Fix Healthchecks tests that leak global state, breaking downstream tests (discovered in #543).

Reviewed-on: borgmatic-collective/borgmatic#540

.drone.yml

@@ -1,57 +1,39 @@
----
 kind: pipeline
-name: python-3-5-alpine-3-10
+name: python-3-8-alpine-3-13
+
+services:
+  - name: postgresql
+    image: postgres:13.1-alpine
+    environment:
+      POSTGRES_PASSWORD: test
+      POSTGRES_DB: test
+  - name: mysql
+    image: mariadb:10.5
+    environment:
+      MYSQL_ROOT_PASSWORD: test
+      MYSQL_DATABASE: test
+  - name: mongodb
+    image: mongo:5.0.5
+    environment:
+      MONGO_INITDB_ROOT_USERNAME: root
+      MONGO_INITDB_ROOT_PASSWORD: test
+
+clone:
+  skip_verify: true
 
 steps:
 - name: build
-  image: python:3.5-alpine3.10
+  image: alpine:3.13
   pull: always
   commands:
-    - scripts/run-tests
----
-kind: pipeline
-name: python-3-6-alpine-3-10
-
-steps:
-- name: build
-  image: python:3.6-alpine3.10
-  pull: always
-  commands:
-    - scripts/run-tests
----
-kind: pipeline
-name: python-3-7-alpine-3-10
-
-steps:
-- name: build
-  image: python:3.7-alpine3.10
-  pull: always
-  commands:
-    - scripts/run-tests
----
-kind: pipeline
-name: python-3-7-alpine-3-7
-
-steps:
-- name: build
-  image: python:3.7-alpine3.7
-  pull: always
-  commands:
-    - scripts/run-tests
----
-kind: pipeline
-name: python-3-8-alpine-3-10
-
-steps:
-- name: build
-  image: python:3.8-alpine3.10
-  pull: always
-  commands:
-    - scripts/run-tests
+    - scripts/run-full-tests
 ---
 kind: pipeline
 name: documentation
 
+clone:
+  skip_verify: true
+
 steps:
 - name: build
   image: plugins/docker
@@ -62,6 +44,11 @@ steps:
       from_secret: docker_password
     repo: witten/borgmatic-docs
     dockerfile: docs/Dockerfile
-  when:
-    branch:
-      - master
+
+trigger:
+  repo:
+    - borgmatic-collective/borgmatic
+  branch:
+    - master
+  event:
+    - push

.eleventy.js

@@ -1,9 +1,11 @@
 const pluginSyntaxHighlight = require("@11ty/eleventy-plugin-syntaxhighlight");
 const inclusiveLangPlugin = require("@11ty/eleventy-plugin-inclusive-language");
+const navigationPlugin = require("@11ty/eleventy-navigation");
 
 module.exports = function(eleventyConfig) {
     eleventyConfig.addPlugin(pluginSyntaxHighlight);
     eleventyConfig.addPlugin(inclusiveLangPlugin);
+    eleventyConfig.addPlugin(navigationPlugin);
 
     let markdownIt = require("markdown-it");
     let markdownItAnchor = require("markdown-it-anchor");
@@ -34,6 +36,8 @@ module.exports = function(eleventyConfig) {
 
     eleventyConfig.addPassthroughCopy({"docs/static": "static"});
 
+    eleventyConfig.setLiquidOptions({dynamicPartials: false});
+
     return {
         templateFormats: [
           "md",

.gitignore

@@ -2,7 +2,7 @@
 *.pyc
 *.swp
 .cache
-.coverage
+.coverage*
 .pytest_cache
 .tox
 __pycache__

NEWS

@@ -1,3 +1,304 @@
+1.6.3.dev0
+ * #541: Add "borgmatic list --find" flag for searching for files across multiple archives, useful
+   for hunting down that file you accidentally deleted so you can extract it. See the documentation
+   for more information:
+   https://torsion.org/borgmatic/docs/how-to/inspect-your-backups/#searching-for-a-file
+ * Deprecate "borgmatic list --successful" flag, as listing only non-checkpoint (successful)
+   archives is now the default in newer versions of Borg.
+
+1.6.2
+ * #523: Reduce the default consistency check frequency and support configuring the frequency
+   independently for each check. Also add "borgmatic check --force" flag to ignore configured
+   frequencies. See the documentation for more information:
+   https://torsion.org/borgmatic/docs/how-to/deal-with-very-large-backups/#check-frequency
+ * #536: Fix generate-borgmatic-config to support more complex schema changes like the new
+   Healthchecks configuration options when the "--source" flag is used.
+ * #538: Add support for "borgmatic borg debug" command.
+ * #539: Add "generate-borgmatic-config --overwrite" flag to replace an existing destination file.
+ * Add Bash completion script so you can tab-complete the borgmatic command-line. See the
+   documentation for more information:
+   https://torsion.org/borgmatic/docs/how-to/set-up-backups/#shell-completion
+
+1.6.1
+ * #294: Add Healthchecks monitoring hook "ping_body_limit" option to configure how many bytes of
+   logs to send to the Healthchecks server.
+ * #402: Remove the error when "archive_name_format" is specified but a retention prefix isn't. 
+ * #420: Warn when an unsupported variable is used in a hook command.
+ * #439: Change connection failures for monitoring hooks (Healthchecks, Cronitor, PagerDuty, and
+   Cronhub) to be warnings instead of errors. This way, the monitoring system failing does not block
+   backups.
+ * #460: Add Healthchecks monitoring hook "send_logs" option to enable/disable sending borgmatic
+   logs to the Healthchecks server.
+ * #525: Add Healthchecks monitoring hook "states" option to only enable pinging for particular
+   monitoring states (start, finish, fail).
+ * #528: Improve the error message when a configuration override contains an invalid value.
+ * #531: BREAKING: When deep merging common configuration, merge colliding list values by appending
+   them. Previously, one list replaced the other.
+ * #532: When a configuration include is a relative path, load it from either the current working
+   directory or from the directory containing the file doing the including. Previously, only the
+   working directory was used.
+ * Add a randomized delay to the sample systemd timer to spread out the load on a server.
+ * Change the configuration format for borgmatic monitoring hooks (Healthchecks, Cronitor,
+   PagerDuty, and Cronhub) to specify the ping URL / integration key as a named option. The intent
+   is to support additional options (some in this release). This change is backwards-compatible.
+ * Add emojis to documentation table of contents to make it easier to find particular how-to and
+   reference guides at a glance.
+
+1.6.0
+ * #381: BREAKING: Greatly simplify configuration file reuse by deep merging when including common
+   configuration. See the documentation for more information:
+   https://torsion.org/borgmatic/docs/how-to/make-per-application-backups/#include-merging
+ * #473: BREAKING: Instead of executing "before" command hooks before all borgmatic actions run (and
+   "after" hooks after), execute these hooks right before/after the corresponding action. E.g.,
+   "before_check" now runs immediately before the "check" action. This better supports running
+   timing-sensitive tasks like pausing containers. Side effect: before/after command hooks now run
+   once for each configured repository instead of once per configuration file. Additionally, the
+   "repositories" interpolated variable has been changed to "repository", containing the path to the
+   current repository for the hook. See the documentation for more information:
+   https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/
+ * #513: Add mention of sudo's "secure_path" option to borgmatic installation documentation.
+ * #515: Fix "borgmatic borg key ..." to pass parameters to Borg in the correct order.
+ * #516: Fix handling of TERM signal to exit borgmatic, not just forward the signal to Borg.
+ * #517: Fix borgmatic exit code (so it's zero) when initial Borg calls fail but later retries
+   succeed.
+ * Change Healthchecks logs truncation size from 10k bytes to 100k bytes, corresponding to that
+   same change on Healthchecks.io.
+
+1.5.24
+ * #431: Add "working_directory" option to support source directories with relative paths.
+ * #444: When loading a configuration file that is unreadable due to file permissions, warn instead
+   of erroring. This supports running borgmatic as a non-root user with configuration in ~/.config
+   even if there is an unreadable global configuration file in /etc.
+ * #469: Add "repositories" context to "before_*" and "after_*" command action hooks. See the
+   documentation for more information:
+   https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/
+ * #486: Fix handling of "patterns_from" and "exclude_from" options to error instead of warning when
+   referencing unreadable files and "create" action is run.
+ * #507: Fix Borg usage error in the "compact" action when running "borgmatic --dry-run". Now, skip
+   "compact" entirely during a dry run.
+
+1.5.23
+ * #394: Compact repository segments and free space with new "borgmatic compact" action. Borg 1.2+
+   only. Also run "compact" by default when no actions are specified, as "prune" in Borg 1.2 no
+   longer frees up space unless "compact" is run.
+ * #394: When using the "atime", "bsd_flags", "numeric_owner", or "remote_rate_limit" options,
+   tailor the flags passed to Borg depending on the Borg version.
+ * #480, #482: Fix traceback when a YAML validation error occurs.
+
+1.5.22
+ * #288: Add database dump hook for MongoDB.
+ * #470: Move mysqldump options to the beginning of the command due to MySQL bug 30994.
+ * #471: When command-line configuration override produces a parse error, error cleanly instead of
+   tracebacking.
+ * #476: Fix unicode error when restoring particular MySQL databases.
+ * Drop support for Python 3.6, which has been end-of-lifed.
+ * Add support for Python 3.10.
+
+1.5.21
+ * #28: Optionally retry failing backups via "retries" and "retry_wait" configuration options.
+ * #306: Add "list_options" MySQL configuration option for passing additional arguments to MySQL
+   list command.
+ * #459: Add support for old version (2.x) of jsonschema library.
+
+1.5.20
+ * Re-release with correct version without dev0 tag.
+
+1.5.19
+ * #387: Fix error when configured source directories are not present on the filesystem at the time
+   of backup. Now, Borg will complain, but the backup will still continue.
+ * #455: Mention changing borgmatic path in cron documentation.
+ * Update sample systemd service file with more granular read-only filesystem settings.
+ * Move Gitea and GitHub hosting from a personal namespace to an organization for better
+   collaboration with related projects.
+ * 1k ★s on GitHub!
+
+1.5.18
+ * #389: Fix "message too long" error when logging to rsyslog.
+ * #440: Fix traceback that can occur when dumping a database.
+
+1.5.17
+ * #437: Fix error when configuration file contains "umask" option.
+ * Remove test dependency on vim and /dev/urandom.
+
+1.5.16
+ * #379: Suppress console output in sample crontab and systemd service files.
+ * #407: Fix syslog logging on FreeBSD.
+ * #430: Fix hang when restoring a PostgreSQL "tar" format database dump.
+ * Better error messages! Switch the library used for validating configuration files (from pykwalify
+   to jsonschema).
+ * Link borgmatic Ansible role from installation documentation:
+   https://torsion.org/borgmatic/docs/how-to/set-up-backups/#other-ways-to-install
+
+1.5.15
+ * #419: Document use case of running backups conditionally based on laptop power level:
+   https://torsion.org/borgmatic/docs/how-to/backup-to-a-removable-drive-or-an-intermittent-server/
+ * #425: Run arbitrary Borg commands with new "borgmatic borg" action. See the documentation for
+   more information: https://torsion.org/borgmatic/docs/how-to/run-arbitrary-borg-commands/
+
+1.5.14
+ * #390: Add link to Hetzner storage offering from the documentation.
+ * #398: Clarify canonical home of borgmatic in documentation.
+ * #406: Clarify that spaces in path names should not be backslashed in path names.
+ * #423: Fix error handling to error loudly when Borg gets killed due to running out of memory!
+ * Fix build so as not to attempt to build and push documentation for a non-master branch.
+ * "Fix" build failure with Alpine Edge by switching from Edge to Alpine 3.13.
+ * Move #borgmatic IRC channel from Freenode to Libera Chat due to Freenode takeover drama.
+   IRC connection info: https://torsion.org/borgmatic/#issues
+
+1.5.13
+ * #373: Document that passphrase is used for Borg keyfile encryption, not just repokey encryption.
+ * #404: Add support for ruamel.yaml 0.17.x YAML parsing library.
+ * Update systemd service example to return a permission error when a system call isn't permitted
+   (instead of terminating borgmatic outright).
+ * Drop support for Python 3.5, which has been end-of-lifed.
+ * Add support for Python 3.9.
+ * Update versions of test dependencies (test_requirements.txt and test containers).
+ * Only support black code formatter on Python 3.8+. New black dependencies make installation
+   difficult on older versions of Python.
+ * Replace "improve this documentation" form with link to support and ticket tracker.
+
+1.5.12
+ * Fix for previous release with incorrect version suffix in setup.py. No other changes.
+
+1.5.11
+ * #341: Add "temporary_directory" option for changing Borg's temporary directory.
+ * #352: Lock down systemd security settings in sample systemd service file.
+ * #355: Fix traceback when a database hook value is null in a configuration file.
+ * #361: Merge override values when specifying the "--override" flag multiple times. The previous
+   behavior was to take the value of the last "--override" flag only.
+ * #367: Fix traceback when upgrading old INI-style configuration with upgrade-borgmatic-config.
+ * #368: Fix signal forwarding from borgmatic to Borg resulting in recursion traceback.
+ * #369: Document support for Borg placeholders in repository names.
+
+1.5.10
+ * #347: Add hooks that run for the "extract" action: "before_extract" and "after_extract".
+ * #350: Fix traceback when a configuration directory is non-readable due to directory permissions.
+ * Add documentation navigation links on left side of all documentation pages.
+ * Clarify documentation on configuration overrides, specifically the portion about list syntax:
+   http://torsion.org/borgmatic/docs/how-to/make-per-application-backups/#configuration-overrides
+ * Clarify documentation overview of monitoring options:
+   http://torsion.org/borgmatic/docs/how-to/monitor-your-backups/
+
+1.5.9
+ * #300: Add "borgmatic export-tar" action to export an archive to a tar-formatted file or stream.
+ * #339: Fix for intermittent timing-related test failure of logging function.
+ * Clarify database documentation about excluding named pipes and character/block devices to prevent
+   hangs.
+ * Add documentation on how to make backups redundant with multiple repositories:
+   https://torsion.org/borgmatic/docs/how-to/make-backups-redundant/
+
+1.5.8
+ * #336: Fix for traceback when running Cronitor, Cronhub, and PagerDuty monitor hooks.
+
+1.5.7
+ * #327: Fix broken pass-through of BORG_* environment variables to Borg.
+ * #328: Fix duplicate logging to Healthchecks and send "after_*" hooks output to Healthchecks.
+ * #331: Add SSL support to PostgreSQL database configuration.
+ * #333: Fix for potential data loss (data not getting backed up) when borgmatic omitted configured
+   source directories in certain situations. Specifically, this occurred when two source directories
+   on different filesystems were related by parentage (e.g. "/foo" and "/foo/bar/baz") and the
+   one_file_system option was enabled.
+ * Update documentation code fragments theme to better match the rest of the page.
+ * Improve configuration reference documentation readability via more aggressive word-wrapping in
+   configuration schema descriptions.
+
+1.5.6
+ * #292: Allow before_backup and similiar hooks to exit with a soft failure without altering the
+   monitoring status on Healthchecks or other providers. Support this by waiting to ping monitoring
+   services with a "start" status until after before_* hooks finish. Failures in before_* hooks
+   still trigger a monitoring "fail" status.
+ * #316: Fix hang when a stale database dump named pipe from an aborted borgmatic run remains on
+   disk.
+ * #323: Fix for certain configuration options like ssh_command impacting Borg invocations for
+   separate configuration files.
+ * #324: Add "borgmatic extract --strip-components" flag to remove leading path components when
+   extracting an archive.
+ * Tweak comment indentation in generated configuration file for clarity.
+ * Link to Borgmacator GNOME AppIndicator from monitoring documentation.
+
+1.5.5
+ * #314: Fix regression in support for PostgreSQL's "directory" dump format. Unlike other dump
+   formats, the "directory" dump format does not stream directly to/from Borg.
+ * #315: Fix enabled database hooks to implicitly set one_file_system configuration option to true.
+   This prevents Borg from reading devices like /dev/zero and hanging.
+ * #316: Fix hang when streaming a database dump to Borg with implicit duplicate source directories
+   by deduplicating them first.
+ * #319: Fix error message when there are no MySQL databases to dump for "all" databases.
+ * Improve documentation around the installation process. Specifically, making borgmatic commands
+   runnable via the system PATH and offering a global install option.
+
+1.5.4
+ * #310: Fix legitimate database dump command errors (exit code 1) not being treated as errors by
+   borgmatic.
+ * For database dumps, replace the named pipe on every borgmatic run. This prevent hangs on stale
+   pipes left over from previous runs.
+ * Fix error handling to handle more edge cases when executing commands.
+
+1.5.3
+ * #258: Stream database dumps and restores directly to/from Borg without using any additional
+   filesystem space. This feature is automatic, and works even on restores from archives made with
+   previous versions of borgmatic.
+ * #293: Documentation on macOS launchd permissions issues with work-around for Full Disk Access.
+ * Remove "borgmatic restore --progress" flag, as it now conflicts with streaming database restores.
+
+1.5.2
+ * #301: Fix MySQL restore error on "all" database dump by excluding system tables.
+ * Fix PostgreSQL restore error on "all" database dump by using "psql" for the restore instead of
+   "pg_restore".
+
+1.5.1
+ * #289: Tired of looking up the latest successful archive name in order to pass it to borgmatic
+   actions? Me too. Now you can specify "--archive latest" to all actions that accept an archive
+   flag.
+ * #290: Fix the "--stats" and "--files" flags so that they yield output at verbosity 0.
+ * Reduce the default verbosity of borgmatic logs sent to Healthchecks monitoring hook. Now, it's
+   warnings and errors only. You can increase the verbosity via the "--monitoring-verbosity" flag.
+ * Add security policy documentation in SECURITY.md.
+
+1.5.0
+ * #245: Monitor backups with PagerDuty hook integration. See the documentation for more
+   information: https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/#pagerduty-hook
+ * #255: Add per-action hooks: "before_prune", "after_prune", "before_check", and "after_check".
+ * #274: Add ~/.config/borgmatic.d as another configuration directory default.
+ * #277: Customize Healthchecks log level via borgmatic "--monitoring-verbosity" flag.
+ * #280: Change "exclude_if_present" option to support multiple filenames that indicate a directory
+   should be excluded from backups, rather than just a single filename.
+ * #284: Backup to a removable drive or intermittent server via "soft failure" feature. See the
+   documentation for more information:
+   https://torsion.org/borgmatic/docs/how-to/backup-to-a-removable-drive-or-an-intermittent-server/
+ * #287: View consistency check progress via "--progress" flag for "check" action.
+ * For "create" and "prune" actions, no longer list files or show detailed stats at any verbosities
+   by default. You can opt back in with "--files" or "--stats" flags.
+ * For "list" and "info" actions, show repository names even at verbosity 0.
+
+1.4.22
+ * #276, #285: Disable colored output when "--json" flag is used, so as to produce valid JSON ouput.
+ * After a backup of a database dump in directory format, properly remove the dump directory.
+ * In "borgmatic --help", don't expand $HOME in listing of default "--config" paths.
+
+1.4.21
+ * #268: Override particular configuration options from the command-line via "--override" flag. See
+   the documentation for more information:
+   https://torsion.org/borgmatic/docs/how-to/make-per-application-backups/#configuration-overrides
+ * #270: Only trigger "on_error" hooks and monitoring failures for "prune", "create", and "check"
+   actions, and not for other actions.
+ * When pruning with verbosity level 1, list pruned and kept archives. Previously, this information
+   was only shown at verbosity level 2.
+
+1.4.20
+ * Fix repository probing during "borgmatic init" to respect verbosity flag and remote_path option.
+ * #249: Update Healthchecks/Cronitor/Cronhub monitoring integrations to fire for "check" and
+   "prune" actions, not just "create".
+
+1.4.19
+ * #259: Optionally change the internal database dump path via "borgmatic_source_directory" option
+   in location configuration section.
+ * #271: Support piping "borgmatic list" output to grep by logging certain log levels to console
+   stdout and others to stderr.
+ * Retain colored output when piping or redirecting in an interactive terminal.
+ * Add end-to-end tests for database dump and restore. These are run on developer machines with
+   Docker Compose for approximate parity with continuous integration tests.
+
 1.4.18
  * Fix "--repository" flag to accept relative paths.
  * Fix "borgmatic umount" so it only runs Borg once instead of once per repository / configuration
@@ -381,7 +682,7 @@
  * #49: Support for Borg experimental --patterns-from and --patterns options for specifying mixed
    includes/excludes.
  * Moved issue tracker from Taiga to integrated Gitea tracker at
-   https://projects.torsion.org/witten/borgmatic/issues
+   https://projects.torsion.org/borgmatic-collective/borgmatic/issues
 
 1.1.12
  * #46: Declare dependency on pykwalify 1.6 or above, as older versions yield "Unknown key: version"

README.md

@@ -11,6 +11,8 @@ borgmatic is simple, configuration-driven backup software for servers and
 workstations. Protect your files with client-side encryption. Backup your
 databases too. Monitor it all with integrated third-party services.
 
+The canonical home of borgmatic is at <a href="https://torsion.org/borgmatic">https://torsion.org/borgmatic</a>.
+
 Here's an example configuration file:
 
 ```yaml
@@ -20,9 +22,11 @@ location:
         - /home
         - /etc
 
-    # Paths to local or remote repositories.
+    # Paths of local or remote repositories to backup to.
     repositories:
-        - user@backupserver:sourcehostname.borg
+        - 1234@usw-s001.rsync.net:backups.borg
+        - k8pDxu32@k8pDxu32.repo.borgbase.com:repo
+        - /var/lib/backups/local.borg
 
 retention:
     # Retention policy for how many backups to keep.
@@ -33,8 +37,9 @@ retention:
 consistency:
     # List of checks to run to validate your backups.
     checks:
-        - repository
-        - archives
+        - name: repository
+        - name: archives
+          frequency: 2 weeks
 
 hooks:
     # Custom preparation scripts to run.
@@ -50,9 +55,9 @@ hooks:
 ```
 
 Want to see borgmatic in action? Check out the <a
-href="https://asciinema.org/a/203761" target="_blank">screencast</a>.
+href="https://asciinema.org/a/203761?autoplay=1" target="_blank">screencast</a>.
 
-<script src="https://asciinema.org/a/203761.js" id="asciicast-203761" async></script>
+<a href="https://asciinema.org/a/203761?autoplay=1" target="_blank"><img src="https://asciinema.org/a/203761.png" width="480"></a>
 
 borgmatic is powered by [Borg Backup](https://www.borgbackup.org/).
 
@@ -61,72 +66,76 @@ borgmatic is powered by [Borg Backup](https://www.borgbackup.org/).
 <a href="https://www.postgresql.org/"><img src="docs/static/postgresql.png" alt="PostgreSQL" height="60px" style="margin-bottom:20px;"></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 <a href="https://www.mysql.com/"><img src="docs/static/mysql.png" alt="MySQL" height="60px" style="margin-bottom:20px;"></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 <a href="https://mariadb.com/"><img src="docs/static/mariadb.png" alt="MariaDB" height="60px" style="margin-bottom:20px;"></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+<a href="https://www.mongodb.com/"><img src="docs/static/mongodb.png" alt="MongoDB" height="60px" style="margin-bottom:20px;"></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 <a href="https://healthchecks.io/"><img src="docs/static/healthchecks.png" alt="Healthchecks" height="60px" style="margin-bottom:20px;"></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 <a href="https://cronitor.io/"><img src="docs/static/cronitor.png" alt="Cronitor" height="60px" style="margin-bottom:20px;"></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 <a href="https://cronhub.io/"><img src="docs/static/cronhub.png" alt="Cronhub" height="60px" style="margin-bottom:20px;"></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-<a href="https://www.rsync.net/cgi-bin/borg.cgi?campaign=borg&adgroup=borgmatic"><img src="docs/static/rsyncnet.png" alt="rsync.net" height="60px" style="margin-bottom:20px;"></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+<a href="https://www.pagerduty.com/"><img src="docs/static/pagerduty.png" alt="PagerDuty" height="60px" style="margin-bottom:20px;"></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 <a href="https://www.borgbase.com/?utm_source=borgmatic"><img src="docs/static/borgbase.png" alt="BorgBase" height="60px" style="margin-bottom:20px;"></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 
 
-## How-to guides
+## Getting started
 
- * [Set up backups with borgmatic](https://torsion.org/borgmatic/docs/how-to/set-up-backups/) ⬅ *Start here!*
- * [Make per-application backups](https://torsion.org/borgmatic/docs/how-to/make-per-application-backups/)
- * [Deal with very large backups](https://torsion.org/borgmatic/docs/how-to/deal-with-very-large-backups/)
- * [Inspect your backups](https://torsion.org/borgmatic/docs/how-to/inspect-your-backups/)
- * [Monitor your backups](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/)
- * [Extract a backup](https://torsion.org/borgmatic/docs/how-to/extract-a-backup/)
- * [Backup your databases](https://torsion.org/borgmatic/docs/how-to/backup-your-databases/)
- * [Add preparation and cleanup steps to backups](https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/)
- * [Upgrade borgmatic](https://torsion.org/borgmatic/docs/how-to/upgrade/)
- * [Develop on borgmatic](https://torsion.org/borgmatic/docs/how-to/develop-on-borgmatic/)
+Your first step is to [install and configure
+borgmatic](https://torsion.org/borgmatic/docs/how-to/set-up-backups/).
 
-
-## Reference guides
-
- * [borgmatic configuration reference](https://torsion.org/borgmatic/docs/reference/configuration/)
- * [borgmatic command-line reference](https://torsion.org/borgmatic/docs/reference/command-line/)
+For additional documentation, check out the links above for <a
+href="https://torsion.org/borgmatic/#documentation">borgmatic how-to and
+reference guides</a>.
 
