Borg in a jail
In this short tutorial we gonna learn how-to install Borg in a jail and use borgmatic on client machine.
Remember to always read the doc if you have a doubt.
To be honest, it’s really really easy. Borg is one of the most easy backup tool I saw. Believe me, I made a lot of backups, with scripts, with tar, cpio, based on ZFS snasphot, rsnapshot, NetBackup, etc.
The host must have some configurations.
To load the fuse kernel module your can use the command:
sudo kldload fuse
Or, to make it permanent add the line:
We must change the value of the kernel variable
vfs.usermount using the
Or by editing
/etc/sysctl.conf and adding:
The jail definition
Depending of your jail usage
bastille or the old
/etc/jail.conf file, define a new jail. Here my own definition in
Things to do
- configure the firewall;
- configure ssh on the jail (if you want to use a custom port)
Then launch your jail.
Once again depending the way you choose to install software (
ports), use it.
pkg instakk py37-borgbackup
Create a user
We’re going to create a user (I choose own name) to receive datas form my laptop.
Then form my laptop I install a
ssh-copy-id ~/.id_ed2519-borg email@example.com
On the laptop
Borgmatic is not a Borg project but a opensource project with goal to simply
python project to, so you must have
python installed on the source
Simply use our preferred installation method:
sudo pkg install python37 sudo pkg install py37-pip sudo pip3 install --user --upgrade borgmatic
We’re going to stay simple and only backup the HOME DIRECTORY of your user.
borgmatic came with several useful tool, for exemple generated a generic
Once the config file generated it’s time to make some change on it
The configuration use the
yaml syntax, with big section (
It’s where your backupo will be stored:
location: # List of source directories to backup (required). Globs and # tildes are expanded. source_directories: - /usr/home # Paths to local or remote repositories (required). Tildes are # expanded. Multiple repositories are backed up to in # sequence. See ssh_command for SSH options like identity file # or port. repositories: - firstname.lastname@example.org:/data/laptop.borg
First what I want to backup, then where I want to store it.
The main configuration line is encryption_passpharse:
This is the part whre you define how many time borg must keep old backups. The default value are the most use.
Thereis is many other configuration possibilities, for exemple,
borg can backup SQL databases (
You can check your configuration file with the command
validate-borgmatic-config All given configuration files are valid: /home/jacques/.config/borgmatic/config.yaml
We must initialize the remote borg repository, using the configuration of our local configuration file:
borgmatic init --encryption repokey
borgmatic --verbosity 1
We use verbosity, may be you can use none when launching automaticaly.
We’re gonna list our archives (for now we only have one)
borgmatic --list ✔ email@example.com:/data/laptop.borg: Listing archives laptop-2020-10-10T19:51:14.869552 Sat, 2020-10-10 19:51:16 [73a65edefb8279f2b316dd3ddfdeb89886192fbb841cd2362a738e0b15c942f8]
Well you have to automat your backup, with
Restore a backup
borgmatic list you can find the correct archive to restore then use:
borgmatic extract --archive laptop-2020-10-10T19:51:14.869552
Simply give the path at the end of the extract command:
borgmatic extract --archive laptop-2020-10-10T19:51:14.869552 --path .gnupg .ssh
Have a distant backup with
borg is really easy if you have an external server.
You can also use a NAS to store your backup or even a removable disk that you can bring with you when you go out.
I use a small 4TB external disk to my backup. When I goes out without my computer, I take the disk with me, and we I goes out with my computer, the backup disk stay at home.