Borg Backup service fail, is Borg package broken?

Support apps
,
1

Hi everyone,
good job improving YNH continuously. I have an issue setting up borg. I have a server that fails which info are going to be in the template bellow, and a home server that I use with nextcloud and which is supposed to host the vps backups.

My YunoHost server

Hardware: VPS @OVH
YunoHost version: 11.2.5
I have access to my server : Through SSH | through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

If your request is related to an app, specify its name and version: borg backup 1.1.16~ynh30

Description of my issue

I am trying to set regular backups on another server. The main issue is that installing borg is successful, but the service is dead and cannot be brought up.

sudo  systemctl start borg
Job for borg.service failed because the control process exited with error code.
See "systemctl status borg.service" and "journalctl -xe" for details.



systemctl status borg.service
● borg.service - Run backup borg
     Loaded: loaded (/etc/systemd/system/borg.service; static)
     Active: failed (Result: exit-code) since Thu 2023-12-28 16:52:01 UTC; 21mi>
TriggeredBy: ● borg.timer
    Process: 149509 ExecStart=/usr/bin/sudo /usr/local/bin/backup-with-borg bor>
   Main PID: 149509 (code=exited, status=1/FAILURE)
        CPU: 18.166s
lines 1-7/7 (END)

# strangely, the time is off by one hour


journalctl -xe
Dec 28 16:51:13 sudo[149504]: pam_unix(sudo:session): session opened for user root(uid=0) by c(uid=15942)
Dec 28 16:52:01 sudo[149504]: pam_unix(sudo:session): session closed for user root

# nothing really here exept that it took about 45 sec before failing

I have not provided the details about my homeserver which is supposed to receive the backup because obviously the issue is not there (at least not yet). The issue is that borg in not able to start/run to operate backups.

This is my first time trying to work with borg, never did it before, the ynh package made it look easy, but I may be missing something there…

2

Can you share the output of journalctl -u borg --no-hostname --no-pager -n 30 ?

Can you also confirm that you did list some apps to be backed up (during install i think), or maybe you kept “all” which is maybe the default

3

Hey, Thank Aleks for getting back to me

I confirmed I kept all as the default setting, and here is the requested command :