 
 ## Hosting providers
 
-Need somewhere to store your encrypted offsite backups? The following hosting
-providers include specific support for Borg/borgmatic. Using these links and
-services helps support borgmatic development and hosting. (These are referral
-links, but without any tracking scripts or cookies.)
+Need somewhere to store your encrypted off-site backups? The following hosting
+providers include specific support for Borg/borgmatic—and fund borgmatic
+development and hosting when you use these links to sign up. (These are
+referral links, but without any tracking scripts or cookies.)
 
 <ul>
- <li class="referral"><a href="https://www.rsync.net/cgi-bin/borg.cgi?campaign=borg&adgroup=borgmatic">rsync.net</a>: Cloud Storage provider with full support for borg and any other SSH/SFTP tool</li>
  <li class="referral"><a href="https://www.borgbase.com/?utm_source=borgmatic">BorgBase</a>: Borg hosting service with support for monitoring, 2FA, and append-only repos</li>
 </ul>
 
+Additionally, [rsync.net](https://www.rsync.net/products/borg.html) and
+[Hetzner](https://www.hetzner.com/storage/storage-box) have compatible storage
+offerings, but do not currently fund borgmatic development or hosting.
+
 ## Support and contributing
 
 ### Issues
 
 You've got issues? Or an idea for a feature enhancement? We've got an [issue
-tracker](https://projects.torsion.org/witten/borgmatic/issues). In order to
+tracker](https://projects.torsion.org/borgmatic-collective/borgmatic/issues). In order to
 create a new issue or comment on an issue, you'll need to [login
 first](https://projects.torsion.org/user/login). Note that you can login with
 an existing GitHub account if you prefer.
 
 If you'd like to chat with borgmatic developers or users, head on over to the
-`#borgmatic` IRC channel on Freenode, either via <a
-href="https://webchat.freenode.net/?channels=borgmatic">web chat</a> or a
-native <a href="irc://chat.freenode.net:6697">IRC client</a>.
+`#borgmatic` IRC channel on Libera Chat, either via <a
+href="https://web.libera.chat/#borgmatic">web chat</a> or a
+native <a href="ircs://irc.libera.chat:6697">IRC client</a>. If you
+don't get a response right away, please hang around a while—or file a ticket
+instead.
 
-Other questions or comments? Contact <mailto:witten@torsion.org>.
+Also see the [security
+policy](https://torsion.org/borgmatic/docs/security-policy/) for any security
+issues.
+
+Other questions or comments? Contact
+[witten@torsion.org](mailto:witten@torsion.org).
 
 
 ### Contributing
 
-borgmatic is hosted at <https://torsion.org/borgmatic> with [source code
-available](https://projects.torsion.org/witten/borgmatic). It's also mirrored
-on [GitHub](https://github.com/witten/borgmatic) for convenience.
+borgmatic [source code is
+available](https://projects.torsion.org/borgmatic-collective/borgmatic) and is also mirrored
+on [GitHub](https://github.com/borgmatic-collective/borgmatic) for convenience.
+
+borgmatic is licensed under the GNU General Public License version 3 or any
+later version.
 
 If you'd like to contribute to borgmatic development, please feel free to
-submit a [Pull Request](https://projects.torsion.org/witten/borgmatic/pulls)
-or open an [issue](https://projects.torsion.org/witten/borgmatic/issues) first
+submit a [Pull Request](https://projects.torsion.org/borgmatic-collective/borgmatic/pulls)
+or open an [issue](https://projects.torsion.org/borgmatic-collective/borgmatic/issues) first
 to discuss your idea. We also accept Pull Requests on GitHub, if that's more
 your thing. In general, contributions are very welcome. We don't bite! 
 
@@ -134,5 +143,5 @@ Also, please check out the [borgmatic development
 how-to](https://torsion.org/borgmatic/docs/how-to/develop-on-borgmatic/) for
 info on cloning source code, running tests, etc.
 
-<a href="https://build.torsion.org/witten/borgmatic" alt="build status">![Build Status](https://build.torsion.org/api/badges/witten/borgmatic/status.svg?ref=refs/heads/master)</a>
+<a href="https://build.torsion.org/borgmatic-collective/borgmatic" alt="build status">![Build Status](https://build.torsion.org/api/badges/borgmatic-collective/borgmatic/status.svg?ref=refs/heads/master)</a>
 

SECURITY.md

@@ -0,0 +1,18 @@
+---
+title: Security policy
+permalink: security-policy/index.html
+---
+
+## Supported versions
+
+While we want to hear about security vulnerabilities in all versions of
+borgmatic, security fixes are only made to the most recently released version.
+It's simply not practical for our small volunteer effort to maintain multiple
+release branches and put out separate security patches for each.
+
+## Reporting a vulnerability
+
+If you find a security vulnerability, please [file a
+ticket](https://torsion.org/borgmatic/#issues) or [send email
+directly](mailto:witten@torsion.org) as appropriate. You should expect to hear
+back within a few days at most and generally sooner.

borgmatic/borg/borg.py

@@ -0,0 +1,55 @@
+import logging
+
+from borgmatic.borg.flags import make_flags
+from borgmatic.execute import execute_command
+
+logger = logging.getLogger(__name__)
+
+
+REPOSITORYLESS_BORG_COMMANDS = {'serve', None}
+BORG_COMMANDS_WITH_SUBCOMMANDS = {'key', 'debug'}
+BORG_SUBCOMMANDS_WITHOUT_REPOSITORY = (('debug', 'info'), ('debug', 'convert-profile'))
+
+
+def run_arbitrary_borg(
+    repository, storage_config, options, archive=None, local_path='borg', remote_path=None
+):
+    '''
+    Given a local or remote repository path, a storage config dict, a sequence of arbitrary
+    command-line Borg options, and an optional archive name, run an arbitrary Borg command on the
+    given repository/archive.
+    '''
+    lock_wait = storage_config.get('lock_wait', None)
+
+    try:
+        options = options[1:] if options[0] == '--' else options
+
+        # Borg commands like "key" have a sub-command ("export", etc.) that must follow it.
+        command_options_start_index = 2 if options[0] in BORG_COMMANDS_WITH_SUBCOMMANDS else 1
+        borg_command = tuple(options[:command_options_start_index])
+        command_options = tuple(options[command_options_start_index:])
+    except IndexError:
+        borg_command = ()
+        command_options = ()
+
+    if borg_command in BORG_SUBCOMMANDS_WITHOUT_REPOSITORY:
+        repository_archive = None
+    else:
+        repository_archive = (
+            '::'.join((repository, archive)) if repository and archive else repository
+        )
+
+    full_command = (
+        (local_path,)
+        + borg_command
+        + ((repository_archive,) if borg_command and repository_archive else ())
+        + command_options
+        + (('--info',) if logger.getEffectiveLevel() == logging.INFO else ())
+        + (('--debug', '--show-rc') if logger.isEnabledFor(logging.DEBUG) else ())
+        + make_flags('remote-path', remote_path)
+        + make_flags('lock-wait', lock_wait)
+    )
+
+    return execute_command(
+        full_command, output_log_level=logging.WARNING, borg_local_path=local_path,
+    )

borgmatic/borg/check.py

@@ -1,46 +1,157 @@
+import argparse
+import datetime
+import json
 import logging
+import os
+import pathlib
 
-from borgmatic.borg import extract
-from borgmatic.execute import execute_command, execute_command_without_capture
+from borgmatic.borg import extract, info, state
+from borgmatic.execute import DO_NOT_CAPTURE, execute_command
 
-DEFAULT_CHECKS = ('repository', 'archives')
+DEFAULT_CHECKS = (
+    {'name': 'repository', 'frequency': '1 month'},
+    {'name': 'archives', 'frequency': '1 month'},
+)
 DEFAULT_PREFIX = '{hostname}-'
 
 
 logger = logging.getLogger(__name__)
 
 
-def _parse_checks(consistency_config, only_checks=None):
+def parse_checks(consistency_config, only_checks=None):
     '''
-    Given a consistency config with a "checks" list, and an optional list of override checks,
-    transform them a tuple of named checks to run.
+    Given a consistency config with a "checks" sequence of dicts and an optional list of override
+    checks, return a tuple of named checks to run.
 
     For example, given a retention config of:
 
-        {'checks': ['repository', 'archives']}
+        {'checks': ({'name': 'repository'}, {'name': 'archives'})}
 
     This will be returned as:
 
         ('repository', 'archives')
 
-    If no "checks" option is present in the config, return the DEFAULT_CHECKS. If the checks value
-    is the string "disabled", return an empty tuple, meaning that no checks should be run.
+    If no "checks" option is present in the config, return the DEFAULT_CHECKS. If a checks value
+    has a name of "disabled", return an empty tuple, meaning that no checks should be run.
 
-    If the "data" option is present, then make sure the "archives" option is included as well.
+    If the "data" check is present, then make sure the "archives" check is included as well.
     '''
-    checks = [
-        check.lower() for check in (only_checks or consistency_config.get('checks', []) or [])
-    ]
-    if checks == ['disabled']:
+    checks = only_checks or tuple(
+        check_config['name']
+        for check_config in (consistency_config.get('checks', None) or DEFAULT_CHECKS)
+    )
+    checks = tuple(check.lower() for check in checks)
+    if 'disabled' in checks:
+        if len(checks) > 1:
+            logger.warning(
+                'Multiple checks are configured, but one of them is "disabled"; not running any checks'
+            )
         return ()
 
     if 'data' in checks and 'archives' not in checks:
-        checks.append('archives')
+        return checks + ('archives',)
 
-    return tuple(check for check in checks if check not in ('disabled', '')) or DEFAULT_CHECKS
+    return checks
 
 
-def _make_check_flags(checks, check_last=None, prefix=None):
+def parse_frequency(frequency):
+    '''
+    Given a frequency string with a number and a unit of time, return a corresponding
+    datetime.timedelta instance or None if the frequency is None or "always".
+
+    For instance, given "3 weeks", return datetime.timedelta(weeks=3)
+
+    Raise ValueError if the given frequency cannot be parsed.
+    '''
+    if not frequency:
+        return None
+
+    frequency = frequency.strip().lower()
+
+    if frequency == 'always':
+        return None
+
+    try:
+        number, time_unit = frequency.split(' ')
+        number = int(number)
+    except ValueError:
+        raise ValueError(f"Could not parse consistency check frequency '{frequency}'")
+
+    if not time_unit.endswith('s'):
+        time_unit += 's'
+
+    if time_unit == 'months':
+        number *= 30
+        time_unit = 'days'
+    elif time_unit == 'years':
+        number *= 365
+        time_unit = 'days'
+
+    try:
+        return datetime.timedelta(**{time_unit: number})
+    except TypeError:
+        raise ValueError(f"Could not parse consistency check frequency '{frequency}'")
+
+
+def filter_checks_on_frequency(
+    location_config, consistency_config, borg_repository_id, checks, force
+):
+    '''
+    Given a location config, a consistency config with a "checks" sequence of dicts, a Borg
+    repository ID, a sequence of checks, and whether to force checks to run, filter down those
+    checks based on the configured "frequency" for each check as compared to its check time file.
+
+    In other words, a check whose check time file's timestamp is too new (based on the configured
+    frequency) will get cut from the returned sequence of checks. Example:
+
+    consistency_config = {
+        'checks': [
+            {
+                'name': 'archives',
+                'frequency': '2 weeks',
+            },
+        ]
+    }
+
+    When this function is called with that consistency_config and "archives" in checks, "archives"
+    will get filtered out of the returned result if its check time file is newer than 2 weeks old,
+    indicating that it's not yet time to run that check again.
+
+    Raise ValueError if a frequency cannot be parsed.
+    '''
+    filtered_checks = list(checks)
+
+    if force:
+        return tuple(filtered_checks)
+
+    for check_config in consistency_config.get('checks', DEFAULT_CHECKS):
+        check = check_config['name']
+        if checks and check not in checks:
+            continue
+
+        frequency_delta = parse_frequency(check_config.get('frequency'))
+        if not frequency_delta:
+            continue
+
+        check_time = read_check_time(
+            make_check_time_path(location_config, borg_repository_id, check)
+        )
+        if not check_time:
+            continue
+
+        # If we've not yet reached the time when the frequency dictates we're ready for another
+        # check, skip this check.
+        if datetime.datetime.now() < check_time + frequency_delta:
+            remaining = check_time + frequency_delta - datetime.datetime.now()
+            logger.info(
+                f"Skipping {check} check due to configured frequency; {remaining} until next check"
+            )
+            filtered_checks.remove(check)
+
+    return tuple(filtered_checks)
+
+
+def make_check_flags(checks, check_last=None, prefix=None):
     '''
     Given a parsed sequence of checks, transform it into tuple of command-line flags.
 
@@ -66,47 +177,111 @@ def _make_check_flags(checks, check_last=None, prefix=None):
         last_flags = ()
         prefix_flags = ()
         if check_last:
-            logger.warning(
-                'Ignoring check_last option, as "archives" is not in consistency checks.'
-            )
+            logger.info('Ignoring check_last option, as "archives" is not in consistency checks')
         if prefix:
-            logger.warning(
-                'Ignoring consistency prefix option, as "archives" is not in consistency checks.'
+            logger.info(
+                'Ignoring consistency prefix option, as "archives" is not in consistency checks'
             )
 
     common_flags = last_flags + prefix_flags + (('--verify-data',) if 'data' in checks else ())
 
-    if set(DEFAULT_CHECKS).issubset(set(checks)):
+    if {'repository', 'archives'}.issubset(set(checks)):
         return common_flags
 
     return (
-        tuple('--{}-only'.format(check) for check in checks if check in DEFAULT_CHECKS)
+        tuple('--{}-only'.format(check) for check in checks if check in ('repository', 'archives'))
         + common_flags
     )
 
 
+def make_check_time_path(location_config, borg_repository_id, check_type):
+    '''
+    Given a location configuration dict, a Borg repository ID, and the name of a check type
+    ("repository", "archives", etc.), return a path for recording that check's time (the time of
+    that check last occurring).
+    '''
+    return os.path.join(
+        os.path.expanduser(
+            location_config.get(
+                'borgmatic_source_directory', state.DEFAULT_BORGMATIC_SOURCE_DIRECTORY
+            )
+        ),
+        'checks',
+        borg_repository_id,
+        check_type,
+    )
+
+
+def write_check_time(path):  # pragma: no cover
+    '''
+    Record a check time of now as the modification time of the given path.
+    '''
+    logger.debug(f'Writing check time at {path}')
+
+    os.makedirs(os.path.dirname(path), mode=0o700, exist_ok=True)
+    pathlib.Path(path, mode=0o600).touch()
+
+
+def read_check_time(path):
+    '''
+    Return the check time based on the modification time of the given path. Return None if the path
+    doesn't exist.
+    '''
+    logger.debug(f'Reading check time from {path}')
+
+    try:
+        return datetime.datetime.fromtimestamp(os.stat(path).st_mtime)
+    except FileNotFoundError:
+        return None
+
+
 def check_archives(
     repository,
+    location_config,
     storage_config,
     consistency_config,
     local_path='borg',
     remote_path=None,
+    progress=None,
     repair=None,
     only_checks=None,
+    force=None,
 ):
     '''
     Given a local or remote repository path, a storage config dict, a consistency config dict,
-    local/remote commands to run, whether to attempt a repair, and an optional list of checks
-    to use instead of configured checks, check the contained Borg archives for consistency.
+    local/remote commands to run, whether to include progress information, whether to attempt a
+    repair, and an optional list of checks to use instead of configured checks, check the contained
+    Borg archives for consistency.
 
     If there are no consistency checks to run, skip running them.
+
+    Raises ValueError if the Borg repository ID cannot be determined.
     '''
-    checks = _parse_checks(consistency_config, only_checks)
+    try:
+        borg_repository_id = json.loads(
+            info.display_archives_info(
+                repository,
+                storage_config,
+                argparse.Namespace(json=True, archive=None),
+                local_path,
+                remote_path,
+            )
+        )['repository']['id']
+    except (json.JSONDecodeError, KeyError):
+        raise ValueError(f'Cannot determine Borg repository ID for {repository}')
+
+    checks = filter_checks_on_frequency(
+        location_config,
+        consistency_config,
+        borg_repository_id,
+        parse_checks(consistency_config, only_checks),
+        force,
+    )
     check_last = consistency_config.get('check_last', None)
     lock_wait = None
     extra_borg_options = storage_config.get('extra_borg_options', {}).get('check', '')
 
-    if set(checks).intersection(set(DEFAULT_CHECKS + ('data',))):
+    if set(checks).intersection({'repository', 'archives', 'data'}):
         lock_wait = storage_config.get('lock_wait', None)
 
         verbosity_flags = ()
@@ -120,21 +295,25 @@ def check_archives(
         full_command = (
             (local_path, 'check')
             + (('--repair',) if repair else ())
-            + _make_check_flags(checks, check_last, prefix)
+            + make_check_flags(checks, check_last, prefix)
             + (('--remote-path', remote_path) if remote_path else ())
             + (('--lock-wait', str(lock_wait)) if lock_wait else ())
             + verbosity_flags
+            + (('--progress',) if progress else ())
             + (tuple(extra_borg_options.split(' ')) if extra_borg_options else ())
             + (repository,)
         )
 
-        # The Borg repair option trigger an interactive prompt, which won't work when output is
-        # captured.
-        if repair:
-            execute_command_without_capture(full_command, error_on_warnings=True)
-            return
+        # The Borg repair option triggers an interactive prompt, which won't work when output is
+        # captured. And progress messes with the terminal directly.
+        if repair or progress:
+            execute_command(full_command, output_file=DO_NOT_CAPTURE)
+        else:
+            execute_command(full_command)
 
-        execute_command(full_command, error_on_warnings=True)
+        for check in checks:
+            write_check_time(make_check_time_path(location_config, borg_repository_id, check))
 
     if 'extract' in checks:
         extract.extract_last_archive_dry_run(repository, lock_wait, local_path, remote_path)
+        write_check_time(make_check_time_path(location_config, borg_repository_id, 'extract'))

borgmatic/borg/compact.py

@@ -0,0 +1,41 @@
+import logging
+
+from borgmatic.execute import execute_command
+
+logger = logging.getLogger(__name__)
+
+
+def compact_segments(
+    dry_run,
+    repository,
+    storage_config,
+    local_path='borg',
+    remote_path=None,
+    progress=False,
+    cleanup_commits=False,
+    threshold=None,
+):
+    '''
+    Given dry-run flag, a local or remote repository path, and a storage config dict, compact Borg
+    segments in a repository.
+    '''
+    umask = storage_config.get('umask', None)
+    lock_wait = storage_config.get('lock_wait', None)
+    extra_borg_options = storage_config.get('extra_borg_options', {}).get('compact', '')
+
+    full_command = (
+        (local_path, 'compact')
+        + (('--remote-path', remote_path) if remote_path else ())
+        + (('--umask', str(umask)) if umask else ())
+        + (('--lock-wait', str(lock_wait)) if lock_wait else ())
+        + (('--progress',) if progress else ())
+        + (('--cleanup-commits',) if cleanup_commits else ())
+        + (('--threshold', str(threshold)) if threshold else ())
+        + (('--info',) if logger.getEffectiveLevel() == logging.INFO else ())
+        + (('--debug', '--show-rc') if logger.isEnabledFor(logging.DEBUG) else ())
+        + (tuple(extra_borg_options.split(' ')) if extra_borg_options else ())
+        + (repository,)
+    )
+
+    if not dry_run:
+        execute_command(full_command, output_log_level=logging.INFO, borg_local_path=local_path)

borgmatic/borg/create.py

@@ -2,14 +2,16 @@ import glob
 import itertools
 import logging
 import os
+import pathlib
 import tempfile
 
-from borgmatic.execute import execute_command, execute_command_without_capture
+from borgmatic.borg import feature, state
+from borgmatic.execute import DO_NOT_CAPTURE, execute_command, execute_command_with_processes
 
 logger = logging.getLogger(__name__)
 
 
-def _expand_directory(directory):
+def expand_directory(directory):
     '''
     Given a directory path, expand any tilde (representing a user's home directory) and any globs
     therein. Return a list of one or more resulting paths.
@@ -19,7 +21,7 @@ def _expand_directory(directory):
     return glob.glob(expanded_directory) or [expanded_directory]
 
 
-def _expand_directories(directories):
+def expand_directories(directories):
     '''
     Given a sequence of directory paths, expand tildes and globs in each one. Return all the
     resulting directories as a single flattened tuple.
@@ -28,11 +30,11 @@ def _expand_directories(directories):
         return ()
 
     return tuple(
-        itertools.chain.from_iterable(_expand_directory(directory) for directory in directories)
+        itertools.chain.from_iterable(expand_directory(directory) for directory in directories)
     )
 
 
-def _expand_home_directories(directories):
+def expand_home_directories(directories):
     '''
     Given a sequence of directory paths, expand tildes in each one. Do not perform any globbing.
     Return the results as a tuple.
@@ -43,7 +45,60 @@ def _expand_home_directories(directories):
     return tuple(os.path.expanduser(directory) for directory in directories)
 
 
-def _write_pattern_file(patterns=None):
+def map_directories_to_devices(directories):
+    '''
+    Given a sequence of directories, return a map from directory to an identifier for the device on
+    which that directory resides or None if the path doesn't exist.
+
+    This is handy for determining whether two different directories are on the same filesystem (have
+    the same device identifier).
+    '''
+    return {
+        directory: os.stat(directory).st_dev if os.path.exists(directory) else None
+        for directory in directories
+    }
+
+
+def deduplicate_directories(directory_devices):
+    '''
+    Given a map from directory to the identifier for the device on which that directory resides,
+    return the directories as a sorted tuple with all duplicate child directories removed. For
+    instance, if paths is ('/foo', '/foo/bar'), return just: ('/foo',)
+
+    The one exception to this rule is if two paths are on different filesystems (devices). In that
+    case, they won't get de-duplicated in case they both need to be passed to Borg (e.g. the
+    location.one_file_system option is true).
+
+    The idea is that if Borg is given a parent directory, then it doesn't also need to be given
+    child directories, because it will naturally spider the contents of the parent directory. And
+    there are cases where Borg coming across the same file twice will result in duplicate reads and
+    even hangs, e.g. when a database hook is using a named pipe for streaming database dumps to
+    Borg.
+    '''
+    deduplicated = set()
+    directories = sorted(directory_devices.keys())
+
+    for directory in directories:
+        deduplicated.add(directory)
+        parents = pathlib.PurePath(directory).parents
+
+        # If another directory in the given list is a parent of current directory (even n levels
+        # up) and both are on the same filesystem, then the current directory is a duplicate.
+        for other_directory in directories:
+            for parent in parents:
+                if (
+                    pathlib.PurePath(other_directory) == parent
+                    and directory_devices[directory] is not None
+                    and directory_devices[other_directory] == directory_devices[directory]
+                ):
+                    if directory in deduplicated:
+                        deduplicated.remove(directory)
+                    break
+
+    return tuple(sorted(deduplicated))
+
+
+def write_pattern_file(patterns=None):
     '''
     Given a sequence of patterns, write them to a named temporary file and return it. Return None
     if no patterns are provided.
@@ -58,7 +113,19 @@ def _write_pattern_file(patterns=None):
     return pattern_file
 
 
-def _make_pattern_flags(location_config, pattern_filename=None):
+def ensure_files_readable(*filename_lists):
+    '''
+    Given a sequence of filename sequences, ensure that each filename is openable. This prevents
+    unreadable files from being passed to Borg, which in certain situations only warns instead of
+    erroring.
+    '''
+    for file_object in itertools.chain.from_iterable(
+        filename_list for filename_list in filename_lists if filename_list
+    ):
+        open(file_object).close()
+
+
+def make_pattern_flags(location_config, pattern_filename=None):
     '''
     Given a location config dict with a potential patterns_from option, and a filename containing
     any additional patterns, return the corresponding Borg flags for those files as a tuple.
@@ -74,7 +141,7 @@ def _make_pattern_flags(location_config, pattern_filename=None):
     )
 
 
-def _make_exclude_flags(location_config, exclude_filename=None):
+def make_exclude_flags(location_config, exclude_filename=None):
     '''
     Given a location config dict with various exclude options, and a filename containing any exclude
     patterns, return the corresponding Borg flags as a tuple.
@@ -88,8 +155,12 @@ def _make_exclude_flags(location_config, exclude_filename=None):
         )
     )
     caches_flag = ('--exclude-caches',) if location_config.get('exclude_caches') else ()
-    if_present = location_config.get('exclude_if_present')
-    if_present_flags = ('--exclude-if-present', if_present) if if_present else ()
+    if_present_flags = tuple(
+        itertools.chain.from_iterable(
+            ('--exclude-if-present', if_present)
+            for if_present in location_config.get('exclude_if_present', ())
+        )
+    )
     keep_exclude_tags_flags = (
         ('--keep-exclude-tags',) if location_config.get('keep_exclude_tags') else ()
     )
@@ -104,16 +175,19 @@ def _make_exclude_flags(location_config, exclude_filename=None):
     )
 
 
-BORGMATIC_SOURCE_DIRECTORY = '~/.borgmatic'
+DEFAULT_ARCHIVE_NAME_FORMAT = '{hostname}-{now:%Y-%m-%dT%H:%M:%S.%f}'
 
 
-def borgmatic_source_directories():
+def borgmatic_source_directories(borgmatic_source_directory):
     '''
     Return a list of borgmatic-specific source directories used for state like database backups.
     '''
+    if not borgmatic_source_directory:
+        borgmatic_source_directory = state.DEFAULT_BORGMATIC_SOURCE_DIRECTORY
+
     return (
-        [BORGMATIC_SOURCE_DIRECTORY]
-        if os.path.exists(os.path.expanduser(BORGMATIC_SOURCE_DIRECTORY))
+        [borgmatic_source_directory]
+        if os.path.exists(os.path.expanduser(borgmatic_source_directory))
         else []
     )
 
