Usage¶

Quiet by default¶

Like most UNIX commands Borg is quiet by default but the -v or --verbose option can be used to get the program to output more status messages as it is processing.

Return codes¶

Borg can exit with the following return codes (rc):

0 = success (logged as INFO)
1 = warning (operation reached its normal end, but there were warnings -
    you should check the log, logged as WARNING)
2 = error (like a fatal error, a local or remote exception, the operation
    did not reach its normal end, logged as ERROR)
128+N = killed by signal N (e.g. 137 == kill -9)

The return code is also logged at the indicated level as the last log entry.

Environment Variables¶

Borg uses some environment variables for automation:

General:

BORG_REPO

When set, use the value to give the default repository location. If a command needs an archive parameter, you can abbreviate as ::archive. If a command needs a repository parameter, you can either leave it away or abbreviate as ::, if a positional parameter is required.

BORG_PASSPHRASE

When set, use the value to answer the passphrase question for encrypted repositories.

BORG_RSH

When set, use this command instead of ssh.

TMPDIR

where temporary files are stored (might need a lot of temporary space for some operations)

Some “yes” sayers (if set, they automatically confirm that you really want to do X even if there is that warning):

BORG_UNKNOWN_UNENCRYPTED_REPO_ACCESS_IS_OK

For “Warning: Attempting to access a previously unknown unencrypted repository”

BORG_RELOCATED_REPO_ACCESS_IS_OK

For “Warning: The repository at location ... was previously located at ...”

BORG_CHECK_I_KNOW_WHAT_I_AM_DOING

For “Warning: ‘check –repair’ is an experimental feature that might result in data loss.”

Directories:

BORG_KEYS_DIR

Default to ‘~/.borg/keys’. This directory contains keys for encrypted repositories.

BORG_CACHE_DIR

Default to ‘~/.cache/borg’. This directory contains the local cache and might need a lot of space for dealing with big repositories).

Building:

BORG_OPENSSL_PREFIX

Adds given OpenSSL header file directory to the default locations (setup.py).

BORG_LZ4_PREFIX

Adds given LZ4 header file directory to the default locations (setup.py).

Please note:

• be very careful when using the “yes” sayers, the warnings with prompt exist for your / your data’s security/safety
• also be very careful when putting your passphrase into a script, make sure it has appropriate file permissions (e.g. mode 600, root:root).

Resource Usage¶

Borg might use a lot of resources depending on the size of the data set it is dealing with.

CPU:

It won’t go beyond 100% of 1 core as the code is currently single-threaded. Especially higher zlib and lzma compression levels use significant amounts of CPU cycles.

Memory (RAM):

The chunks index and the files index are read into memory for performance reasons. Compression, esp. lzma compression with high levels might need substantial amounts of memory.

Temporary files:

Reading data and metadata from a FUSE mounted repository will consume about the same space as the deduplicated chunks used to represent them in the repository.

Cache files:

Contains the chunks index and files index (plus a compressed collection of single-archive chunk indexes).

Chunks index:

Proportional to the amount of data chunks in your repo. Lots of small chunks in your repo imply a big chunks index. You may need to tweak the chunker params (see create options) if you have a lot of data and you want to keep the chunks index at some reasonable size.

Files index:

Proportional to the amount of files in your last backup. Can be switched off (see create options), but next backup will be much slower if you do.

Network:

If your repository is remote, all deduplicated (and optionally compressed/ encrypted) data of course has to go over the connection (ssh: repo url). If you use a locally mounted network filesystem, additionally some copy operations used for transaction support also go over the connection. If you backup multiple sources to one target repository, additional traffic happens for cache resynchronization.

In case you are interested in more details, please read the internals documentation.

Units¶

To display quantities, Borg takes care of respecting the usual conventions of scale. Disk sizes are displayed in decimal, using powers of ten (so kB means 1000 bytes). For memory usage, binary prefixes are used, and are indicated using the IEC binary prefixes, using powers of two (so KiB means 1024 bytes).

