Borg in a jail
In this short tutorial we gonna learn how-to install Borg in a jail and use borgmatic on client machine.
Remember to always read the doc if you have a doubt.
The installation in a jail
To be honest, it’s really really easy. Borg is one of the most easy backup tool I saw. Believe me, I made a lot of backups, with scripts, with tar, cpio, based on ZFS snasphot, rsnapshot, NetBackup, etc.
On the host
The host must have some configurations.
fuse kernel module
To load the fuse kernel module your can use the command:
sudo kldload fuse
Or, to make it permanent add the line:
Allow user to mount
We must change the value of the kernel variable
vfs.usermount using the
Or by editing
/etc/sysctl.conf and adding:
The jail definition
Depending of your jail usage
bastille or the old
/etc/jail.conf file, define a new jail. Here my own definition in
Things to do
- configure the firewall;
- configure ssh on the jail (if you want to use a custom port)
Then launch your jail.
On the jail
You must install…
Borg which is a
Once again depending the way you choose to install software (
ports), use it.
pkg instakk py37-borgbackup
Create a user
We’re going to create a user (I choose own name) to receive datas form my laptop.
Then form my laptop I install a
ssh-copy-id ~/.id_ed2519-borg email@example.com
On the laptop
I let you check the connexion to the jail
Borgmatic is not a Borg project but a opensource project with goal to simply
python project to, so you must have
python installed on the source
Simply use our preferred installation method:
sudo pkg install python37 sudo pkg install py37-pip sudo pip3 install --user --upgrade borgmatic
We’re going to stay simple and only backup the HOME DIRECTORY of your user.
borgmatic came with several useful tool, for exemple generated a generic
Once the config file generated it’s time to make some change on it
The configuration file
The configuration use the
yaml syntax, with big section (
Be sure to have two passphase ot complicated password with you and saved in a secure place.
It’s where your backupo will be stored:
First what I want to backup, then where I want to store it.
The main configuration line is encryption_passpharse:
Remember to keep-it secret and with you. If you lose it your backup will not be usable.
This is the part whre you define how many time borg must keep old backups. The default value are the most use.
Thereis is many other configuration possibilities, for exemple,
borg can backup SQL databases (
Time to start
You can check your configuration file with the command
validate-borgmatic-config All given configuration files are valid: /home/jacques/.config/borgmatic/config.yaml
Init the repository
We must initialize the remote borg repository, using the configuration of our local configuration file:
borgmatic init --encryption repokey
Launch our first backup
It could be long, depe nding of the amount of data you have to send, the bandwith you can use, etc… Be patient and remember, you can always launch it in a
borgmatic --verbosity 1
We use verbosity, may be you can use none when launching automaticaly.
Check our backup
We’re gonna list our archives (for now we only have one)
borgmatic --list ✔ firstname.lastname@example.org:/data/laptop.borg: Listing archives laptop-2020-10-10T19:51:14.869552 Sat, 2020-10-10 19:51:16 [73a65edefb8279f2b316dd3ddfdeb89886192fbb841cd2362a738e0b15c942f8]
Well you have to automat your backup, with
Restore a backup
To restore a backup, we use the commande
Find the correct archive and restore it
borgmatic list you can find the correct archive to restore then use:
borgmatic extract --archive laptop-2020-10-10T19:51:14.869552
latest keyword to restore the latest backup
Restore only some files
Simply give the path at the end of the extract command:
borgmatic extract --archive laptop-2020-10-10T19:51:14.869552 --path .gnupg .ssh
One again there is many options, read the doc.
Have a distant backup with
borg is really easy if you have an external server.
You can also use a NAS to store your backup or even a removable disk that you can bring with you when you go out.
A small advice
I use a small 4TB external disk to my backup. When I goes out without my computer, I take the disk with me, and we I goes out with my computer, the backup disk stay at home.