en.wikipedia.org/wiki/Url_encoding 
-#            if you define the credentials as TARGET_USER, TARGET_PASS below 
+#            http://en.wikipedia.org/wiki/Url_encoding
+#            if you define the credentials as TARGET_USER, TARGET_PASS below
 #            duply will try to url_encode them for you if the need arises
 TARGET='${DEFAULT_TARGET}'
 # optionally the username/password can be defined as extra variables
@@ -728,7 +728,7 @@ TARGET='${DEFAULT_TARGET}'
 # base directory to backup
 SOURCE='${DEFAULT_SOURCE}'
 
-# a command that runs duplicity e.g. 
+# a command that runs duplicity e.g.
 #  shape bandwidth use via trickle
 #  "trickle -s -u 640 -d 5120" # 5Mb up, 40Mb down"
 #DUPL_PRECMD=""
@@ -738,11 +738,11 @@ SOURCE='${DEFAULT_SOURCE}'
 #FILENAME='.duplicity-ignore'
 #DUPL_PARAMS="\$DUPL_PARAMS --exclude-if-present '\$FILENAME'"
 
-# Time frame for old backups to keep, Used for the "purge" command.  
+# Time frame for old backups to keep, Used for the "purge" command.
 # see duplicity man page, chapter TIME_FORMATS)
 #MAX_AGE=1M
 
-# Number of full backups to keep. Used for the "purge-full" command. 
+# Number of full backups to keep. Used for the "purge-full" command.
 # See duplicity man page, action "remove-all-but-n-full".
 #MAX_FULL_BACKUPS=1
 
@@ -751,17 +751,17 @@ SOURCE='${DEFAULT_SOURCE}'
 # See duplicity man page, action "remove-all-inc-of-but-n-full".
 #MAX_FULLS_WITH_INCRS=1
 
-# activates duplicity --full-if-older-than option (since duplicity v0.4.4.RC3) 
-# forces a full backup if last full backup reaches a specified age, for the 
+# activates duplicity --full-if-older-than option (since duplicity v0.4.4.RC3)
+# forces a full backup if last full backup reaches a specified age, for the
 # format of MAX_FULLBKP_AGE see duplicity man page, chapter TIME_FORMATS
 # Uncomment the following two lines to enable this setting.
 #MAX_FULLBKP_AGE=1M
-#DUPL_PARAMS="\$DUPL_PARAMS --full-if-older-than \$MAX_FULLBKP_AGE " 
+#DUPL_PARAMS="\$DUPL_PARAMS --full-if-older-than \$MAX_FULLBKP_AGE "
 
 # sets duplicity --volsize option (available since v0.4.3.RC7)
 # set the size of backup chunks to VOLSIZE MB instead of the default 25MB.
 # VOLSIZE must be number of MB's to set the volume size to.
-# Uncomment the following two lines to enable this setting. 
+# Uncomment the following two lines to enable this setting.
 #VOLSIZE=50
 #DUPL_PARAMS="\$DUPL_PARAMS --volsize \$VOLSIZE "
 
@@ -773,36 +773,36 @@ SOURCE='${DEFAULT_SOURCE}'
 # for a successful restoration process. (default is '/tmp', if not set)
 #TEMP_DIR=/tmp
 
-# Modifies archive-dir option (since 0.6.0) Defines a folder that holds 
-# unencrypted meta data of the backup, enabling new incrementals without the 
-# need to decrypt backend metadata first. If empty or deleted somehow, the 
+# Modifies archive-dir option (since 0.6.0) Defines a folder that holds
+# unencrypted meta data of the backup, enabling new incrementals without the
+# need to decrypt backend metadata first. If empty or deleted somehow, the
 # private key and it's password are needed.
-# NOTE: This is confidential data. Put it somewhere safe. It can grow quite 
+# NOTE: This is confidential data. Put it somewhere safe. It can grow quite
 #       big over time so you might want to put it not in the home dir.
 # default '~/.cache/duplicity/duply_<profile>/'
 # if set  '\${ARCH_DIR}/<profile>'
 #ARCH_DIR=/some/space/safe/.duply-cache
 
 # DEPRECATED setting
-# sets duplicity --time-separator option (since v0.4.4.RC2) to allow users 
-# to change the time separator from ':' to another character that will work 
+# sets duplicity --time-separator option (since v0.4.4.RC2) to allow users
+# to change the time separator from ':' to another character that will work
 # on their system.  HINT: For Windows SMB shares, use --time-separator='_'.
 # NOTE: '-' is not valid as it conflicts with date separator.
-# ATTENTION: only use this with duplicity < 0.5.10, since then default file 
-#            naming is compatible and this option is pending depreciation 
+# ATTENTION: only use this with duplicity < 0.5.10, since then default file
+#            naming is compatible and this option is pending depreciation
 #DUPL_PARAMS="\$DUPL_PARAMS --time-separator _ "
 