Description¶

This command initializes an empty repository. A repository is a filesystem directory containing the deduplicated data from zero or more archives. Encryption can be enabled at repository init time. Please note that the ‘passphrase’ encryption mode is DEPRECATED (instead of it, consider using ‘repokey’).

Examples¶

# Local repository
$ borg init /mnt/backup

# Remote repository (accesses a remote borg via ssh)
$ borg init user@hostname:backup

# Encrypted remote repository, store the key in the repo
$ borg init --encryption=repokey user@hostname:backup

# Encrypted remote repository, store the key your home dir
$ borg init --encryption=keyfile user@hostname:backup

Important notes about encryption:

Use encryption! Repository encryption protects you e.g. against the case that an attacker has access to your backup repository.

But be careful with the key / the passphrase:

--encryption=passphrase is DEPRECATED and will be removed in next major release. This mode has very fundamental, unfixable problems (like you can never change your passphrase or the pbkdf2 iteration count for an existing repository, because the encryption / decryption key is directly derived from the passphrase).

If you want “passphrase-only” security, just use the repokey mode. The key will be stored inside the repository (in its “config” file). In above mentioned attack scenario, the attacker will have the key (but not the passphrase).

If you want “passphrase and having-the-key” security, use the keyfile mode. The key will be stored in your home directory (in .borg/keys). In the attack scenario, the attacker who has just access to your repo won’t have the key (and also not the passphrase).

Make a backup copy of the key file (keyfile mode) or repo config file (repokey mode) and keep it at a safe place, so you still have the key in case it gets corrupted or lost. The backup that is encrypted with that key won’t help you with that, of course.

Make sure you use a good passphrase. Not too short, not too simple. The real encryption / decryption key is encrypted with / locked by your passphrase. If an attacker gets your key, he can’t unlock and use it without knowing the passphrase. In repokey and keyfile modes, you can change your passphrase for existing repos.

Description¶

This command creates a backup archive containing all files found while recursively traversing all paths specified. The archive will consume almost no disk space for files or parts of files that have already been stored in other archives.

See the output of the “borg help patterns” command for more help on exclude patterns.

Examples¶

# Backup ~/Documents into an archive named "my-documents"
$ borg create /mnt/backup::my-documents ~/Documents

# Backup ~/Documents and ~/src but exclude pyc files
$ borg create /mnt/backup::my-files   \
    ~/Documents                       \
    ~/src                             \
    --exclude '*.pyc'

# Backup the root filesystem into an archive named "root-YYYY-MM-DD"
# use zlib compression (good, but slow) - default is no compression
NAME="root-`date +%Y-%m-%d`"
$ borg create -C zlib,6 /mnt/backup::$NAME / --do-not-cross-mountpoints

# Backup huge files with little chunk management overhead
$ borg create --chunker-params 19,23,21,4095 /mnt/backup::VMs /srv/VMs

# Backup a raw device (must not be active/in use/mounted at that time)
$ dd if=/dev/sda bs=10M | borg create /mnt/backup::my-sda -

# No compression (default)
$ borg create /mnt/backup::repo ~

# Super fast, low compression
$ borg create --compression lz4 /mnt/backup::repo ~

# Less fast, higher compression (N = 0..9)
$ borg create --compression zlib,N /mnt/backup::repo ~

# Even slower, even higher compression (N = 0..9)
$ borg create --compression lzma,N /mnt/backup::repo ~

Description¶

This command extracts the contents of an archive. By default the entire archive is extracted but a subset of files and directories can be selected by passing a list of PATHs as arguments. The file selection can further be restricted by using the --exclude option.

See the output of the “borg help patterns” command for more help on exclude patterns.

Examples¶

# Extract entire archive
$ borg extract /mnt/backup::my-files

# Extract entire archive and list files while processing
$ borg extract -v /mnt/backup::my-files

# Extract the "src" directory
$ borg extract /mnt/backup::my-files home/USERNAME/src

# Extract the "src" directory but exclude object files
$ borg extract /mnt/backup::my-files home/USERNAME/src --exclude '*.o'

Note: currently, extract always writes into the current working directory (”.”),

so make sure you cd to the right place before calling borg extract.

Description¶

The check command verifies the consistency of a repository and the corresponding archives.