-- Journal begins at Tue 2023-11-14 10:35:04 UTC, ends at Thu 2023-12-28 19:05:01 UTC. --
Dec 28 17:18:16 sudo[155702]: pam_unix(sudo:session): session closed for user root
Dec 28 17:18:16 sudo[156333]:     root : PWD=/ ; USER=root ; COMMAND=/usr/bin/test ! -f /etc/yunohost/apps/libreerp/scripts/backup
Dec 28 17:18:16 sudo[156333]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=0)
Dec 28 17:18:16 sudo[156333]: pam_unix(sudo:session): session closed for user root
Dec 28 17:18:16 sudo[156335]:     root : PWD=/ ; USER=root ; COMMAND=/usr/bin/yunohost backup create -n auto_libreerp --method borg_app --apps libreerp
Dec 28 17:18:16 sudo[156335]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=0)
Dec 28 17:18:17 sudo[156926]:     root : PWD=/var/lib/postgresql ; USER=postgres ; COMMAND=/bin/bash --login -c pg_dump libreerp
Dec 28 17:18:17 sudo[156926]: pam_unix(sudo:session): session opened for user postgres(uid=123) by (uid=0)
Dec 28 17:18:18 sudo[156926]: pam_unix(sudo:session): session closed for user postgres
Dec 28 17:18:24 sudo[156335]: pam_unix(sudo:session): session closed for user root
Dec 28 17:18:24 sudo[157001]:     root : PWD=/ ; USER=root ; COMMAND=/usr/bin/test ! -f /etc/yunohost/apps/qr/scripts/backup
Dec 28 17:18:24 sudo[157001]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=0)
Dec 28 17:18:24 sudo[157001]: pam_unix(sudo:session): session closed for user root
Dec 28 17:18:24 sudo[157003]:     root : PWD=/ ; USER=root ; COMMAND=/usr/bin/yunohost backup create -n auto_qr --method borg_app --apps qr
Dec 28 17:18:24 sudo[157003]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=0)
Dec 28 17:18:30 sudo[157003]: pam_unix(sudo:session): session closed for user root
Dec 28 17:18:30 sudo[157297]:     root : PWD=/ ; USER=root ; COMMAND=/usr/bin/yunohost app setting borg repository
Dec 28 17:18:30 sudo[157297]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=0)
Dec 28 17:18:30 sudo[157297]: pam_unix(sudo:session): session closed for user root
Dec 28 17:18:30 sudo[157299]:     root : PWD=/ ; USER=root ; COMMAND=/usr/bin/yunohost app setting borg mailalert
Dec 28 17:18:30 sudo[157299]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=0)
Dec 28 17:18:31 sudo[157299]: pam_unix(sudo:session): session closed for user root
Dec 28 17:18:31 sudo[157301]:     root : PWD=/ ; USER=root ; COMMAND=/usr/bin/yunohost app setting borg state -v failed
Dec 28 17:18:31 sudo[157301]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=0)
Dec 28 17:18:31 sudo[157301]: pam_unix(sudo:session): session closed for user root
Dec 28 17:18:31 sudo[154223]: pam_unix(sudo:session): session closed for user root
Dec 28 17:18:31 systemd[1]: borg.service: Main process exited, code=exited, status=1/FAILURE
Dec 28 17:18:31 systemd[1]: borg.service: Failed with result 'exit-code'.
Dec 28 17:18:31 systemd[1]: Failed to start Run backup borg.
Dec 28 17:18:31 systemd[1]: borg.service: Consumed 17.975s CPU time.
4

What if you try running yunohost backup create -n auto_qr --method borg_app --apps qr manually, does that work ?

5 
sudo yunohost backup create -n auto_qr --method borg_app --apps qr
Info: Collecting files to be backed up for qr...
Info: Declaring files to be backed up...
Info: Creating a backup archive from the collected files...
Info: The archive will contain about 1.7MB of data.
Warning: Failed to format translated string 'backup_applying_method_custom': 'Calling the custom backup method '{method}'...' with arguments '()' and '{}, raising error: KeyError('method') (don't panic this is just a warning)
Warning: Failed to format translatable string 'backup_applying_method_custom': 'Calling the custom backup method '{method}'...' with arguments '()' and '{}', raising  error: KeyError('method') (don't panic this is just a warning)
Warning: Remote: borg@oslight.ovh: Permission denied (publickey).
Warning: Connection closed by remote host. Is borg working on the server?
Error: Could not run script: /etc/yunohost/hooks.d/backup_method/05-borg_app
Info: The operation 'Create a backup archive' could not be completed. Please share the full log of this operation using the command 'yunohost log share 20231228-213803-backup_create' to get help
Error: Custom backup method could not get past the 'backup' step

and the associated log :

args:
  apps:
  - qr
  description: null
  dry_run: false
  methods:
  - borg_app
  name: auto_qr
  output_directory: null
  system: null
ended_at: 2023-12-28 21:38:13.689381
error: Custom backup method could not get past the 'backup' step
interface: cli
operation: backup_create
parent: null
related_to:
- - app
  - qr
started_at: 2023-12-28 21:38:03.044271
success: false
yunohost_version: 11.2.5

