In this tutorial, we've covered automating secure backups with BorgBackup.
BorgBackup, also known as Borg, is a robust deduplicating backup program designed for efficiency and security. It offers advanced features like compression and authenticated encryption, making it an ideal choice for reliable backups. This tutorial provides a comprehensive guide on installing, configuring, and automating BorgBackup on a Linux system.
From initializing a backup repository to scheduling automated backups with cron, you will learn to safeguard your data seamlessly. Additionally, the tutorial covers advanced commands for optimizing backup performance, excluding specific files, and managing encryption keys. By following these detailed steps, you can ensure your data is consistently backed up and easily recoverable.
Prerequisites
- A Linux-based dedicated server or KVM VPS.
- Root user access or normal user with sudo rights.
Automating Secure Backups with BorgBackup
Step 1: Install BorgBackup
First, you need to install BorgBackup on your system.
On Ubuntu:
sudo apt update
sudo apt install borgbackup
On CentOS/AlmaLinux/RHEL:
sudo dnf update -y
sudo dnf install epel-release
sudo dnf install borgbackup
Step 2: Initialize the Backup Repository
Before creating a backup, you need to initialize a repository where the backups will be stored. This can be on a local machine or a remote server.
Local Repository:
borg init --encryption=repokey /path/to/backup/repo
Remote Repository:
borg init --encryption=repokey user@remote.server:/path/to/backup/repo
Explanation:
- borg init: Initializes a new Borg repository.
- --encryption=repokey: Encrypts the backup with a key stored in the repository.
Step 3: Create a Backup
To create a backup, use the borg create command. Here’s an example of backing up your /home directory.
borg create --stats /path/to/backup/repo::backup-{now:%Y-%m-%d} /home
It will ask to Enter passphrase for key write the passphrase you have entered in previous command while initialing borg repository
Explanation:
- borg create: Creates a new backup.
- --stats: Displays statistics about the backup process.
- /path/to/backup/repo::backup-{now:%Y-%m-%d}: Specifies the repository and archive name. {now:%Y-%m-%d} will be replaced with the current date.
- /home: The directory to back up.
Automate Backups with Cron
First, we need to initialize a repository where the backups will be stored. Execute following command:
borg init --encryption none /path/to/backup/repo
Note: We have used --encryption none If we use other encryption, it will not work with crontab. We haven't found any proper guide for other encryption that will work with crontab. Basically, if we use encryption it will ask to enter passphrase. So it will not work in crontab for automatic backup process.
To automate the backup process, we can create a backup bash script and add it in the crontab.
nano backup_files.sh
add following content:
#!/bin/sh
/usr/bin/borg prune -v --list --keep-daily=7 --keep-weekly=4 --keep-monthly=6 /path/to/backup/repo
/usr/bin/borg create --stats /path/to/backup/repo::backup-{now:%Y-%m-%d-%s} /home
save and exit the file.
Explanation:
- borg prune: Prunes old archives in the repository. Basically it removes old backup and take new backup. You can adjust the number of backups.
- --keep-daily=7: Keeps the last 7 daily backups.
- --keep-weekly=4: Keeps the last 4 weekly backups.
- --keep-monthly=6: Keeps the last 6 monthly backups.
Make the bash script excutatable using following command:
chmod +x backup_files.sh
Open the crontab editor:
crontab -e
Add a cron job to run the backup daily at 2 AM:
0 2 * * * /bin/bash /root/backup_files.sh >> /var/log/borgbackup.log 2>&1
Restore from Backup
To restore a backup, use the borg extract command.
borg extract /path/to/backup/repo::backup-YYYY-MM-DD /home
Explanation:
- borg extract: Extracts files from a backup.
- /path/to/backup/repo::backup-YYYY-MM-DD: Specifies the repository and archive to extract from.
- /home: The directory to restore. It must be the same directory path that you took the backup of.
Verify Backups
To verify the integrity of your backups, use the borg check command.
borg list /path/to/backup/repo
Advanced commands
Following are the some advanced command of BorgBackup.