 # DEPRECATED setting
 # activates duplicity --short-filenames option, when uploading to a file
 # system that can't have filenames longer than 30 characters (e.g. Mac OS 8)
 # or have problems with ':' as part of the filename (e.g. Microsoft Windows)
-# ATTENTION: only use this with duplicity < 0.5.10, later versions default file 
+# ATTENTION: only use this with duplicity < 0.5.10, later versions default file
 #            naming is compatible and this option is pending depreciation
 #DUPL_PARAMS="\$DUPL_PARAMS --short-filenames "
 
 # more duplicity command line options can be added in the following way
 # don't forget to leave a separating space char at the end
-#DUPL_PARAMS="\$DUPL_PARAMS --put_your_options_here " 
+#DUPL_PARAMS="\$DUPL_PARAMS --put_your_options_here "
 
 EOF
 
@@ -823,7 +823,7 @@ EOF
   cat <<EOF
 
 Congratulations. You just created the profile '$FTPLCFG'.
-The initial config file has been created as 
+The initial config file has been created as
 '$CONF'.
 You should now adjust this config file to your needs.
 
@@ -839,12 +839,12 @@ function hint_profile {
   cat <<EOF
 IMPORTANT:
   Copy the _whole_ profile folder after the first backup to a safe place.
-  It contains everything needed to restore your backups. You will need 
-  it if you have to restore the backup from another system (e.g. after a 
-  system crash). Keep access to these files restricted as they contain 
+  It contains everything needed to restore your backups. You will need
+  it if you have to restore the backup from another system (e.g. after a
+  system crash). Keep access to these files restricted as they contain
   _all_ informations (gpg data, ftp data) to access and modify your backups.
 
-  Repeat this step after _all_ configuration changes. Some configuration 
+  Repeat this step after _all_ configuration changes. Some configuration
   options are crucial for restoration.
 
 EOF
@@ -884,7 +884,7 @@ function error {
 
 function error_gpg {
   [ -n "$2" ] && local hint="\n  $2\n\n  "
-  
+
   error "$1
 
 Hint${hint:+s}:
@@ -892,7 +892,7 @@ Hint${hint:+s}:
   Don't forget the used _password_ as you will need it.
   When done enter the 8 digit id & the password in the profile conf file.
 
-  The key id can be found doing a 'gpg --list-keys'. In the  example output 
+  The key id can be found doing a 'gpg --list-keys'. In the  example output
   below the key id would be FFFFFFFF for the public key.
 
   pub   1024D/FFFFFFFF 2007-12-17
@@ -905,7 +905,7 @@ function error_gpg_key {
   local KEY_ID="$1"
   local KIND="$2"
   error_gpg "${KIND} gpg key '${KEY_ID}' cannot be found." \
-"Doublecheck if the above key is listed by 'gpg --list-keys' or available 
+"Doublecheck if the above key is listed by 'gpg --list-keys' or available
   as gpg key file '$(basename "$(gpg_keyfile "${KEY_ID}")")' in the profile folder.
   If not you can put it there and $ME will autoimport it on the next run.
   Alternatively import it manually as the user you plan to run $ME with."
@@ -917,9 +917,9 @@ function error_gpg_test {
   error "$1
 
 Hint${hint:+s}:
-  ${hint}This error means that gpg is probably misconfigured or not working 
+  ${hint}This error means that gpg is probably misconfigured or not working
   correctly. The error message above should help to solve the problem.
-  However, if for some reason $ME should misinterpret the situation you 
+  However, if for some reason $ME should misinterpret the situation you
   can define GPG_TEST='disabled' in the conf file to bypass the test.
   Please do not forget to report the bug in order to resolve the problem
   in future versions of $ME.
@@ -957,7 +957,7 @@ function duplicity_version_get {
 
 function duplicity_version_check {
 	if [ $DUPL_VERSION_VALUE -eq 0 ]; then
-		inform "duplicity version check failed (please report, this is a bug)" 
+		inform "duplicity version check failed (please report, this is a bug)"
 	elif [ $DUPL_VERSION_VALUE -le 404 ] && [ ${DUPL_VERSION_RC:-4} -lt 4 ]; then
 		error "The installed version $DUPL_VERSION is incompatible with $ME v$ME_VERSION.
 You should upgrade your version of duplicity to at least v0.4.4RC4 or
@@ -976,9 +976,9 @@ function duplicity_version_lt {
 function run_script { # run pre/post scripts
   local ERR=0
   local SCRIPT="$1"
-  if [ ! -z "$PREVIEW" ] ; then	
+  if [ ! -z "$PREVIEW" ] ; then
     echo "$([ ! -x "$SCRIPT" ] && echo ". ")$SCRIPT"
-  elif [ -r "$SCRIPT" ] ; then 
+  elif [ -r "$SCRIPT" ] ; then
     echo -n "Running '$SCRIPT' "
     if [ -x "$SCRIPT" ]; then
       OUT=$("$SCRIPT" 2>&1)
@@ -1077,7 +1077,7 @@ function duplicity_params_conf {
 		echo "$DUPL_PARAMS" | awk '{gsub(/--(ex|in)clude[a-z-]*(([ \t]+|=)[^-][^ \t]+)?/,"");print}'
 		return
 	fi
-	
+
 	echo "$DUPL_PARAMS"
 }
 