============

2023-12-28 21:38:03,072: INFO - Collecting files to be backed up for qr...
2023-12-28 21:38:03,081: DEBUG - Executing command '['sh', '-c', '/bin/bash -x "/var/cache/yunohost/app_tmp_work_dirs/app_g9e_k5uv/scripts/backup"  7>&1']'
2023-12-28 21:38:03,087: DEBUG - + source /usr/share/yunohost/helpers
2023-12-28 21:38:03,087: DEBUG - +++ set +o
2023-12-28 21:38:03,087: DEBUG - +++ grep xtrace
2023-12-28 21:38:03,089: DEBUG - ++ readonly 'XTRACE_ENABLE=set -o xtrace'
2023-12-28 21:38:03,089: DEBUG - ++ XTRACE_ENABLE='set -o xtrace'
2023-12-28 21:38:03,104: DEBUG - + ynh_print_info '--message=Declaring files to be backed up...'
2023-12-28 21:38:03,115: INFO - Declaring files to be backed up...
2023-12-28 21:38:03,116: DEBUG - + ynh_backup --src_path=/var/www/qr
2023-12-28 21:38:03,140: DEBUG - + dest_path=
2023-12-28 21:38:03,140: DEBUG - + is_big=0
2023-12-28 21:38:03,140: DEBUG - + not_mandatory=0
2023-12-28 21:38:03,141: DEBUG - + BACKUP_CORE_ONLY=0
2023-12-28 21:38:03,141: DEBUG - + test -n qr
2023-12-28 21:38:03,141: DEBUG - ++ ynh_app_setting_get --app=qr --key=do_not_backup_data
2023-12-28 21:38:03,141: DEBUG - ++ local _globalapp=qr
2023-12-28 21:38:03,163: DEBUG - ++ app=qr
2023-12-28 21:38:03,163: DEBUG - ++ [[ do_not_backup_data =~ (unprotected|protected|skipped)_ ]]
2023-12-28 21:38:03,163: DEBUG - ++ ynh_app_setting get qr do_not_backup_data
2023-12-28 21:38:03,206: DEBUG - + do_not_backup_data=
2023-12-28 21:38:03,206: DEBUG - + '[' '!' -e /var/www/qr ']'
2023-12-28 21:38:03,206: DEBUG - ++ realpath /var/www/qr
2023-12-28 21:38:03,207: DEBUG - + src_path=/var/www/qr
2023-12-28 21:38:03,207: DEBUG - + [[ -z '' ]]
2023-12-28 21:38:03,207: DEBUG - + dest_path=var/www/qr
2023-12-28 21:38:03,207: DEBUG - + [[ -e var/www/qr ]]
2023-12-28 21:38:03,208: DEBUG - + local rel_dir=/apps/qr/backup
2023-12-28 21:38:03,208: DEBUG - + rel_dir=/apps/qr/backup/
2023-12-28 21:38:03,208: DEBUG - + dest_path=/apps/qr/backup/var/www/qr
2023-12-28 21:38:03,208: DEBUG - + dest_path=apps/qr/backup/var/www/qr
2023-12-28 21:38:03,208: DEBUG - ++ sed --regexp-extended 's/"/\"\"/g'
2023-12-28 21:38:03,209: DEBUG - ++ echo /var/www/qr
2023-12-28 21:38:03,210: DEBUG - + local src=/var/www/qr
2023-12-28 21:38:03,211: DEBUG - ++ echo apps/qr/backup/var/www/qr
2023-12-28 21:38:03,211: DEBUG - ++ sed --regexp-extended 's/"/\"\"/g'
2023-12-28 21:38:03,212: DEBUG - + local dest=apps/qr/backup/var/www/qr
2023-12-28 21:38:03,213: DEBUG - ++ dirname /home/yunohost.backup/tmp/auto_qr/apps/qr/backup/var/www/qr