First, the underlying repository data files are checked:

• For all segments the segment magic (header) is checked
• For all objects stored in the segments, all metadata (e.g. crc and size) and all data is read. The read data is checked by size and CRC. Bit rot and other types of accidental damage can be detected this way.
• If we are in repair mode and a integrity error is detected for a segment, we try to recover as many objects from the segment as possible.
• In repair mode, it makes sure that the index is consistent with the data stored in the segments.
• If you use a remote repo server via ssh:, the repo check is executed on the repo server without causing significant network traffic.
• The repository check can be skipped using the –archives-only option.

Second, the consistency and correctness of the archive metadata is verified:

• Is the repo manifest present? If not, it is rebuilt from archive metadata chunks (this requires reading and decrypting of all metadata and data).
• Check if archive metadata chunk is present. if not, remove archive from manifest.
• For all files (items) in the archive, for all chunks referenced by these files, check if chunk is present (if not and we are in repair mode, replace it with a same-size chunk of zeros). This requires reading of archive and file metadata, but not data.
• If we are in repair mode and we checked all the archives: delete orphaned chunks from the repo.
• if you use a remote repo server via ssh:, the archive check is executed on the client machine (because if encryption is enabled, the checks will require decryption and this is always done client-side, because key access will be required).
• The archive checks can be time consuming, they can be skipped using the –repository-only option.

Description¶

This command renames an archive in the repository.

Examples¶

$ borg create /mnt/backup::archivename ~
$ borg list /mnt/backup
archivename                          Mon Nov  2 20:40:06 2015

$ borg rename /mnt/backup::archivename newname
$ borg list /mnt/backup
newname                              Mon Nov  2 20:40:06 2015

Description¶

This command deletes an archive from the repository or the complete repository. Disk space is reclaimed accordingly. If you delete the complete repository, the local cache for it (if any) is also deleted.

Description¶

This command lists the contents of a repository or an archive.

Examples¶

$ borg list /mnt/backup
my-files            Thu Aug  1 23:33:22 2013
my-documents        Thu Aug  1 23:35:43 2013
root-2013-08-01     Thu Aug  1 23:43:55 2013
root-2013-08-02     Fri Aug  2 15:18:17 2013
...

$ borg list /mnt/backup::root-2013-08-02
drwxr-xr-x root   root          0 Jun 05 12:06 .
lrwxrwxrwx root   root          0 May 31 20:40 bin -> usr/bin
drwxr-xr-x root   root          0 Aug 01 22:08 etc
drwxr-xr-x root   root          0 Jul 15 22:07 etc/ImageMagick-6
-rw-r--r-- root   root       1383 May 22 22:25 etc/ImageMagick-6/colors.xml
...

Description¶

The prune command prunes a repository by deleting archives not matching any of the specified retention options. This command is normally used by automated backup scripts wanting to keep a certain number of historic backups.

As an example, “-d 7” means to keep the latest backup on each day for 7 days. Days without backups do not count towards the total. The rules are applied from hourly to yearly, and backups selected by previous rules do not count towards those of later rules. The time that each backup completes is used for pruning purposes. Dates and times are interpreted in the local timezone, and weeks go from Monday to Sunday. Specifying a negative number of archives to keep means that there is no limit.

The “–keep-within” option takes an argument of the form “<int><char>”, where char is “H”, “d”, “w”, “m”, “y”. For example, “–keep-within 2d” means to keep all archives that were created within the past 48 hours. “1m” is taken to mean “31d”. The archives kept with this option do not count towards the totals specified by any other options.

If a prefix is set with -p, then only archives that start with the prefix are considered for deletion and only those archives count towards the totals specified by the rules. Otherwise, all archives in the repository are candidates for deletion!

Examples¶

Be careful, prune is potentially dangerous command, it will remove backup archives.

The default of prune is to apply to all archives in the repository unless you restrict its operation to a subset of the archives using –prefix. When using –prefix, be careful to choose a good prefix - e.g. do not use a prefix “foo” if you do not also want to match “foobar”.

It is strongly recommended to always run prune –dry-run ... first so you will see what it would do without it actually doing anything.