@@ -123,23 +197,38 @@ def create_archive(
     repository,
     location_config,
     storage_config,
+    local_borg_version,
     local_path='borg',
     remote_path=None,
     progress=False,
     stats=False,
     json=False,
+    files=False,
+    stream_processes=None,
 ):
     '''
     Given vebosity/dry-run flags, a local or remote repository path, a location config dict, and a
     storage config dict, create a Borg archive and return Borg's JSON output (if any).
+
+    If a sequence of stream processes is given (instances of subprocess.Popen), then execute the
+    create command while also triggering the given processes to produce output.
     '''
-    sources = _expand_directories(
-        location_config['source_directories'] + borgmatic_source_directories()
+    sources = deduplicate_directories(
+        map_directories_to_devices(
+            expand_directories(
+                location_config['source_directories']
+                + borgmatic_source_directories(location_config.get('borgmatic_source_directory'))
+            )
+        )
     )
 
-    pattern_file = _write_pattern_file(location_config.get('patterns'))
-    exclude_file = _write_pattern_file(
-        _expand_home_directories(location_config.get('exclude_patterns'))
+    try:
+        working_directory = os.path.expanduser(location_config.get('working_directory'))
+    except TypeError:
+        working_directory = None
+    pattern_file = write_pattern_file(location_config.get('patterns'))
+    exclude_file = write_pattern_file(
+        expand_home_directories(location_config.get('exclude_patterns'))
     )
     checkpoint_interval = storage_config.get('checkpoint_interval', None)
     chunker_params = storage_config.get('chunker_params', None)
@@ -148,40 +237,62 @@ def create_archive(
     umask = storage_config.get('umask', None)
     lock_wait = storage_config.get('lock_wait', None)
     files_cache = location_config.get('files_cache')
-    default_archive_name_format = '{hostname}-{now:%Y-%m-%dT%H:%M:%S.%f}'
-    archive_name_format = storage_config.get('archive_name_format', default_archive_name_format)
+    archive_name_format = storage_config.get('archive_name_format', DEFAULT_ARCHIVE_NAME_FORMAT)
     extra_borg_options = storage_config.get('extra_borg_options', {}).get('create', '')
 
+    if feature.available(feature.Feature.ATIME, local_borg_version):
+        atime_flags = ('--atime',) if location_config.get('atime') is True else ()
+    else:
+        atime_flags = ('--noatime',) if location_config.get('atime') is False else ()
+
+    if feature.available(feature.Feature.NOFLAGS, local_borg_version):
+        noflags_flags = ('--noflags',) if location_config.get('bsd_flags') is False else ()
+    else:
+        noflags_flags = ('--nobsdflags',) if location_config.get('bsd_flags') is False else ()
+
+    if feature.available(feature.Feature.NUMERIC_IDS, local_borg_version):
+        numeric_ids_flags = ('--numeric-ids',) if location_config.get('numeric_owner') else ()
+    else:
+        numeric_ids_flags = ('--numeric-owner',) if location_config.get('numeric_owner') else ()
+
+    if feature.available(feature.Feature.UPLOAD_RATELIMIT, local_borg_version):
+        upload_ratelimit_flags = (
+            ('--upload-ratelimit', str(remote_rate_limit)) if remote_rate_limit else ()
+        )
+    else:
+        upload_ratelimit_flags = (
+            ('--remote-ratelimit', str(remote_rate_limit)) if remote_rate_limit else ()
+        )
+
+    ensure_files_readable(location_config.get('patterns_from'), location_config.get('exclude_from'))
+
     full_command = (
-        (local_path, 'create')
-        + _make_pattern_flags(location_config, pattern_file.name if pattern_file else None)
-        + _make_exclude_flags(location_config, exclude_file.name if exclude_file else None)
+        tuple(local_path.split(' '))
+        + ('create',)
+        + make_pattern_flags(location_config, pattern_file.name if pattern_file else None)
+        + make_exclude_flags(location_config, exclude_file.name if exclude_file else None)
         + (('--checkpoint-interval', str(checkpoint_interval)) if checkpoint_interval else ())
         + (('--chunker-params', chunker_params) if chunker_params else ())
         + (('--compression', compression) if compression else ())
-        + (('--remote-ratelimit', str(remote_rate_limit)) if remote_rate_limit else ())
-        + (('--one-file-system',) if location_config.get('one_file_system') else ())
-        + (('--numeric-owner',) if location_config.get('numeric_owner') else ())
-        + (('--noatime',) if location_config.get('atime') is False else ())
+        + upload_ratelimit_flags
+        + (
+            ('--one-file-system',)
+            if location_config.get('one_file_system') or stream_processes
+            else ()
+        )
+        + numeric_ids_flags
+        + atime_flags
         + (('--noctime',) if location_config.get('ctime') is False else ())
         + (('--nobirthtime',) if location_config.get('birthtime') is False else ())
-        + (('--read-special',) if location_config.get('read_special') else ())
-        + (('--nobsdflags',) if location_config.get('bsd_flags') is False else ())
+        + (('--read-special',) if (location_config.get('read_special') or stream_processes) else ())
+        + noflags_flags
         + (('--files-cache', files_cache) if files_cache else ())
         + (('--remote-path', remote_path) if remote_path else ())
         + (('--umask', str(umask)) if umask else ())
         + (('--lock-wait', str(lock_wait)) if lock_wait else ())
-        + (
-            ('--list', '--filter', 'AME-')
-            if logger.isEnabledFor(logging.INFO) and not json and not progress
-            else ()
-        )
+        + (('--list', '--filter', 'AME-') if files and not json and not progress else ())
         + (('--info',) if logger.getEffectiveLevel() == logging.INFO and not json else ())
-        + (
-            ('--stats',)
-            if not dry_run and (logger.isEnabledFor(logging.INFO) or stats) and not json
-            else ()
-        )
+        + (('--stats',) if stats and not json and not dry_run else ())
         + (('--debug', '--show-rc') if logger.isEnabledFor(logging.DEBUG) and not json else ())
         + (('--dry-run',) if dry_run else ())
         + (('--progress',) if progress else ())
@@ -195,17 +306,31 @@ def create_archive(
         + sources
     )
 
-    # The progress output isn't compatible with captured and logged output, as progress messes with
-    # the terminal directly.
-    if progress:
-        execute_command_without_capture(full_command, error_on_warnings=False)
-        return
-
     if json:
         output_log_level = None
-    elif stats:
+    elif (stats or files) and logger.getEffectiveLevel() == logging.WARNING:
         output_log_level = logging.WARNING
     else:
         output_log_level = logging.INFO
 
-    return execute_command(full_command, output_log_level, error_on_warnings=False)
+    # The progress output isn't compatible with captured and logged output, as progress messes with
+    # the terminal directly.
+    output_file = DO_NOT_CAPTURE if progress else None
+
+    if stream_processes:
+        return execute_command_with_processes(
+            full_command,
+            stream_processes,
+            output_log_level,
+            output_file,
+            borg_local_path=local_path,
+            working_directory=working_directory,
+        )
+
+    return execute_command(
+        full_command,
+        output_log_level,
+        output_file,
+        borg_local_path=local_path,
+        working_directory=working_directory,
+    )

borgmatic/borg/environment.py

@@ -9,6 +9,7 @@ OPTION_TO_ENVIRONMENT_VARIABLE = {
     'encryption_passcommand': 'BORG_PASSCOMMAND',
     'encryption_passphrase': 'BORG_PASSPHRASE',
     'ssh_command': 'BORG_RSH',
+    'temporary_directory': 'TMPDIR',
 }
 
 DEFAULT_BOOL_OPTION_TO_ENVIRONMENT_VARIABLE = {
@@ -19,9 +20,15 @@ DEFAULT_BOOL_OPTION_TO_ENVIRONMENT_VARIABLE = {
 
 def initialize(storage_config):
     for option_name, environment_variable_name in OPTION_TO_ENVIRONMENT_VARIABLE.items():
-        value = storage_config.get(option_name)
+
+        # Options from borgmatic configuration take precedence over already set BORG_* environment
+        # variables.
+        value = storage_config.get(option_name) or os.environ.get(environment_variable_name)
+
         if value:
             os.environ[environment_variable_name] = value
+        else:
+            os.environ.pop(environment_variable_name, None)
 
     for (
         option_name,

borgmatic/borg/export_tar.py

@@ -0,0 +1,64 @@
+import logging
+import os
+
+from borgmatic.execute import DO_NOT_CAPTURE, execute_command
+
+logger = logging.getLogger(__name__)
+
+
+def export_tar_archive(
+    dry_run,
+    repository,
+    archive,
+    paths,
+    destination_path,
+    storage_config,
+    local_path='borg',
+    remote_path=None,
+    tar_filter=None,
+    files=False,
+    strip_components=None,
+):
+    '''
+    Given a dry-run flag, a local or remote repository path, an archive name, zero or more paths to
+    export from the archive, a destination path to export to, a storage configuration dict, optional
+    local and remote Borg paths, an optional filter program, whether to include per-file details,
+    and an optional number of path components to strip, export the archive into the given
+    destination path as a tar-formatted file.
+
+    If the destination path is "-", then stream the output to stdout instead of to a file.
+    '''
+    umask = storage_config.get('umask', None)
+    lock_wait = storage_config.get('lock_wait', None)
+
+    full_command = (
+        (local_path, 'export-tar')
+        + (('--remote-path', remote_path) if remote_path else ())
+        + (('--umask', str(umask)) if umask else ())
+        + (('--lock-wait', str(lock_wait)) if lock_wait else ())
+        + (('--info',) if logger.getEffectiveLevel() == logging.INFO else ())
+        + (('--list',) if files else ())
+        + (('--debug', '--show-rc') if logger.isEnabledFor(logging.DEBUG) else ())
+        + (('--dry-run',) if dry_run else ())
+        + (('--tar-filter', tar_filter) if tar_filter else ())
+        + (('--strip-components', str(strip_components)) if strip_components else ())
+        + ('::'.join((repository if ':' in repository else os.path.abspath(repository), archive)),)
+        + (destination_path,)
+        + (tuple(paths) if paths else ())
+    )
+
+    if files and logger.getEffectiveLevel() == logging.WARNING:
+        output_log_level = logging.WARNING
+    else:
+        output_log_level = logging.INFO
+
+    if dry_run:
+        logging.info('{}: Skipping export to tar file (dry run)'.format(repository))
+        return
+
+    execute_command(
+        full_command,
+        output_file=DO_NOT_CAPTURE if destination_path == '-' else None,
+        output_log_level=output_log_level,
+        borg_local_path=local_path,
+    )

borgmatic/borg/extract.py

@@ -1,7 +1,9 @@
 import logging
 import os
+import subprocess
 
-from borgmatic.execute import execute_command, execute_command_without_capture
+from borgmatic.borg import feature
+from borgmatic.execute import DO_NOT_CAPTURE, execute_command
 
 logger = logging.getLogger(__name__)
 
@@ -27,7 +29,9 @@ def extract_last_archive_dry_run(repository, lock_wait=None, local_path='borg',
         + (repository,)
     )
 
-    list_output = execute_command(full_list_command, output_log_level=None, error_on_warnings=False)
+    list_output = execute_command(
+        full_list_command, output_log_level=None, borg_local_path=local_path
+    )
 
     try:
         last_archive_name = list_output.strip().splitlines()[-1]
@@ -48,7 +52,7 @@ def extract_last_archive_dry_run(repository, lock_wait=None, local_path='borg',
         )
     )
 
-    execute_command(full_extract_command, working_directory=None, error_on_warnings=True)
+    execute_command(full_extract_command, working_directory=None)
 
 
 def extract_archive(
@@ -58,31 +62,46 @@ def extract_archive(
     paths,
     location_config,
     storage_config,
+    local_borg_version,
     local_path='borg',
     remote_path=None,
     destination_path=None,
+    strip_components=None,
     progress=False,
-    error_on_warnings=True,
+    extract_to_stdout=False,
 ):
     '''
     Given a dry-run flag, a local or remote repository path, an archive name, zero or more paths to
-    restore from the archive, location/storage configuration dicts, optional local and remote Borg
-    paths, and an optional destination path to extract to, extract the archive into the current
-    directory.
+    restore from the archive, the local Borg version string, location/storage configuration dicts,
+    optional local and remote Borg paths, and an optional destination path to extract to, extract
+    the archive into the current directory.
+
+    If extract to stdout is True, then start the extraction streaming to stdout, and return that
+    extract process as an instance of subprocess.Popen.
     '''
     umask = storage_config.get('umask', None)
     lock_wait = storage_config.get('lock_wait', None)
 
+    if progress and extract_to_stdout:
+        raise ValueError('progress and extract_to_stdout cannot both be set')
+
+    if feature.available(feature.Feature.NUMERIC_IDS, local_borg_version):
+        numeric_ids_flags = ('--numeric-ids',) if location_config.get('numeric_owner') else ()
+    else:
+        numeric_ids_flags = ('--numeric-owner',) if location_config.get('numeric_owner') else ()
+
     full_command = (
         (local_path, 'extract')
         + (('--remote-path', remote_path) if remote_path else ())
-        + (('--numeric-owner',) if location_config.get('numeric_owner') else ())
+        + numeric_ids_flags
         + (('--umask', str(umask)) if umask else ())
         + (('--lock-wait', str(lock_wait)) if lock_wait else ())
         + (('--info',) if logger.getEffectiveLevel() == logging.INFO else ())
         + (('--debug', '--list', '--show-rc') if logger.isEnabledFor(logging.DEBUG) else ())
         + (('--dry-run',) if dry_run else ())
+        + (('--strip-components', str(strip_components)) if strip_components else ())
         + (('--progress',) if progress else ())
+        + (('--stdout',) if extract_to_stdout else ())
         + ('::'.join((repository if ':' in repository else os.path.abspath(repository), archive)),)
         + (tuple(paths) if paths else ())
     )
@@ -90,13 +109,19 @@ def extract_archive(
     # The progress output isn't compatible with captured and logged output, as progress messes with
     # the terminal directly.
     if progress:
-        execute_command_without_capture(
-            full_command, working_directory=destination_path, error_on_warnings=error_on_warnings
+        return execute_command(
+            full_command, output_file=DO_NOT_CAPTURE, working_directory=destination_path
         )
-        return
+        return None
 
-    # Error on warnings by default, as Borg only gives a warning if the restore paths don't exist in
-    # the archive!
-    execute_command(
-        full_command, working_directory=destination_path, error_on_warnings=error_on_warnings
-    )
+    if extract_to_stdout:
+        return execute_command(
+            full_command,
+            output_file=subprocess.PIPE,
+            working_directory=destination_path,
+            run_to_completion=False,
+        )
+
+    # Don't give Borg local path, so as to error on warnings, as Borg only gives a warning if the
+    # restore paths don't exist in the archive!
+    execute_command(full_command, working_directory=destination_path)

borgmatic/borg/feature.py

@@ -0,0 +1,28 @@
+from enum import Enum
+
+from pkg_resources import parse_version
+
+
+class Feature(Enum):
+    COMPACT = 1
+    ATIME = 2
+    NOFLAGS = 3
+    NUMERIC_IDS = 4
+    UPLOAD_RATELIMIT = 5
+
+
+FEATURE_TO_MINIMUM_BORG_VERSION = {
+    Feature.COMPACT: parse_version('1.2.0a2'),  # borg compact
+    Feature.ATIME: parse_version('1.2.0a7'),  # borg create --atime
+    Feature.NOFLAGS: parse_version('1.2.0a8'),  # borg create --noflags
+    Feature.NUMERIC_IDS: parse_version('1.2.0b3'),  # borg create/extract/mount --numeric-ids
+    Feature.UPLOAD_RATELIMIT: parse_version('1.2.0b3'),  # borg create --upload-ratelimit
+}
+
+
+def available(feature, borg_version):
+    '''
+    Given a Borg Feature constant and a Borg version string, return whether that feature is
+    available in that version of Borg.
+    '''
+    return FEATURE_TO_MINIMUM_BORG_VERSION[feature] <= parse_version(borg_version)

borgmatic/borg/info.py

@@ -41,5 +41,5 @@ def display_archives_info(
     return execute_command(
         full_command,
         output_log_level=None if info_arguments.json else logging.WARNING,
-        error_on_warnings=False,
+        borg_local_path=local_path,
     )

borgmatic/borg/init.py

@@ -1,7 +1,9 @@
+import argparse
 import logging
 import subprocess
 
-from borgmatic.execute import execute_command, execute_command_without_capture
+from borgmatic.borg import info
+from borgmatic.execute import DO_NOT_CAPTURE, execute_command
 
 logger = logging.getLogger(__name__)
 
@@ -23,11 +25,14 @@ def initialize_repository(
     whether the repository should be append-only, and the storage quota to use, initialize the
     repository. If the repository already exists, then log and skip initialization.
     '''
-    info_command = (local_path, 'info', repository)
-    logger.debug(' '.join(info_command))
-
     try:
-        execute_command(info_command, output_log_level=None)
+        info.display_archives_info(
+            repository,
+            storage_config,
+            argparse.Namespace(json=True, archive=None),
+            local_path,
+            remote_path,
+        )
         logger.info('Repository already exists. Skipping initialization.')
         return
     except subprocess.CalledProcessError as error:
@@ -48,5 +53,5 @@ def initialize_repository(
         + (repository,)
     )
 
-    # Don't use execute_command() here because it doesn't support interactive prompts.
-    execute_command_without_capture(init_command, error_on_warnings=False)
+    # Do not capture output here, so as to support interactive prompts.
+    execute_command(init_command, output_file=DO_NOT_CAPTURE, borg_local_path=local_path)

borgmatic/borg/list.py

@@ -1,4 +1,6 @@
+import copy
 import logging
+import re
 
 from borgmatic.borg.flags import make_flags, make_flags_from_arguments
 from borgmatic.execute import execute_command
@@ -6,22 +8,54 @@ from borgmatic.execute import execute_command
 logger = logging.getLogger(__name__)
 
 
-# A hack to convince Borg to exclude archives ending in ".checkpoint". This assumes that a
-# non-checkpoint archive name ends in a digit (e.g. from a timestamp).
-BORG_EXCLUDE_CHECKPOINTS_GLOB = '*[0123456789]'
-
-
-def list_archives(repository, storage_config, list_arguments, local_path='borg', remote_path=None):
+def resolve_archive_name(repository, archive, storage_config, local_path='borg', remote_path=None):
     '''
-    Given a local or remote repository path, a storage config dict, and the arguments to the list
-    action, display the output of listing Borg archives in the repository or return JSON output. Or,
-    if an archive name is given, listing the files in that archive.
+    Given a local or remote repository path, an archive name, a storage config dict, a local Borg
+    path, and a remote Borg path, simply return the archive name. But if the archive name is
+    "latest", then instead introspect the repository for the latest archive and return its name.
+
+    Raise ValueError if "latest" is given but there are no archives in the repository.
     '''
+    if archive != "latest":
+        return archive
+
     lock_wait = storage_config.get('lock_wait', None)
-    if list_arguments.successful:
-        list_arguments.glob_archives = BORG_EXCLUDE_CHECKPOINTS_GLOB
 
     full_command = (
+        (local_path, 'list')
+        + (('--info',) if logger.getEffectiveLevel() == logging.INFO else ())
+        + (('--debug', '--show-rc') if logger.isEnabledFor(logging.DEBUG) else ())
+        + make_flags('remote-path', remote_path)
+        + make_flags('lock-wait', lock_wait)
+        + make_flags('last', 1)
+        + ('--short', repository)
+    )
+
+    output = execute_command(full_command, output_log_level=None, borg_local_path=local_path)
+    try:
+        latest_archive = output.strip().splitlines()[-1]
+    except IndexError:
+        raise ValueError('No archives found in the repository')
+
+    logger.debug('{}: Latest archive is {}'.format(repository, latest_archive))
+
+    return latest_archive
+
+
+MAKE_FLAGS_EXCLUDES = ('repository', 'archive', 'successful', 'paths', 'find_paths')
+
+
+def make_list_command(
+    repository, storage_config, list_arguments, local_path='borg', remote_path=None
+):
+    '''
+    Given a local or remote repository path, a storage config dict, the arguments to the list
+    action, and local and remote Borg paths, return a command as a tuple to list archives or paths
+    within an archive.
+    '''
+    lock_wait = storage_config.get('lock_wait', None)
+
+    return (
         (local_path, 'list')
         + (
             ('--info',)
@@ -35,19 +69,92 @@ def list_archives(repository, storage_config, list_arguments, local_path='borg',
         )
         + make_flags('remote-path', remote_path)
         + make_flags('lock-wait', lock_wait)
-        + make_flags_from_arguments(
-            list_arguments, excludes=('repository', 'archive', 'paths', 'successful')
-        )
+        + make_flags_from_arguments(list_arguments, excludes=MAKE_FLAGS_EXCLUDES,)
         + (
-            '::'.join((repository, list_arguments.archive))
+            ('::'.join((repository, list_arguments.archive)),)
             if list_arguments.archive
-            else repository,
+            else (repository,)
         )
         + (tuple(list_arguments.paths) if list_arguments.paths else ())
     )
 
-    return execute_command(
-        full_command,
-        output_log_level=None if list_arguments.json else logging.WARNING,
-        error_on_warnings=False,
+
+def make_find_paths(find_paths):
+    '''
+    Given a sequence of path fragments or patterns as passed to `--find`, transform all path
+    fragments into glob patterns. Pass through existing patterns untouched.
+
+    For example, given find_paths of:
+
+      ['foo.txt', 'pp:root/somedir']
+
+    ... transform that into:
+
+      ['sh:**/*foo.txt*/**', 'pp:root/somedir']
+    '''
+    if not find_paths:
+        return ()
+
+    return tuple(
+        find_path
+        if re.compile(r'([-!+RrPp] )|(\w\w:)').match(find_path)
+        else f'sh:**/*{find_path}*/**'
+        for find_path in find_paths
     )
+
+
+def list_archives(repository, storage_config, list_arguments, local_path='borg', remote_path=None):
+    '''
+    Given a local or remote repository path, a storage config dict, the arguments to the list
+    action, and local and remote Borg paths, display the output of listing Borg archives in the
+    repository or return JSON output. Or, if an archive name is given, list the files in that
+    archive. Or, if list_arguments.find_paths are given, list the files by searching across multiple
+    archives.
+    '''
+    # If there are any paths to find (and there's not a single archive already selected), start by
+    # getting a list of archives to search.
+    if list_arguments.find_paths and not list_arguments.archive:
+        repository_arguments = copy.copy(list_arguments)
+        repository_arguments.archive = None
+        repository_arguments.json = False
+        repository_arguments.format = None
+
+        # Ask Borg to list archives. Capture its output for use below.
+        archive_lines = tuple(
+            execute_command(
+                make_list_command(
+                    repository, storage_config, repository_arguments, local_path, remote_path
+                ),
+                output_log_level=None,
+                borg_local_path=local_path,
+            )
+            .strip('\n')
+            .split('\n')
+        )
+    else:
+        archive_lines = (list_arguments.archive,)
+
+    # For each archive listed by Borg, run list on the contents of that archive.
+    for archive_line in archive_lines:
+        try:
+            archive = archive_line.split()[0]
+        except (AttributeError, IndexError):
+            archive = None
+
+        if archive:
+            logger.warning(archive_line)
+
+        archive_arguments = copy.copy(list_arguments)
+        archive_arguments.archive = archive
+        main_command = make_list_command(
+            repository, storage_config, archive_arguments, local_path, remote_path
+        ) + make_find_paths(list_arguments.find_paths)
+
+        output = execute_command(
+            main_command,
+            output_log_level=None if list_arguments.json else logging.WARNING,
+            borg_local_path=local_path,
+        )
+
+        if list_arguments.json:
+            return output

borgmatic/borg/mount.py

@@ -1,6 +1,6 @@
 import logging
 
-from borgmatic.execute import execute_command, execute_command_without_capture
+from borgmatic.execute import DO_NOT_CAPTURE, execute_command
 
 logger = logging.getLogger(__name__)
 
@@ -40,7 +40,7 @@ def mount_archive(
 
     # Don't capture the output when foreground mode is used so that ctrl-C can work properly.
     if foreground:
-        execute_command_without_capture(full_command, error_on_warnings=False)
+        execute_command(full_command, output_file=DO_NOT_CAPTURE, borg_local_path=local_path)
         return
 
-    execute_command(full_command, error_on_warnings=False)
+    execute_command(full_command, borg_local_path=local_path)

borgmatic/borg/prune.py

@@ -41,6 +41,7 @@ def prune_archives(
     local_path='borg',
     remote_path=None,
     stats=False,
+    files=False,
 ):
     '''
     Given dry-run flag, a local or remote repository path, a storage config dict, and a
@@ -57,17 +58,18 @@ def prune_archives(
         + (('--remote-path', remote_path) if remote_path else ())
         + (('--umask', str(umask)) if umask else ())
         + (('--lock-wait', str(lock_wait)) if lock_wait else ())
-        + (('--stats',) if not dry_run and logger.isEnabledFor(logging.INFO) else ())
+        + (('--stats',) if stats and not dry_run else ())
         + (('--info',) if logger.getEffectiveLevel() == logging.INFO else ())
-        + (('--debug', '--list', '--show-rc') if logger.isEnabledFor(logging.DEBUG) else ())
+        + (('--list',) if files else ())
+        + (('--debug', '--show-rc') if logger.isEnabledFor(logging.DEBUG) else ())
         + (('--dry-run',) if dry_run else ())
-        + (('--stats',) if stats else ())
         + (tuple(extra_borg_options.split(' ')) if extra_borg_options else ())
         + (repository,)
     )
 
-    execute_command(
-        full_command,
-        output_log_level=logging.WARNING if stats else logging.INFO,
-        error_on_warnings=False,
-    )
+    if (stats or files) and logger.getEffectiveLevel() == logging.WARNING:
+        output_log_level = logging.WARNING
+    else:
+        output_log_level = logging.INFO
+
+    execute_command(full_command, output_log_level=output_log_level, borg_local_path=local_path)

borgmatic/borg/state.py

@@ -0,0 +1 @@
+DEFAULT_BORGMATIC_SOURCE_DIRECTORY = '~/.borgmatic'

borgmatic/borg/umount.py

@@ -17,4 +17,4 @@ def unmount_archive(mount_point, local_path='borg'):
         + (mount_point,)
     )
 
-    execute_command(full_command, error_on_warnings=True)
+    execute_command(full_command)

borgmatic/borg/version.py

@@ -0,0 +1,25 @@
+import logging
+
+from borgmatic.execute import execute_command
+
+logger = logging.getLogger(__name__)
+
+
+def local_borg_version(local_path='borg'):
+    '''
+    Given a local Borg binary path, return a version string for it.
+
+    Raise OSError or CalledProcessError if there is a problem running Borg.
+    Raise ValueError if the version cannot be parsed.
+    '''
+    full_command = (
+        (local_path, '--version')
+        + (('--info',) if logger.getEffectiveLevel() == logging.INFO else ())
+        + (('--debug', '--show-rc') if logger.isEnabledFor(logging.DEBUG) else ())
+    )
+    output = execute_command(full_command, output_log_level=None, borg_local_path=local_path)
+
+    try:
+        return output.split(' ')[1].strip()
+    except IndexError:
+        raise ValueError('Could not parse Borg version string')

borgmatic/commands/arguments.py

@@ -1,30 +1,33 @@
 import collections
-from argparse import ArgumentParser
+from argparse import Action, ArgumentParser
 
 from borgmatic.config import collect
 
 SUBPARSER_ALIASES = {
     'init': ['--init', '-I'],
     'prune': ['--prune', '-p'],
+    'compact': [],
     'create': ['--create', '-C'],
     'check': ['--check', '-k'],
     'extract': ['--extract', '-x'],
+    'export-tar': ['--export-tar'],
     'mount': ['--mount', '-m'],
     'umount': ['--umount', '-u'],
     'restore': ['--restore', '-r'],
     'list': ['--list', '-l'],
     'info': ['--info', '-i'],
+    'borg': [],
 }
 
 
 def parse_subparser_arguments(unparsed_arguments, subparsers):
     '''
-    Given a sequence of arguments, and a subparsers object as returned by
-    argparse.ArgumentParser().add_subparsers(), give each requested action's subparser a shot at
-    parsing all arguments. This allows common arguments like "--repository" to be shared across
-    multiple subparsers.
+    Given a sequence of arguments and a dict from subparser name to argparse.ArgumentParser
+    instance, give each requested action's subparser a shot at parsing all arguments. This allows
+    common arguments like "--repository" to be shared across multiple subparsers.
 