2023-12-28 21:38:03,213: DEBUG - + mkdir --parents /home/yunohost.backup/tmp/auto_qr/apps/qr/backup/var/www
2023-12-28 21:38:03,215: DEBUG - + ynh_backup --src_path=/etc/nginx/conf.d/maindomain.tld.d/qr.conf
2023-12-28 21:38:03,239: DEBUG - + dest_path=
2023-12-28 21:38:03,239: DEBUG - + is_big=0
2023-12-28 21:38:03,239: DEBUG - + not_mandatory=0
2023-12-28 21:38:03,239: DEBUG - + BACKUP_CORE_ONLY=0
2023-12-28 21:38:03,240: DEBUG - + test -n qr
2023-12-28 21:38:03,240: DEBUG - ++ ynh_app_setting_get --app=qr --key=do_not_backup_data
2023-12-28 21:38:03,240: DEBUG - ++ local _globalapp=qr
2023-12-28 21:38:03,265: DEBUG - ++ app=qr
2023-12-28 21:38:03,265: DEBUG - ++ [[ do_not_backup_data =~ (unprotected|protected|skipped)_ ]]
2023-12-28 21:38:03,265: DEBUG - ++ ynh_app_setting get qr do_not_backup_data
2023-12-28 21:38:03,310: DEBUG - + do_not_backup_data=
2023-12-28 21:38:03,310: DEBUG - + '[' '!' -e /etc/nginx/conf.d/maindomain.tld.d/qr.conf ']'
2023-12-28 21:38:03,310: DEBUG - ++ realpath /etc/nginx/conf.d/maindomain.tld.d/qr.conf
2023-12-28 21:38:03,311: DEBUG - + src_path=/etc/nginx/conf.d/maindomain.tld.d/qr.conf
2023-12-28 21:38:03,311: DEBUG - + [[ -z '' ]]
2023-12-28 21:38:03,311: DEBUG - + dest_path=etc/nginx/conf.d/maindomain.tld.d/qr.conf
2023-12-28 21:38:03,311: DEBUG - + [[ -e etc/nginx/conf.d/maindomain.tld.d/qr.conf ]]
2023-12-28 21:38:03,312: DEBUG - + local rel_dir=/apps/qr/backup
2023-12-28 21:38:03,312: DEBUG - + rel_dir=/apps/qr/backup/
2023-12-28 21:38:03,312: DEBUG - + dest_path=/apps/qr/backup/etc/nginx/conf.d/maindomain.tld.d/qr.conf
2023-12-28 21:38:03,312: DEBUG - + dest_path=apps/qr/backup/etc/nginx/conf.d/maindomain.tld.d/qr.conf
2023-12-28 21:38:03,312: DEBUG - ++ sed --regexp-extended 's/"/\"\"/g'
2023-12-28 21:38:03,313: DEBUG - ++ echo /etc/nginx/conf.d/maindomain.tld.d/qr.conf
2023-12-28 21:38:03,313: DEBUG - + local src=/etc/nginx/conf.d/maindomain.tld.d/qr.conf
2023-12-28 21:38:03,313: DEBUG - ++ sed --regexp-extended 's/"/\"\"/g'
2023-12-28 21:38:03,314: DEBUG - ++ echo apps/qr/backup/etc/nginx/conf.d/maindomain.tld.d/qr.conf
2023-12-28 21:38:03,315: DEBUG - + local dest=apps/qr/backup/etc/nginx/conf.d/maindomain.tld.d/qr.conf
2023-12-28 21:38:03,316: DEBUG - ++ dirname /home/yunohost.backup/tmp/auto_qr/apps/qr/backup/etc/nginx/conf.d/maindomain.tld.d/qr.conf
2023-12-28 21:38:03,316: DEBUG - + mkdir --parents /home/yunohost.backup/tmp/auto_qr/apps/qr/backup/etc/nginx/conf.d/maindomain.tld.d