@@ -1115,7 +1115,7 @@ function secureconf { # secure the configuration dir
 	local PERMS="$(ls -la "$CONFDIR/." | awk 'NR==2{print $1}')"
 	if [ "${PERMS/#drwx------*/OK}" != 'OK' ] ; then
 		chmod u+rwX,go= "$CONFDIR"; local ERR=$?
-		warning "The profile's folder 
+		warning "The profile's folder
 '$CONFDIR'
 permissions are not safe ($PERMS). Secure them now. - ($(error_to_string $ERR))"
 	fi
@@ -1129,7 +1129,7 @@ function date_fix {
 		echo $date && return
 	# date bsd,osx with -r epoch
 	date=$(date ${2:+-r $2} ${1:++"$1"} 2> /dev/null) && \
-		echo $date && return	
+		echo $date && return
 	# date busybox with -d epoch -D %s
 	date=$(date ${2:+-d $2 -D %s} ${1:++"$1"} 2> /dev/null) && \
 		echo $date && return
@@ -1210,19 +1210,19 @@ function isnumber {
 }
 
 #function tmp_space {
-#  
+#
 #  if ! isnumber $VOLSIZE; then
 #    inform "failed to determine free space (please report, this is a bug)"
 #    return
 #  fi
-#  
+#
 # get free temp space
 #  TEMP_FREE="$(df -P -k "$TEMP_DIR" 2>/dev/null | awk 'END{pos=(NF-2);if(pos>0) print $pos;}')"
 #  # check for free space or FAIL
 #  if [ $((${TEMP_FREE:-0}-${VOLSIZE:-0}*1024)) -lt 0-lt 0 ]; then
 #    error "Temporary file space '$TEMP_DIR' free space is smaller ($((TEMP_FREE/1024))MB)
 #than one duplicity volume (${VOLSIZE}MB).
-#    
+#
 #  Hint: Free space or change TEMP_DIR setting."
 #fi
 #
@@ -1261,17 +1261,17 @@ function gpg_import {
   local KEYFILES=( "$CONFDIR/gpgkey" $(gpg_keyfile "$KEY_ID") \
                    $(gpg_keyfile "$KEY_ID" PUB) $(gpg_keyfile "$KEY_ID" SEC))
 
-  # Try autoimport from existing old gpgkey files 
+  # Try autoimport from existing old gpgkey files
   # and new gpgkey.XXX.asc files (since v1.4.2)
   # and even newer gpgkey.XXX.[pub|sec].asc
   for (( i = 0 ; i < ${#KEYFILES[@]} ; i++ )); do
     FILE=${KEYFILES[$i]}
     if [ -f "$FILE" ]; then
       FOUND=1
-      
+
       CMD_MSG="Import keyfile '$FILE' to keyring"
       run_cmd "$GPG" $GPG_OPTS --batch --import "$FILE"
-      if [ "$?" != "0" ]; then 
+      if [ "$?" != "0" ]; then
         warning "Import failed.${CMD_OUT:+\n$CMD_OUT}"
         ERR=1
         # continue with next
@@ -1287,13 +1287,13 @@ function gpg_import {
   # try to set trust automagically
   CMD_MSG="Autoset trust of key '$KEY_ID' to ultimate"
   run_cmd echo $(gpg_fingerprint "$KEY_ID"):6: \| "$GPG" $GPG_OPTS --import-ownertrust --batch --logger-fd 1
-  if [ "$?" = "0" ] && [ -z "$PREVIEW" ]; then 
+  if [ "$?" = "0" ] && [ -z "$PREVIEW" ]; then
    # success on all levels, we're done
    return $ERR
   fi
 
