Borgmatic
Borgomatic is a wrapper for borg for simplifying the backup process.
Client side⌗
Install borgmatic:
yay -Syu borgmatic
Configure:
sudo generate-borgmatic-config
sudo nvim /etc/borgmatic/config.yaml
Minimale configuration example:
location:
source_directories:
- /home
- /etc
repositories:
- backup@backup.slaanesh.org:/home/backup/repos/edemaruh
patterns:
- '- /home/*/.cache'
storage:
encryption_passphrase: "azerty"
retention:
keep_daily: 7
keep_weekly: 4
keep_monthly: 1
keep_yearly: 1
Create a ssh key for connecting to the backup server
$ sudo ssh-keygen
$ sudo cat /root/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDNTY8aCs9ZuynjWxzUcxwBa/9BFUoVIjslR9A4Hf74LiY+c6RfoKUbXeHwZ2lsoVtglGHXW307ZGxB42eVEQmEYlmOwLkqATVzqMWD1aVME6wT1tHj/gMtix5Ss+TVfjoXxn9gxwoo3dZW54UutqmcIBv57TvpDRwBrVXAO7fwv6EflPyf2EmvxqRi8GgbhVEb0h3OGk1IfVD1JMIEZuSHZiPv09F7JJaBzgN5NYwa/w+FSYiHtGOPsvspQkjKkOhDNcU7WGT8jwctur6dUenVpiORwHzU5vylACPdjvrxOImzQq+G3/x0OKOYKR3WMJz1/16dseb1MYo6ZflUol+udjdx3HjJ2M7M3sXfMa0Ql+91WU5ynX9VN1Ku+VKPIdXZ4gx+v6i3EMB07NSH83wsU/m0DUaVkrxdgA9d94n5htUZ737efkBal41iCBrzYQhhDRCEGNMMoh7ChLxZeAYCKvdjs9lmG2MqC+pZSbQc2H0avRCEvqDA5sOGSbPBdFE= root@edemaruh.slaanesh.org
Server side⌗
Install borg:
yay -Suy borg
Create a dedicated user account:
sudo useradd -m backup
Restrict autorized commands and paths:
$ sudo cat /home/backup/.ssh/autorized_keys
command="cd /home/backup/repos/edemaruh; borg serve --restrict-to-path /home/backup/repos/edemaruh",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDNTY8aCs9ZuynjWxzUcxwBa/9BFUoVIjslR9A4Hf74LiY+c6RfoKUbXeHwZ2lsoVtglGHXW307ZGxB42eVEQmEYlmOwLkqATVzqMWD1aVME6wT1tHj/gMtix5Ss+TVfjoXxn9gxwoo3dZW54UutqmcIBv57TvpDRwBrVXAO7fwv6EflPyf2EmvxqRi8GgbhVEb0h3OGk1IfVD1JMIEZuSHZiPv09F7JJaBzgN5NYwa/w+FSYiHtGOPsvspQkjKkOhDNcU7WGT8jwctur6dUenVpiORwHzU5vylACPdjvrxOImzQq+G3/x0OKOYKR3WMJz1/16dseb1MYo6ZflUol+udjdx3HjJ2M7M3sXfMa0Ql+91WU5ynX9VN1Ku+VKPIdXZ4gx+v6i3EMB07NSH83wsU/m0DUaVkrxdgA9d94n5htUZ737efkBal41iCBrzYQhhDRCEGNMMoh7ChLxZeAYCKvdjs9lmG2MqC+pZSbQc2H0avRCEvqDA5sOGSbPBdFE= root@edemaruh.slaanesh.org
Test and run (client side)⌗
Create the repository:
sudo borgmatic init --encryption repokey
Dry run:
sudo borgmatic -n
If it is all ok, enable the timer service:
sudo systemctl enable borgmatic.timer
Read other posts