backup/borg-backup
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
308afabc03
borg-backup/README.prerequisites
Christoph 308afabc03 first commit
2024-07-02 00:36:18 +02:00

137 lines
3.7 KiB
Plaintext
Raw Blame History

# ==========
# Preparation / Prerequisites
# ==========
BORG_HOST="o26.oopen.de"
BORG_REPO="/backup/cl-fm"
BORG_PASSPHRASE='wweK/m.xV-g3oI-7WM/pejTP'
SSH_USER="borg"
SSH_PORT=22
SSH_IDENTITY_FILE="/root/.ssh/id_ed25519-borg-backup"
export BORG_RSH='ssh -i /root/.ssh/id_ed25519-borg-backup'
export SSH_USER
export BORG_PASSPHRASE
# ---
# see:
#
# https://www.c-rieger.de/nextcloud-borg-backup-zur-hetzner-storage-box
# https://borgbackup.readthedocs.io/en/stable/quickstart.html
# ---
# ==========
# Preparations Server
# ==========
# preparation on the backup server (o26.oopen.de)
# ===============================================
#
# 1. On Backup Server create a user which is used to push the backups to the server
#
# backup-user: borg
# backup-group: borg
#
#
# 2 Create a backup repository:
#
# client-identifier: cl-fm
#
# mkdir -p /backup/<client-identifier>
#
#
# 3. Backup user must have full write permissions to the backup repostitories
#
# chown <backup-user>:<backup-group> /data/backup/<client-identifier>
#
# 4. Prevent repository directory from being deleted
#
# chattr +i /data/backup/<client-identifier>
#
mkdir -p "${BORG_REPO}"
chown ${SSH_USER}:${SSH_USER} "${BORG_REPO}"
chattr +i "$(dirname "${BORG_REPO}")"
# ==========
# Preparations Client
# ==========
# preparation on the backup client (cl-fm.oopen.de
# ================================================
#
# 1. Install Borg Backup (on the client) using 'apt install'
#
# apt install -y -t stable-backports borgbackup python3-llfuse
#
#
# 2. Generate a SSH Key (as root without passphrase) to connect to the backup server:
#
# ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519-borg-backup
#
# Note:
# Dont't forget pusching the key to the servers authorized_key file of
# the remote backup user
#
#
# 3. create file /root/.ssh/config ti store ssh connection parameters
#
# BORG_HOST="o26.oopen.de"
# SSH_USER="borg"
# SSH_IDENTITY_FILE="/root/.ssh/id_ed25519-borg-backup"
#
# cat << EOF > /root/.ssh/config
# host ${BORG_HOST}
# User ${SSH_USER}
# IdentityFile ${SSH_IDENTITY_FILE}
# StrictHostKeyChecking no
# LogLevel FATAL
# EOF
#
apt install -y -t stable-backports borgbackup python3-llfuse
ssh-keygen -t ed25519 -f ~/.ssh/id_ed25519-borg-backup
cat << EOF > /root/.ssh/config
host ${BORG_HOST}
User ${SSH_USER}
IdentityFile ${SSH_IDENTITY_FILE}
StrictHostKeyChecking no
LogLevel FATAL
EOF
# Initialize backup
# =================
#
# export SSH_USER="borg"
# export BORG_HOST="o26.oopen.de"
# export SSH_PORT="22"
# export BORG_PASSPHRASE="wweK/m.xV-g3oI-7WM/pejTP"
#
# export BORG_REPO="/data/backup/cl-fm"
#
# borg init --encryption=repokey ssh://${SSH_USER}@${BORG_HOST}:${SSH_PORT}${BACKUP_REPOSITORY}
#
# Outpu of of borg initializing was:
#
# By default repositories initialized with this version will produce security
# errors if written to with an older version (up to and including Borg 1.0.8).
#
# If you want to use these older versions, you can disable the check by running:
# borg upgrade --disable-tam ssh://borg@o26.oopen.de:22//data/backup/cl-fm
#
# See https://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability
# for details about the security implications.
#
# IMPORTANT: you will need both KEY AND PASSPHRASE to access this repo!
# If you used a repokey mode, the key is stored in the repo, but you should back it up separately.
# Use "borg key export" to export the key, optionally in printable format.
# Write down the passphrase. Store both at safe place(s).
#
borg init --encryption=repokey ssh://${SSH_USER}@${BORG_HOST}:${SSH_PORT}${BORG_REPO}
Reference in New Issue View Git Blame Copy Permalink