# Keep 7 end of day and 4 additional end of week archives.
# Do a dry-run without actually deleting anything.
$ borg prune /mnt/backup --dry-run --keep-daily=7 --keep-weekly=4

# Same as above but only apply to archive names starting with "foo":
$ borg prune /mnt/backup --keep-daily=7 --keep-weekly=4 --prefix=foo

# Keep 7 end of day, 4 additional end of week archives,
# and an end of month archive for every month:
$ borg prune /mnt/backup --keep-daily=7 --keep-weekly=4 --keep-monthly=-1

# Keep all backups in the last 10 days, 4 additional end of week archives,
# and an end of month archive for every month:
$ borg prune /mnt/backup --keep-within=10d --keep-weekly=4 --keep-monthly=-1

Description¶

This command displays some detailed information about the specified archive.

Examples¶

$ borg info /mnt/backup::root-2013-08-02
Name: root-2013-08-02
Fingerprint: bc3902e2c79b6d25f5d769b335c5c49331e6537f324d8d3badcb9a0917536dbb
Hostname: myhostname
Username: root
Time: Fri Aug  2 15:18:17 2013
Command line: /usr/bin/borg create --stats -C zlib,6 /mnt/backup::root-2013-08-02 / --do-not-cross-mountpoints
Number of files: 147429
Original size: 5344169493 (4.98 GB)
Compressed size: 1748189642 (1.63 GB)
Unique data: 64805454 (61.80 MB)

Description¶

This command mounts an archive as a FUSE filesystem. This can be useful for browsing an archive or restoring individual files. Unless the --foreground option is given the command will run in the background until the filesystem is umounted.

Examples¶

$ borg mount /mnt/backup::root-2013-08-02 /tmp/mymountpoint
$ ls /tmp/mymountpoint
bin  boot  etc  lib  lib64  mnt  opt  root  sbin  srv  usr  var
$ fusermount -u /tmp/mymountpoint

Description¶

The key files used for repository encryption are optionally passphrase protected. This command can be used to change this passphrase.

Examples¶

# Create a key file protected repository
$ borg init --encryption=keyfile /mnt/backup
Initializing repository at "/mnt/backup"
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Key file "/home/USER/.borg/keys/mnt_backup" created.
Keep this file safe. Your data will be inaccessible without it.

# Change key file passphrase
$ borg change-passphrase /mnt/backup
Enter passphrase for key file /home/USER/.borg/keys/mnt_backup:
New passphrase:
Enter same passphrase again:
Key file "/home/USER/.borg/keys/mnt_backup" updated

Description¶

This command starts a repository server process. This command is usually not used manually.

Examples¶

# Allow an SSH keypair to only run |project_name|, and only have access to /mnt/backup.
# This will help to secure an automated remote backup system.
$ cat ~/.ssh/authorized_keys
command="borg serve --restrict-to-path /mnt/backup" ssh-rsa AAAAB3[...]

borg help patterns¶

Exclude patterns use a variant of shell pattern syntax, with '*' matching any
number of characters, '?' matching any single character, '[...]' matching any
single character specified, including ranges, and '[!...]' matching any
character not specified.  For the purpose of these patterns, the path
separator ('\' for Windows and '/' on other systems) is not treated
specially.  For a path to match a pattern, it must completely match from
start to end, or must match from the start to just before a path separator.
Except for the root path, paths will never end in the path separator when
matching is attempted.  Thus, if a given pattern ends in a path separator, a
'*' is appended before matching is attempted.  Patterns with wildcards should
be quoted to protect them from shell expansion.

Examples:

# Exclude '/home/user/file.o' but not '/home/user/file.odt':
$ borg create -e '*.o' backup /

# Exclude '/home/user/junk' and '/home/user/subdir/junk' but
# not '/home/user/importantjunk' or '/etc/junk':
$ borg create -e '/home/*/junk' backup /

# Exclude the contents of '/home/user/cache' but not the directory itself:
$ borg create -e /home/user/cache/ backup /

# The file '/home/user/cache/important' is *not* backed up:
$ borg create -e /home/user/cache/ backup / /home/user/cache/important

Item flags¶

borg create -v outputs a verbose list of all files, directories and other file system items it considered. For each item, it prefixes a single-letter flag that indicates type and/or status of the item.