2023-12-28 21:38:03,317: DEBUG - + ynh_backup --src_path=/etc/php/8.2/fpm/pool.d/qr.conf
2023-12-28 21:38:03,342: DEBUG - + dest_path=
2023-12-28 21:38:03,342: DEBUG - + is_big=0
2023-12-28 21:38:03,342: DEBUG - + not_mandatory=0
2023-12-28 21:38:03,342: DEBUG - + BACKUP_CORE_ONLY=0
2023-12-28 21:38:03,343: DEBUG - + test -n qr
2023-12-28 21:38:03,343: DEBUG - ++ ynh_app_setting_get --app=qr --key=do_not_backup_data
2023-12-28 21:38:03,343: DEBUG - ++ local _globalapp=qr
2023-12-28 21:38:03,369: DEBUG - ++ app=qr
2023-12-28 21:38:03,369: DEBUG - ++ [[ do_not_backup_data =~ (unprotected|protected|skipped)_ ]]
2023-12-28 21:38:03,369: DEBUG - ++ ynh_app_setting get qr do_not_backup_data
2023-12-28 21:38:03,419: DEBUG - + do_not_backup_data=
2023-12-28 21:38:03,419: DEBUG - + '[' '!' -e /etc/php/8.2/fpm/pool.d/qr.conf ']'
2023-12-28 21:38:03,419: DEBUG - ++ realpath /etc/php/8.2/fpm/pool.d/qr.conf
2023-12-28 21:38:03,421: DEBUG - + src_path=/etc/php/8.2/fpm/pool.d/qr.conf
2023-12-28 21:38:03,421: DEBUG - + [[ -z '' ]]
2023-12-28 21:38:03,421: DEBUG - + dest_path=etc/php/8.2/fpm/pool.d/qr.conf
2023-12-28 21:38:03,421: DEBUG - + [[ -e etc/php/8.2/fpm/pool.d/qr.conf ]]
2023-12-28 21:38:03,421: DEBUG - + local rel_dir=/apps/qr/backup
2023-12-28 21:38:03,421: DEBUG - + rel_dir=/apps/qr/backup/
2023-12-28 21:38:03,421: DEBUG - + dest_path=/apps/qr/backup/etc/php/8.2/fpm/pool.d/qr.conf
2023-12-28 21:38:03,422: DEBUG - + dest_path=apps/qr/backup/etc/php/8.2/fpm/pool.d/qr.conf
2023-12-28 21:38:03,422: DEBUG - ++ sed --regexp-extended 's/"/\"\"/g'
2023-12-28 21:38:03,422: DEBUG - ++ echo /etc/php/8.2/fpm/pool.d/qr.conf
2023-12-28 21:38:03,424: DEBUG - + local src=/etc/php/8.2/fpm/pool.d/qr.conf
2023-12-28 21:38:03,425: DEBUG - ++ echo apps/qr/backup/etc/php/8.2/fpm/pool.d/qr.conf
2023-12-28 21:38:03,425: DEBUG - ++ sed --regexp-extended 's/"/\"\"/g'
2023-12-28 21:38:03,427: DEBUG - + local dest=apps/qr/backup/etc/php/8.2/fpm/pool.d/qr.conf
2023-12-28 21:38:03,428: DEBUG - ++ dirname /home/yunohost.backup/tmp/auto_qr/apps/qr/backup/etc/php/8.2/fpm/pool.d/qr.conf
2023-12-28 21:38:03,429: DEBUG - + mkdir --parents /home/yunohost.backup/tmp/auto_qr/apps/qr/backup/etc/php/8.2/fpm/pool.d
2023-12-28 21:38:03,432: DEBUG - + ynh_exit_properly
2023-12-28 21:38:03,432: DEBUG - + [[ backup =~ ^install$|^upgrade$|^restore$ ]]
2023-12-28 21:38:04,434: DEBUG - Backup permission for qr
2023-12-28 21:38:04,480: DEBUG - initializing ldap interface
2023-12-28 21:38:04,523: INFO - Creating a backup archive from the collected files...