-    Return the result as a dict mapping from subparser name to a parsed namespace of arguments.
+    Return the result as a tuple of (a dict mapping from subparser name to a parsed namespace of
+    arguments, a list of remaining arguments not claimed by any subparser).
     '''
     arguments = collections.OrderedDict()
     remaining_arguments = list(unparsed_arguments)
@@ -34,7 +37,12 @@ def parse_subparser_arguments(unparsed_arguments, subparsers):
         for alias in aliases
     }
 
-    for subparser_name, subparser in subparsers.choices.items():
+    # If the "borg" action is used, skip all other subparsers. This avoids confusion like
+    # "borg list" triggering borgmatic's own list action.
+    if 'borg' in unparsed_arguments:
+        subparsers = {'borg': subparsers['borg']}
+
+    for subparser_name, subparser in subparsers.items():
         if subparser_name not in remaining_arguments:
             continue
 
@@ -46,69 +54,70 @@ def parse_subparser_arguments(unparsed_arguments, subparsers):
         parsed, unused_remaining = subparser.parse_known_args(unparsed_arguments)
         for value in vars(parsed).values():
             if isinstance(value, str):
-                if value in subparsers.choices:
+                if value in subparsers:
                     remaining_arguments.remove(value)
             elif isinstance(value, list):
                 for item in value:
-                    if item in subparsers.choices:
+                    if item in subparsers:
                         remaining_arguments.remove(item)
 
         arguments[canonical_name] = parsed
 
-    # If no actions are explicitly requested, assume defaults: prune, create, and check.
+    # If no actions are explicitly requested, assume defaults: prune, compact, create, and check.
     if not arguments and '--help' not in unparsed_arguments and '-h' not in unparsed_arguments:
-        for subparser_name in ('prune', 'create', 'check'):
-            subparser = subparsers.choices[subparser_name]
+        for subparser_name in ('prune', 'compact', 'create', 'check'):
+            subparser = subparsers[subparser_name]
             parsed, unused_remaining = subparser.parse_known_args(unparsed_arguments)
             arguments[subparser_name] = parsed
 
-    return arguments
-
-
-def parse_global_arguments(unparsed_arguments, top_level_parser, subparsers):
-    '''
-    Given a sequence of arguments, a top-level parser (containing subparsers), and a subparsers
-    object as returned by argparse.ArgumentParser().add_subparsers(), parse and return any global
-    arguments as a parsed argparse.Namespace instance.
-    '''
-    # Ask each subparser, one by one, to greedily consume arguments. Any arguments that remain
-    # are global arguments.
     remaining_arguments = list(unparsed_arguments)
-    present_subparser_names = set()
 
-    for subparser_name, subparser in subparsers.choices.items():
-        if subparser_name not in remaining_arguments:
+    # Now ask each subparser, one by one, to greedily consume arguments.
+    for subparser_name, subparser in subparsers.items():
+        if subparser_name not in arguments.keys():
             continue
 
-        present_subparser_names.add(subparser_name)
+        subparser = subparsers[subparser_name]
         unused_parsed, remaining_arguments = subparser.parse_known_args(remaining_arguments)
 
-    # If no actions are explicitly requested, assume defaults: prune, create, and check.
-    if (
-        not present_subparser_names
-        and '--help' not in unparsed_arguments
-        and '-h' not in unparsed_arguments
-    ):
-        for subparser_name in ('prune', 'create', 'check'):
-            subparser = subparsers.choices[subparser_name]
-            unused_parsed, remaining_arguments = subparser.parse_known_args(remaining_arguments)
+    # Special case: If "borg" is present in the arguments, consume all arguments after (+1) the
+    # "borg" action.
+    if 'borg' in arguments:
+        borg_options_index = remaining_arguments.index('borg') + 1
+        arguments['borg'].options = remaining_arguments[borg_options_index:]
+        remaining_arguments = remaining_arguments[:borg_options_index]
 
     # Remove the subparser names themselves.
-    for subparser_name in present_subparser_names:
+    for subparser_name, subparser in subparsers.items():
         if subparser_name in remaining_arguments:
             remaining_arguments.remove(subparser_name)
 
-    return top_level_parser.parse_args(remaining_arguments)
+    return (arguments, remaining_arguments)
 
 
-def parse_arguments(*unparsed_arguments):
+class Extend_action(Action):
     '''
-    Given command-line arguments with which this script was invoked, parse the arguments and return
-    them as a dict mapping from subparser name (or "global") to an argparse.Namespace instance.
+    An argparse action to support Python 3.8's "extend" action in older versions of Python.
     '''
-    config_paths = collect.get_default_config_paths()
+
+    def __call__(self, parser, namespace, values, option_string=None):
+        items = getattr(namespace, self.dest, None)
+
+        if items:
+            items.extend(values)
+        else:
+            setattr(namespace, self.dest, list(values))
+
+
+def make_parsers():
+    '''
+    Build a top-level parser and its subparsers and return them as a tuple.
+    '''
+    config_paths = collect.get_default_config_paths(expand_home=True)
+    unexpanded_config_paths = collect.get_default_config_paths(expand_home=False)
 
     global_parser = ArgumentParser(add_help=False)
+    global_parser.register('action', 'extend', Extend_action)
     global_group = global_parser.add_argument_group('global arguments')
 
     global_group.add_argument(
@@ -118,7 +127,7 @@ def parse_arguments(*unparsed_arguments):
         dest='config_paths',
         default=config_paths,
         help='Configuration filenames or directories, defaults to: {}'.format(
-            ' '.join(config_paths)
+            ' '.join(unexpanded_config_paths)
         ),
     )
     global_group.add_argument(
@@ -158,12 +167,33 @@ def parse_arguments(*unparsed_arguments):
         default=0,
         help='Log verbose progress to log file (from only errors to very verbose: -1, 0, 1, or 2). Only used when --log-file is given',
     )
+    global_group.add_argument(
+        '--monitoring-verbosity',
+        type=int,
+        choices=range(-1, 3),
+        default=0,
+        help='Log verbose progress to monitoring integrations that support logging (from only errors to very verbose: -1, 0, 1, or 2)',
+    )
     global_group.add_argument(
         '--log-file',
         type=str,
         default=None,
         help='Write log messages to this file instead of syslog',
     )
+    global_group.add_argument(
+        '--override',
+        metavar='SECTION.OPTION=VALUE',
+        nargs='+',
+        dest='overrides',
+        action='extend',
+        help='One or more configuration file options to override with specified values',
+    )
+    global_group.add_argument(
+        '--bash-completion',
+        default=False,
+        action='store_true',
+        help='Show bash completion script and exit',
+    )
     global_group.add_argument(
         '--version',
         dest='version',
@@ -175,8 +205,8 @@ def parse_arguments(*unparsed_arguments):
     top_level_parser = ArgumentParser(
         description='''
             Simple, configuration-driven backup software for servers and workstations. If none of
-            the action options are given, then borgmatic defaults to: prune, create, and check
-            archives.
+            the action options are given, then borgmatic defaults to: prune, compact, create, and
+            check.
             ''',
         parents=[global_parser],
     )
@@ -184,7 +214,7 @@ def parse_arguments(*unparsed_arguments):
     subparsers = top_level_parser.add_subparsers(
         title='actions',
         metavar='',
-        help='Specify zero or more actions. Defaults to prune, create, and check. Use --help with action for details:',
+        help='Specify zero or more actions. Defaults to prune, compact, create, and check. Use --help with action for details:',
     )
     init_parser = subparsers.add_parser(
         'init',
@@ -217,8 +247,8 @@ def parse_arguments(*unparsed_arguments):
     prune_parser = subparsers.add_parser(
         'prune',
         aliases=SUBPARSER_ALIASES['prune'],
-        help='Prune archives according to the retention policy',
-        description='Prune archives according to the retention policy',
+        help='Prune archives according to the retention policy (with Borg 1.2+, run compact afterwards to actually free space)',
+        description='Prune archives according to the retention policy (with Borg 1.2+, run compact afterwards to actually free space)',
         add_help=False,
     )
     prune_group = prune_parser.add_argument_group('prune arguments')
@@ -229,8 +259,43 @@ def parse_arguments(*unparsed_arguments):
         action='store_true',
         help='Display statistics of archive',
     )
+    prune_group.add_argument(
+        '--files', dest='files', default=False, action='store_true', help='Show per-file details'
+    )
     prune_group.add_argument('-h', '--help', action='help', help='Show this help message and exit')
 
+    compact_parser = subparsers.add_parser(
+        'compact',
+        aliases=SUBPARSER_ALIASES['compact'],
+        help='Compact segments to free space (Borg 1.2+ only)',
+        description='Compact segments to free space (Borg 1.2+ only)',
+        add_help=False,
+    )
+    compact_group = compact_parser.add_argument_group('compact arguments')
+    compact_group.add_argument(
+        '--progress',
+        dest='progress',
+        default=False,
+        action='store_true',
+        help='Display progress as each segment is compacted',
+    )
+    compact_group.add_argument(
+        '--cleanup-commits',
+        dest='cleanup_commits',
+        default=False,
+        action='store_true',
+        help='Cleanup commit-only 17-byte segment files left behind by Borg 1.1',
+    )
+    compact_group.add_argument(
+        '--threshold',
+        type=int,
+        dest='threshold',
+        help='Minimum saved space percentage threshold for compacting a segment, defaults to 10',
+    )
+    compact_group.add_argument(
+        '-h', '--help', action='help', help='Show this help message and exit'
+    )
+
     create_parser = subparsers.add_parser(
         'create',
         aliases=SUBPARSER_ALIASES['create'],
@@ -244,7 +309,7 @@ def parse_arguments(*unparsed_arguments):
         dest='progress',
         default=False,
         action='store_true',
-        help='Display progress for each file as it is processed',
+        help='Display progress for each file as it is backed up',
     )
     create_group.add_argument(
         '--stats',
@@ -253,6 +318,9 @@ def parse_arguments(*unparsed_arguments):
         action='store_true',
         help='Display statistics of archive',
     )
+    create_group.add_argument(
+        '--files', dest='files', default=False, action='store_true', help='Show per-file details'
+    )
     create_group.add_argument(
         '--json', dest='json', default=False, action='store_true', help='Output results as JSON'
     )
@@ -266,12 +334,19 @@ def parse_arguments(*unparsed_arguments):
         add_help=False,
     )
     check_group = check_parser.add_argument_group('check arguments')
+    check_group.add_argument(
+        '--progress',
+        dest='progress',
+        default=False,
+        action='store_true',
+        help='Display progress for each file as it is checked',
+    )
     check_group.add_argument(
         '--repair',
         dest='repair',
         default=False,
         action='store_true',
-        help='Attempt to repair any inconsistencies found (experimental and only for interactive use)',
+        help='Attempt to repair any inconsistencies found (for interactive use)',
     )
     check_group.add_argument(
         '--only',
@@ -279,7 +354,13 @@ def parse_arguments(*unparsed_arguments):
         choices=('repository', 'archives', 'data', 'extract'),
         dest='only',
         action='append',
-        help='Run a particular consistency check (repository, archives, data, or extract) instead of configured checks; can specify flag multiple times',
+        help='Run a particular consistency check (repository, archives, data, or extract) instead of configured checks (subject to configured frequency, can specify flag multiple times)',
+    )
+    check_group.add_argument(
+        '--force',
+        default=False,
+        action='store_true',
+        help='Ignore configured check frequencies and run checks unconditionally',
     )
     check_group.add_argument('-h', '--help', action='help', help='Show this help message and exit')
 
@@ -295,7 +376,9 @@ def parse_arguments(*unparsed_arguments):
         '--repository',
         help='Path of repository to extract, defaults to the configured repository if there is only one',
     )
-    extract_group.add_argument('--archive', help='Name of archive to extract', required=True)
+    extract_group.add_argument(
+        '--archive', help='Name of archive to extract (or "latest")', required=True
+    )
     extract_group.add_argument(
         '--path',
         '--restore-path',
@@ -310,17 +393,70 @@ def parse_arguments(*unparsed_arguments):
         dest='destination',
         help='Directory to extract files into, defaults to the current directory',
     )
+    extract_group.add_argument(
+        '--strip-components',
+        type=int,
+        metavar='NUMBER',
+        dest='strip_components',
+        help='Number of leading path components to remove from each extracted path. Skip paths with fewer elements',
+    )
     extract_group.add_argument(
         '--progress',
         dest='progress',
         default=False,
         action='store_true',
-        help='Display progress for each file as it is processed',
+        help='Display progress for each file as it is extracted',
     )
     extract_group.add_argument(
         '-h', '--help', action='help', help='Show this help message and exit'
     )
 
+    export_tar_parser = subparsers.add_parser(
+        'export-tar',
+        aliases=SUBPARSER_ALIASES['export-tar'],
+        help='Export an archive to a tar-formatted file or stream',
+        description='Export an archive to a tar-formatted file or stream',
+        add_help=False,
+    )
+    export_tar_group = export_tar_parser.add_argument_group('export-tar arguments')
+    export_tar_group.add_argument(
+        '--repository',
+        help='Path of repository to export from, defaults to the configured repository if there is only one',
+    )
+    export_tar_group.add_argument(
+        '--archive', help='Name of archive to export (or "latest")', required=True
+    )
+    export_tar_group.add_argument(
+        '--path',
+        metavar='PATH',
+        nargs='+',
+        dest='paths',
+        help='Paths to export from archive, defaults to the entire archive',
+    )
+    export_tar_group.add_argument(
+        '--destination',
+        metavar='PATH',
+        dest='destination',
+        help='Path to destination export tar file, or "-" for stdout (but be careful about dirtying output with --verbosity or --files)',
+        required=True,
+    )
+    export_tar_group.add_argument(
+        '--tar-filter', help='Name of filter program to pipe data through'
+    )
+    export_tar_group.add_argument(
+        '--files', default=False, action='store_true', help='Show per-file details'
+    )
+    export_tar_group.add_argument(
+        '--strip-components',
+        type=int,
+        metavar='NUMBER',
+        dest='strip_components',
+        help='Number of leading path components to remove from each exported path. Skip paths with fewer elements',
+    )
+    export_tar_group.add_argument(
+        '-h', '--help', action='help', help='Show this help message and exit'
+    )
+
     mount_parser = subparsers.add_parser(
         'mount',
         aliases=SUBPARSER_ALIASES['mount'],
@@ -333,7 +469,7 @@ def parse_arguments(*unparsed_arguments):
         '--repository',
         help='Path of repository to use, defaults to the configured repository if there is only one',
     )
-    mount_group.add_argument('--archive', help='Name of archive to mount')
+    mount_group.add_argument('--archive', help='Name of archive to mount (or "latest")')
     mount_group.add_argument(
         '--mount-point',
         metavar='PATH',
@@ -387,7 +523,9 @@ def parse_arguments(*unparsed_arguments):
         '--repository',
         help='Path of repository to restore from, defaults to the configured repository if there is only one',
     )
-    restore_group.add_argument('--archive', help='Name of archive to restore from', required=True)
+    restore_group.add_argument(
+        '--archive', help='Name of archive to restore from (or "latest")', required=True
+    )
     restore_group.add_argument(
         '--database',
         metavar='NAME',
@@ -395,13 +533,6 @@ def parse_arguments(*unparsed_arguments):
         dest='databases',
         help='Names of databases to restore from archive, defaults to all databases. Note that any databases to restore must be defined in borgmatic\'s configuration',
     )
-    restore_group.add_argument(
-        '--progress',
-        dest='progress',
-        default=False,
-        action='store_true',
-        help='Display progress for each database dump file as it is extracted from archive',
-    )
     restore_group.add_argument(
         '-h', '--help', action='help', help='Show this help message and exit'
     )
@@ -415,16 +546,22 @@ def parse_arguments(*unparsed_arguments):
     )
     list_group = list_parser.add_argument_group('list arguments')
     list_group.add_argument(
-        '--repository',
-        help='Path of repository to list, defaults to the configured repository if there is only one',
+        '--repository', help='Path of repository to list, defaults to the configured repositories',
     )
-    list_group.add_argument('--archive', help='Name of archive to list')
+    list_group.add_argument('--archive', help='Name of archive to list (or "latest")')
     list_group.add_argument(
         '--path',
         metavar='PATH',
         nargs='+',
         dest='paths',
-        help='Paths to list from archive, defaults to the entire archive',
+        help='Paths or patterns to list from a single selected archive (via "--archive"), defaults to listing the entire archive',
+    )
+    list_group.add_argument(
+        '--find',
+        metavar='PATH',
+        nargs='+',
+        dest='find_paths',
+        help='Partial paths or patterns to search for and list across multiple archives',
     )
     list_group.add_argument(
         '--short', default=False, action='store_true', help='Output only archive or path names'
@@ -441,9 +578,9 @@ def parse_arguments(*unparsed_arguments):
     )
     list_group.add_argument(
         '--successful',
-        default=False,
+        default=True,
         action='store_true',
-        help='Only list archive names of successful (non-checkpoint) backups',
+        help='Deprecated in favor of listing successful (non-checkpoint) backups by default in newer versions of Borg',
     )
     list_group.add_argument(
         '--sort-by', metavar='KEYS', help='Comma-separated list of sorting keys'
@@ -480,7 +617,7 @@ def parse_arguments(*unparsed_arguments):
         '--repository',
         help='Path of repository to show info for, defaults to the configured repository if there is only one',
     )
-    info_group.add_argument('--archive', help='Name of archive to show info for')
+    info_group.add_argument('--archive', help='Name of archive to show info for (or "latest")')
     info_group.add_argument(
         '--json', dest='json', default=False, action='store_true', help='Output results as JSON'
     )
@@ -502,12 +639,46 @@ def parse_arguments(*unparsed_arguments):
         help='Show info for first N archives after other filters are applied',
     )
     info_group.add_argument(
-        '--last', metavar='N', help='Show info for first N archives after other filters are applied'
+        '--last', metavar='N', help='Show info for last N archives after other filters are applied'
     )
     info_group.add_argument('-h', '--help', action='help', help='Show this help message and exit')
 
-    arguments = parse_subparser_arguments(unparsed_arguments, subparsers)
-    arguments['global'] = parse_global_arguments(unparsed_arguments, top_level_parser, subparsers)
+    borg_parser = subparsers.add_parser(
+        'borg',
+        aliases=SUBPARSER_ALIASES['borg'],
+        help='Run an arbitrary Borg command',
+        description='Run an arbitrary Borg command based on borgmatic\'s configuration',
+        add_help=False,
+    )
+    borg_group = borg_parser.add_argument_group('borg arguments')
+    borg_group.add_argument(
+        '--repository',
+        help='Path of repository to pass to Borg, defaults to the configured repositories',
+    )
+    borg_group.add_argument('--archive', help='Name of archive to pass to Borg (or "latest")')
+    borg_group.add_argument(
+        '--',
+        metavar='OPTION',
+        dest='options',
+        nargs='+',
+        help='Options to pass to Borg, command first ("create", "list", etc). "--" is optional. To specify the repository or the archive, you must use --repository or --archive instead of providing them here.',
+    )
+    borg_group.add_argument('-h', '--help', action='help', help='Show this help message and exit')
+
+    return top_level_parser, subparsers
+
+
+def parse_arguments(*unparsed_arguments):
+    '''
+    Given command-line arguments with which this script was invoked, parse the arguments and return
+    them as a dict mapping from subparser name (or "global") to an argparse.Namespace instance.
+    '''
+    top_level_parser, subparsers = make_parsers()
+
+    arguments, remaining_arguments = parse_subparser_arguments(
+        unparsed_arguments, subparsers.choices
+    )
+    arguments['global'] = top_level_parser.parse_args(remaining_arguments)
 
     if arguments['global'].excludes_filename:
         raise ValueError(
@@ -517,9 +688,6 @@ def parse_arguments(*unparsed_arguments):
     if 'init' in arguments and arguments['global'].dry_run:
         raise ValueError('The init action cannot be used with the --dry-run option')
 
-    if 'list' in arguments and arguments['list'].glob_archives and arguments['list'].successful:
-        raise ValueError('The --glob-archives and --successful options cannot be used together')
-
     if (
         'list' in arguments
         and 'info' in arguments

borgmatic/commands/borgmatic.py

@@ -1,23 +1,32 @@
 import collections
+import copy
 import json
 import logging
 import os
 import sys
+import time
+from queue import Queue
 from subprocess import CalledProcessError
 
 import colorama
 import pkg_resources
 
+import borgmatic.commands.completion
+from borgmatic.borg import borg as borg_borg
 from borgmatic.borg import check as borg_check
+from borgmatic.borg import compact as borg_compact
 from borgmatic.borg import create as borg_create
 from borgmatic.borg import environment as borg_environment
+from borgmatic.borg import export_tar as borg_export_tar
 from borgmatic.borg import extract as borg_extract
+from borgmatic.borg import feature as borg_feature
 from borgmatic.borg import info as borg_info
 from borgmatic.borg import init as borg_init
 from borgmatic.borg import list as borg_list
 from borgmatic.borg import mount as borg_mount
 from borgmatic.borg import prune as borg_prune
 from borgmatic.borg import umount as borg_umount
+from borgmatic.borg import version as borg_version
 from borgmatic.commands.arguments import parse_arguments
 from borgmatic.config import checks, collect, convert, validate
 from borgmatic.hooks import command, dispatch, dump, monitor
@@ -33,8 +42,8 @@ LEGACY_CONFIG_PATH = '/etc/borgmatic/config'
 def run_configuration(config_filename, config, arguments):
     '''
     Given a config filename, the corresponding parsed config dict, and command-line arguments as a
-    dict from subparser name to a namespace of parsed arguments, execute its defined pruning,
-    backups, consistency checks, and/or other actions.
+    dict from subparser name to a namespace of parsed arguments, execute the defined prune, compact,
+    create, check, and/or other actions.
 