A uppercase character represents the status of a regular file relative to the “files” cache (not relative to the repo - this is an issue if the files cache is not used). Metadata is stored in any case and for ‘A’ and ‘M’ also new data chunks are stored. For ‘U’ all data chunks refer to already existing chunks.

• ‘A’ = regular file, added
• ‘M’ = regular file, modified
• ‘U’ = regular file, unchanged

A lowercase character means a file type other than a regular file, borg usually just stores their metadata:

• ‘d’ = directory
• ‘b’ = block device
• ‘c’ = char device
• ‘h’ = regular file, hardlink (to already seen inodes)
• ‘s’ = symlink
• ‘f’ = fifo

Other flags used include:

• ‘i’ = backup data was read from standard input (stdin)
• ‘-‘ = dry run, item was not backed up
• ‘?’ = missing status code (if you see this, please file a bug report!)

–chunker-params¶

The chunker params influence how input files are cut into pieces (chunks) which are then considered for deduplication. They also have a big impact on resource usage (RAM and disk space) as the amount of resources needed is (also) determined by the total amount of chunks in the repository (see Indexes / Caches memory usage for details).

–chunker-params=10,23,16,4095 (default) results in a fine-grained deduplication and creates a big amount of chunks and thus uses a lot of resources to manage them. This is good for relatively small data volumes and if the machine has a good amount of free RAM and disk space.

–chunker-params=19,23,21,4095 results in a coarse-grained deduplication and creates a much smaller amount of chunks and thus uses less resources. This is good for relatively big data volumes and if the machine has a relatively low amount of free RAM and disk space.

If you already have made some archives in a repository and you then change chunker params, this of course impacts deduplication as the chunks will be cut differently.

In the worst case (all files are big and were touched in between backups), this will store all content into the repository again.

Usually, it is not that bad though: - usually most files are not touched, so it will just re-use the old chunks it already has in the repo - files smaller than the (both old and new) minimum chunksize result in only one chunk anyway, so the resulting chunks are same and deduplication will apply

If you switch chunker params to save resources for an existing repo that already has some backup archives, you will see an increasing effect over time, when more and more files have been touched and stored again using the bigger chunksize and all references to the smaller older chunks have been removed (by deleting / pruning archives).

If you want to see an immediate big effect on resource usage, you better start a new repository when changing chunker params.

For more details, see Chunks.

–read-special¶

The option --read-special is not intended for normal, filesystem-level (full or partly-recursive) backups. You only give this option if you want to do something rather ... special – and if you have hand-picked some files that you want to treat that way.

borg create --read-special will open all files without doing any special treatment according to the file type (the only exception here are directories: they will be recursed into). Just imagine what happens if you do cat filename — the content you will see there is what borg will backup for that filename.

So, for example, symlinks will be followed, block device content will be read, named pipes / UNIX domain sockets will be read.

You need to be careful with what you give as filename when using --read-special, e.g. if you give /dev/zero, your backup will never terminate.

The given files’ metadata is saved as it would be saved without --read-special (e.g. its name, its size [might be 0], its mode, etc.) - but additionally, also the content read from it will be saved for it.

Restoring such files’ content is currently only supported one at a time via --stdout option (and you have to redirect stdout to where ever it shall go, maybe directly into an existing device file of your choice or indirectly via dd).

$ # create snapshots here
$ lvdisplay > lvdisplay.txt
$ borg create --read-special /mnt/backup::repo lvdisplay.txt /dev/vg0/*-snapshot
$ # remove snapshots here

$ borg extract /mnt/backup::repo lvdisplay.txt
$ # create empty LVs with correct sizes here (look into lvdisplay.txt).
$ # we assume that you created an empty root and home LV and overwrite it now:
$ borg extract --stdout /mnt/backup::repo dev/vg0/root-snapshot > /dev/vg0/root
$ borg extract --stdout /mnt/backup::repo dev/vg0/home-snapshot > /dev/vg0/home