Backup with Borg, Borgmatic and Borgbase

1. Set up keys so that the servers can talk to each other

Log inn with root:

- ssh-keygen -t ed25519 -a 100

- copy to Borgbase (backupserver authorized_keys file)

2. Install Borg

apt install borgbackup see also

3. Install Borgmatic

The package install apt install borgmatic is outdated, better via pip3, but first install Python

sudo apt install python3-pip


sudo pip3 install --upgrade borgmatic

The next step is to ensure that borgmatic's commands available are on your system PATH, so that you can run borgmatic:

echo export 'PATH="$PATH:/root/.local/bin"' >> ~/.bashrc

source ~/.bashrc

see also

4. Create standard config

sudo generate-borgmatic-config

5. Set up encryption and password

borg init -e repokey-blake2 ssh://

6. Edit config.yml

The sample configuration file is located at /etc/borgmatic/config.yaml

Working config with databases

# Updated ~/.config/borgmatic/config.yaml
        - /var/www
        #- ~/Documents
        #- ~/Pictures

    # one_file_system: true

        - ssh://

    exclude_caches: true

    compression: auto,zstd
    encryption_passphrase: XXXXXXXXX
    archive_name_format: '{hostname}-{now}'
    # Number of times to retry a failing backup
    # Needs recent Borgmatic version
    retries: 5
    retry_wait: 5
    unknown_unencrypted_repo_access_is_ok: true

    keep_daily: 3
    keep_weekly: 4
    keep_monthly: 12

      - disabled
      # Uncomment to regularly read all repo data
      # Needs recent Borgmatic version
      # - name: repository
      #   frequency: 4 weeks
      # - name: archives
      #   frequency: 8 weeks

    check_last: 3

   # postgresql_databases:
   #     - name: all
        - name: all
          format: sql

doublecheck config:

sudo validate-borgmatic-config

7. Start backup

sudo borgmatic create --verbosity 1 --list --stats

8. Check the backups

sudo borgmatic list

sudo borgmatic info

Check databases

sudo borgmatic list --archive latest --find .borgmatic/*_databases

Search for a file

sudo borgmatic list --find security.txt

9. Set up cron

crontab -e

Let Borgmatic run every night at 1

0 1 * * * /usr/local/bin/borgmatic --verbosity 2 >/root/borg.log 2>&1

10. Restore files and databases

Multiple repositories

Category: Linux