   # failover: user has to set trust manually
-  echo -e "For $ME to work you have to set the trust level 
+  echo -e "For $ME to work you have to set the trust level
 with the command \"trust\" to \"ultimate\" (5) now.
 Exit the edit mode of gpg with \"quit\"."
   CMD_MSG="Running gpg to manually edit key '$KEY_ID'"
@@ -1338,7 +1338,7 @@ function gpg_export_if_needed {
       fi
     done
   done
-  
+
   [ -n "$SUCCESS" ] && inform "$ME exported new keys to your profile.
 You should backup your changed profile folder now and store it in a safe place."
 }
@@ -1430,7 +1430,7 @@ function gpg_symmetric {
 # checks for max two params if they are set, typically GPG_PW & GPG_PW_SIGN
 function gpg_param_passwd {
   var_isset GPG_USEAGENT && exit 1
-  
+
   if ( [ -n "$1" ] && var_isset "$1" ) || ( [ -n "$2" ] && var_isset "$2" ); then
     echo "--passphrase-fd 0 --batch"
   fi
@@ -1439,7 +1439,7 @@ function gpg_param_passwd {
 # select the earlist defined and create an "echo <value> |" string
 function gpg_pass_pipein {
   var_isset GPG_USEAGENT && exit 1
-  
+
   for var in "$@"
   do
     if var_isset "$var"; then
@@ -1447,7 +1447,7 @@ function gpg_pass_pipein {
       return 0
     fi
   done
-  
+
   return 1
 }
 
@@ -1461,7 +1461,7 @@ function gpg_agent_avail {
     ps -p $(echo $GPG_AGENT_INFO|awk -F: '{print $2}') > /dev/null 2>&1  &&\
     ERR=0 || ERR=2
   fi
-  
+
   return $ERR
 }
 
@@ -1497,7 +1497,7 @@ case "$cmd" in
 '$CONFDIR'.
 
 Hint:
- If you _really_ want to create a new profile by this name you will 
+ If you _really_ want to create a new profile by this name you will
  have to manually delete the existing profile folder first."
       exit 1
     else
@@ -1524,8 +1524,8 @@ Hint:
     # if we reach here, user either forgot profile or chose wrong profileless command
     if [ ${#@} -le 1 ]; then
       error "\
- Missing or wrong parameters. 
- Only the commands 
+ Missing or wrong parameters.
+ Only the commands
    changelog, create, usage, txt2man, version
  can be called without selecting an existing profile first.
  Your command was '$cmd'.
@@ -1550,7 +1550,7 @@ duplicity_version_check
 ### read configuration
 set_config
 # check validity
-if [ ! -d "$CONFDIR" ]; then 
+if [ ! -d "$CONFDIR" ]; then
     error "Selected profile '$FTPLCFG' does not resolve to a profile folder in
 '$CONFDIR'.
 
@@ -1562,7 +1562,7 @@ elif [ ! -x "$CONFDIR" ]; then
     error "\
 Profile folder in '$CONFDIR' cannot be accessed.
 
-Hint: 
+Hint:
  Check the filesystem permissions and set directory accessible e.g. 'chmod 700'."
 elif [ ! -f "$CONF" ] ; then
   error "'$CONF' not found."
@@ -1614,21 +1614,21 @@ eval ${TARGET_SPLIT_URL}
 
 # check if backend specific software is in path
 [ -n "$(echo ${TARGET_URL_PROT} | grep -i -e '^ftp://$')" ] && \
-  [ -z "$(which ncftp 2>/dev/null)" ] && error_path "Protocol 'ftp' needs ncftp. Installed und available in path?" 
+  [ -z "$(which ncftp 2>/dev/null)" ] && error_path "Protocol 'ftp' needs ncftp. Installed und available in path?"
 [ -n "$(echo ${TARGET_URL_PROT} | grep -i -e '^ftps://$')" ] && \
   [ -z "$(which lftp 2>/dev/null)" ] && error_path "Protocol 'ftps' needs lftp. Installed und available in path?"
 
 # fetch commmand from parameters ########################################################
-# Hint: cmds is also used to check if authentification info sufficient in the next step 
+# Hint: cmds is also used to check if authentification info sufficient in the next step
 cmds="$2"; shift 2
 
-# translate backup to batch command 
+# translate backup to batch command
 cmds=${cmds//backup/pre_bkp_post}
 
 # complain if command(s) missing
 [ -z $cmds ] && error "  No command given.
 
-  Hint: 
+  Hint:
     Use '$ME usage' to get usage help."
 
 # process params
@@ -1659,31 +1659,31 @@ done
 
 # plausibility check config - VARS & KEY ################################################
 # check if src, trg, trg pw
-# auth info sufficient 
+# auth info sufficient
 # gpg key, gpg pwd (might be empty) set in config
 # OR key in local gpg db
-# OR key can be imported from keyfile 
+# OR key can be imported from keyfile
 # OR fail
 if [ -z "$SOURCE" ] || [ "$SOURCE" == "${DEFAULT_SOURCE}" ]; then
- error " Source Path (setting SOURCE) not set or still default value in conf file 
+ error " Source Path (setting SOURCE) not set or still default value in conf file
  '$CONF'."
 
 elif [ -z "$TARGET" ] || [ "$TARGET" == "${DEFAULT_TARGET}" ]; then
- error " Backup Target (setting TARGET) not set or still default value in conf file 
+ error " Backup Target (setting TARGET) not set or still default value in conf file
  '$CONF'."
 
