4.2 KiB
borg-backup
- Install borg on all machines that store data (client1, client2 etc.) and on which data is to be stored (backup-server)
- Borg installed
- Create ssh-key and .ssh directory
- Change the file on backup-server, which before created in
/home/<user>/.ssh/authorized_keysand write following command before the corresponding ssh-key - Create on client a backup directory and a backup.sh file
- Create on backup-server a backup directonary and for each client a folder inside the backup folder
- Create a borg repo for created client folder
- Create a backup
- Restore backup
- Create a crontab as user
- Create a prune-backup.sh file for to automatically manage the created backups.
Borg (previously called Attic) is deduplicating backup software for various Unix-like operating systems.
Install borg on all machines that store data (client1, client2 etc.) and on which data is to be stored (backup-server)
command
yay borgCreate ssh-key and .ssh directory
command
mkdir -p ~/.ssh
ssh-keygenNote: Press 1x enter for save the file in /home/<user>/.ssh/id_rsa, following enter two times the passphrase, which is created before in keepassxc.
cat .ssh/id_rsa.pub
cat .ssh/id_rsa.pub | ssh <user>@<client> "cat >> .ssh/authorized_keys"Note: Do this for all clients which want to save data.
Note: Check on backup-server with cat ~/home/<user>/.ssh/authorized_keys whether the keys have been piped over.
Change the file on backup-server, which before created in /home/<user>/.ssh/authorized_keys and write following command before the corresponding ssh-key
command="borg serve --restrict-to-path /home/<user>/backups/<client> --append-only"Create on client a backup directory and a backup.sh file
mkdir -p backups
touch backup.sh
sudo nano backup.shFor the last command you need root priviliges or sudo. Insert following script into the backup.sh file
#!/bin/bash
DATE=`date +"%Y-%m-%d"`
REPOSITORY="ssh://<user>@<ip-adress>:22/~/backups/<client>"
export BORG_PASSPHRASE="<which is created before> "
borg create $REPOSITORY::$DATE /home/<user>/<path_which_want_to_be_saved> --exclude-cachesMake script executable
chmod +x ./backup.shCreate on backup-server a backup directonary and for each client a folder inside the backup folder
mkdir -p backups/<for_each_client>Note: The name <for_each_client> folder must be the same like the command in the /home/<user>/.ssh/authorized_keys file on the backup-server, which is written before the corresponding ssh-key
Create a borg repo for created client folder
borg init --encryption=repokey backups/<for_each_client>After enter two times the passphrase for each client. Choose yes/no if the passphrase should be displayed.
Create a backup
The following command is listed in path /home/<user>/backups on each client
./backup.shAnswer "yes" to fingerprint. Note: If the backup failed, change the owner/user for the folder, which want to be saved.
chmod -r <folder_which_need_permission>List & mount a backup for each client
borg list /home/<user>/backups/<client>
mkdir mnt
borg mount /home/<user>/backups/<client> mnt/Enter the passphrase.
Restore backup
To restore the backup the borg key and the corresponding passphrase is neccessary. Get the borg key on the backup-server from each client
borg key export /home/<user>/backups/<client> key-export_<client>
cat key-export_<client>
rm key-export_<client> (after copy and saved on a extern hdd)Create a crontab as user
crontab -e
0 2 * * * /home/<user>/backups/backup.shCreate a prune-backup.sh file for to automatically manage the created backups.
#!/bin/bash
# <client>:
export BORG_PASSPHRASE="<which_is_created_before>"
borg prune -v ~/backups/<client> \
--keep-daily=30
--keep-weekly=5
--keep-monthly=12Make script executable
chmod +x prune-backup.sh
./prune-backup.sh