     Yield a combination of:
 
@@ -49,45 +58,64 @@ def run_configuration(config_filename, config, arguments):
 
     local_path = location.get('local_path', 'borg')
     remote_path = location.get('remote_path')
+    retries = storage.get('retries', 0)
+    retry_wait = storage.get('retry_wait', 0)
     borg_environment.initialize(storage)
     encountered_error = None
     error_repository = ''
+    using_primary_action = {'prune', 'compact', 'create', 'check'}.intersection(arguments)
+    monitoring_log_level = verbosity_to_log_level(global_arguments.monitoring_verbosity)
 
-    if 'create' in arguments:
-        try:
+    try:
+        local_borg_version = borg_version.local_borg_version(local_path)
+    except (OSError, CalledProcessError, ValueError) as error:
+        yield from log_error_records(
+            '{}: Error getting local Borg version'.format(config_filename), error
+        )
+        return
+
+    try:
+        if using_primary_action:
+            dispatch.call_hooks(
+                'initialize_monitor',
+                hooks,
+                config_filename,
+                monitor.MONITOR_HOOK_NAMES,
+                monitoring_log_level,
+                global_arguments.dry_run,
+            )
+        if using_primary_action:
             dispatch.call_hooks(
                 'ping_monitor',
                 hooks,
                 config_filename,
                 monitor.MONITOR_HOOK_NAMES,
                 monitor.State.START,
+                monitoring_log_level,
                 global_arguments.dry_run,
             )
-            command.execute_hook(
-                hooks.get('before_backup'),
-                hooks.get('umask'),
-                config_filename,
-                'pre-backup',
-                global_arguments.dry_run,
-            )
-            dispatch.call_hooks(
-                'dump_databases',
-                hooks,
-                config_filename,
-                dump.DATABASE_HOOK_NAMES,
-                global_arguments.dry_run,
-            )
-        except (OSError, CalledProcessError) as error:
-            encountered_error = error
-            yield from make_error_log_records(
-                '{}: Error running pre-backup hook'.format(config_filename), error
-            )
+    except (OSError, CalledProcessError) as error:
+        if command.considered_soft_failure(config_filename, error):
+            return
+
+        encountered_error = error
+        yield from log_error_records('{}: Error pinging monitor'.format(config_filename), error)
 
     if not encountered_error:
-        for repository_path in location['repositories']:
+        repo_queue = Queue()
+        for repo in location['repositories']:
+            repo_queue.put((repo, 0),)
+
+        while not repo_queue.empty():
+            repository_path, retry_num = repo_queue.get()
+            timeout = retry_num * retry_wait
+            if timeout:
+                logger.warning(f'{config_filename}: Sleeping {timeout}s before next retry')
+                time.sleep(timeout)
             try:
                 yield from run_actions(
                     arguments=arguments,
+                    config_filename=config_filename,
                     location=location,
                     storage=storage,
                     retention=retention,
@@ -95,46 +123,62 @@ def run_configuration(config_filename, config, arguments):
                     hooks=hooks,
                     local_path=local_path,
                     remote_path=remote_path,
+                    local_borg_version=local_borg_version,
                     repository_path=repository_path,
                 )
             except (OSError, CalledProcessError, ValueError) as error:
-                encountered_error = error
-                error_repository = repository_path
-                yield from make_error_log_records(
+                if retry_num < retries:
+                    repo_queue.put((repository_path, retry_num + 1),)
+                    tuple(  # Consume the generator so as to trigger logging.
+                        log_error_records(
+                            '{}: Error running actions for repository'.format(repository_path),
+                            error,
+                            levelno=logging.WARNING,
+                            log_command_error_output=True,
+                        )
+                    )
+                    logger.warning(
+                        f'{config_filename}: Retrying... attempt {retry_num + 1}/{retries}'
+                    )
+                    continue
+
+                if command.considered_soft_failure(config_filename, error):
+                    return
+
+                yield from log_error_records(
                     '{}: Error running actions for repository'.format(repository_path), error
                 )
+                encountered_error = error
+                error_repository = repository_path
 
-    if 'create' in arguments and not encountered_error:
+    if not encountered_error:
         try:
-            dispatch.call_hooks(
-                'remove_database_dumps',
-                hooks,
-                config_filename,
-                dump.DATABASE_HOOK_NAMES,
-                global_arguments.dry_run,
-            )
-            command.execute_hook(
-                hooks.get('after_backup'),
-                hooks.get('umask'),
-                config_filename,
-                'post-backup',
-                global_arguments.dry_run,
-            )
-            dispatch.call_hooks(
-                'ping_monitor',
-                hooks,
-                config_filename,
-                monitor.MONITOR_HOOK_NAMES,
-                monitor.State.FINISH,
-                global_arguments.dry_run,
-            )
+            if using_primary_action:
+                dispatch.call_hooks(
+                    'ping_monitor',
+                    hooks,
+                    config_filename,
+                    monitor.MONITOR_HOOK_NAMES,
+                    monitor.State.FINISH,
+                    monitoring_log_level,
+                    global_arguments.dry_run,
+                )
+                dispatch.call_hooks(
+                    'destroy_monitor',
+                    hooks,
+                    config_filename,
+                    monitor.MONITOR_HOOK_NAMES,
+                    monitoring_log_level,
+                    global_arguments.dry_run,
+                )
         except (OSError, CalledProcessError) as error:
-            encountered_error = error
-            yield from make_error_log_records(
-                '{}: Error running post-backup hook'.format(config_filename), error
-            )
+            if command.considered_soft_failure(config_filename, error):
+                return
 
-    if encountered_error:
+            encountered_error = error
+            yield from log_error_records('{}: Error pinging monitor'.format(config_filename), error)
+
+    if encountered_error and using_primary_action:
         try:
             command.execute_hook(
                 hooks.get('on_error'),
@@ -152,10 +196,22 @@ def run_configuration(config_filename, config, arguments):
                 config_filename,
                 monitor.MONITOR_HOOK_NAMES,
                 monitor.State.FAIL,
+                monitoring_log_level,
+                global_arguments.dry_run,
+            )
+            dispatch.call_hooks(
+                'destroy_monitor',
+                hooks,
+                config_filename,
+                monitor.MONITOR_HOOK_NAMES,
+                monitoring_log_level,
                 global_arguments.dry_run,
             )
         except (OSError, CalledProcessError) as error:
-            yield from make_error_log_records(
+            if command.considered_soft_failure(config_filename, error):
+                return
+
+            yield from log_error_records(
                 '{}: Error running on-error hook'.format(config_filename), error
             )
 
@@ -163,6 +219,7 @@ def run_configuration(config_filename, config, arguments):
 def run_actions(
     *,
     arguments,
+    config_filename,
     location,
     storage,
     retention,
@@ -170,21 +227,30 @@ def run_actions(
     hooks,
     local_path,
     remote_path,
-    repository_path
-):  # pragma: no cover
+    local_borg_version,
+    repository_path,
+):
     '''
-    Given parsed command-line arguments as an argparse.ArgumentParser instance, several different
-    configuration dicts, local and remote paths to Borg, and a repository name, run all actions
-    from the command-line arguments on the given repository.
+    Given parsed command-line arguments as an argparse.ArgumentParser instance, the configuration
+    filename, several different configuration dicts, local and remote paths to Borg, a local Borg
+    version string, and a repository name, run all actions from the command-line arguments on the
+    given repository.
 
     Yield JSON output strings from executing any actions that produce JSON.
 
     Raise OSError or subprocess.CalledProcessError if an error occurs running a command for an
-    action. Raise ValueError if the arguments or configuration passed to action are invalid.
+    action or a hook. Raise ValueError if the arguments or configuration passed to action are
+    invalid.
     '''
     repository = os.path.expanduser(repository_path)
     global_arguments = arguments['global']
     dry_run_label = ' (dry run; not making any changes)' if global_arguments.dry_run else ''
+    hook_context = {
+        'repository': repository_path,
+        # Deprecated: For backwards compatibility with borgmatic < 1.6.0.
+        'repositories': ','.join(location['repositories']),
+    }
+
     if 'init' in arguments:
         logger.info('{}: Initializing repository'.format(repository))
         borg_init.initialize_repository(
@@ -197,6 +263,14 @@ def run_actions(
             remote_path=remote_path,
         )
     if 'prune' in arguments:
+        command.execute_hook(
+            hooks.get('before_prune'),
+            hooks.get('umask'),
+            config_filename,
+            'pre-prune',
+            global_arguments.dry_run,
+            **hook_context,
+        )
         logger.info('{}: Pruning archives{}'.format(repository, dry_run_label))
         borg_prune.prune_archives(
             global_arguments.dry_run,
@@ -206,34 +280,148 @@ def run_actions(
             local_path=local_path,
             remote_path=remote_path,
             stats=arguments['prune'].stats,
+            files=arguments['prune'].files,
+        )
+        command.execute_hook(
+            hooks.get('after_prune'),
+            hooks.get('umask'),
+            config_filename,
+            'post-prune',
+            global_arguments.dry_run,
+            **hook_context,
+        )
+    if 'compact' in arguments:
+        command.execute_hook(
+            hooks.get('before_compact'),
+            hooks.get('umask'),
+            config_filename,
+            'pre-compact',
+            global_arguments.dry_run,
+        )
+        if borg_feature.available(borg_feature.Feature.COMPACT, local_borg_version):
+            logger.info('{}: Compacting segments{}'.format(repository, dry_run_label))
+            borg_compact.compact_segments(
+                global_arguments.dry_run,
+                repository,
+                storage,
+                local_path=local_path,
+                remote_path=remote_path,
+                progress=arguments['compact'].progress,
+                cleanup_commits=arguments['compact'].cleanup_commits,
+                threshold=arguments['compact'].threshold,
+            )
+        else:  # pragma: nocover
+            logger.info(
+                '{}: Skipping compact (only available/needed in Borg 1.2+)'.format(repository)
+            )
+        command.execute_hook(
+            hooks.get('after_compact'),
+            hooks.get('umask'),
+            config_filename,
+            'post-compact',
+            global_arguments.dry_run,
         )
     if 'create' in arguments:
+        command.execute_hook(
+            hooks.get('before_backup'),
+            hooks.get('umask'),
+            config_filename,
+            'pre-backup',
+            global_arguments.dry_run,
+            **hook_context,
+        )
         logger.info('{}: Creating archive{}'.format(repository, dry_run_label))
+        dispatch.call_hooks(
+            'remove_database_dumps',
+            hooks,
+            repository,
+            dump.DATABASE_HOOK_NAMES,
+            location,
+            global_arguments.dry_run,
+        )
+        active_dumps = dispatch.call_hooks(
+            'dump_databases',
+            hooks,
+            repository,
+            dump.DATABASE_HOOK_NAMES,
+            location,
+            global_arguments.dry_run,
+        )
+        stream_processes = [process for processes in active_dumps.values() for process in processes]
+
         json_output = borg_create.create_archive(
             global_arguments.dry_run,
             repository,
             location,
             storage,
+            local_borg_version,
             local_path=local_path,
             remote_path=remote_path,
             progress=arguments['create'].progress,
             stats=arguments['create'].stats,
             json=arguments['create'].json,
+            files=arguments['create'].files,
+            stream_processes=stream_processes,
         )
-        if json_output:
+        if json_output:  # pragma: nocover
             yield json.loads(json_output)
+
+        dispatch.call_hooks(
+            'remove_database_dumps',
+            hooks,
+            config_filename,
+            dump.DATABASE_HOOK_NAMES,
+            location,
+            global_arguments.dry_run,
+        )
+        command.execute_hook(
+            hooks.get('after_backup'),
+            hooks.get('umask'),
+            config_filename,
+            'post-backup',
+            global_arguments.dry_run,
+            **hook_context,
+        )
+
     if 'check' in arguments and checks.repository_enabled_for_checks(repository, consistency):
+        command.execute_hook(
+            hooks.get('before_check'),
+            hooks.get('umask'),
+            config_filename,
+            'pre-check',
+            global_arguments.dry_run,
+            **hook_context,
+        )
         logger.info('{}: Running consistency checks'.format(repository))
         borg_check.check_archives(
             repository,
+            location,
             storage,
             consistency,
             local_path=local_path,
             remote_path=remote_path,
+            progress=arguments['check'].progress,
             repair=arguments['check'].repair,
             only_checks=arguments['check'].only,
+            force=arguments['check'].force,
+        )
+        command.execute_hook(
+            hooks.get('after_check'),
+            hooks.get('umask'),
+            config_filename,
+            'post-check',
+            global_arguments.dry_run,
+            **hook_context,
         )
     if 'extract' in arguments:
+        command.execute_hook(
+            hooks.get('before_extract'),
+            hooks.get('umask'),
+            config_filename,
+            'pre-extract',
+            global_arguments.dry_run,
+            **hook_context,
+        )
         if arguments['extract'].repository is None or validate.repositories_match(
             repository, arguments['extract'].repository
         ):
@@ -243,15 +431,51 @@ def run_actions(
             borg_extract.extract_archive(
                 global_arguments.dry_run,
                 repository,
-                arguments['extract'].archive,
+                borg_list.resolve_archive_name(
+                    repository, arguments['extract'].archive, storage, local_path, remote_path
+                ),
                 arguments['extract'].paths,
                 location,
                 storage,
+                local_borg_version,
                 local_path=local_path,
                 remote_path=remote_path,
                 destination_path=arguments['extract'].destination,
+                strip_components=arguments['extract'].strip_components,
                 progress=arguments['extract'].progress,
             )
+        command.execute_hook(
+            hooks.get('after_extract'),
+            hooks.get('umask'),
+            config_filename,
+            'post-extract',
+            global_arguments.dry_run,
+            **hook_context,
+        )
+    if 'export-tar' in arguments:
+        if arguments['export-tar'].repository is None or validate.repositories_match(
+            repository, arguments['export-tar'].repository
+        ):
+            logger.info(
+                '{}: Exporting archive {} as tar file'.format(
+                    repository, arguments['export-tar'].archive
+                )
+            )
+            borg_export_tar.export_tar_archive(
+                global_arguments.dry_run,
+                repository,
+                borg_list.resolve_archive_name(
+                    repository, arguments['export-tar'].archive, storage, local_path, remote_path
+                ),
+                arguments['export-tar'].paths,
+                arguments['export-tar'].destination,
+                storage,
+                local_path=local_path,
+                remote_path=remote_path,
+                tar_filter=arguments['export-tar'].tar_filter,
+                files=arguments['export-tar'].files,
+                strip_components=arguments['export-tar'].strip_components,
+            )
     if 'mount' in arguments:
         if arguments['mount'].repository is None or validate.repositories_match(
             repository, arguments['mount'].repository
@@ -260,12 +484,14 @@ def run_actions(
                 logger.info(
                     '{}: Mounting archive {}'.format(repository, arguments['mount'].archive)
                 )
-            else:
+            else:  # pragma: nocover
                 logger.info('{}: Mounting repository'.format(repository))
 
             borg_mount.mount_archive(
                 repository,
-                arguments['mount'].archive,
+                borg_list.resolve_archive_name(
+                    repository, arguments['mount'].archive, storage, local_path, remote_path
+                ),
                 arguments['mount'].mount_point,
                 arguments['mount'].paths,
                 arguments['mount'].foreground,
@@ -274,7 +500,7 @@ def run_actions(
                 local_path=local_path,
                 remote_path=remote_path,
             )
-    if 'restore' in arguments:
+    if 'restore' in arguments:  # pragma: nocover
         if arguments['restore'].repository is None or validate.repositories_match(
             repository, arguments['restore'].repository
         ):
@@ -283,88 +509,148 @@ def run_actions(
                     repository, arguments['restore'].archive
                 )
             )
+            dispatch.call_hooks(
+                'remove_database_dumps',
+                hooks,
+                repository,
+                dump.DATABASE_HOOK_NAMES,
+                location,
+                global_arguments.dry_run,
+            )
 
             restore_names = arguments['restore'].databases or []
             if 'all' in restore_names:
                 restore_names = []
 
-            # Extract dumps for the named databases from the archive.
-            dump_patterns = dispatch.call_hooks(
-                'make_database_dump_patterns',
+            archive_name = borg_list.resolve_archive_name(
+                repository, arguments['restore'].archive, storage, local_path, remote_path
+            )
+            found_names = set()
+
+            for hook_name, per_hook_restore_databases in hooks.items():
+                if hook_name not in dump.DATABASE_HOOK_NAMES:
+                    continue
+
+                for restore_database in per_hook_restore_databases:
+                    database_name = restore_database['name']
+                    if restore_names and database_name not in restore_names:
+                        continue
+
+                    found_names.add(database_name)
+                    dump_pattern = dispatch.call_hooks(
+                        'make_database_dump_pattern',
+                        hooks,
+                        repository,
+                        dump.DATABASE_HOOK_NAMES,
+                        location,
+                        database_name,
+                    )[hook_name]
+
+                    # Kick off a single database extract to stdout.
+                    extract_process = borg_extract.extract_archive(
+                        dry_run=global_arguments.dry_run,
+                        repository=repository,
+                        archive=archive_name,
+                        paths=dump.convert_glob_patterns_to_borg_patterns([dump_pattern]),
+                        location_config=location,
+                        storage_config=storage,
+                        local_borg_version=local_borg_version,
+                        local_path=local_path,
+                        remote_path=remote_path,
+                        destination_path='/',
+                        # A directory format dump isn't a single file, and therefore can't extract
+                        # to stdout. In this case, the extract_process return value is None.
+                        extract_to_stdout=bool(restore_database.get('format') != 'directory'),
+                    )
+
+                    # Run a single database restore, consuming the extract stdout (if any).
+                    dispatch.call_hooks(
+                        'restore_database_dump',
+                        {hook_name: [restore_database]},
+                        repository,
+                        dump.DATABASE_HOOK_NAMES,
+                        location,
+                        global_arguments.dry_run,
+                        extract_process,
+                    )
+
+            dispatch.call_hooks(
+                'remove_database_dumps',
                 hooks,
                 repository,
                 dump.DATABASE_HOOK_NAMES,
-                restore_names,
-            )
-
-            borg_extract.extract_archive(
-                global_arguments.dry_run,
-                repository,
-                arguments['restore'].archive,
-                dump.convert_glob_patterns_to_borg_patterns(
-                    dump.flatten_dump_patterns(dump_patterns, restore_names)
-                ),
                 location,
-                storage,
-                local_path=local_path,
-                remote_path=remote_path,
-                destination_path='/',
-                progress=arguments['restore'].progress,
-                # We don't want glob patterns that don't match to error.
-                error_on_warnings=False,
-            )
-
-            # Map the restore names or detected dumps to the corresponding database configurations.
-            restore_databases = dump.get_per_hook_database_configurations(
-                hooks, restore_names, dump_patterns
-            )
-
-            # Finally, restore the databases and cleanup the dumps.
-            dispatch.call_hooks(
-                'restore_database_dumps',
-                restore_databases,
-                repository,
-                dump.DATABASE_HOOK_NAMES,
-                global_arguments.dry_run,
-            )
-            dispatch.call_hooks(
-                'remove_database_dumps',
-                restore_databases,
-                repository,
-                dump.DATABASE_HOOK_NAMES,
                 global_arguments.dry_run,
             )
+
+            if not restore_names and not found_names:
+                raise ValueError('No databases were found to restore')
+
+            missing_names = sorted(set(restore_names) - found_names)
+            if missing_names:
+                raise ValueError(
+                    'Cannot restore database(s) {} missing from borgmatic\'s configuration'.format(
+                        ', '.join(missing_names)
+                    )
+                )
+
     if 'list' in arguments:
         if arguments['list'].repository is None or validate.repositories_match(
             repository, arguments['list'].repository
         ):
-            logger.info('{}: Listing archives'.format(repository))
+            list_arguments = copy.copy(arguments['list'])
+            if not list_arguments.json:  # pragma: nocover
+                logger.warning('{}: Listing archives'.format(repository))
+            list_arguments.archive = borg_list.resolve_archive_name(
+                repository, list_arguments.archive, storage, local_path, remote_path
+            )
             json_output = borg_list.list_archives(
                 repository,
                 storage,
-                list_arguments=arguments['list'],
+                list_arguments=list_arguments,
                 local_path=local_path,
                 remote_path=remote_path,
             )
-            if json_output:
+            if json_output:  # pragma: nocover
                 yield json.loads(json_output)
     if 'info' in arguments:
         if arguments['info'].repository is None or validate.repositories_match(
             repository, arguments['info'].repository
         ):
-            logger.info('{}: Displaying summary info for archives'.format(repository))
+            info_arguments = copy.copy(arguments['info'])
+            if not info_arguments.json:  # pragma: nocover
+                logger.warning('{}: Displaying summary info for archives'.format(repository))
+            info_arguments.archive = borg_list.resolve_archive_name(
+                repository, info_arguments.archive, storage, local_path, remote_path
+            )
             json_output = borg_info.display_archives_info(
                 repository,
                 storage,
-                info_arguments=arguments['info'],
+                info_arguments=info_arguments,
                 local_path=local_path,
                 remote_path=remote_path,
             )
-            if json_output:
+            if json_output:  # pragma: nocover
                 yield json.loads(json_output)
+    if 'borg' in arguments:
+        if arguments['borg'].repository is None or validate.repositories_match(
+            repository, arguments['borg'].repository
+        ):
+            logger.warning('{}: Running arbitrary Borg command'.format(repository))
+            archive_name = borg_list.resolve_archive_name(
+                repository, arguments['borg'].archive, storage, local_path, remote_path
+            )
+            borg_borg.run_arbitrary_borg(
+                repository,
+                storage,
+                options=arguments['borg'].options,
+                archive=archive_name,
+                local_path=local_path,
+                remote_path=remote_path,
+            )
 
 
-def load_configurations(config_filenames):
+def load_configurations(config_filenames, overrides=None):
     '''
     Given a sequence of configuration filenames, load and validate each configuration file. Return
     the results as a tuple of: dict of configuration filename to corresponding parsed configuration,
@@ -378,7 +664,21 @@ def load_configurations(config_filenames):
     for config_filename in config_filenames:
         try:
             configs[config_filename] = validate.parse_configuration(
-                config_filename, validate.schema_filename()
+                config_filename, validate.schema_filename(), overrides
+            )
+        except PermissionError:
+            logs.extend(
+                [
+                    logging.makeLogRecord(
+                        dict(
+                            levelno=logging.WARNING,
+                            levelname='WARNING',
+                            msg='{}: Insufficient permissions to read configuration file'.format(
+                                config_filename
+                            ),
+                        )
+                    ),
+                ]
             )
         except (ValueError, OSError, validate.Validation_error) as error:
             logs.extend(
@@ -412,28 +712,39 @@ def log_record(suppress_log=False, **kwargs):
     return record
 
 
-def make_error_log_records(message, error=None):
+def log_error_records(
+    message, error=None, levelno=logging.CRITICAL, log_command_error_output=False
+):
     '''
-    Given error message text and an optional exception object, yield a series of logging.LogRecord
-    instances with error summary information. As a side effect, log each record.
+    Given error message text, an optional exception object, an optional log level, and whether to
+    log the error output of a CalledProcessError (if any), log error summary information and also
+    yield it as a series of logging.LogRecord instances.
+
+    Note that because the logs are yielded as a generator, logs won't get logged unless you consume
+    the generator output.
     '''
+    level_name = logging._levelToName[levelno]
+
     if not error:
-        yield log_record(levelno=logging.CRITICAL, levelname='CRITICAL', msg=message)
+        yield log_record(levelno=levelno, levelname=level_name, msg=message)
         return
 
     try:
         raise error
     except CalledProcessError as error:
-        yield log_record(levelno=logging.CRITICAL, levelname='CRITICAL', msg=message)
+        yield log_record(levelno=levelno, levelname=level_name, msg=message)
         if error.output:
             # Suppress these logs for now and save full error output for the log summary at the end.
             yield log_record(
-                levelno=logging.CRITICAL, levelname='CRITICAL', msg=error.output, suppress_log=True
+                levelno=levelno,
+                levelname=level_name,
+                msg=error.output,
+                suppress_log=not log_command_error_output,
             )
-        yield log_record(levelno=logging.CRITICAL, levelname='CRITICAL', msg=error)
+        yield log_record(levelno=levelno, levelname=level_name, msg=error)
     except (ValueError, OSError) as error:
-        yield log_record(levelno=logging.CRITICAL, levelname='CRITICAL', msg=message)
-        yield log_record(levelno=logging.CRITICAL, levelname='CRITICAL', msg=error)
+        yield log_record(levelno=levelno, levelname=level_name, msg=message)
+        yield log_record(levelno=levelno, levelname=level_name, msg=error)
     except:  # noqa: E722
         # Raising above only as a means of determining the error type. Swallow the exception here
         # because we don't want the exception to propagate out of this function.
@@ -472,12 +783,14 @@ def collect_configuration_run_summary_logs(configs, arguments):
         try:
             validate.guard_configuration_contains_repository(repository, configs)
         except ValueError as error:
-            yield from make_error_log_records(str(error))
+            yield from log_error_records(str(error))
             return
 
     if not configs:
-        yield from make_error_log_records(
-            '{}: No configuration files found'.format(' '.join(arguments['global'].config_paths))
+        yield from log_error_records(
+            '{}: No valid configuration files found'.format(
+                ' '.join(arguments['global'].config_paths)
+            )
         )
         return
 
@@ -493,7 +806,7 @@ def collect_configuration_run_summary_logs(configs, arguments):
                     arguments['global'].dry_run,
                 )
         except (CalledProcessError, ValueError, OSError) as error:
-            yield from make_error_log_records('Error running pre-everything hook', error)
+            yield from log_error_records('Error running pre-everything hook', error)
             return
 
     # Execute the actions corresponding to each configuration file.
@@ -503,7 +816,7 @@ def collect_configuration_run_summary_logs(configs, arguments):
         error_logs = tuple(result for result in results if isinstance(result, logging.LogRecord))
 
         if error_logs:
-            yield from make_error_log_records(
+            yield from log_error_records(
                 '{}: Error running configuration file'.format(config_filename)
             )
             yield from error_logs
@@ -525,7 +838,7 @@ def collect_configuration_run_summary_logs(configs, arguments):
                 mount_point=arguments['umount'].mount_point, local_path=get_local_path(configs)
             )
         except (CalledProcessError, OSError) as error:
-            yield from make_error_log_records('Error unmounting mount point', error)
+            yield from log_error_records('Error unmounting mount point', error)
 
     if json_results:
         sys.stdout.write(json.dumps(json_results))
@@ -542,7 +855,7 @@ def collect_configuration_run_summary_logs(configs, arguments):
                     arguments['global'].dry_run,
                 )
         except (CalledProcessError, ValueError, OSError) as error:
-            yield from make_error_log_records('Error running post-everything hook', error)
+            yield from log_error_records('Error running post-everything hook', error)
 
 
 def exit_with_help_link():  # pragma: no cover
@@ -574,16 +887,26 @@ def main():  # pragma: no cover
     if global_arguments.version:
         print(pkg_resources.require('borgmatic')[0].version)
         sys.exit(0)
+    if global_arguments.bash_completion:
+        print(borgmatic.commands.completion.bash_completion())
+        sys.exit(0)
 
     config_filenames = tuple(collect.collect_config_filenames(global_arguments.config_paths))
-    configs, parse_logs = load_configurations(config_filenames)
+    configs, parse_logs = load_configurations(config_filenames, global_arguments.overrides)
 
