Non les sauvegardes yunohost sont des archives .tar.gz. Tu peux exporter tes sauvegardes Borg avec la commande borg export-tar /path/to/repo::your_backup your_backup_yunohost.tar.gz
L’archive tar.gz crée sera elle compatible avec le système de backup de yunohost.
Borg is really the future for Ynh when it concerns good backup policy, I think. Remote often best (in case you get burgled or your house burns down).
If I may suggest an idea for future development: I can imagine that for usability it would be simpler if you would only have one app that both handles backing up and offering space to others. So merging the two apps eventually. This would probably also foster a better balance in people offering space and wanting to use space of others. Does this make sense?
Just to let you know that I just tried the borg export-tar /path/to/repo::your_backup your_backup_yunohost.tar.gz command and then restored the file with the Yunohost Backup / restore system, and it works like a charm.
I understand this is meant for remote backups, but is it possible to configure for local backups? I have a spare drive in my server, and I would like to have it synced with the actual server drive. Is this the tool for that, or if not, can someone suggest a better one?
It seems that the upgrade broke something.
Borg is not installed anymore on my server : https://paste.yunohost.org/mikuzucove.bash
(and restoration failed)
((and repository password should NOT be logged, this is really dangerous, I trust borg to crypt my data, but if anyone stealing my disk can just go read a log file to have the password, this is bad))
As I want to use a local repo, what are the steps to do ?
Can I remove the borg server ? Will it delete the existing repo ?
(For now I have a local repo, but using the borg server on the same computer)
Your bug is due to a connectivity issue or a problem with your proxad repo:
Could not connect to debian.proxad.net:80 (2a01:e0c:1:1598::2), connection timed out Could not connect to debian.proxad.net:80 (212.27.32.66), connection timed out
Fix this issues and rerun upgrade should fix your repo.
Restore operation failed for the same reason.
If someone steals the root storage of the server which is backupped (and where are the logs), this person can simply read your password in borgserver app settings. And also a lot of other things in your server, until you configure an encrypted luks volume for your root partition.
However, could you explain in which log you see the password ? In the yunohost journal of upgrade ? In borg log ?
I am currently writing a documentation about that. Steps should be something like:
Mount your external disk in a dir (for example /backup ). You have to configure /etc/fstab by yourself too.
Install the borg app and answer the path “/backup” to the first question
Yes borgserver is not needed anymore in this situation. Theoretically, the user is removed but repo is keeped.
The password is visible in the upgrade log, chich can be automatically shared here when an upgrade fails.
(My root partition is secured, I forgot that the password was stored to be able to do the backup, so at least it should be removed from the logs).
For now, I managed to fix my problem with apt, and reinstalled borg twice (one for a daily backup, one for a weekly one, with more apps saved).
I’ll uninstall the borg server app after I’ll make a backup of the backup, just in case
Hi, it seems like a lot of us are working on our backups setups - maybe the fire at OVH DC is somehow related . First of all thanks for this app. I have a question which would probably be better to ask to the Borg community directly, but who knows, maybe somebody here could help me.
I would like to have my main computer acting as a distant repo for my Yunohost instance (which is installed on a VPS). Because my main computer is not always on, I would like it to be the one who triggers the backup. Do you think that’s possible ?
Your question is about pull or push mode for backup. Currently the borgbackup is in push mode, i mean the server to backup send its file to the remote repo.
In pull mode, that’s the machine where is the repo that trigger the backup. There is several advantages to this in security. Cause with a pull mode if the server to backup is infected, the attackers can’t delete the backup on the other machine. However having backups onto a personal computer destroy a bit the advantages of this approch in security matter.
For working in pull mode, i think Borg community will advice you to setup a sshfs from your server onto your personal computer. The issue with this solution is it can’t simply work with the yunohost backup system.
Here is steps describing how borg_ynh works with yunohost backup system:
A timer systemd run backup-with-borg script
This script run yunohost backup create --method borg_app command on each part/apps of the system you have selected during borg_ynh setup
Yunohost ask the app or the system to list files to backup
YunoHost transmit the list to the custom “Backup Method” borg created by borg_ynh apps
This custom “Backup Method” use borg create command with the list of files to transmit files onto remote machine
So if you just do a sshfs you can’t use the yunohost mechnism.
However, you could do another things, to trigger the push mode from your machine.
Install borg_ynh with a “yearly” frequency.
Create a private/public keys onto your personal computer
Create a specific user backup_trigger and add ssh keys into authorized_keys with Forcecommand
In the force command call the backup-with-borg borg (or systemctl start borg) command
Now to trigger a backup from your personnal computer you just need to run ssh -i .ssh/yourkeys backup_trigger@YOURDOMAIN.tld . You can create a launcher or a script that launch at startup on your personal computer.