Borg backup: Difference between revisions
imported>Danbst Created page with "Borg is a backup tool to perform incremental backups, local or remote. <syntaxHighlight lang=bash> $ nix-env -iA nixpkgs.borgbackup </syntaxHighlight> To be able to do remot..." |
Minor grammar corrections |
||
| (9 intermediate revisions by 6 users not shown) | |||
| Line 1: | Line 1: | ||
Borg is a backup | [https://www.borgbackup.org/ BorgBackup] (short: Borg) is a deduplicating incremental backup program for local and remote data. Optionally, it supports compression and authenticated encryption. | ||
This wiki article extends the documentation in the [https://nixos.org/manual/nixos/stable/#module-borgbase NixOS manual]. | |||
It's easier to take the first steps with Borg by using a GUI - information about Vorta may also be found in the [https://nixos.org/manual/nixos/stable/#opt-services-backup-borgbackup-vorta NixOS manual]. | |||
<syntaxHighlight lang=bash> | <syntaxHighlight lang=bash> | ||
| Line 5: | Line 9: | ||
</syntaxHighlight> | </syntaxHighlight> | ||
To be able to do remote backups it should be installed both locally and remotely, but usually no remote configuration required, only local one. | To be able to do remote backups it should be installed both locally and remotely, but usually no remote configuration required, only a local one. | ||
== Creating backups == | == Creating backups == | ||
| Line 54: | Line 58: | ||
encryption.mode = "none"; | encryption.mode = "none"; | ||
environment.BORG_RSH = "ssh -o 'StrictHostKeyChecking=no' -i /home/danbst/.ssh/id_ed25519"; | environment.BORG_RSH = "ssh -o 'StrictHostKeyChecking=no' -i /home/danbst/.ssh/id_ed25519"; | ||
environment.BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK = " | environment.BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK = "yes"; | ||
extraCreateArgs = "--verbose --stats --checkpoint-interval 600"; | extraCreateArgs = "--verbose --stats --checkpoint-interval 600"; | ||
repo = "ssh://user@example.com//media/backup/${name}"; | repo = "ssh://user@example.com//media/backup/${name}"; | ||
| Line 80: | Line 84: | ||
After doing at least one successful backup don't forget to test mount it (see next) | After doing at least one successful backup don't forget to test mount it (see next) | ||
== Notifications when backup fails == | |||
Quite often backups do fail. To perform notifications about this situations, you can setup autonotifier for all NixOS borg jobs. This requires creating a separate module, but can be also done inplace in <code>/etc/nixos/configuration.nix</code> | |||
Note, that example below was for Gnome-shell desktop! For other desktops it may require changes for how to get DBUS session properly! | |||
<syntaxHighlight lang=nix> | |||
{ pkgs, config, lib, ... }: | |||
let | |||
borgbackupMonitor = { config, pkgs, lib, ... }: with lib; { | |||
key = "borgbackupMonitor"; | |||
_file = "borgbackupMonitor"; | |||
config.systemd.services = { | |||
"notify-problems@" = { | |||
enable = true; | |||
serviceConfig.User = "danbst"; | |||
environment.SERVICE = "%i"; | |||
script = '' | |||
export $(cat /proc/$(${pkgs.procps}/bin/pgrep "gnome-session" -u "$USER")/environ |grep -z '^DBUS_SESSION_BUS_ADDRESS=') | |||
${pkgs.libnotify}/bin/notify-send -u critical "$SERVICE FAILED!" "Run journalctl -u $SERVICE for details" | |||
''; | |||
}; | |||
} // flip mapAttrs' config.services.borgbackup.jobs (name: value: | |||
nameValuePair "borgbackup-job-${name}" { | |||
unitConfig.OnFailure = "notify-problems@%i.service"; | |||
} | |||
); | |||
# optional, but this actually forces backup after boot in case laptop was powered off during scheduled event | |||
# for example, if you scheduled backups daily, your laptop should be powered on at 00:00 | |||
config.systemd.timers = flip mapAttrs' config.services.borgbackup.jobs (name: value: | |||
nameValuePair "borgbackup-job-${name}" { | |||
timerConfig.Persistent = true; | |||
} | |||
); | |||
}; | |||
in { | |||
imports = | |||
[ | |||
.... | |||
borgbackupMonitor | |||
]; | |||
... | |||
} | |||
</syntaxHighlight> | |||
== Don't try backup when network is unreachable == | |||
With persistent timers above you can get into a problem that after reboot backup is tried too fast, even when network is not yet available, and thus fails. This can be solved with systemd failed restart, or using internet-ready check in <code>preStart</code> script. | |||
Patching previous example: | |||
<syntaxHighlight lang=nix> | |||
} // flip mapAttrs' config.services.borgbackup.jobs (name: value: | |||
nameValuePair "borgbackup-job-${name}" { | |||
unitConfig.OnFailure = "notify-problems@%i.service"; | |||
preStart = lib.mkBefore '' | |||
# waiting for internet after resume-from-suspend | |||
until /run/wrappers/bin/ping google.com -c1 -q >/dev/null; do :; done | |||
''; | |||
} | |||
); | |||
... | |||
</syntaxHighlight> | |||
== Mounting point-in-time archives == | == Mounting point-in-time archives == | ||
| Line 139: | Line 210: | ||
If anybody reading this have found a way to mount as a user properly, please update the code above. | If anybody reading this have found a way to mount as a user properly, please update the code above. | ||
[[Category:Applications]] | |||
[[Category:Backup]] | |||
[[Category:NixOS Manual]] | |||
[[Category:Cookbook]] | |||