1. Compression Options
BorgBackup supports various compression algorithms. You can specify the compression algorithm and level when creating a backup.
borg create --compression lz4 /path/to/backup/repo::backup-{now:%Y-%m-%d} /home
Compression Types:
- none: No compression.
- lz4: Fast compression (default).
- zlib: Standard compression (can specify levels 0-9).
- lzma: High compression (can specify levels 0-9).
Example with high compression:
borg create --compression lzma,9 /path/to/backup/repo::backup-{now:%Y-%m-%d} /home
2. Exclude Patterns
You can exclude specific files or directories from your backups using patterns.
borg create --exclude '/home/*/.cache' --exclude '/home/*/Downloads' /path/to/backup/repo::backup-{now:%Y-%m-%d} /home
Explanation:
- --exclude '/home/*/.cache': Excludes all .cache directories in any user's home directory.
- --exclude '/home/*/Downloads': Excludes all Downloads directories in any user's home directory.
3. Predefined Exclude Patterns
Borg has predefined exclude patterns you can use.
borg create --exclude-caches --exclude-if-present '.nobackup' /path/to/backup/repo::backup-{now:%Y-%m-%d} /home
Explanation:
- --exclude-caches: Excludes directories with a CACHEDIR.TAG file.
- --exclude-if-present '.nobackup': Excludes directories containing a file named .nobackup.
4. Partial Backups
You can use the --list and --filter options to perform partial backups.
borg create --list --filter=AM /path/to/backup/repo::backup-{now:%Y-%m-%d} /home
Explanation:
- --list: Lists all files and directories processed.
- --filter=AM: Includes only files that are new or modified since the last backup.
5. Encryption Options
Borg supports different encryption modes.
borg init --encryption=keyfile /path/to/backup/repo
Encryption Modes:
- none: No encryption.
- repokey: Encrypts using a key stored in the repository.
- keyfile: Encrypts using a key stored in a separate key file.
6. Mounting a Repository
You can mount a Borg repository as a filesystem to access files directly.
borg mount /path/to/backup/repo::backup-YYYY-MM-DD /mnt
Explanation:
- borg mount: Mounts the specified archive.
- /mnt: The mount point where the archive will be accessible.
7. Archive Deletion
To delete specific archives from a repository, use the borg delete command.
borg delete /path/to/backup/repo::backup-YYYY-MM-DD
Explanation:
- borg delete: Deletes the specified archive.
8. Renaming Archives
You can rename an archive within a repository.
borg rename /path/to/backup/repo::backup-YYYY-MM-DD /path/to/backup/repo::new-backup-name
Explanation:
- borg rename: Renames the specified archive.
9. Compacting a Repository
To compact and free up space in a repository, use the borg compact command.
borg compact /path/to/backup/repo
Explanation:
- borg compact: Compacts the repository to reclaim space.
10. Creating a Keyfile
To create a new keyfile for encryption, use the borg key export command.
borg key export /path/to/backup/repo /path/to/keyfile
Explanation:
- borg key export: Exports the encryption key to a specified file.
11. Importing a Keyfile
To import a keyfile for encryption, use the borg key import command.
borg key import /path/to/backup/repo /path/to/keyfile
Explanation:
- borg key import: Imports the encryption key from a specified file.
12. Monitoring Progress
You can monitor the progress of a backup operation.
borg create --progress /path/to/backup/repo::backup-{now:%Y-%m-%d} /home
Explanation:
- --progress: Shows the progress of the backup operation.
13. Benchmarking
To benchmark your system for backup performance, use the borg benchmark command.
borg benchmark crud /path/to/backup/repo
Explanation:
- borg benchmark crud: Benchmarks create, read, update, and delete operations on the repository.
These advanced commands and options allow you to tailor BorgBackup to your specific needs, providing flexibility and efficiency for your backup strategies. If you are confused about any command or need further explaination, visit official BorgBackup documentation. We have not performed all the advanced commands. Refer the offical documentation for more information.
Summary
In this tutorial, you learned how to install BorgBackup, create and automate backups, prune old backups, restore files, and verify backups. With these steps, you can ensure your data is securely backed up and easily recoverable.
For more detailed information, you can refer to the BorgBackup documentation.
If you have any specific configurations or use cases in mind, feel free to ask!
