Join our Telegram: @serverrental_wiki | BTC Analysis | Trading Signals | Telegraph
Setting Up BorgBackup
Setting Up BorgBackup
BorgBackup (or simply Borg) is a powerful, efficient, and secure backup program. It features deduplication, compression, and authenticated encryption. This guide will walk you through installing and automating BorgBackup on your Linux server, ensuring your data is safely backed up.
Introduction
In today's digital landscape, robust backup solutions are paramount. Losing critical data can have severe consequences, from financial losses to reputational damage. BorgBackup offers an excellent solution for both individual users and system administrators looking for a reliable and space-efficient backup system. Its deduplication capabilities mean that only changed parts of files are stored, significantly reducing storage requirements over time.
For reliable server hosting that gives you the control needed for advanced backup solutions, consider dedicated servers from PowerVPS. With full root access, you can configure BorgBackup precisely to your needs.
Prerequisites
Before you begin, ensure you have the following:
- A Linux server with SSH access and root privileges.
- Basic understanding of the Linux command line.
- Sufficient disk space on a separate storage location (e.g., another server, network-attached storage, or cloud storage) for your backups.
- SSH access configured for the backup destination (if backing up to a remote server).
Installation
BorgBackup is available in the repositories of most major Linux distributions.
On Debian/Ubuntu
sudo apt update sudo apt install borgbackup
On CentOS/RHEL/Fedora
sudo yum install epel-release sudo yum install borgbackup
Or using `dnf`:
sudo dnf install borgbackup
On Arch Linux
sudo pacman -Syu borgbackup
Initializing a Borg Repository
A Borg repository is where your backups will be stored. You can create a local repository or a remote one over SSH.
Local Repository
1. Choose a directory for your repository. This should ideally be on a separate disk or partition to prevent data loss in case of a drive failure.
sudo mkdir /mnt/backup_drive/borg_repo
2. Initialize the repository. You'll be prompted to set a passphrase for encryption. Keep this passphrase safe! Losing it means losing access to your backups.
borg init --encryption=repokey /mnt/backup_drive/borg_repo
You will be asked to enter and confirm your passphrase.
Remote Repository (over SSH)
This is the recommended approach for most users, as it separates backups from the primary server.
1. Ensure you have SSH access to your backup server. It's highly recommended to use SSH keys for passwordless authentication. Refer to SSH Key Management for details. 2. On the backup server, create a directory for the repository:
sudo mkdir /home/backupuser/borg_repo
sudo chown backupuser:backupuser /home/backupuser/borg_repo
3. On the client server (the one you want to back up), initialize the remote repository. Replace `backupuser` with your username on the backup server and `your_backup_server_ip` with its IP address or hostname.
borg init --encryption=repokey ssh://backupuser@your_backup_server_ip/home/backupuser/borg_repo
You will be prompted to enter the SSH password for `backupuser` (unless you've set up SSH keys) and then asked to set and confirm your Borg encryption passphrase.
Creating Your First Backup
Now that your repository is set up, you can create your first backup archive.
1. Define the directories you want to back up. For example, to back up `/etc` and `/home`:
BORG_REPO=ssh://backupuser@your_backup_server_ip/home/backupuser/borg_repo # Or your local repo path
export BORG_REPO
borg create --stats --progress \
$BORG_REPO::my_first_backup_$(date +%Y-%m-%d_%H-%M-%S) \
/etc \
/home
* `--stats`: Shows statistics about the backup. * `--progress`: Displays a progress bar. * `::my_first_backup_$(date +%Y-%m-%d_%H-%M-%S)`: This is the archive name. Using `date` ensures unique names for each backup. The `::` separates the repository path from the archive name. * `/etc`, `/home`: The source directories to back up.
You will be prompted for your Borg encryption passphrase.
Automating Backups with Cron
To ensure regular backups, you can use `cron`.