 elif var_isset 'TARGET_USER' && var_isset 'TARGET_URL_USER' && \
      [ "${TARGET_USER}" != "${TARGET_URL_USER}" ]; then
- error " TARGET_USER ('${TARGET_USER}') _and_ user in TARGET url ('${TARGET_URL_USER}') 
+ error " TARGET_USER ('${TARGET_USER}') _and_ user in TARGET url ('${TARGET_URL_USER}')
  are configured with different values. There can be only one.
- 
+
  Hint: Remove conflicting setting."
 
 elif var_isset 'TARGET_PASS' && var_isset 'TARGET_URL_PASS' && \
      [ "${TARGET_PASS}" != "${TARGET_URL_PASS}" ]; then
- error " TARGET_PASS ('${TARGET_PASS}') _and_ password in TARGET url ('${TARGET_URL_PASS}') 
+ error " TARGET_PASS ('${TARGET_PASS}') _and_ password in TARGET url ('${TARGET_URL_PASS}')
  are configured with different values. There can be only one.
- 
+
  Hint: Remove conflicting setting."
 fi
 
@@ -1699,13 +1699,13 @@ if ( ( ! var_isset 'TARGET_USER' && ! var_isset 'TARGET_URL_USER' ) && \
      [ -z "$(echo ${cmds} | grep -e '\(bkp\|incr\|full\|purge\|cleanup\)')" ]; then
     : # still fine, it's possible to read only access configured buckets anonymously
   else
-    error " Backup target credentials needed but not set in conf file 
+    error " Backup target credentials needed but not set in conf file
  '$CONF'.
- Setting TARGET_USER or TARGET_PASS or the corresponding values in TARGET url 
- are missing. Some protocols only might need it for write access to the backup 
+ Setting TARGET_USER or TARGET_PASS or the corresponding values in TARGET url
+ are missing. Some protocols only might need it for write access to the backup
  repository (commands: bkp,backup,full,incr,purge) but not for read only access
- (e.g. verify,list,restore,fetch). 
- 
+ (e.g. verify,list,restore,fetch).
+
  Hints:
    Add the credentials (user,password) to the conf file.
    To force an empty password set TARGET_PASS='' or TARGET='prot://user:@host..'.
@@ -1717,18 +1717,18 @@ fi
 if gpg_disabled; then
   : # encryption disabled, all is well
 elif [ -z "${GPG_KEY}${GPG_KEYS_ENC}${GPG_KEY_SIGN}" ] && ! var_isset 'GPG_PW'; then
-  warning "GPG_KEY, GPG_KEYS_ENC, GPG_KEY_SIGN and GPG_PW are empty/not set in conf file 
+  warning "GPG_KEY, GPG_KEYS_ENC, GPG_KEY_SIGN and GPG_PW are empty/not set in conf file
 '$CONF'.
 Will disable encryption for duplicity now.
 
-Hint: 
- If you really want to use _no_ encryption you can disable this warning by 
+Hint:
+ If you really want to use _no_ encryption you can disable this warning by
  setting GPG_KEY='disabled' in conf file."
   GPG_KEY='disabled'
 fi
 
 # GPG availability check (now we know if gpg is really needed)#################
-if ! gpg_disabled; then 
+if ! gpg_disabled; then
 	GPG="$(which gpg 2>/dev/null)"
 	[ -z "$GPG" ] && error_path "gpg missing. installed und available in path?"
 fi
@@ -1743,8 +1743,8 @@ if gpg_disabled; then
 else
 
 # key set?
-if [ "$GPG_KEY" == "${DEFAULT_GPG_KEY}" ]; then 
-  error_gpg "Encryption Key GPG_KEY still default in conf file 
+if [ "$GPG_KEY" == "${DEFAULT_GPG_KEY}" ]; then
+  error_gpg "Encryption Key GPG_KEY still default in conf file
 '$CONF'."
 fi
 
@@ -1775,7 +1775,7 @@ elif ! var_isset 'GPG_KEY_SIGN'; then
   if [ -z "${KEY_ID}" ]; then
     echo "Signing disabled. Not GPG_KEY entries in config."
     GPG_KEY_SIGN='disabled'
-  else  
+  else
     # use avail OR try import OR fail
     if gpg_sec_avail "${KEY_ID}"; then
       GPG_KEY_SIGN="${KEY_ID}"
@@ -1805,12 +1805,12 @@ else
   fi
 fi
 