2023-12-28 21:38:04,523: INFO - The archive will contain about 1.7MB of data.
2023-12-28 21:38:04,524: DEBUG - Calling the custom backup method '{method}'...
2023-12-28 21:38:04,524: DEBUG - Executing command '['sh', '-c', '/bin/bash -x "./05-borg_app" need_mount /home/yunohost.backup/tmp/auto_qr auto_qr /home/yunohost.backup/archives 1731405 \'\' 7>&1']'
2023-12-28 21:38:04,529: DEBUG - + set -eo pipefail
2023-12-28 21:38:04,529: DEBUG - + app=borg_app
2023-12-28 21:38:04,529: DEBUG - + app=borg
2023-12-28 21:38:04,529: DEBUG - ++ yunohost app setting borg passphrase
2023-12-28 21:38:04,734: DEBUG - + BORG_PASSPHRASE=**********
2023-12-28 21:38:04,734: DEBUG - ++ yunohost app setting borg repository
2023-12-28 21:38:04,923: DEBUG - + repo=ssh://borg@oslight.ovh:22/~/backup
2023-12-28 21:38:04,924: DEBUG - + ssh-keygen -F '[oslight.ovh]:22'
2023-12-28 21:38:04,931: DEBUG - + BORG_RSH='ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=no '
2023-12-28 21:38:04,931: DEBUG - + LOGFILE=/var/log/backup_borg.err
2023-12-28 21:38:04,931: DEBUG - + work_dir=/home/yunohost.backup/tmp/auto_qr
2023-12-28 21:38:04,932: DEBUG - + name=auto_qr
2023-12-28 21:38:04,932: DEBUG - + size=1731405
2023-12-28 21:38:04,932: DEBUG - + description=
2023-12-28 21:38:04,932: DEBUG - + case "$1" in
2023-12-28 21:38:04,932: DEBUG - + do_need_mount /home/yunohost.backup/tmp/auto_qr auto_qr ssh://borg@oslight.ovh:22/~/backup 1731405 ''
2023-12-28 21:38:04,933: DEBUG - + true
2023-12-28 21:38:05,952: DEBUG - Executing command '['sh', '-c', '/bin/bash -x "./05-borg_app" backup /home/yunohost.backup/tmp/auto_qr auto_qr /home/yunohost.backup/archives 1731405 \'\' 7>&1']'
2023-12-28 21:38:05,958: DEBUG - + set -eo pipefail
2023-12-28 21:38:05,958: DEBUG - + app=borg_app
2023-12-28 21:38:05,959: DEBUG - + app=borg
2023-12-28 21:38:05,959: DEBUG - ++ yunohost app setting borg passphrase
2023-12-28 21:38:06,163: DEBUG - + BORG_PASSPHRASE=**********
2023-12-28 21:38:06,164: DEBUG - ++ yunohost app setting borg repository
2023-12-28 21:38:06,350: DEBUG - + repo=ssh://borg@oslight.ovh:22/~/backup
2023-12-28 21:38:06,351: DEBUG - + ssh-keygen -F '[oslight.ovh]:22'
2023-12-28 21:38:06,355: DEBUG - + BORG_RSH='ssh -i /root/.ssh/id_borg_ed25519 -oStrictHostKeyChecking=no '
2023-12-28 21:38:06,356: DEBUG - + LOGFILE=/var/log/backup_borg.err
2023-12-28 21:38:06,356: DEBUG - + work_dir=/home/yunohost.backup/tmp/auto_qr
2023-12-28 21:38:06,356: DEBUG - + name=auto_qr
2023-12-28 21:38:06,357: DEBUG - + size=1731405
