borgbackup
Efficient, deduplicating backup program with optional compression and secure encryption.
Usage
inventory.instances = {
borgbackup = {
module = {
name = "borgbackup";
input = "clan";
};
roles.client.machines."jon".settings = {
destinations."storagebox" = {
repo = "username@$hostname:/./borgbackup";
rsh = ''ssh -oPort=23 -i /run/secrets/vars/borgbackup/borgbackup.ssh'';
};
};
roles.server.machines = { };
};
};
The input should be named according to your flake input. Jon is configured as a client machine with a destination pointing to a Hetzner Storage Box.
Overview
This guide explains how to set up and manage BorgBackup for secure, efficient backups in a clan network. BorgBackup provides:
- Space efficient storage of backups with deduplication
- Secure, authenticated encryption
- Compression: lz4, zstd, zlib, lzma or none
- Mountable backups with FUSE
- Easy installation on multiple platforms: Linux, macOS, BSD, …
- Free software (BSD license).
- Backed by a large and active open-source community.
Roles
1. Client
Clients are machines that create and send backups to various destinations. Each client can have multiple backup destinations configured.
2. Server
Servers act as backup repositories, receiving and storing backups from client machines. They can be dedicated backup servers within your clan network.
Backup destinations
This service allows you to perform backups to multiple destinations
.
Destinations can be:
- Local: Local disk storage
- Server: Your own borgbackup server (using the
server
role) - Third-party services: Such as Hetzner's Storage Box
For a more comprehensive guide on backups look into the guide section.
Roles
The borgbackup module has the following roles:
- client
- server
Options for the client
role
destinations
external destinations where the machine should be backuped to
Type: attribute set of (submodule)
Default:
Declared in: clanServices/borgbackup/default.nix
destinations.<name>.name
the name of the backup job
Type: string matching the pattern ^[a-zA-Z0-9._-]+$
Default:
Declared in: clanServices/borgbackup/default.nix
destinations.<name>.repo
the borgbackup repository to backup to
Type: string
Declared in: clanServices/borgbackup/default.nix
destinations.<name>.rsh
the rsh to use for the backup
Type: string
Default:
"ssh -i \${config.clan.core.vars.generators.borgbackup.files.\"borgbackup.ssh\".path} -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"
Declared in: clanServices/borgbackup/default.nix
exclude
Directories/Files to exclude from the backup. Use * as a wildcard.
Type: list of string
Default:
Declared in: clanServices/borgbackup/default.nix
Options for the server
role
directory
The directory where the borgbackup repositories are stored.
Type: string
Default:
Declared in: clanServices/borgbackup/default.nix