-    colorama.init(autoreset=True, strip=not should_do_markup(global_arguments.no_color, configs))
+    any_json_flags = any(
+        getattr(sub_arguments, 'json', False) for sub_arguments in arguments.values()
+    )
+    colorama.init(
+        autoreset=True,
+        strip=not should_do_markup(global_arguments.no_color or any_json_flags, configs),
+    )
     try:
         configure_logging(
             verbosity_to_log_level(global_arguments.verbosity),
             verbosity_to_log_level(global_arguments.syslog_verbosity),
             verbosity_to_log_level(global_arguments.log_file_verbosity),
+            verbosity_to_log_level(global_arguments.monitoring_verbosity),
             global_arguments.log_file,
         )
     except (FileNotFoundError, PermissionError) as error:

borgmatic/commands/completion.py

@@ -0,0 +1,58 @@
+from borgmatic.commands import arguments
+
+UPGRADE_MESSAGE = '''
+Your bash completions script is from a different version of borgmatic than is
+currently installed. Please upgrade your script so your completions match the
+command-line flags in your installed borgmatic! Try this to upgrade:
+
+    sudo sh -c "borgmatic --bash-completion > $BASH_SOURCE"
+    source $BASH_SOURCE
+'''
+
+
+def parser_flags(parser):
+    '''
+    Given an argparse.ArgumentParser instance, return its argument flags in a space-separated
+    string.
+    '''
+    return ' '.join(option for action in parser._actions for option in action.option_strings)
+
+
+def bash_completion():
+    '''
+    Return a bash completion script for the borgmatic command. Produce this by introspecting
+    borgmatic's command-line argument parsers.
+    '''
+    top_level_parser, subparsers = arguments.make_parsers()
+    global_flags = parser_flags(top_level_parser)
+    actions = ' '.join(subparsers.choices.keys())
+
+    # Avert your eyes.
+    return '\n'.join(
+        (
+            'set -uo pipefail',
+            'check_version() {',
+            '    local this_script="$(cat "$BASH_SOURCE" 2> /dev/null)"',
+            '    local installed_script="$(borgmatic --bash-completion 2> /dev/null)"',
+            '    if [ "$this_script" != "$installed_script" ] && [ "$installed_script" != "" ];'
+            '        then cat << EOF\n%s\nEOF' % UPGRADE_MESSAGE,
+            '    fi',
+            '}',
+            'complete_borgmatic() {',
+        )
+        + tuple(
+            '''    if [[ " ${COMP_WORDS[*]} " =~ " %s " ]]; then
+        COMPREPLY=($(compgen -W "%s %s %s" -- "${COMP_WORDS[COMP_CWORD]}"))
+        return 0
+    fi'''
+            % (action, parser_flags(subparser), actions, global_flags)
+            for action, subparser in subparsers.choices.items()
+        )
+        + (
+            '    COMPREPLY=($(compgen -W "%s %s" -- "${COMP_WORDS[COMP_CWORD]}"))'
+            % (actions, global_flags),
+            '    (check_version &)',
+            '}',
+            '\ncomplete -o bashdefault -o default -F complete_borgmatic borgmatic',
+        )
+    )

borgmatic/commands/convert_config.py

@@ -99,7 +99,9 @@ def main():  # pragma: no cover
         )
 
         generate.write_configuration(
-            args.destination_config_filename, destination_config, mode=source_config_file_mode
+            args.destination_config_filename,
+            generate.render_configuration(destination_config),
+            mode=source_config_file_mode,
         )
 
         display_result(args)

borgmatic/commands/generate_config.py

@@ -23,10 +23,16 @@ def parse_arguments(*arguments):
         '--destination',
         dest='destination_filename',
         default=DEFAULT_DESTINATION_CONFIG_FILENAME,
-        help='Destination YAML configuration file. Default: {}'.format(
+        help='Destination YAML configuration file, default: {}'.format(
             DEFAULT_DESTINATION_CONFIG_FILENAME
         ),
     )
+    parser.add_argument(
+        '--overwrite',
+        default=False,
+        action='store_true',
+        help='Whether to overwrite any existing destination file, defaults to false',
+    )
 
     return parser.parse_args(arguments)
 
@@ -36,7 +42,10 @@ def main():  # pragma: no cover
         args = parse_arguments(*sys.argv[1:])
 
         generate.generate_sample_configuration(
-            args.source_filename, args.destination_filename, validate.schema_filename()
+            args.source_filename,
+            args.destination_filename,
+            validate.schema_filename(),
+            overwrite=args.overwrite,
         )
 
         print('Generated a sample configuration file at {}.'.format(args.destination_filename))

borgmatic/config/collect.py

@@ -1,20 +1,23 @@
 import os
 
 
-def get_default_config_paths():
+def get_default_config_paths(expand_home=True):
     '''
     Based on the value of the XDG_CONFIG_HOME and HOME environment variables, return a list of
     default configuration paths. This includes both system-wide configuration and configuration in
     the current user's home directory.
+
+    Don't expand the home directory ($HOME) if the expand home flag is False.
     '''
-    user_config_directory = os.getenv('XDG_CONFIG_HOME') or os.path.expandvars(
-        os.path.join('$HOME', '.config')
-    )
+    user_config_directory = os.getenv('XDG_CONFIG_HOME') or os.path.join('$HOME', '.config')
+    if expand_home:
+        user_config_directory = os.path.expandvars(user_config_directory)
 
     return [
         '/etc/borgmatic/config.yaml',
         '/etc/borgmatic.d',
         '%s/borgmatic/config.yaml' % user_config_directory,
+        '%s/borgmatic.d' % user_config_directory,
     ]
 
 
@@ -41,6 +44,9 @@ def collect_config_filenames(config_paths):
             yield path
             continue
 
+        if not os.access(path, os.R_OK):
+            continue
+
         for filename in sorted(os.listdir(path)):
             full_filename = os.path.join(path, filename)
             matching_filetype = full_filename.endswith('.yaml') or full_filename.endswith('.yml')

borgmatic/config/convert.py

@@ -17,7 +17,7 @@ def _convert_section(source_section_config, section_schema):
             (
                 option_name,
                 int(option_value)
-                if section_schema['map'].get(option_name, {}).get('type') == 'int'
+                if section_schema['properties'].get(option_name, {}).get('type') == 'integer'
                 else option_value,
             )
             for option_name, option_value in source_section_config.items()
@@ -38,7 +38,7 @@ def convert_legacy_parsed_config(source_config, source_excludes, schema):
     '''
     destination_config = yaml.comments.CommentedMap(
         [
-            (section_name, _convert_section(section_config, schema['map'][section_name]))
+            (section_name, _convert_section(section_config, schema['properties'][section_name]))
             for section_name, section_config in source_config._asdict().items()
         ]
     )
@@ -54,11 +54,11 @@ def convert_legacy_parsed_config(source_config, source_excludes, schema):
         destination_config['consistency']['checks'] = source_config.consistency['checks'].split(' ')
 
     # Add comments to each section, and then add comments to the fields in each section.
-    generate.add_comments_to_configuration_map(destination_config, schema)
+    generate.add_comments_to_configuration_object(destination_config, schema)
 
     for section_name, section_config in destination_config.items():
-        generate.add_comments_to_configuration_map(
-            section_config, schema['map'][section_name], indent=generate.INDENT
+        generate.add_comments_to_configuration_object(
+            section_config, schema['properties'][section_name], indent=generate.INDENT
         )
 
     return destination_config

borgmatic/config/generate.py

@@ -5,7 +5,7 @@ import re
 
 from ruamel import yaml
 
-from borgmatic.config import load
+from borgmatic.config import load, normalize
 
 INDENT = 4
 SEQUENCE_INDENT = 2
@@ -24,31 +24,27 @@ def _insert_newline_before_comment(config, field_name):
 def _schema_to_sample_configuration(schema, level=0, parent_is_sequence=False):
     '''
     Given a loaded configuration schema, generate and return sample config for it. Include comments
-    for each section based on the schema "desc" description.
+    for each section based on the schema "description".
     '''
+    schema_type = schema.get('type')
     example = schema.get('example')
     if example is not None:
         return example
 
-    if 'seq' in schema:
+    if schema_type == 'array':
         config = yaml.comments.CommentedSeq(
-            [
-                _schema_to_sample_configuration(item_schema, level, parent_is_sequence=True)
-                for item_schema in schema['seq']
-            ]
+            [_schema_to_sample_configuration(schema['items'], level, parent_is_sequence=True)]
         )
-        add_comments_to_configuration_sequence(
-            config, schema, indent=(level * INDENT) + SEQUENCE_INDENT
-        )
-    elif 'map' in schema:
+        add_comments_to_configuration_sequence(config, schema, indent=(level * INDENT))
+    elif schema_type == 'object':
         config = yaml.comments.CommentedMap(
             [
                 (field_name, _schema_to_sample_configuration(sub_schema, level + 1))
-                for field_name, sub_schema in schema['map'].items()
+                for field_name, sub_schema in schema['properties'].items()
             ]
         )
         indent = (level * INDENT) + (SEQUENCE_INDENT if parent_is_sequence else 0)
-        add_comments_to_configuration_map(
+        add_comments_to_configuration_object(
             config, schema, indent=indent, skip_first=parent_is_sequence
         )
     else:
@@ -86,8 +82,8 @@ def _comment_out_optional_configuration(rendered_config):
     optional = False
 
     for line in rendered_config.split('\n'):
-        # Upon encountering an optional configuration option, commenting out lines until the next
-        # blank line.
+        # Upon encountering an optional configuration option, comment out lines until the next blank
+        # line.
         if line.strip().startswith('# {}'.format(COMMENTED_OUT_SENTINEL)):
             optional = True
             continue
@@ -101,7 +97,7 @@ def _comment_out_optional_configuration(rendered_config):
     return '\n'.join(lines)
 
 
-def _render_configuration(config):
+def render_configuration(config):
     '''
     Given a config data structure of nested OrderedDicts, render the config as YAML and return it.
     '''
@@ -113,13 +109,18 @@ def _render_configuration(config):
     return rendered.getvalue()
 
 
-def write_configuration(config_filename, rendered_config, mode=0o600):
+def write_configuration(config_filename, rendered_config, mode=0o600, overwrite=False):
     '''
     Given a target config filename and rendered config YAML, write it out to file. Create any
-    containing directories as needed.
+    containing directories as needed. But if the file already exists and overwrite is False,
+    abort before writing anything.
     '''
-    if os.path.exists(config_filename):
-        raise FileExistsError('{} already exists. Aborting.'.format(config_filename))
+    if not overwrite and os.path.exists(config_filename):
+        raise FileExistsError(
+            '{} already exists. Aborting. Use --overwrite to replace the file.'.format(
+                config_filename
+            )
+        )
 
     try:
         os.makedirs(os.path.dirname(config_filename), mode=0o700)
@@ -134,26 +135,26 @@ def write_configuration(config_filename, rendered_config, mode=0o600):
 
 def add_comments_to_configuration_sequence(config, schema, indent=0):
     '''
-    If the given config sequence's items are maps, then mine the schema for the description of the
-    map's first item, and slap that atop the sequence. Indent the comment the given number of
+    If the given config sequence's items are object, then mine the schema for the description of the
+    object's first item, and slap that atop the sequence. Indent the comment the given number of
     characters.
 
     Doing this for sequences of maps results in nice comments that look like:
 
     ```
     things:
-          # First key description. Added by this function.
+        # First key description. Added by this function.
         - key: foo
-          # Second key description. Added by add_comments_to_configuration_map().
+          # Second key description. Added by add_comments_to_configuration_object().
           other: bar
     ```
     '''
-    if 'map' not in schema['seq'][0]:
+    if schema['items'].get('type') != 'object':
         return
 
     for field_name in config[0].keys():
-        field_schema = schema['seq'][0]['map'].get(field_name, {})
-        description = field_schema.get('desc')
+        field_schema = schema['items']['properties'].get(field_name, {})
+        description = field_schema.get('description')
 
         # No description to use? Skip it.
         if not field_schema or not description:
@@ -162,7 +163,7 @@ def add_comments_to_configuration_sequence(config, schema, indent=0):
         config[0].yaml_set_start_comment(description, indent=indent)
 
         # We only want the first key's description here, as the rest of the keys get commented by
-        # add_comments_to_configuration_map().
+        # add_comments_to_configuration_object().
         return
 
 
@@ -171,7 +172,7 @@ REQUIRED_KEYS = {'source_directories', 'repositories', 'keep_daily'}
 COMMENTED_OUT_SENTINEL = 'COMMENT_OUT'
 
 
-def add_comments_to_configuration_map(config, schema, indent=0, skip_first=False):
+def add_comments_to_configuration_object(config, schema, indent=0, skip_first=False):
     '''
     Using descriptions from a schema as a source, add those descriptions as comments to the given
     config mapping, before each field. Indent the comment the given number of characters.
@@ -180,8 +181,8 @@ def add_comments_to_configuration_map(config, schema, indent=0, skip_first=False
         if skip_first and index == 0:
             continue
 
-        field_schema = schema['map'].get(field_name, {})
-        description = field_schema.get('desc', '').strip()
+        field_schema = schema['properties'].get(field_name, {})
+        description = field_schema.get('description', '').strip()
 
         # If this is an optional key, add an indicator to the comment flagging it to be commented
         # out from the sample configuration. This sentinel is consumed by downstream processing that
@@ -267,18 +268,22 @@ def merge_source_configuration_into_destination(destination_config, source_confi
     return destination_config
 
 
-def generate_sample_configuration(source_filename, destination_filename, schema_filename):
+def generate_sample_configuration(
+    source_filename, destination_filename, schema_filename, overwrite=False
+):
     '''
     Given an optional source configuration filename, and a required destination configuration
-    filename, and the path to a schema filename in pykwalify YAML schema format, write out a
-    sample configuration file based on that schema. If a source filename is provided, merge the
-    parsed contents of that configuration into the generated configuration.
+    filename, the path to a schema filename in a YAML rendition of the JSON Schema format, and
+    whether to overwrite a destination file, write out a sample configuration file based on that
+    schema. If a source filename is provided, merge the parsed contents of that configuration into
+    the generated configuration.
     '''
     schema = yaml.round_trip_load(open(schema_filename))
     source_config = None
 
     if source_filename:
         source_config = load.load_configuration(source_filename)
+        normalize.normalize(source_config)
 
     destination_config = merge_source_configuration_into_destination(
         _schema_to_sample_configuration(schema), source_config
@@ -286,5 +291,6 @@ def generate_sample_configuration(source_filename, destination_filename, schema_
 
     write_configuration(
         destination_filename,
-        _comment_out_optional_configuration(_render_configuration(destination_config)),
+        _comment_out_optional_configuration(render_configuration(destination_config)),
+        overwrite=overwrite,
     )

borgmatic/config/load.py

@@ -6,6 +6,19 @@ import ruamel.yaml
 logger = logging.getLogger(__name__)
 
 
+class Yaml_with_loader_stream(ruamel.yaml.YAML):
+    '''
+    A derived class of ruamel.yaml.YAML that simply tacks the loaded stream (file object) onto the
+    loader class so that it's available anywhere that's passed a loader (in this case,
+    include_configuration() below).
+    '''
+
+    def get_constructor_parser(self, stream):
+        constructor, parser = super(Yaml_with_loader_stream, self).get_constructor_parser(stream)
+        constructor.loader.stream = stream
+        return constructor, parser
+
+
 def load_configuration(filename):
     '''
     Load the given configuration file and return its contents as a data structure of nested dicts
@@ -14,7 +27,7 @@ def load_configuration(filename):
     Raise ruamel.yaml.error.YAMLError if something goes wrong parsing the YAML, or RecursionError
     if there are too many recursive includes.
     '''
-    yaml = ruamel.yaml.YAML(typ='safe')
+    yaml = Yaml_with_loader_stream(typ='safe')
     yaml.Constructor = Include_constructor
 
     return yaml.load(open(filename))
@@ -22,10 +35,146 @@ def load_configuration(filename):
 
 def include_configuration(loader, filename_node):
     '''
-    Load the given YAML filename (ignoring the given loader so we can use our own), and return its
-    contents as a data structure of nested dicts and lists.
+    Load the given YAML filename (ignoring the given loader so we can use our own) and return its
+    contents as a data structure of nested dicts and lists. If the filename is relative, probe for
+    it within 1. the current working directory and 2. the directory containing the YAML file doing
+    the including.
+
+    Raise FileNotFoundError if an included file was not found.
     '''
-    return load_configuration(os.path.expanduser(filename_node.value))
+    include_directories = [os.getcwd(), os.path.abspath(os.path.dirname(loader.stream.name))]
+    include_filename = os.path.expanduser(filename_node.value)
+
+    if not os.path.isabs(include_filename):
+        candidate_filenames = [
+            os.path.join(directory, include_filename) for directory in include_directories
+        ]
+
+        for candidate_filename in candidate_filenames:
+            if os.path.exists(candidate_filename):
+                include_filename = candidate_filename
+                break
+        else:
+            raise FileNotFoundError(
+                f'Could not find include {filename_node.value} at {" or ".join(candidate_filenames)}'
+            )
+
+    return load_configuration(include_filename)
+
+
+DELETED_NODE = object()
+
+
+def deep_merge_nodes(nodes):
+    '''
+    Given a nested borgmatic configuration data structure as a list of tuples in the form of:
+
+        (
+            ruamel.yaml.nodes.ScalarNode as a key,
+            ruamel.yaml.nodes.MappingNode or other Node as a value,
+        ),
+
+    ... deep merge any node values corresponding to duplicate keys and return the result. If
+    there are colliding keys with non-MappingNode values (e.g., integers or strings), the last
+    of the values wins.
+
+    For instance, given node values of:
+
+        [
+            (
+                ScalarNode(tag='tag:yaml.org,2002:str', value='retention'),
+                MappingNode(tag='tag:yaml.org,2002:map', value=[
+                    (
+                        ScalarNode(tag='tag:yaml.org,2002:str', value='keep_hourly'),
+                        ScalarNode(tag='tag:yaml.org,2002:int', value='24')
+                    ),
+                    (
+                        ScalarNode(tag='tag:yaml.org,2002:str', value='keep_daily'),
+                        ScalarNode(tag='tag:yaml.org,2002:int', value='7')
+                    ),
+                ]),
+            ),
+            (
+                ScalarNode(tag='tag:yaml.org,2002:str', value='retention'),
+                MappingNode(tag='tag:yaml.org,2002:map', value=[
+                    (
+                        ScalarNode(tag='tag:yaml.org,2002:str', value='keep_daily'),
+                        ScalarNode(tag='tag:yaml.org,2002:int', value='5')
+                    ),
+                ]),
+            ),
+        ]
+
+    ... the returned result would be:
+
+        [
+            (
+                ScalarNode(tag='tag:yaml.org,2002:str', value='retention'),
+                MappingNode(tag='tag:yaml.org,2002:map', value=[
+                    (
+                        ScalarNode(tag='tag:yaml.org,2002:str', value='keep_hourly'),
+                        ScalarNode(tag='tag:yaml.org,2002:int', value='24')
+                    ),
+                    (
+                        ScalarNode(tag='tag:yaml.org,2002:str', value='keep_daily'),
+                        ScalarNode(tag='tag:yaml.org,2002:int', value='5')
+                    ),
+                ]),
+            ),
+        ]
+
+    The purpose of deep merging like this is to support, for instance, merging one borgmatic
+    configuration file into another for reuse, such that a configuration section ("retention",
+    etc.) does not completely replace the corresponding section in a merged file.
+    '''
+    # Map from original node key/value to the replacement merged node. DELETED_NODE as a replacement
+    # node indications deletion.
+    replaced_nodes = {}
+
+    # To find nodes that require merging, compare each node with each other node.
+    for a_key, a_value in nodes:
+        for b_key, b_value in nodes:
+            # If we've already considered one of the nodes for merging, skip it.
+            if (a_key, a_value) in replaced_nodes or (b_key, b_value) in replaced_nodes:
+                continue
+
+            # If the keys match and the values are different, we need to merge these two A and B nodes.
+            if a_key.tag == b_key.tag and a_key.value == b_key.value and a_value != b_value:
+                # Since we're merging into the B node, consider the A node a duplicate and remove it.
+                replaced_nodes[(a_key, a_value)] = DELETED_NODE
+
+                # If we're dealing with MappingNodes, recurse and merge its values as well.
+                if isinstance(b_value, ruamel.yaml.nodes.MappingNode):
+                    replaced_nodes[(b_key, b_value)] = (
+                        b_key,
+                        ruamel.yaml.nodes.MappingNode(
+                            tag=b_value.tag,
+                            value=deep_merge_nodes(a_value.value + b_value.value),
+                            start_mark=b_value.start_mark,
+                            end_mark=b_value.end_mark,
+                            flow_style=b_value.flow_style,
+                            comment=b_value.comment,
+                            anchor=b_value.anchor,
+                        ),
+                    )
+                # If we're dealing with SequenceNodes, merge by appending one sequence to the other.
+                elif isinstance(b_value, ruamel.yaml.nodes.SequenceNode):
+                    replaced_nodes[(b_key, b_value)] = (
+                        b_key,
+                        ruamel.yaml.nodes.SequenceNode(
+                            tag=b_value.tag,
+                            value=a_value.value + b_value.value,
+                            start_mark=b_value.start_mark,
+                            end_mark=b_value.end_mark,
+                            flow_style=b_value.flow_style,
+                            comment=b_value.comment,
+                            anchor=b_value.anchor,
+                        ),
+                    )
+
+    return [
+        replaced_nodes.get(node, node) for node in nodes if replaced_nodes.get(node) != DELETED_NODE
+    ]
 
 
 class Include_constructor(ruamel.yaml.SafeConstructor):
@@ -40,14 +189,19 @@ class Include_constructor(ruamel.yaml.SafeConstructor):
 
     def flatten_mapping(self, node):
         '''
-        Support the special case of shallow merging included configuration into an existing mapping
+        Support the special case of deep merging included configuration into an existing mapping
         using the YAML '<<' merge key. Example syntax:
 
         ```
         retention:
             keep_daily: 1
-            <<: !include common.yaml
+
+        <<: !include common.yaml
         ```
+
+        These includes are deep merged into the current configuration file. For instance, in this
+        example, any "retention" options in common.yaml will get merged into the "retention" section
+        in the example configuration file.
         '''
         representer = ruamel.yaml.representer.SafeRepresenter()
 
@@ -57,3 +211,5 @@ class Include_constructor(ruamel.yaml.SafeConstructor):
                 node.value[index] = (key_node, included_value)
 
         super(Include_constructor, self).flatten_mapping(node)
+
+        node.value = deep_merge_nodes(node.value)

borgmatic/config/normalize.py

@@ -0,0 +1,31 @@
+def normalize(config):
+    '''
+    Given a configuration dict, apply particular hard-coded rules to normalize its contents to
+    adhere to the configuration schema.
+    '''
+    # Upgrade exclude_if_present from a string to a list.
+    exclude_if_present = config.get('location', {}).get('exclude_if_present')
+    if isinstance(exclude_if_present, str):
+        config['location']['exclude_if_present'] = [exclude_if_present]
+
+    # Upgrade various monitoring hooks from a string to a dict.
+    healthchecks = config.get('hooks', {}).get('healthchecks')
+    if isinstance(healthchecks, str):
+        config['hooks']['healthchecks'] = {'ping_url': healthchecks}
+
+    cronitor = config.get('hooks', {}).get('cronitor')
+    if isinstance(cronitor, str):
+        config['hooks']['cronitor'] = {'ping_url': cronitor}
+
+    pagerduty = config.get('hooks', {}).get('pagerduty')
+    if isinstance(pagerduty, str):
+        config['hooks']['pagerduty'] = {'integration_key': pagerduty}
+
+    cronhub = config.get('hooks', {}).get('cronhub')
+    if isinstance(cronhub, str):
+        config['hooks']['cronhub'] = {'ping_url': cronhub}
+
+    # Upgrade consistency checks from a list of strings to a list of dicts.
+    checks = config.get('consistency', {}).get('checks')
+    if isinstance(checks, list) and len(checks) and isinstance(checks[0], str):
+        config['consistency']['checks'] = [{'name': check_type} for check_type in checks]

borgmatic/config/override.py

@@ -0,0 +1,79 @@
+import io
+
+import ruamel.yaml
+
+
+def set_values(config, keys, value):
+    '''
+    Given a hierarchy of configuration dicts, a sequence of parsed key strings, and a string value,
+    descend into the hierarchy based on the keys to set the value into the right place.
+    '''
+    if not keys:
+        return
+
+    first_key = keys[0]
+    if len(keys) == 1:
+        config[first_key] = value
+        return
+
+    if first_key not in config:
+        config[first_key] = {}
+
+    set_values(config[first_key], keys[1:], value)
+
+
+def convert_value_type(value):
+    '''
+    Given a string value, determine its logical type (string, boolean, integer, etc.), and return it
+    converted to that type.
+
+    Raise ruamel.yaml.error.YAMLError if there's a parse issue with the YAML.
+    '''
+    return ruamel.yaml.YAML(typ='safe').load(io.StringIO(value))
+
+
+def parse_overrides(raw_overrides):
+    '''
+    Given a sequence of configuration file override strings in the form of "section.option=value",
+    parse and return a sequence of tuples (keys, values), where keys is a sequence of strings. For
+    instance, given the following raw overrides:
+
+        ['section.my_option=value1', 'section.other_option=value2']
+
+    ... return this:
+
+        (
+            (('section', 'my_option'), 'value1'),
+            (('section', 'other_option'), 'value2'),
+        )
+
+    Raise ValueError if an override can't be parsed.
+    '''
+    if not raw_overrides:
+        return ()
+
+    parsed_overrides = []
+
+    for raw_override in raw_overrides:
+        try:
+            raw_keys, value = raw_override.split('=', 1)
+            parsed_overrides.append((tuple(raw_keys.split('.')), convert_value_type(value),))
+        except ValueError:
+            raise ValueError(
+                f"Invalid override '{raw_override}'. Make sure you use the form: SECTION.OPTION=VALUE"
+            )
+        except ruamel.yaml.error.YAMLError as error:
+            raise ValueError(f"Invalid override '{raw_override}': {error.problem}")
+
+    return tuple(parsed_overrides)
+
+
+def apply_overrides(config, raw_overrides):
+    '''
+    Given a sequence of configuration file override strings in the form of "section.option=value"
+    and a configuration dict, parse each override and set it the configuration dict.
+    '''
+    overrides = parse_overrides(raw_overrides)
+
+    for (keys, value) in overrides:
+        set_values(config, keys, value)

borgmatic/config/validate.py

@@ -1,12 +1,10 @@
-import logging
 import os
 
+import jsonschema
 import pkg_resources
-import pykwalify.core
-import pykwalify.errors
 import ruamel.yaml
 
