noah/Backup_Script
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Finalizing v1 of README

Browse Source
This commit is contained in:
Noah L. Schrick 2022-10-30 17:24:42 -05:00
parent f73d88222f
commit e482096c94
1 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
README.md
View File

@ -0,0 +1,32 @@
# Backup Using Borg
https://borgbackup.readthedocs.io/
## Reasons I use Borg:
- Deduplication
- Encryption
- Multiple compression options (I use LZ4)
- Easily accessible
- FOSS
- Preserves most file types, attributes, etc.
- Can verify data integrity with CRCs and HMACs
## Script Notes
### Passphrase
- I do NOT want the encrypted passphrase in cleartext within the script.
- I also do NOT want to set an environment variable with env or system to avoid exposure in the process list.
- Instead, I use BORG_PASSCOMMAND with a dotfile with specific permissions. 'export' in a shell script uses a process environment only accessible to the user.
### Package Lists
- At the moment I only use Arch and Ubuntu/Debian systems, so the package list dump only checks for these. This can be expanded as needed.
- Since I don't backup the entire system, I'd rather just do a quick dump of packages and script a reinstall as needed.
- This would be obsolete with Ansible (which I will ideally use later down the line).
### Backup Locations
- I generally do not care to backup the entire system, and only want things in /home or configs (usually in /etc)
- I use a case statement to add or remove things as needed per system. Probably not the most efficient and it's a bit ugly, but it's very clear/easy to read, debug, and modify as needed.
### Why do you copy files and directories to /home?
- I'd prefer to avoid using root when possible, especially since I don't want to backup the entire system.
- If I'm only copying /home and config files, I don't see a reason to use root, and would rather just use a local user.
- HOWEVER, there should not be a concern with using root. The networking is done by SSH and RPC, not Borg. If there is a security concern, it would be with SSH and RPC, which is pretty minimal.
### Why do you use a locally mounted remote file system instead of Borg's client/server mode?
- Mixture of laziness and old habits. Borg has made it easier to use client/server mode without mounting drives, and I just haven't kept up with the times.
- I will ideally be modifying this to use client/server mode in the future.
- Nothing particularly *wrong* with using a mount, it's just slower since every operation has to go over the network.