-# pw set? 
+# pw set?
 # symmetric needs one, always
 if gpg_symmetric && ( [ -z "$GPG_PW" ] || [ "$GPG_PW" == "${DEFAULT_GPG_PW}" ] ) \
   ; then
-  error_gpg "Encryption passphrase GPG_PW (needed for symmetric encryption) 
-is empty/not set or still default value in conf file 
+  error_gpg "Encryption passphrase GPG_PW (needed for symmetric encryption)
+is empty/not set or still default value in conf file
 '$CONF'."
 fi
 # this is a technicality, we can only pump one pass via pipe into gpg
@@ -1819,7 +1819,7 @@ if gpg_symmetric && var_isset GPG_PW && var_isset GPG_PW_SIGN &&\
   [ -n "$GPG_PW_SIGN" ] && [ "$GPG_PW" != "$GPG_PW_SIGN" ]; then
   error_gpg "GPG_PW _and_ GPG_PW_SIGN are defined but not identical in config
 '$CONF'.
-This is unfortunately impossible. For details see duplicity manpage, 
+This is unfortunately impossible. For details see duplicity manpage,
 section 'A Note On Symmetric Encryption And Signing'.
 
 Tip: Separate signing keys may have empty passwords e.g. GPG_PW_SIGN=''.
@@ -1843,7 +1843,7 @@ if ! gpg_symmetric && \
   fi
 fi
 
-# end GPG config plausibility check2 
+# end GPG config plausibility check2
 fi
 
 # config plausibility check - SPACE ###########################################
@@ -1853,7 +1853,7 @@ CMD_MSG="Checking TEMP_DIR '${TEMP_DIR}' is a folder"
 run_cmd test -d "$TEMP_DIR"
 if [ "$?" != "0" ]; then
     error "Temporary file space '$TEMP_DIR' is not a directory."
-fi    
+fi
 # is tmp writeable
 CMD_MSG="Checking TEMP_DIR '${TEMP_DIR}' is writable"
 run_cmd test -w "$TEMP_DIR"
@@ -1868,7 +1868,7 @@ VOLSIZE=${VOLSIZE:-25}
 echo $@ $DUPL_PARAMS | grep -q -e '--asynchronous-upload' && FACTOR=2 || FACTOR=1
 
 # TODO: check for enough (async= upload space and WARN only
-#       use function tmp_space 
+#       use function tmp_space
 echo TODO: reimplent tmp space check
 
 
@@ -1876,12 +1876,12 @@ echo TODO: reimplent tmp space check
 # if encryption is disabled, skip this whole section
 if gpg_disabled; then
   echo -e "Test - En/Decryption skipped. (GPG disabled)"
-elif [ "$GPG_TEST" = "disabled" ]; then 
+elif [ "$GPG_TEST" = "disabled" ]; then
   echo -e "Test - En/Decryption skipped. (Testing disabled)"
 else
 
 GPG_TEST="$TEMP_DIR/${ME_NAME}.$$.$(date_fix %s)"
-function cleanup_gpgtest { 
+function cleanup_gpgtest {
   echo -en "Cleanup - Delete '${GPG_TEST}_*'"
   rm ${GPG_TEST}_* 2>/dev/null && echo "(OK)" || echo "(FAILED)"
 }
@@ -1903,7 +1903,7 @@ if [ ${#GPG_KEYS_ENC_ARRAY[@]} -gt 0 ]; then
   run_cmd $(gpg_pass_pipein GPG_PW_SIGN GPG_PW) $GPG $CMD_PARAM_SIGN $(gpg_param_passwd GPG_PW_SIGN GPG_PW) $CMD_PARAMS $GPG_USEAGENT --status-fd 1 $GPG_OPTS -o "${GPG_TEST}_ENC" -e "$ME_LONG"
   CMD_ERR=$?
 
-  if [ "$CMD_ERR" != "0" ]; then 
+  if [ "$CMD_ERR" != "0" ]; then
     KEY_NOTRUST=$(echo "$CMD_OUT"|awk '/^\[GNUPG:\] INV_RECP 10/ { print $4 }')
     [ -n "$KEY_NOTRUST" ] && HINT="Key '${KEY_NOTRUST}' seems to be untrusted. If you really trust this key try to
   'gpg --edit-key "$KEY_NOTRUST"' and raise the trust level to ultimate. If you
@@ -1917,7 +1917,7 @@ if [ ${#GPG_KEYS_ENC_ARRAY[@]} -gt 0 ]; then
   run_cmd $(gpg_pass_pipein GPG_PW) "$GPG" $(gpg_param_passwd GPG_PW) $GPG_OPTS -o "${GPG_TEST}_DEC" $GPG_USEAGENT -d "${GPG_TEST}_ENC"
   CMD_ERR=$?
 