-from borgmatic.config import load
+from borgmatic.config import load, normalize, override
 
 
 def schema_filename():
@@ -17,15 +15,40 @@ def schema_filename():
     return pkg_resources.resource_filename('borgmatic', 'config/schema.yaml')
 
 
+def format_json_error_path_element(path_element):
+    '''
+    Given a path element into a JSON data structure, format it for display as a string.
+    '''
+    if isinstance(path_element, int):
+        return str('[{}]'.format(path_element))
+
+    return str('.{}'.format(path_element))
+
+
+def format_json_error(error):
+    '''
+    Given an instance of jsonschema.exceptions.ValidationError, format it for display as a string.
+    '''
+    if not error.path:
+        return 'At the top level: {}'.format(error.message)
+
+    formatted_path = ''.join(format_json_error_path_element(element) for element in error.path)
+    return "At '{}': {}".format(formatted_path.lstrip('.'), error.message)
+
+
 class Validation_error(ValueError):
     '''
-    A collection of error message strings generated when attempting to validate a particular
-    configurartion file.
+    A collection of error messages generated when attempting to validate a particular
+    configuration file.
     '''
 
-    def __init__(self, config_filename, error_messages):
+    def __init__(self, config_filename, errors):
+        '''
+        Given a configuration filename path and a sequence of string error messages, create a
+        Validation_error.
+        '''
         self.config_filename = config_filename
-        self.error_messages = error_messages
+        self.errors = errors
 
     def __str__(self):
         '''
@@ -33,7 +56,7 @@ class Validation_error(ValueError):
         '''
         return 'An error occurred while parsing a configuration file at {}:\n'.format(
             self.config_filename
-        ) + '\n'.join(self.error_messages)
+        ) + '\n'.join(error for error in self.errors)
 
 
 def apply_logical_validation(config_filename, parsed_configuration):
@@ -42,15 +65,6 @@ def apply_logical_validation(config_filename, parsed_configuration):
     below), run through any additional logical validation checks. If there are any such validation
     problems, raise a Validation_error.
     '''
-    archive_name_format = parsed_configuration.get('storage', {}).get('archive_name_format')
-    prefix = parsed_configuration.get('retention', {}).get('prefix')
-
-    if archive_name_format and not prefix:
-        raise Validation_error(
-            config_filename,
-            ('If you provide an archive_name_format, you must also specify a retention prefix.',),
-        )
-
     location_repositories = parsed_configuration.get('location', {}).get('repositories')
     check_repositories = parsed_configuration.get('consistency', {}).get('check_repositories', [])
     for repository in check_repositories:
@@ -65,28 +79,12 @@ def apply_logical_validation(config_filename, parsed_configuration):
             )
 
 
-def remove_examples(schema):
+def parse_configuration(config_filename, schema_filename, overrides=None):
     '''
-    pykwalify gets angry if the example field is not a string. So rather than bend to its will,
-    remove all examples from the given schema before passing the schema to pykwalify.
-    '''
-    if 'map' in schema:
-        for item_name, item_schema in schema['map'].items():
-            item_schema.pop('example', None)
-            remove_examples(item_schema)
-    elif 'seq' in schema:
-        for item_schema in schema['seq']:
-            item_schema.pop('example', None)
-            remove_examples(item_schema)
-
-    return schema
-
-
-def parse_configuration(config_filename, schema_filename):
-    '''
-    Given the path to a config filename in YAML format and the path to a schema filename in
-    pykwalify YAML schema format, return the parsed configuration as a data structure of nested
-    dicts and lists corresponding to the schema. Example return value:
+    Given the path to a config filename in YAML format, the path to a schema filename in a YAML
+    rendition of JSON Schema format, a sequence of configuration file override strings in the form
+    of "section.option=value", return the parsed configuration as a data structure of nested dicts
+    and lists corresponding to the schema. Example return value:
 
        {'location': {'source_directories': ['/home', '/etc'], 'repository': 'hostname.borg'},
        'retention': {'keep_daily': 7}, 'consistency': {'checks': ['repository', 'archives']}}
@@ -94,23 +92,29 @@ def parse_configuration(config_filename, schema_filename):
     Raise FileNotFoundError if the file does not exist, PermissionError if the user does not
     have permissions to read the file, or Validation_error if the config does not match the schema.
     '''
-    logging.getLogger('pykwalify').setLevel(logging.ERROR)
-
     try:
         config = load.load_configuration(config_filename)
         schema = load.load_configuration(schema_filename)
     except (ruamel.yaml.error.YAMLError, RecursionError) as error:
         raise Validation_error(config_filename, (str(error),))
 
-    validator = pykwalify.core.Core(source_data=config, schema_data=remove_examples(schema))
-    parsed_result = validator.validate(raise_exception=False)
+    override.apply_overrides(config, overrides)
+    normalize.normalize(config)
 
-    if validator.validation_errors:
-        raise Validation_error(config_filename, validator.validation_errors)
+    try:
+        validator = jsonschema.Draft7Validator(schema)
+    except AttributeError:  # pragma: no cover
+        validator = jsonschema.Draft4Validator(schema)
+    validation_errors = tuple(validator.iter_errors(config))
 
-    apply_logical_validation(config_filename, parsed_result)
+    if validation_errors:
+        raise Validation_error(
+            config_filename, tuple(format_json_error(error) for error in validation_errors)
+        )
 
-    return parsed_result
+    apply_logical_validation(config_filename, config)
+
+    return config
 
 
 def normalize_repository_path(repository):

borgmatic/execute.py

@@ -1,5 +1,7 @@
+import collections
 import logging
 import os
+import select
 import subprocess
 
 logger = logging.getLogger(__name__)
@@ -9,52 +11,159 @@ ERROR_OUTPUT_MAX_LINE_COUNT = 25
 BORG_ERROR_EXIT_CODE = 2
 
 
-def exit_code_indicates_error(command, exit_code, error_on_warnings=True):
+def exit_code_indicates_error(process, exit_code, borg_local_path=None):
     '''
-    Return True if the given exit code from running the command corresponds to an error.
-    If error on warnings is False, then treat exit code 1 as a warning instead of an error.
+    Return True if the given exit code from running a command corresponds to an error. If a Borg
+    local path is given and matches the process' command, then treat exit code 1 as a warning
+    instead of an error.
     '''
-    if error_on_warnings:
-        return bool(exit_code != 0)
+    if exit_code is None:
+        return False
 
-    return bool(exit_code >= BORG_ERROR_EXIT_CODE)
+    command = process.args.split(' ') if isinstance(process.args, str) else process.args
+
+    if borg_local_path and command[0] == borg_local_path:
+        return bool(exit_code < 0 or exit_code >= BORG_ERROR_EXIT_CODE)
+
+    return bool(exit_code != 0)
 
 
-def log_output(command, process, output_buffer, output_log_level, error_on_warnings):
+def command_for_process(process):
     '''
-    Given a command already executed, its process opened by subprocess.Popen(), and the process'
-    relevant output buffer (stderr or stdout), log its output with the requested log level.
-    Additionally, raise a CalledProcessException if the process exits with an error (or a warning,
-    if error on warnings is True).
+    Given a process as an instance of subprocess.Popen, return the command string that was used to
+    invoke it.
     '''
-    last_lines = []
+    return process.args if isinstance(process.args, str) else ' '.join(process.args)
 
-    while process.poll() is None:
-        line = output_buffer.readline().rstrip().decode()
-        if not line:
+
+def output_buffer_for_process(process, exclude_stdouts):
+    '''
+    Given a process as an instance of subprocess.Popen and a sequence of stdouts to exclude, return
+    either the process's stdout or stderr. The idea is that if stdout is excluded for a process, we
+    still have stderr to log.
+    '''
+    return process.stderr if process.stdout in exclude_stdouts else process.stdout
+
+
+def log_outputs(processes, exclude_stdouts, output_log_level, borg_local_path):
+    '''
+    Given a sequence of subprocess.Popen() instances for multiple processes, log the output for each
+    process with the requested log level. Additionally, raise a CalledProcessError if a process
+    exits with an error (or a warning for exit code 1, if that process matches the Borg local path).
+
+    For simplicity, it's assumed that the output buffer for each process is its stdout. But if any
+    stdouts are given to exclude, then for any matching processes, log from their stderr instead.
+
+    Note that stdout for a process can be None if output is intentionally not captured. In which
+    case it won't be logged.
+    '''
+    # Map from output buffer to sequence of last lines.
+    buffer_last_lines = collections.defaultdict(list)
+    process_for_output_buffer = {
+        output_buffer_for_process(process, exclude_stdouts): process
+        for process in processes
+        if process.stdout or process.stderr
+    }
+    output_buffers = list(process_for_output_buffer.keys())
+
+    # Log output for each process until they all exit.
+    while True:
+        if output_buffers:
+            (ready_buffers, _, _) = select.select(output_buffers, [], [])
+
+            for ready_buffer in ready_buffers:
+                ready_process = process_for_output_buffer.get(ready_buffer)
+
+                # The "ready" process has exited, but it might be a pipe destination with other
+                # processes (pipe sources) waiting to be read from. So as a measure to prevent
+                # hangs, vent all processes when one exits.
+                if ready_process and ready_process.poll() is not None:
+                    for other_process in processes:
+                        if (
+                            other_process.poll() is None
+                            and other_process.stdout
+                            and other_process.stdout not in output_buffers
+                        ):
+                            # Add the process's output to output_buffers to ensure it'll get read.
+                            output_buffers.append(other_process.stdout)
+
+                line = ready_buffer.readline().rstrip().decode()
+                if not line or not ready_process:
+                    continue
+
+                # Keep the last few lines of output in case the process errors, and we need the output for
+                # the exception below.
+                last_lines = buffer_last_lines[ready_buffer]
+                last_lines.append(line)
+                if len(last_lines) > ERROR_OUTPUT_MAX_LINE_COUNT:
+                    last_lines.pop(0)
+
+                logger.log(output_log_level, line)
+
+        still_running = False
+
+        for process in processes:
+            exit_code = process.poll() if output_buffers else process.wait()
+
+            if exit_code is None:
+                still_running = True
+
+            # If any process errors, then raise accordingly.
+            if exit_code_indicates_error(process, exit_code, borg_local_path):
+                # If an error occurs, include its output in the raised exception so that we don't
+                # inadvertently hide error output.
+                output_buffer = output_buffer_for_process(process, exclude_stdouts)
+
+                last_lines = buffer_last_lines[output_buffer] if output_buffer else []
+                if len(last_lines) == ERROR_OUTPUT_MAX_LINE_COUNT:
+                    last_lines.insert(0, '...')
+
+                # Something has gone wrong. So vent each process' output buffer to prevent it from
+                # hanging. And then kill the process.
+                for other_process in processes:
+                    if other_process.poll() is None:
+                        other_process.stdout.read(0)
+                        other_process.kill()
+
+                raise subprocess.CalledProcessError(
+                    exit_code, command_for_process(process), '\n'.join(last_lines)
+                )
+
+        if not still_running:
+            break
+
+    # Consume any remaining output that we missed (if any).
+    for process in processes:
+        output_buffer = output_buffer_for_process(process, exclude_stdouts)
+
+        if not output_buffer:
             continue
 
-        # Keep the last few lines of output in case the command errors, and we need the output for
-        # the exception below.
-        last_lines.append(line)
-        if len(last_lines) > ERROR_OUTPUT_MAX_LINE_COUNT:
-            last_lines.pop(0)
+        while True:  # pragma: no cover
+            remaining_output = output_buffer.readline().rstrip().decode()
 
-        logger.log(output_log_level, line)
+            if not remaining_output:
+                break
 
-    remaining_output = output_buffer.read().rstrip().decode()
-    if remaining_output:  # pragma: no cover
-        logger.log(output_log_level, remaining_output)
+            logger.log(output_log_level, remaining_output)
 
-    exit_code = process.poll()
 
-    if exit_code_indicates_error(command, exit_code, error_on_warnings):
-        # If an error occurs, include its output in the raised exception so that we don't
-        # inadvertently hide error output.
-        if len(last_lines) == ERROR_OUTPUT_MAX_LINE_COUNT:
-            last_lines.insert(0, '...')
+def log_command(full_command, input_file, output_file):
+    '''
+    Log the given command (a sequence of command/argument strings), along with its input/output file
+    paths.
+    '''
+    logger.debug(
+        ' '.join(full_command)
+        + (' < {}'.format(getattr(input_file, 'name', '')) if input_file else '')
+        + (' > {}'.format(getattr(output_file, 'name', '')) if output_file else '')
+    )
 
-        raise subprocess.CalledProcessError(exit_code, ' '.join(command), '\n'.join(last_lines))
+
+# An sentinel passed as an output file to execute_command() to indicate that the command's output
+# should be allowed to flow through to stdout without being captured for logging. Useful for
+# commands with interactive prompts or those that mess directly with the console.
+DO_NOT_CAPTURE = object()
 
 
 def execute_command(
@@ -65,64 +174,108 @@ def execute_command(
     shell=False,
     extra_environment=None,
     working_directory=None,
-    error_on_warnings=True,
+    borg_local_path=None,
+    run_to_completion=True,
 ):
     '''
     Execute the given command (a sequence of command/argument strings) and log its output at the
-    given log level. If output log level is None, instead capture and return the output. If an
-    open output file object is given, then write stdout to the file and only log stderr (but only
-    if an output log level is set). If an open input file object is given, then read stdin from the
-    file. If shell is True, execute the command within a shell. If an extra environment dict is
-    given, then use it to augment the current environment, and pass the result into the command. If
-    a working directory is given, use that as the present working directory when running the
-    command. If error on warnings is False, then treat exit code 1 as a warning instead of an error.
+    given log level. If output log level is None, instead capture and return the output. (Implies
+    run_to_completion.) If an open output file object is given, then write stdout to the file and
+    only log stderr (but only if an output log level is set). If an open input file object is given,
+    then read stdin from the file. If shell is True, execute the command within a shell. If an extra
+    environment dict is given, then use it to augment the current environment, and pass the result
+    into the command. If a working directory is given, use that as the present working directory
+    when running the command. If a Borg local path is given, and the command matches it (regardless
+    of arguments), treat exit code 1 as a warning instead of an error. If run to completion is
+    False, then return the process for the command without executing it to completion.
 
     Raise subprocesses.CalledProcessError if an error occurs while running the command.
     '''
-    logger.debug(
-        ' '.join(full_command)
-        + (' < {}'.format(input_file.name) if input_file else '')
-        + (' > {}'.format(output_file.name) if output_file else '')
-    )
+    log_command(full_command, input_file, output_file)
     environment = {**os.environ, **extra_environment} if extra_environment else None
+    do_not_capture = bool(output_file is DO_NOT_CAPTURE)
+    command = ' '.join(full_command) if shell else full_command
 
     if output_log_level is None:
         output = subprocess.check_output(
-            full_command, shell=shell, env=environment, cwd=working_directory
+            command, shell=shell, env=environment, cwd=working_directory
         )
         return output.decode() if output is not None else None
-    else:
-        process = subprocess.Popen(
-            full_command,
+
+    process = subprocess.Popen(
+        command,
+        stdin=input_file,
+        stdout=None if do_not_capture else (output_file or subprocess.PIPE),
+        stderr=None if do_not_capture else (subprocess.PIPE if output_file else subprocess.STDOUT),
+        shell=shell,
+        env=environment,
+        cwd=working_directory,
+    )
+    if not run_to_completion:
+        return process
+
+    log_outputs(
+        (process,), (input_file, output_file), output_log_level, borg_local_path=borg_local_path
+    )
+
+
+def execute_command_with_processes(
+    full_command,
+    processes,
+    output_log_level=logging.INFO,
+    output_file=None,
+    input_file=None,
+    shell=False,
+    extra_environment=None,
+    working_directory=None,
+    borg_local_path=None,
+):
+    '''
+    Execute the given command (a sequence of command/argument strings) and log its output at the
+    given log level. Simultaneously, continue to poll one or more active processes so that they
+    run as well. This is useful, for instance, for processes that are streaming output to a named
+    pipe that the given command is consuming from.
+
+    If an open output file object is given, then write stdout to the file and only log stderr (but
+    only if an output log level is set). If an open input file object is given, then read stdin from
+    the file.  If shell is True, execute the command within a shell. If an extra environment dict is
+    given, then use it to augment the current environment, and pass the result into the command. If
+    a working directory is given, use that as the present working directory when running the
+    command. If a Borg local path is given, then for any matching command or process (regardless of
+    arguments), treat exit code 1 as a warning instead of an error.
+
+    Raise subprocesses.CalledProcessError if an error occurs while running the command or in the
+    upstream process.
+    '''
+    log_command(full_command, input_file, output_file)
+    environment = {**os.environ, **extra_environment} if extra_environment else None
+    do_not_capture = bool(output_file is DO_NOT_CAPTURE)
+    command = ' '.join(full_command) if shell else full_command
+
+    try:
+        command_process = subprocess.Popen(
+            command,
             stdin=input_file,
-            stdout=output_file or subprocess.PIPE,
-            stderr=subprocess.PIPE if output_file else subprocess.STDOUT,
+            stdout=None if do_not_capture else (output_file or subprocess.PIPE),
+            stderr=None
+            if do_not_capture
+            else (subprocess.PIPE if output_file else subprocess.STDOUT),
             shell=shell,
             env=environment,
             cwd=working_directory,
         )
-        log_output(
-            full_command,
-            process,
-            process.stderr if output_file else process.stdout,
-            output_log_level,
-            error_on_warnings,
-        )
+    except (subprocess.CalledProcessError, OSError):
+        # Something has gone wrong. So vent each process' output buffer to prevent it from hanging.
+        # And then kill the process.
+        for process in processes:
+            if process.poll() is None:
+                process.stdout.read(0)
+                process.kill()
+        raise
 
-
-def execute_command_without_capture(full_command, working_directory=None, error_on_warnings=True):
-    '''
-    Execute the given command (a sequence of command/argument strings), but don't capture or log its
-    output in any way. This is necessary for commands that monkey with the terminal (e.g. progress
-    display) or provide interactive prompts.
-
-    If a working directory is given, use that as the present working directory when running the
-    command. If error on warnings is False, then treat exit code 1 as a warning instead of an error.
-    '''
-    logger.debug(' '.join(full_command))
-
-    try:
-        subprocess.check_call(full_command, cwd=working_directory)
-    except subprocess.CalledProcessError as error:
-        if exit_code_indicates_error(full_command, error.returncode, error_on_warnings):
-            raise
+    log_outputs(
+        tuple(processes) + (command_process,),
+        (input_file, output_file),
+        output_log_level,
+        borg_local_path=borg_local_path,
+    )

borgmatic/hooks/command.py

@@ -1,19 +1,28 @@
 import logging
 import os
+import re
 
 from borgmatic import execute
 
 logger = logging.getLogger(__name__)
 
 
-def interpolate_context(command, context):
+SOFT_FAIL_EXIT_CODE = 75
+
+
+def interpolate_context(config_filename, hook_description, command, context):
     '''
-    Given a single hook command and a dict of context names/values, interpolate the values by
-    "{name}" into the command and return the result.
+    Given a config filename, a hook description, a single hook command, and a dict of context
+    names/values, interpolate the values by "{name}" into the command and return the result.
     '''
     for name, value in context.items():
         command = command.replace('{%s}' % name, str(value))
 
+    for unsupported_variable in re.findall(r'{\w+}', command):
+        logger.warning(
+            f"{config_filename}: Variable '{unsupported_variable}' is not supported in {hook_description} hook"
+        )
+
     return command
 
 
@@ -23,8 +32,7 @@ def execute_hook(commands, umask, config_filename, description, dry_run, **conte
     a hook description, and whether this is a dry run, run the given commands. Or, don't run them
     if this is a dry run.
 
-    The context contains optional values interpolated by name into the hook commands. Currently,
-    this only applies to the on_error hook.
+    The context contains optional values interpolated by name into the hook commands.
 
     Raise ValueError if the umask cannot be parsed.
     Raise subprocesses.CalledProcessError if an error occurs in a hook.
@@ -36,7 +44,9 @@ def execute_hook(commands, umask, config_filename, description, dry_run, **conte
     dry_run_label = ' (dry run; not actually running hooks)' if dry_run else ''
 
     context['configuration_filename'] = config_filename
-    commands = [interpolate_context(command, context) for command in commands]
+    commands = [
+        interpolate_context(config_filename, description, command, context) for command in commands
+    ]
 
     if len(commands) == 1:
         logger.info(
@@ -69,3 +79,24 @@ def execute_hook(commands, umask, config_filename, description, dry_run, **conte
     finally:
         if original_umask:
             os.umask(original_umask)
+
+
+def considered_soft_failure(config_filename, error):
+    '''
+    Given a configuration filename and an exception object, return whether the exception object
+    represents a subprocess.CalledProcessError with a return code of SOFT_FAIL_EXIT_CODE. If so,
+    that indicates that the error is a "soft failure", and should not result in an error.
+    '''
+    exit_code = getattr(error, 'returncode', None)
+    if exit_code is None:
+        return False
+
+    if exit_code == SOFT_FAIL_EXIT_CODE:
+        logger.info(
+            '{}: Command hook exited with soft failure exit code ({}); skipping remaining actions'.format(
+                config_filename, SOFT_FAIL_EXIT_CODE
+            )
+        )
+        return True
+
+    return False

borgmatic/hooks/cronhub.py

@@ -13,14 +13,27 @@ MONITOR_STATE_TO_CRONHUB = {
 }
 
 
-def ping_monitor(ping_url, config_filename, state, dry_run):
+def initialize_monitor(
+    ping_url, config_filename, monitoring_log_level, dry_run
+):  # pragma: no cover
     '''
-    Ping the given Cronhub URL, modified with the monitor.State. Use the given configuration
+    No initialization is necessary for this monitor.
+    '''
+    pass
+
+
+def ping_monitor(hook_config, config_filename, state, monitoring_log_level, dry_run):
+    '''
+    Ping the configured Cronhub URL, modified with the monitor.State. Use the given configuration
     filename in any log entries. If this is a dry run, then don't actually ping anything.
     '''
     dry_run_label = ' (dry run; not actually pinging)' if dry_run else ''
     formatted_state = '/{}/'.format(MONITOR_STATE_TO_CRONHUB[state])
-    ping_url = ping_url.replace('/start/', formatted_state).replace('/ping/', formatted_state)
+    ping_url = (
+        hook_config['ping_url']
+        .replace('/start/', formatted_state)
+        .replace('/ping/', formatted_state)
+    )
 
     logger.info(
         '{}: Pinging Cronhub {}{}'.format(config_filename, state.name.lower(), dry_run_label)
@@ -29,4 +42,16 @@ def ping_monitor(ping_url, config_filename, state, dry_run):
 
     if not dry_run:
         logging.getLogger('urllib3').setLevel(logging.ERROR)
-        requests.get(ping_url)
+        try:
+            requests.get(ping_url)
+        except requests.exceptions.RequestException as error:
+            logger.warning(f'{config_filename}: Cronhub error: {error}')
+
+
+def destroy_monitor(
+    ping_url_or_uuid, config_filename, monitoring_log_level, dry_run
+):  # pragma: no cover
+    '''
+    No destruction is necessary for this monitor.
+    '''
+    pass

borgmatic/hooks/cronitor.py

@@ -13,13 +13,22 @@ MONITOR_STATE_TO_CRONITOR = {
 }
 
 
-def ping_monitor(ping_url, config_filename, state, dry_run):
+def initialize_monitor(
+    ping_url, config_filename, monitoring_log_level, dry_run
+):  # pragma: no cover
     '''
-    Ping the given Cronitor URL, modified with the monitor.State. Use the given configuration
+    No initialization is necessary for this monitor.
+    '''
+    pass
+
+
+def ping_monitor(hook_config, config_filename, state, monitoring_log_level, dry_run):
+    '''
+    Ping the configured Cronitor URL, modified with the monitor.State. Use the given configuration
     filename in any log entries. If this is a dry run, then don't actually ping anything.
     '''
     dry_run_label = ' (dry run; not actually pinging)' if dry_run else ''
-    ping_url = '{}/{}'.format(ping_url, MONITOR_STATE_TO_CRONITOR[state])
+    ping_url = '{}/{}'.format(hook_config['ping_url'], MONITOR_STATE_TO_CRONITOR[state])
 
     logger.info(
         '{}: Pinging Cronitor {}{}'.format(config_filename, state.name.lower(), dry_run_label)
@@ -28,4 +37,16 @@ def ping_monitor(ping_url, config_filename, state, dry_run):
 
     if not dry_run:
         logging.getLogger('urllib3').setLevel(logging.ERROR)
-        requests.get(ping_url)
+        try:
+            requests.get(ping_url)
+        except requests.exceptions.RequestException as error:
+            logger.warning(f'{config_filename}: Cronitor error: {error}')
+
+
+def destroy_monitor(
+    ping_url_or_uuid, config_filename, monitoring_log_level, dry_run
+):  # pragma: no cover
+    '''
+    No destruction is necessary for this monitor.
+    '''
+    pass

borgmatic/hooks/dispatch.py

@@ -1,6 +1,6 @@
 import logging
 
-from borgmatic.hooks import cronhub, cronitor, healthchecks, mysql, postgresql
+from borgmatic.hooks import cronhub, cronitor, healthchecks, mongodb, mysql, pagerduty, postgresql
 
 logger = logging.getLogger(__name__)
 