2023-12-28 21:38:06,357: DEBUG - + description=
2023-12-28 21:38:06,357: DEBUG - + case "$1" in
2023-12-28 21:38:06,357: DEBUG - + do_backup /home/yunohost.backup/tmp/auto_qr auto_qr ssh://borg@oslight.ovh:22/~/backup 1731405 ''
2023-12-28 21:38:06,358: DEBUG - + export BORG_PASSPHRASE
2023-12-28 21:38:06,358: DEBUG - + export BORG_RSH
2023-12-28 21:38:06,358: DEBUG - + export BORG_RELOCATED_REPO_ACCESS_IS_OK=yes
2023-12-28 21:38:06,358: DEBUG - + BORG_RELOCATED_REPO_ACCESS_IS_OK=yes
2023-12-28 21:38:06,358: DEBUG - + work_dir=/home/yunohost.backup/tmp/auto_qr
2023-12-28 21:38:06,358: DEBUG - + name=auto_qr
2023-12-28 21:38:06,359: DEBUG - + repo=ssh://borg@oslight.ovh:22/~/backup
2023-12-28 21:38:06,359: DEBUG - + size=1731405
2023-12-28 21:38:06,359: DEBUG - + description=
2023-12-28 21:38:06,359: DEBUG - ++ date +%Y-%m-%d_%H:%M
2023-12-28 21:38:06,359: DEBUG - + current_date=2023-12-28_21:38
2023-12-28 21:38:06,359: DEBUG - + pushd /home/yunohost.backup/tmp/auto_qr
2023-12-28 21:38:06,359: DEBUG - /home/yunohost.backup/tmp/auto_qr /etc/yunohost/hooks.d/backup_method
2023-12-28 21:38:06,359: DEBUG - + set +e
2023-12-28 21:38:06,359: DEBUG - + borg init -e repokey ssh://borg@oslight.ovh:22/~/backup
2023-12-28 21:38:11,950: WARNING - Remote: borg@oslight.ovh: Permission denied (publickey).
2023-12-28 21:38:11,951: WARNING - Connection closed by remote host. Is borg working on the server?
2023-12-28 21:38:11,980: DEBUG - + set -e
2023-12-28 21:38:11,981: DEBUG - + log_with_timestamp
2023-12-28 21:38:11,981: DEBUG - + tee -a /var/log/backup_borg.err
2023-12-28 21:38:11,981: DEBUG - + borg create ssh://borg@oslight.ovh:22/~/backup::_auto_qr-2023-12-28_21:38 ./
2023-12-28 21:38:11,982: DEBUG - ++ date +%Y-%m-%d_%H:%M:%S
2023-12-28 21:38:11,984: DEBUG - + sed -e 's/^/[2023-12-28_21:38:11] /'
2023-12-28 21:38:12,668: DEBUG - [2023-12-28_21:38:11] Remote: borg@oslight.ovh: Permission denied (publickey).
2023-12-28 21:38:12,668: DEBUG - [2023-12-28_21:38:11] Connection closed by remote host. Is borg working on the server?
2023-12-28 21:38:13,669: ERROR - Could not run script: /etc/yunohost/hooks.d/backup_method/05-borg_app
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/yunohost/hook.py", line 298, in hook_callback
    hook_return = hook_exec(
  File "/usr/lib/python3/dist-packages/yunohost/hook.py", line 410, in hook_exec
    raise YunohostError("hook_exec_failed", path=path)
yunohost.utils.error.YunohostError: Could not run script: /etc/yunohost/hooks.d/backup_method/05-borg_app
6