-  if [ "$CMD_ERR" != "0" ]; then 
+  if [ "$CMD_ERR" != "0" ]; then
     error_gpg_test "Decryption failed.${CMD_OUT:+\n$CMD_OUT}"
   fi
 
@@ -1927,7 +1927,7 @@ else
   CMD_MSG="Test - Encryption with passphrase${CMD_MSG_SIGN:+ & $CMD_MSG_SIGN}"
   run_cmd $(gpg_pass_pipein GPG_PW) "$GPG" $GPG_OPTS $CMD_PARAM_SIGN --passphrase-fd 0 -o "${GPG_TEST}_ENC" --batch -c "$ME_LONG"
   CMD_ERR=$?
-  if [ "$CMD_ERR" != "0" ]; then 
+  if [ "$CMD_ERR" != "0" ]; then
     error_gpg_test "Encryption failed.${CMD_OUT:+\n$CMD_OUT}"
   fi
 
@@ -1935,7 +1935,7 @@ else
   CMD_MSG="Test - Decryption with passphrase"
   run_cmd $(gpg_pass_pipein GPG_PW) "$GPG" $GPG_OPTS --passphrase-fd 0 -o "${GPG_TEST}_DEC" --batch -d "${GPG_TEST}_ENC"
   CMD_ERR=$?
-  if [ "$CMD_ERR" != "0" ]; then 
+  if [ "$CMD_ERR" != "0" ]; then
     error_gpg_test "Decryption failed.${CMD_OUT:+\n$CMD_OUT}"
   fi
 fi
@@ -1945,7 +1945,7 @@ CMD_MSG="Test - Compare"
 [ -r "${GPG_TEST}_DEC" ] || CMD_DISABLED="File not found. Nothing to compare."
 run_cmd "test \"\$(cat '$ME_LONG')\" = \"\$(cat '${GPG_TEST}_DEC')\""
 CMD_ERR=$?
-if [ "$CMD_ERR" = "0" ]; then 
+if [ "$CMD_ERR" = "0" ]; then
   cleanup_gpgtest
 else
   error_gpg_test "Comparision failed.${CMD_OUT:+\n$CMD_OUT}"
@@ -1969,7 +1969,7 @@ gpg_export_if_needed "${GPG_KEYS_ENC_ARRAY[@]}" "$(gpg_signing && echo $GPG_KEY_
 var_isset 'TARGET_URL_USER' && TARGET_URL_USER="$(url_decode "$TARGET_URL_USER")"
 var_isset 'TARGET_URL_PASS' && TARGET_URL_PASS="$(url_decode "$TARGET_URL_PASS")"
 
-# defined TARGET_USER&PASS vars replace their URL pendants 
+# defined TARGET_USER&PASS vars replace their URL pendants
 # (double defs already dealt with)
 var_isset 'TARGET_USER' && TARGET_URL_USER="$TARGET_USER"
 var_isset 'TARGET_PASS' && TARGET_URL_PASS="$TARGET_PASS"
@@ -2017,6 +2017,8 @@ case "$(tolower "${TARGET_URL_PROT%%:*}")" in
      ( var_isset 'TARGET_URL_USER' && ! var_isset 'SWIFT_AUTHURL' ) &&\
        warning "\
 Swift will probably fail because the conf var SWIFT_AUTHURL was not defined!"
+     var_isset 'SWIFT_TENANTNAME' && \
+       BACKEND_PARAMS="$BACKEND_PARAMS SWIFT_TENANTNAME=$(qw "${SWIFT_TENANTNAME}")"
      var_isset 'SWIFT_AUTHVERSION' && \
        BACKEND_PARAMS="$BACKEND_PARAMS SWIFT_AUTHVERSION=$(qw "${SWIFT_AUTHVERSION}")"
      var_isset 'TARGET_URL_PASS' && \
@@ -2029,8 +2031,8 @@ Swift will probably fail because the conf var SWIFT_AUTHURL was not defined!"
     var_isset 'TARGET_URL_USER' && BACKEND_CREDS="$(url_encode "${TARGET_URL_USER}")"
     if duplicity_version_lt 610; then
       warning "\
-Duplicity version '$DUPL_VERSION' does not support providing the password as 
-env var for rsync backend. For security reasons you should consider to 
+Duplicity version '$DUPL_VERSION' does not support providing the password as
+env var for rsync backend. For security reasons you should consider to
 update to a version greater than '0.6.10' of duplicity."
       var_isset 'TARGET_URL_PASS' && BACKEND_CREDS="${BACKEND_CREDS}:$(url_encode "${TARGET_URL_PASS}")"
     else
@@ -2040,9 +2042,9 @@ update to a version greater than '0.6.10' of duplicity."
     BACKEND_URL="${TARGET_URL_PROT}${BACKEND_CREDS}${TARGET_URL_HOSTPATH}"
     ;;
   *)
-    # for all other protocols we put username in url and pass into env var 
+    # for all other protocols we put username in url and pass into env var
     # for sec˙rity reasons, we url_encode username to protect special chars
-    var_isset 'TARGET_URL_USER' && 
+    var_isset 'TARGET_URL_USER' &&
       BACKEND_CREDS="$(url_encode "${TARGET_URL_USER}")@"
     # sortout backends with special ways to handle password
     case "$(tolower "${TARGET_URL_PROT%%:*}")" in
@@ -2065,7 +2067,7 @@ update to a version greater than '0.6.10' of duplicity."
     ;;
 esac
 