1. Create a backup script. For example, `/usr/local/bin/borg_backup.sh`:
#!/bin/bash
# Repository configuration
BORG_REPO="ssh://backupuser@your_backup_server_ip/home/backupuser/borg_repo" # Or your local repo path
export BORG_REPO
# Borg passphrase (use a file for security)
export BORG_PASSPHRASE='your_borg_passphrase' # Replace with your actual passphrase
# Source directories to back up
SOURCE_DIRS="/etc /home /var/www"
# Archive name format
ARCHIVE_NAME="server_backup_$(date +%Y-%m-%d_%H-%M-%S)"
# Backup command
borg create --stats --progress \
$BORG_REPO::$ARCHIVE_NAME \
$SOURCE_DIRS
# Prune old backups (keep last 7 daily, 4 weekly, 6 monthly)
borg prune --stats --list \
$BORG_REPO \
--keep-daily=7 --keep-weekly=4 --keep-monthly=6
# Compact repository (optional, frees up space)
# borg compact $BORG_REPO
echo "Borg backup completed successfully."
2. Make the script executable:
sudo chmod +x /usr/local/bin/borg_backup.sh
3. Add the script to `cron`. Open the crontab for the root user:
sudo crontab -e
4. Add a line to run the script daily at 2 AM:
0 2 * * * /usr/local/bin/borg_backup.sh >> /var/log/borg_backup.log 2>&1
This redirects both standard output and standard error to a log file.
Security Note: Storing the passphrase directly in the script is not ideal. A more secure method is to use a passphrase file. Create a file (e.g., `/etc/borg_passphrase`) with your passphrase, set restrictive permissions (`sudo chmod 600 /etc/borg_passphrase`), and then set `BORG_PASSPHRASE_COMMAND='cat /etc/borg_passphrase'` in your script or environment.
Verifying Backups
Regularly verify that your backups are valid.
Listing Archives
BORG_REPO=ssh://backupuser@your_backup_server_ip/home/backupuser/borg_repo # Or your local repo path export BORG_REPO borg list $BORG_REPO
Listing Contents of an Archive
BORG_REPO=ssh://backupuser@your_backup_server_ip/home/backupuser/borg_repo # Or your local repo path export BORG_REPO borg list $BORG_REPO::my_first_backup_2023-10-27_10-00-00 # Replace with your archive name
Checking Repository Integrity
BORG_REPO=ssh://backupuser@your_backup_server_ip/home/backupuser/borg_repo # Or your local repo path export BORG_REPO borg check $BORG_REPO
Restoring Data
Restoring data is straightforward.
1. Create a directory where you want to restore the data:
mkdir /tmp/restore_data
2. Use the `borg extract` command. You can extract specific files or the entire archive.
To extract the entire archive:
BORG_REPO=ssh://backupuser@your_backup_server_ip/home/backupuser/borg_repo # Or your local repo path
export BORG_REPO
borg extract --progress $BORG_REPO::my_first_backup_2023-10-27_10-00-00 # Replace with your archive name
This will extract the contents into the current directory. To extract to a specific location, change directory first:
cd /tmp/restore_data
borg extract --progress $BORG_REPO::my_first_backup_2023-10-27_10-00-00
To extract a specific file or directory:
borg extract --progress $BORG_REPO::my_first_backup_2023-10-27_10-00-00 etc/nginx/nginx.conf
Troubleshooting
- Permission Denied (SSH): Ensure your SSH keys are correctly set up and that the `backupuser` has read/write permissions to the repository directory on the backup server.
- Passphrase prompt during cron job: If your cron job is asking for the passphrase, it means `BORG_PASSPHRASE` or `BORG_PASSPHRASE_COMMAND` is not set correctly in the script's environment.
- Disk Full on Backup Destination: Monitor your backup storage. If it fills up, backups will fail. Implement a pruning strategy (`borg prune`) to remove old archives.
- Corrupted Repository: Run `borg check` regularly. If corruption is detected, you may need to restore from a previous healthy backup or investigate the cause.
Further Reading
- SSH Key Management
- BorgBackup Official Documentation: BorgBackup Docs