Yeah so the issue is that the ssh key is not properly configured on the destination server actually (or it’s refused somehow)

7

Hum, i juste copy/pased the ssh-ed25519 from the ynh borg interface of the server to backup into the borg server ynh app of the storage server.

I can connect to the remote server using ssh manually how can I check this peticular key/user ?

8

I’m implicitly assuming that this means your destination server is not a YunoHost (otherwise you’d just need to install the borgserver app)

Anyway, there’s a million way you can get ssh keys “wrong”, usually it’s about permissions, which can be investigated using namei -l /home/<user>/.ssh/authorized_keys

9

Well, it is and that is simply what I did…

10

Mokay, I red that stuff too quickly … Let’s check the permissions anyway

Also did you do any specific tweaks in the ssh configuration maybe ?

11

on the storage server

sudo ls -la /home/borg/.ssh/authorized_keys 
-rw-rw-rw- 1 root root 268 Dec 28 17:38 /home/borg/.ssh/authorized_keys

sudo cat /home/borg/.ssh/authorized_keys 
command="borg serve --storage-quota 30G --restrict-to-repository /home/borg/backup",no-pty,no-agent-forwarding,no-port-forwarding,no-X11-forwarding,no-user-rc ssh-ed25519 [ssh key] root@serv.to.backup.tld

not sure if it counts but the directory /home/borg/backup does not exist (yet ?)

12

As recommended, you need to use namei -l to get the full picture of permissions …

But anyway the fact that it’s owned by root with write permission for “other” is probably not going to make sshd happy

13

Sorry you are right, i did not know the namei command and did not use it.

namei -l /home/borg/.ssh/authorized_keys
f: /home/borg/.ssh/authorized_keys
drwxr-xr-x root root /
drwxr-xr-x root root home
drwxrwx--- borg borg borg
                     .ssh - Permission denied




sudo namei -l /home/borg/.ssh/authorized_keys
f: /home/borg/.ssh/authorized_keys
drwxr-xr-x root root /
drwxr-xr-x root root home
drwxrwx--- borg borg borg
drwxrwxrwx borg borg .ssh
-rw-rw-rw- root root authorized_keys

should I chown it to borg?

14

Yes, but also remove the “other” permission in the file …

15

Thanks, I did it :

sudo namei -l /home/borg/.ssh/authorized_keys
f: /home/borg/.ssh/authorized_keys
drwxr-xr-x root root /
drwxr-xr-x root root home
drwxrwx--- borg borg borg
drwxrwxrwx borg borg .ssh
-rw-rw---- borg borg authorized_keys

but trying again with sudo yunohost backup create -n auto_qr --method borg_app --apps qr failes the same way.

Now that I think of it, the only non-out-of-the-box thing I did with both ynh servers was to apply the documentation advice to set up ssh connection with keys and not passwords with sudo yunohost settings set security.ssh.port -v <new_ssh_port_number> could that be linked ?

16

yes if you changed the ssh port then that needs to be reflected in the borg configuration … but that’s not “set up ssh connection with keys and not passwords” and that wouldnt correspond to a “Permission denied”

this may be an issue too, because the .ssh directory is world readable and writable…

17

I made a mistake copy/paste, the one I used is
sudo yunohost settings set security.ssh.password_authentication -v no
the ssh port is still 22

I changed the permission and tadaaaaaa, it worked ! is it an issue on the ynh borg server app ? it was a fresh install of the app on a fresh install of ynh (just installed nextcloud)

18

yeah if this was “out of the box” then definitely is an issue with the app …

19

I also noticed the .nobackup file was also owned by root and changed the permission. I wanted to make sure there were backup files to restore on the storage server, but the backup folder look like

/home/borg/backup# ls
config	data  hints.25	index.25  integrity.25	nonce  README

is it normal ? I would not know what to restore here…

20

You must use borg commands to list or extract backups. Try for example from your distant server

app=borg; BORG_PASSPHRASE="xxxxxxxxxxxxxxxxxxxxxxxxx" BORG_RSH="ssh -p PORT_SSH -i /root/.ssh/id_${app}_ed25519 -oStrictHostKeyChecking=yes " borg list borg@domain.tld:/~/backup

Or simply on the server where the backups are:

BORG_PASSPHRASE="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" borg list /home/borg/backup

Then read the doc General — Borg - Deduplicating Archiver 1.2.7 documentation

Usually to extract a backup I do this, but with a borg_ynh app, So if you are backing up another server you may adapt the code with your needs.

app=borg; BORG_PASSPHRASE="$(yunohost app setting $app passphrase)" borg export-tar "$(yunohost app setting $app repository)::_auto_nextcloud-2022-10-07_00:04" /home/yunohost.backup/archives/nextcloud-2022-10-07_00:04.tar