-# protect eval from special chars in url (e.g. open ')' in password, 
+# protect eval from special chars in url (e.g. open ')' in password,
 # spaces in path, quotes) happens above in duplify() via quotewrap()
 SOURCE="$SOURCE"
 BACKEND_URL="$BACKEND_URL"
@@ -2154,10 +2156,10 @@ case "$(tolower $cmd)" in
     ;;
   'verifypath')
     TIME="${ftpl_pars[2]:+"-t ${ftpl_pars[2]}"}"
-    IN_PATH="${ftpl_pars[0]}"; OUT_PATH="${ftpl_pars[1]}"; 
+    IN_PATH="${ftpl_pars[0]}"; OUT_PATH="${ftpl_pars[1]}";
     ( [ -z "$IN_PATH" ] || [ -z "$OUT_PATH" ] ) && error "  Missing parameter <rel_bkp_path> or <local_path> for verifyPath.
-  
-  Hint: 
+
+  Hint:
     Syntax is -> $ME <profile> verifyPath <rel_bkp_path> <local_path> [<age>]"
 
     duplify verify -- $TIME "${dupl_opts[@]}" --exclude-globbing-filelist "$EXCLUDE" \
@@ -2174,49 +2176,48 @@ case "$(tolower $cmd)" in
   'purge')
     MAX_AGE=${ftpl_pars[0]:-$MAX_AGE}
     [ -z "$MAX_AGE" ] && error "  Missing parameter <max_age>. Can be set in profile or as command line parameter."
-    
+
     duplify remove-older-than "${MAX_AGE}" \
           -- "${dupl_opts[@]}" "$BACKEND_URL"
     ;;
   'purgefull')
     MAX_FULL_BACKUPS=${ftpl_pars[0]:-$MAX_FULL_BACKUPS}
     [ -z "$MAX_FULL_BACKUPS" ] && error "  Missing parameter <max_full_backups>. Can be set in profile or as command line parameter."
-  
+
     duplify remove-all-but-n-full "${MAX_FULL_BACKUPS}" \
           -- "${dupl_opts[@]}" "$BACKEND_URL"
     ;;
   'purgeincr')
     MAX_FULLS_WITH_INCRS=${ftpl_pars[0]:-$MAX_FULLS_WITH_INCRS}
     [ -z "$MAX_FULLS_WITH_INCRS" ] && error "  Missing parameter <max_fulls_with_incrs>. Can be set in profile or as command line parameter."
-  
+
     duplify remove-all-inc-of-but-n-full "${MAX_FULLS_WITH_INCRS}" \
           -- "${dupl_opts[@]}" "$BACKEND_URL"
     ;;
   'restore')
     OUT_PATH="${ftpl_pars[0]:-$SOURCE}"; TIME="${ftpl_pars[1]:-now}";
     [ -z "$OUT_PATH" ] && error "  Missing parameter target_path for restore.
-  
-  Hint: 
+
+  Hint:
     Syntax is -> $ME <profile> restore <target_path> [<age>]"
-    
-    duplify  -- -t "$TIME" "${dupl_opts[@]}" "$BACKEND_URL" "$OUT_PATH"
-    run_script $CONFDIR/restore;
+
+    duplify  -- -t "$TIME" "${dupl_opts[@]}" "$BACKEND_URL" "$OUT_PATH" && run_script $CONFDIR/restore;
     ;;
   'fetch')
-    IN_PATH="${ftpl_pars[0]}"; OUT_PATH="${ftpl_pars[1]}"; 
+    IN_PATH="${ftpl_pars[0]}"; OUT_PATH="${ftpl_pars[1]}";
     TIME="${ftpl_pars[2]:-now}";
     ( [ -z "$IN_PATH" ] || [ -z "$OUT_PATH" ] ) && error "  Missing parameter <src_path> or <target_path> for fetch.
-  
-  Hint: 
+
+  Hint:
     Syntax is -> $ME <profile> fetch <src_path> <target_path> [<age>]"
-    
+
     # duplicity 0.4.7 doesnt like cmd restore in combination with --file-to-restore
     duplify -- --restore-time "$TIME" "${dupl_opts[@]}" \
               --file-to-restore "$IN_PATH" "$BACKEND_URL" "$OUT_PATH"
     ;;
   'status')
     duplify collection-status -- "${dupl_opts[@]}" "$BACKEND_URL"
-    ;;    
+    ;;
   *)
     warning "Unknown command '$cmd'."
     ;;