Off-site Backup with Borg: Difference between revisions

From Run Your Own
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
A very quick&dirty run-down how to use Borg for daily offsite backups (non-sql). Situation: '''local''' is the macine that needs to be backed up, '''HOST''' is the machine where backups will be stored.  
A quick&dirty run-down how to use Borg for daily offsite backups (non-sql). Situation: '''local''' is the machine that needs to be backed up, '''HOST''' is the machine where backups will be stored.  


* HOST - remote storage for backups
* HOST - remote storage for backups
Line 15: Line 15:
* on local: export key like: <pre>borg key export USER@HOST:DIRECTORY borg.key</pre>
* on local: export key like: <pre>borg key export USER@HOST:DIRECTORY borg.key</pre>
* on local: hide key in a safe place & remember passphrase & shred borg.key
* on local: hide key in a safe place & remember passphrase & shred borg.key
* on local: install sendemail for mail reporting (''apt-get install sendemail'')


- modify & use the script (eg. by adding it into crontab):  
- modify & use the script (eg. by adding it into crontab):  
Line 30: Line 31:
#
#
##########################################################################################
##########################################################################################
# mail reporting parameters
SERVER=""
PORT=""
USER="r"
PASS=""
FROM=""
TO=""


# get into the environment
# get into the environment
Line 45: Line 53:
info "Starting sys backup"
info "Starting sys backup"
borg create --stats ::'sys_{now}' /etc /root /var/log /usr/local
borg create --stats ::'sys_{now}' /etc /root /var/log /usr/local
sys_create=$?
info "Pruning sys repository"
info "Pruning sys repository"
borg prune --list --prefix 'sys_' --show-rc --keep-daily 7 --keep-weekly 4 --keep-monthly 6
borg prune --list --prefix 'sys_' --show-rc --keep-daily 7 --keep-weekly 4 --keep-monthly 6
sys_prune=$?
sys_exit=$(( sys_create > sys_prune ? sys_create : sys_prune ))


# make a www backup and prune old www backups
# make a www backup and prune old www backups
info "Starting www backup"
info "Starting www backup"
borg create --stats ::'www_{now}' /data/www
borg create --stats ::'www_{now}' /data/www
www_create=$?
info "Pruning www repository"
info "Pruning www repository"
borg prune --list --prefix 'www_' --show-rc --keep-daily 7 --keep-weekly 4 --keep-monthly 6
borg prune --list --prefix 'www_' --show-rc --keep-daily 7 --keep-weekly 4 --keep-monthly 6
www_prune=$?


# make a git backup and prune old git backups
# make a git backup and prune old git backups
info "Starting git backup"
info "Starting git backup"
borg create --stats ::'git_{now}' /data/git
borg create --stats ::'git_{now}' /data/git
git_create=$?
info "Pruning git repository"
info "Pruning git repository"
borg prune --list --prefix 'git_' --show-rc --keep-daily 7 --keep-weekly 4 --keep-monthly 6
borg prune --list --prefix 'git_' --show-rc --keep-daily 7 --keep-weekly 4 --keep-monthly 6
git_prune=$?
# handle errors and report
# we can also do it like ''$sys_exit -gt 1'' in case we get warnings about changed files that we don't care about reporting
if [ $sys_exit -gt 0 ] || [ $www_exit -gt 0 ] || [ $git_exit -gt 0 ]; then
        message="sys_exit: $sys_exit\nwww_exit: $www_exit\ngit_exit: $git_exit"
        sendemail -o tls=yes -s $SERVER:$PORT -xu $USER -xp $PASS -f $FROM -t $TO -u "Warning: Borg backup might have failed" -m "$message"
        global_exit=1
fi
# exit through trap
exit ${global_exit}
</pre>
</pre>


[[Category:System]]
[[Category:System]]

Revision as of 10:44, 6 April 2020

A quick&dirty run-down how to use Borg for daily offsite backups (non-sql). Situation: local is the machine that needs to be backed up, HOST is the machine where backups will be stored.

  • HOST - remote storage for backups
  • USER - remote user
  • DIRECTORY - remote directory containing backups

We assume Borg is installed on HOST already.

  • setup USER @ HOST (on local: ssh-keygen -t ed25519 -b 320, on HOST: useradd USER, add key to authorized_keys, etc etc)
  • create DIRECTORY at HOST and make it writable by USER
  • on local: compile borg like: https://borgbackup.readthedocs.io/en/stable/installation.html#git-installation
  • the above needs some additional packages but u'll figure that out
  • on local: enter borg env like
    source /root/src/borg-env/bin/activate
  • on local: init repository like
    borg init --encryption=keyfile-blake2 USER@HOST:DIRECTORY (provide passphrase)
  • on local: export key like:
    borg key export USER@HOST:DIRECTORY borg.key
  • on local: hide key in a safe place & remember passphrase & shred borg.key
  • on local: install sendemail for mail reporting (apt-get install sendemail)

- modify & use the script (eg. by adding it into crontab):

#!/bin/bash
#
# Borg automated backups
# Based on: https://borgbackup.readthedocs.io/en/stable/quickstart.html#automating-backups
# .. but not so fancy, lel
#
# This will backup to HOST into DIRECTORY
#   ::sys is a repository for system backup (/etc /root /var/log /usr/local)
#   ::www is a repository for www backup (/data/www)
#   ::git is a repository for git backup (/data/git)
#
##########################################################################################
# mail reporting parameters
SERVER=""
PORT=""
USER="r"
PASS=""
FROM=""
TO=""

# get into the environment
source /root/src/borg-env/bin/activate

# set some variables
export BORG_REPO=USER@HOST:DIRECTORY
export BORG_PASSPHRASE='PASSPHRASE'

# some helpers and error handling
info() { printf "\n%s %s\n\n" "$( date )" "$*" >&2; }
trap 'echo $( date ) Backup interrupted >&2; exit 2' INT TERM

# make a sys backup and prune old sys backups
info "Starting sys backup"
borg create --stats ::'sys_{now}' /etc /root /var/log /usr/local
sys_create=$?
info "Pruning sys repository"
borg prune --list --prefix 'sys_' --show-rc --keep-daily 7 --keep-weekly 4 --keep-monthly 6
sys_prune=$?
sys_exit=$(( sys_create > sys_prune ? sys_create : sys_prune ))

# make a www backup and prune old www backups
info "Starting www backup"
borg create --stats ::'www_{now}' /data/www
www_create=$?
info "Pruning www repository"
borg prune --list --prefix 'www_' --show-rc --keep-daily 7 --keep-weekly 4 --keep-monthly 6
www_prune=$?

# make a git backup and prune old git backups
info "Starting git backup"
borg create --stats ::'git_{now}' /data/git
git_create=$?
info "Pruning git repository"
borg prune --list --prefix 'git_' --show-rc --keep-daily 7 --keep-weekly 4 --keep-monthly 6
git_prune=$?

# handle errors and report
# we can also do it like ''$sys_exit -gt 1'' in case we get warnings about changed files that we don't care about reporting
if [ $sys_exit -gt 0 ] || [ $www_exit -gt 0 ] || [ $git_exit -gt 0 ]; then 
        message="sys_exit: $sys_exit\nwww_exit: $www_exit\ngit_exit: $git_exit"
        sendemail -o tls=yes -s $SERVER:$PORT -xu $USER -xp $PASS -f $FROM -t $TO -u "Warning: Borg backup might have failed" -m "$message"
        global_exit=1
fi

# exit through trap
exit ${global_exit}