BORG Backup | local and remote backup | Part 1/2
BORG Backup and the backup of local and remote SERVERN/PCs, where the main part is on the backup of remote systems.
BORG Backup is also available for WINDOWS 😁 but here we are talking about the Linux version, which can only be used in the terminal (CLI). What is the reason for this ? BORG Backup would run under WIDOWS in WSL (WINDOWS subsystem for Linux). In plain text this means that you set up the WSL under WINDOWS and then install BORG Backup in the Linux subsystem. So we have the same usage under WINDOWS as under Linux.
We will only touch on the creation of users and their SSH keys, that is described in detail in the articles OpenSSH with key login and OpenSSH Keys, these tools make it easier. But if you follow the video, you can follow the setup.
Video part: 1/2
BORG Backup preparation and local backup
Language: 🇩🇪
Subtitles: 🇩🇪🇬🇧
Installing BORG Backup
You install on the PC you want to backup with, in this example it is Linux Mint.
sudo apt install borgbackup
Backup User – My Computer
On the PC that runs the backup, this case continues Linux.
sudo adduser borgback --home /home/borgback
The requested information can, but does not have to be entered. Password is required as always.
Add users to groups
sudo useradd -G _ssh,adm,crontab,sambashare,sudo,plugdev borgback
Check user
You can now change and check the user in the command prompt with “su -l”.
su -l borgback
[Password input]
Login as backup user
We could now continue in the terminal, but do it under a normal login, in the desktop. But we log in with the new user “borgback” as normal, it is a bit easier.
The SSH Key
Create SSK Key with
ssh-keygen -t ed25519
In any case, assign a “passphrase”, i.e. a password for the key to prevent misuse.
Backup User – SERVER to be backed up
In our example this is WINDOWS 11
Settings -> Users -> Other users -> Add user
At the first query select: “I don’t have the login information of this person”.
At the second prompt select: “Continue without Microsoft account”.
User name and password are the same as in the Linux login. So that the same user exists on both computers.
The 3 secret questions of WINDOWS, now choose and type something. It is only a local user, the password can be changed at any time or delete the user.
SSH User / Key
The installation of “Open SSH” and the SSH keys is explained in detail in the video OpenSSH with key login. Here it would go beyond the scope, we only add the “Public Key” to the SERVER configuration in the file C:\ProgramData\ssh\administrators_authorized_keys. Since there are already keys in the file we have to add the key.
Return to your Linux console and make sure you are logged in as the “backup user”.
If the SSH key is not yet stored on the SERVER you can also do this with:
ssh-copy-id -i ~/.ssh/id_ed25519.pub user@server
Note that you change “user” to your user name and “server” to the IP address of the computer you want to secure.
Please pay attention to what you are asked to enter “user’s password” or “key’s passphrase”.
Finally we add the SSH key to the keybunt, so we don’t have to enter it again.
ssh-add
Confirm the addition of the key by entering the “passphrase”.
Creating a repository
I will first walk you through the process of creating a local repository using Borg. Once we have that, we’ll create the remote repository.
We’ll create a repository that uses an encryption key (because … security!). I use as “repository directory” here “/backop-local” you can of course adapt this to your needs, and you always have to adapt the repository directory to your directory. The command to create a local repository looks like this:
Initiate the repository
sudo borg init --encryption=repokey /backup-local
Again, we assign a “passphrase” to secure the backup.
Run a test backup
sudo borg create /backup-local::Test ~/Schreibtisch ~/Dokumente
To access a backup we always need the “passphrase” and the “key” which you can specify with the command
sudo borg key export /backup-local >repro-key.txt
You can now open the file repro-key.txt with
Nano repro-key.txt
Call. Secure the file, best you move the file, in a suitable directory so that it is safe tidy. Make sure that you keep the key and passphrase safe – no access for other people.
The script “backup-local.sh
With this script you can run your local backup, and it does the deletion of old backups and the cleanup at the same time.
The two places you have to adjust to your configuration are marked in bold.
#!/bin/sh
# Einfaches BORG Backup script.sh
# by Michael Klissner, www.klissner.uk
# Parameter
REPOSITORY=‚/Dein/Backup/Verzeichnis‘
# Wenn Sie dies einstellen, muss das Projektarchiv nicht auf der
# Kommandozeile angegeben werden:
export BORG_REPO=$REPOSITORY
# Weitere Informationen finden Sie im Abschnitt Hinweise zur Passphrase
# Wenn Du as einstellst wird der Passphrase nicht in der
# Kommandozeile eingegeben werden
export BORG_PASSPHRASE=‚PassphraseFürDeinBackup'
echo Repro : $REPOSITORY
echo Date : $(date)
echo -------------------------------------------------------------
echo "#### beginne backup : $(date) ####"
borg create \
--verbose \
--info \
--stats \
--filter AME \
--show-rc \
--compression lz4 \
--exclude-caches \
--exclude '/home/*/.cache/*' \
--exclude '/home/*/VirtualBox VMs' \
--exclude '/var/tmp/*' \
$REPOSITORY::'{hostname}_{now:%Y-%m-%d_%H-%M}' \
/home \
/etc \
/root \
/var
echo "#### Backup beendet : $(date) ####"
## Mit den keep Optionen werden die sieben letzten täglichen Backups,
## eins aus den jeweiligen letzten vier Wochen und eins der letzten sechs
## Monate behalten
echo "#### beginne pruning: $(date) ####"
borg prune -v $REPOSITORY \
--list \
--glob-archives '{hostname}_*' \
--show-rc \
--keep-daily=7 \
--keep-weekly=4 \
--keep-monthly=6
echo "#### pruning beendet: $(date) ####"
echo "#### beginne compact: $(date) ####"
borg compact
echo "#### compact beendet: $(date) ####"
echo "-------------------------------------------------------------"
echo "#### backup beendet: $(date) ####"
All details about the script file, what you have to adjust, what you have to pay attention to etc. can be found in the video, in the back third.
So, the video is now already 41 minutes long. We finish this first part and I will add a second part “Remote Backup”. I have decided now, I think that makes it easier and clearer.
Link to support / donation for the channel
PayPal Link
Bank transfer, Bitcoin and Lightning
#BORG #Backup #BorgBackup #Linux #WSL #WINDOWSsubsystemForLinux #PullBackup #RemoteBackup #BORGbackupScript #BORGpullBackup #BORGremoteBackup #SSHfs #SSHfsBackup #SSHfsBORG #SSHfsBORGBackup