@@ -8,8 +8,10 @@ HOOK_NAME_TO_MODULE = {
     'healthchecks': healthchecks,
     'cronitor': cronitor,
     'cronhub': cronhub,
+    'pagerduty': pagerduty,
     'postgresql_databases': postgresql,
     'mysql_databases': mysql,
+    'mongodb_databases': mongodb,
 }
 
 
@@ -57,5 +59,5 @@ def call_hooks(function_name, hooks, log_prefix, hook_names, *args, **kwargs):
     return {
         hook_name: call_hook(function_name, hooks, log_prefix, hook_name, *args, **kwargs)
         for hook_name in hook_names
-        if hook_name in hooks
+        if hooks.get(hook_name)
     }

borgmatic/hooks/dump.py

@@ -1,10 +1,23 @@
-import glob
 import logging
 import os
+import shutil
+
+from borgmatic.borg.state import DEFAULT_BORGMATIC_SOURCE_DIRECTORY
 
 logger = logging.getLogger(__name__)
 
-DATABASE_HOOK_NAMES = ('postgresql_databases', 'mysql_databases')
+DATABASE_HOOK_NAMES = ('postgresql_databases', 'mysql_databases', 'mongodb_databases')
+
+
+def make_database_dump_path(borgmatic_source_directory, database_hook_name):
+    '''
+    Given a borgmatic source directory (or None) and a database hook name, construct a database dump
+    path.
+    '''
+    if not borgmatic_source_directory:
+        borgmatic_source_directory = DEFAULT_BORGMATIC_SOURCE_DIRECTORY
+
+    return os.path.join(borgmatic_source_directory, database_hook_name)
 
 
 def make_database_dump_filename(dump_path, name, hostname=None):
@@ -20,61 +33,39 @@ def make_database_dump_filename(dump_path, name, hostname=None):
     return os.path.join(os.path.expanduser(dump_path), hostname or 'localhost', name)
 
 
-def flatten_dump_patterns(dump_patterns, names):
+def create_parent_directory_for_dump(dump_path):
     '''
-    Given a dict from a database hook name to glob patterns matching the dumps for the named
-    databases, flatten out all the glob patterns into a single sequence, and return it.
-
-    Raise ValueError if there are no resulting glob patterns, which indicates that databases are not
-    configured in borgmatic's configuration.
+    Create a directory to contain the given dump path.
     '''
-    flattened = [pattern for patterns in dump_patterns.values() for pattern in patterns]
-
-    if not flattened:
-        raise ValueError(
-            'Cannot restore database(s) {} missing from borgmatic\'s configuration'.format(
-                ', '.join(names) or '"all"'
-            )
-        )
-
-    return flattened
+    os.makedirs(os.path.dirname(dump_path), mode=0o700, exist_ok=True)
 
 
-def remove_database_dumps(dump_path, databases, database_type_name, log_prefix, dry_run):
+def create_named_pipe_for_dump(dump_path):
     '''
-    Remove the database dumps for the given databases in the dump directory path. The databases are
-    supplied as a sequence of dicts, one dict describing each database as per the configuration
-    schema. Use the name of the database type and the log prefix in any log entries. If this is a
-    dry run, then don't actually remove anything.
+    Create a named pipe at the given dump path.
     '''
-    if not databases:
-        logger.debug('{}: No {} databases configured'.format(log_prefix, database_type_name))
-        return
+    create_parent_directory_for_dump(dump_path)
+    os.mkfifo(dump_path, mode=0o600)
 
+
+def remove_database_dumps(dump_path, database_type_name, log_prefix, dry_run):
+    '''
+    Remove all database dumps in the given dump directory path (including the directory itself). If
+    this is a dry run, then don't actually remove anything.
+    '''
     dry_run_label = ' (dry run; not actually removing anything)' if dry_run else ''
 
     logger.info(
         '{}: Removing {} database dumps{}'.format(log_prefix, database_type_name, dry_run_label)
     )
 
-    for database in databases:
-        dump_filename = make_database_dump_filename(
-            dump_path, database['name'], database.get('hostname')
-        )
+    expanded_path = os.path.expanduser(dump_path)
 
-        logger.debug(
-            '{}: Removing {} database dump {} from {}{}'.format(
-                log_prefix, database_type_name, database['name'], dump_filename, dry_run_label
-            )
-        )
-        if dry_run:
-            continue
+    if dry_run:
+        return
 
-        os.remove(dump_filename)
-        dump_file_dir = os.path.dirname(dump_filename)
-
-        if len(os.listdir(dump_file_dir)) == 0:
-            os.rmdir(dump_file_dir)
+    if os.path.exists(expanded_path):
+        shutil.rmtree(expanded_path)
 
 
 def convert_glob_patterns_to_borg_patterns(patterns):
@@ -83,80 +74,3 @@ def convert_glob_patterns_to_borg_patterns(patterns):
     patterns like "sh:etc/*".
     '''
     return ['sh:{}'.format(pattern.lstrip(os.path.sep)) for pattern in patterns]
-
-
-def get_database_names_from_dumps(patterns):
-    '''
-    Given a sequence of database dump patterns, find the corresponding database dumps on disk and
-    return the database names from their filenames.
-    '''
-    return [os.path.basename(dump_path) for pattern in patterns for dump_path in glob.glob(pattern)]
-
-
-def get_database_configurations(databases, names):
-    '''
-    Given the full database configuration dicts as per the configuration schema, and a sequence of
-    database names, filter down and yield the configuration for just the named databases.
-    Additionally, if a database configuration is named "all", project out that configuration for
-    each named database.
-    '''
-    named_databases = {database['name']: database for database in databases}
-
-    for name in names:
-        database = named_databases.get(name)
-        if database:
-            yield database
-            continue
-
-        if 'all' in named_databases:
-            yield {**named_databases['all'], **{'name': name}}
-            continue
-
-
-def get_per_hook_database_configurations(hooks, names, dump_patterns):
-    '''
-    Given the hooks configuration dict as per the configuration schema, a sequence of database
-    names to restore, and a dict from database hook name to glob patterns for matching dumps,
-    filter down the configuration for just the named databases.
-
-    If there are no named databases given, then find the corresponding database dumps on disk and
-    use the database names from their filenames. Additionally, if a database configuration is named
-    "all", project out that configuration for each named database.
-
-    Return the results as a dict from database hook name to a sequence of database configuration
-    dicts for that database type.
-
-    Raise ValueError if one of the database names cannot be matched to a database in borgmatic's
-    database configuration.
-    '''
-    hook_databases = {
-        hook_name: list(
-            get_database_configurations(
-                hooks.get(hook_name),
-                names or get_database_names_from_dumps(dump_patterns[hook_name]),
-            )
-        )
-        for hook_name in DATABASE_HOOK_NAMES
-        if hook_name in hooks
-    }
-
-    if not names or 'all' in names:
-        if not any(hook_databases.values()):
-            raise ValueError(
-                'Cannot restore database "all", as there are no database dumps in the archive'
-            )
-
-        return hook_databases
-
-    found_names = {
-        database['name'] for databases in hook_databases.values() for database in databases
-    }
-    missing_names = sorted(set(names) - found_names)
-    if missing_names:
-        raise ValueError(
-            'Cannot restore database(s) {} missing from borgmatic\'s configuration'.format(
-                ', '.join(missing_names)
-            )
-        )
-
-    return hook_databases

borgmatic/hooks/healthchecks.py

@@ -13,28 +13,33 @@ MONITOR_STATE_TO_HEALTHCHECKS = {
 }
 
 PAYLOAD_TRUNCATION_INDICATOR = '...\n'
-PAYLOAD_LIMIT_BYTES = 10 * 1024 - len(PAYLOAD_TRUNCATION_INDICATOR)
+DEFAULT_PING_BODY_LIMIT_BYTES = 100000
 
 
 class Forgetful_buffering_handler(logging.Handler):
     '''
     A buffering log handler that stores log messages in memory, and throws away messages (oldest
-    first) once a particular capacity in bytes is reached.
+    first) once a particular capacity in bytes is reached. But if the given byte capacity is zero,
+    don't throw away any messages.
     '''
 
-    def __init__(self, byte_capacity):
+    def __init__(self, byte_capacity, log_level):
         super().__init__()
 
         self.byte_capacity = byte_capacity
         self.byte_count = 0
         self.buffer = []
         self.forgot = False
+        self.setLevel(log_level)
 
     def emit(self, record):
         message = record.getMessage() + '\n'
         self.byte_count += len(message)
         self.buffer.append(message)
 
+        if not self.byte_capacity:
+            return
+
         while self.byte_count > self.byte_capacity and self.buffer:
             self.byte_count -= len(self.buffer[0])
             self.buffer.pop(0)
@@ -64,25 +69,45 @@ def format_buffered_logs_for_payload():
     return payload
 
 
-def ping_monitor(ping_url_or_uuid, config_filename, state, dry_run):
+def initialize_monitor(hook_config, config_filename, monitoring_log_level, dry_run):
     '''
-    Ping the given Healthchecks URL or UUID, modified with the monitor.State. Use the given
-    configuration filename in any log entries. If this is a dry run, then don't actually ping
-    anything.
+    Add a handler to the root logger that stores in memory the most recent logs emitted. That way,
+    we can send them all to Healthchecks upon a finish or failure state. But skip this if the
+    "send_logs" option is false.
     '''
-    if state is monitor.State.START:
-        # Add a handler to the root logger that stores in memory the most recent logs emitted. That
-        # way, we can send them all to Healthchecks upon a finish or failure state.
-        logging.getLogger().addHandler(Forgetful_buffering_handler(PAYLOAD_LIMIT_BYTES))
-        payload = ''
+    if hook_config.get('send_logs') is False:
+        return
 
+    ping_body_limit = max(
+        hook_config.get('ping_body_limit', DEFAULT_PING_BODY_LIMIT_BYTES)
+        - len(PAYLOAD_TRUNCATION_INDICATOR),
+        0,
+    )
+
+    logging.getLogger().addHandler(
+        Forgetful_buffering_handler(ping_body_limit, monitoring_log_level)
+    )
+
+
+def ping_monitor(hook_config, config_filename, state, monitoring_log_level, dry_run):
+    '''
+    Ping the configured Healthchecks URL or UUID, modified with the monitor.State. Use the given
+    configuration filename in any log entries, and log to Healthchecks with the giving log level.
+    If this is a dry run, then don't actually ping anything.
+    '''
     ping_url = (
-        ping_url_or_uuid
-        if ping_url_or_uuid.startswith('http')
-        else 'https://hc-ping.com/{}'.format(ping_url_or_uuid)
+        hook_config['ping_url']
+        if hook_config['ping_url'].startswith('http')
+        else 'https://hc-ping.com/{}'.format(hook_config['ping_url'])
     )
     dry_run_label = ' (dry run; not actually pinging)' if dry_run else ''
 
+    if 'states' in hook_config and state.name.lower() not in hook_config['states']:
+        logger.info(
+            f'{config_filename}: Skipping Healthchecks {state.name.lower()} ping due to configured states'
+        )
+        return
+
     healthchecks_state = MONITOR_STATE_TO_HEALTHCHECKS.get(state)
     if healthchecks_state:
         ping_url = '{}/{}'.format(ping_url, healthchecks_state)
@@ -94,7 +119,24 @@ def ping_monitor(ping_url_or_uuid, config_filename, state, dry_run):
 
     if state in (monitor.State.FINISH, monitor.State.FAIL):
         payload = format_buffered_logs_for_payload()
+    else:
+        payload = ''
 
     if not dry_run:
         logging.getLogger('urllib3').setLevel(logging.ERROR)
-        requests.post(ping_url, data=payload.encode('utf-8'))
+        try:
+            requests.post(ping_url, data=payload.encode('utf-8'))
+        except requests.exceptions.RequestException as error:
+            logger.warning(f'{config_filename}: Healthchecks error: {error}')
+
+
+def destroy_monitor(hook_config, config_filename, monitoring_log_level, dry_run):
+    '''
+    Remove the monitor handler that was added to the root logger. This prevents the handler from
+    getting reused by other instances of this monitor.
+    '''
+    logger = logging.getLogger()
+
+    for handler in tuple(logger.handlers):
+        if isinstance(handler, Forgetful_buffering_handler):
+            logger.removeHandler(handler)

borgmatic/hooks/mongodb.py

@@ -0,0 +1,162 @@
+import logging
+
+from borgmatic.execute import execute_command, execute_command_with_processes
+from borgmatic.hooks import dump
+
+logger = logging.getLogger(__name__)
+
+
+def make_dump_path(location_config):  # pragma: no cover
+    '''
+    Make the dump path from the given location configuration and the name of this hook.
+    '''
+    return dump.make_database_dump_path(
+        location_config.get('borgmatic_source_directory'), 'mongodb_databases'
+    )
+
+
+def dump_databases(databases, log_prefix, location_config, dry_run):
+    '''
+    Dump the given MongoDB databases to a named pipe. The databases are supplied as a sequence of
+    dicts, one dict describing each database as per the configuration schema. Use the given log
+    prefix in any log entries. Use the given location configuration dict to construct the
+    destination path.
+
+    Return a sequence of subprocess.Popen instances for the dump processes ready to spew to a named
+    pipe. But if this is a dry run, then don't actually dump anything and return an empty sequence.
+    '''
+    dry_run_label = ' (dry run; not actually dumping anything)' if dry_run else ''
+
+    logger.info('{}: Dumping MongoDB databases{}'.format(log_prefix, dry_run_label))
+
+    processes = []
+    for database in databases:
+        name = database['name']
+        dump_filename = dump.make_database_dump_filename(
+            make_dump_path(location_config), name, database.get('hostname')
+        )
+        dump_format = database.get('format', 'archive')
+
+        logger.debug(
+            '{}: Dumping MongoDB database {} to {}{}'.format(
+                log_prefix, name, dump_filename, dry_run_label
+            )
+        )
+        if dry_run:
+            continue
+
+        if dump_format == 'directory':
+            dump.create_parent_directory_for_dump(dump_filename)
+        else:
+            dump.create_named_pipe_for_dump(dump_filename)
+
+        command = build_dump_command(database, dump_filename, dump_format)
+        processes.append(execute_command(command, shell=True, run_to_completion=False))
+
+    return processes
+
+
+def build_dump_command(database, dump_filename, dump_format):
+    '''
+    Return the mongodump command from a single database configuration.
+    '''
+    all_databases = database['name'] == 'all'
+    command = ['mongodump', '--archive']
+    if dump_format == 'directory':
+        command.append(dump_filename)
+    if 'hostname' in database:
+        command.extend(('--host', database['hostname']))
+    if 'port' in database:
+        command.extend(('--port', str(database['port'])))
+    if 'username' in database:
+        command.extend(('--username', database['username']))
+    if 'password' in database:
+        command.extend(('--password', database['password']))
+    if 'authentication_database' in database:
+        command.extend(('--authenticationDatabase', database['authentication_database']))
+    if not all_databases:
+        command.extend(('--db', database['name']))
+    if 'options' in database:
+        command.extend(database['options'].split(' '))
+    if dump_format != 'directory':
+        command.extend(('>', dump_filename))
+    return command
+
+
+def remove_database_dumps(databases, log_prefix, location_config, dry_run):  # pragma: no cover
+    '''
+    Remove all database dump files for this hook regardless of the given databases. Use the log
+    prefix in any log entries. Use the given location configuration dict to construct the
+    destination path. If this is a dry run, then don't actually remove anything.
+    '''
+    dump.remove_database_dumps(make_dump_path(location_config), 'MongoDB', log_prefix, dry_run)
+
+
+def make_database_dump_pattern(
+    databases, log_prefix, location_config, name=None
+):  # pragma: no cover
+    '''
+    Given a sequence of configurations dicts, a prefix to log with, a location configuration dict,
+    and a database name to match, return the corresponding glob patterns to match the database dump
+    in an archive.
+    '''
+    return dump.make_database_dump_filename(make_dump_path(location_config), name, hostname='*')
+
+
+def restore_database_dump(database_config, log_prefix, location_config, dry_run, extract_process):
+    '''
+    Restore the given MongoDB database from an extract stream. The database is supplied as a
+    one-element sequence containing a dict describing the database, as per the configuration schema.
+    Use the given log prefix in any log entries. If this is a dry run, then don't actually restore
+    anything. Trigger the given active extract process (an instance of subprocess.Popen) to produce
+    output to consume.
+
+    If the extract process is None, then restore the dump from the filesystem rather than from an
+    extract stream.
+    '''
+    dry_run_label = ' (dry run; not actually restoring anything)' if dry_run else ''
+
+    if len(database_config) != 1:
+        raise ValueError('The database configuration value is invalid')
+
+    database = database_config[0]
+    dump_filename = dump.make_database_dump_filename(
+        make_dump_path(location_config), database['name'], database.get('hostname')
+    )
+    restore_command = build_restore_command(extract_process, database, dump_filename)
+
+    logger.debug(
+        '{}: Restoring MongoDB database {}{}'.format(log_prefix, database['name'], dry_run_label)
+    )
+    if dry_run:
+        return
+
+    execute_command_with_processes(
+        restore_command,
+        [extract_process] if extract_process else [],
+        output_log_level=logging.DEBUG,
+        input_file=extract_process.stdout if extract_process else None,
+        borg_local_path=location_config.get('local_path', 'borg'),
+    )
+
+
+def build_restore_command(extract_process, database, dump_filename):
+    '''
+    Return the mongorestore command from a single database configuration.
+    '''
+    command = ['mongorestore', '--archive']
+    if not extract_process:
+        command.append(dump_filename)
+    if database['name'] != 'all':
+        command.extend(('--drop', '--db', database['name']))
+    if 'hostname' in database:
+        command.extend(('--host', database['hostname']))
+    if 'port' in database:
+        command.extend(('--port', str(database['port'])))
+    if 'username' in database:
+        command.extend(('--username', database['username']))
+    if 'password' in database:
+        command.extend(('--password', database['password']))
+    if 'authentication_database' in database:
+        command.extend(('--authenticationDatabase', database['authentication_database']))
+    return command

borgmatic/hooks/monitor.py

@@ -1,6 +1,6 @@
 from enum import Enum
 
-MONITOR_HOOK_NAMES = ('healthchecks', 'cronitor', 'cronhub')
+MONITOR_HOOK_NAMES = ('healthchecks', 'cronitor', 'cronhub', 'pagerduty')
 
 
 class State(Enum):

borgmatic/hooks/mysql.py

@@ -1,94 +1,176 @@
 import logging
-import os
 
-from borgmatic.execute import execute_command
+from borgmatic.execute import execute_command, execute_command_with_processes
 from borgmatic.hooks import dump
 
-DUMP_PATH = '~/.borgmatic/mysql_databases'
 logger = logging.getLogger(__name__)
 
 
-def dump_databases(databases, log_prefix, dry_run):
+def make_dump_path(location_config):  # pragma: no cover
     '''
-    Dump the given MySQL/MariaDB databases to disk. The databases are supplied as a sequence of
-    dicts, one dict describing each database as per the configuration schema. Use the given log
-    prefix in any log entries. If this is a dry run, then don't actually dump anything.
+    Make the dump path from the given location configuration and the name of this hook.
+    '''
+    return dump.make_database_dump_path(
+        location_config.get('borgmatic_source_directory'), 'mysql_databases'
+    )
+
+
+SYSTEM_DATABASE_NAMES = ('information_schema', 'mysql', 'performance_schema', 'sys')
+
+
+def database_names_to_dump(database, extra_environment, log_prefix, dry_run_label):
+    '''
+    Given a requested database name, return the corresponding sequence of database names to dump.
+    In the case of "all", query for the names of databases on the configured host and return them,
+    excluding any system databases that will cause problems during restore.
+    '''
+    requested_name = database['name']
+
+    if requested_name != 'all':
+        return (requested_name,)
+
+    show_command = (
+        ('mysql',)
+        + (tuple(database['list_options'].split(' ')) if 'list_options' in database else ())
+        + (('--host', database['hostname']) if 'hostname' in database else ())
+        + (('--port', str(database['port'])) if 'port' in database else ())
+        + (('--protocol', 'tcp') if 'hostname' in database or 'port' in database else ())
+        + (('--user', database['username']) if 'username' in database else ())
+        + ('--skip-column-names', '--batch')
+        + ('--execute', 'show schemas')
+    )
+    logger.debug(
+        '{}: Querying for "all" MySQL databases to dump{}'.format(log_prefix, dry_run_label)
+    )
+    show_output = execute_command(
+        show_command, output_log_level=None, extra_environment=extra_environment
+    )
+
+    return tuple(
+        show_name
+        for show_name in show_output.strip().splitlines()
+        if show_name not in SYSTEM_DATABASE_NAMES
+    )
+
+
+def dump_databases(databases, log_prefix, location_config, dry_run):
+    '''
+    Dump the given MySQL/MariaDB databases to a named pipe. The databases are supplied as a sequence
+    of dicts, one dict describing each database as per the configuration schema. Use the given log
+    prefix in any log entries. Use the given location configuration dict to construct the
+    destination path.
+
+    Return a sequence of subprocess.Popen instances for the dump processes ready to spew to a named
+    pipe. But if this is a dry run, then don't actually dump anything and return an empty sequence.
     '''
     dry_run_label = ' (dry run; not actually dumping anything)' if dry_run else ''
+    processes = []
 
     logger.info('{}: Dumping MySQL databases{}'.format(log_prefix, dry_run_label))
 
     for database in databases:
-        name = database['name']
-        dump_filename = dump.make_database_dump_filename(DUMP_PATH, name, database.get('hostname'))
-        command = (
-            ('mysqldump', '--add-drop-database')
+        requested_name = database['name']
+        dump_filename = dump.make_database_dump_filename(
+            make_dump_path(location_config), requested_name, database.get('hostname')
+        )
+        extra_environment = {'MYSQL_PWD': database['password']} if 'password' in database else None
+        dump_database_names = database_names_to_dump(
+            database, extra_environment, log_prefix, dry_run_label
+        )
+        if not dump_database_names:
+            raise ValueError('Cannot find any MySQL databases to dump.')
+
+        dump_command = (
+            ('mysqldump',)
+            + (tuple(database['options'].split(' ')) if 'options' in database else ())
+            + ('--add-drop-database',)
             + (('--host', database['hostname']) if 'hostname' in database else ())
             + (('--port', str(database['port'])) if 'port' in database else ())
             + (('--protocol', 'tcp') if 'hostname' in database or 'port' in database else ())
             + (('--user', database['username']) if 'username' in database else ())
-            + (tuple(database['options'].split(' ')) if 'options' in database else ())
-            + (('--all-databases',) if name == 'all' else ('--databases', name))
+            + ('--databases',)
+            + dump_database_names
+            # Use shell redirection rather than execute_command(output_file=open(...)) to prevent
+            # the open() call on a named pipe from hanging the main borgmatic process.
+            + ('>', dump_filename)
         )
-        extra_environment = {'MYSQL_PWD': database['password']} if 'password' in database else None
 
         logger.debug(
             '{}: Dumping MySQL database {} to {}{}'.format(
-                log_prefix, name, dump_filename, dry_run_label
+                log_prefix, requested_name, dump_filename, dry_run_label
             )
         )
-        if not dry_run:
-            os.makedirs(os.path.dirname(dump_filename), mode=0o700, exist_ok=True)
+        if dry_run:
+            continue
+
+        dump.create_named_pipe_for_dump(dump_filename)
+
+        processes.append(
             execute_command(
-                command, output_file=open(dump_filename, 'w'), extra_environment=extra_environment
+                dump_command,
+                shell=True,
+                extra_environment=extra_environment,
+                run_to_completion=False,
             )
+        )
+
+    return processes
 
 
-def remove_database_dumps(databases, log_prefix, dry_run):  # pragma: no cover
+def remove_database_dumps(databases, log_prefix, location_config, dry_run):  # pragma: no cover
     '''
-    Remove the database dumps for the given databases. The databases are supplied as a sequence of
-    dicts, one dict describing each database as per the configuration schema. Use the log prefix in
-    any log entries. If this is a dry run, then don't actually remove anything.
+    Remove all database dump files for this hook regardless of the given databases. Use the log
+    prefix in any log entries. Use the given location configuration dict to construct the
+    destination path. If this is a dry run, then don't actually remove anything.
     '''
-    dump.remove_database_dumps(DUMP_PATH, databases, 'MySQL', log_prefix, dry_run)
+    dump.remove_database_dumps(make_dump_path(location_config), 'MySQL', log_prefix, dry_run)
 
 
-def make_database_dump_patterns(databases, log_prefix, names):
+def make_database_dump_pattern(
+    databases, log_prefix, location_config, name=None
+):  # pragma: no cover
     '''
-    Given a sequence of configurations dicts, a prefix to log with, and a sequence of database
-    names to match, return the corresponding glob patterns to match the database dumps in an
-    archive. An empty sequence of names indicates that the patterns should match all dumps.
+    Given a sequence of configurations dicts, a prefix to log with, a location configuration dict,
+    and a database name to match, return the corresponding glob patterns to match the database dump
+    in an archive.
     '''
-    return [
-        dump.make_database_dump_filename(DUMP_PATH, name, hostname='*') for name in (names or ['*'])
-    ]
+    return dump.make_database_dump_filename(make_dump_path(location_config), name, hostname='*')
 
 
-def restore_database_dumps(databases, log_prefix, dry_run):
+def restore_database_dump(database_config, log_prefix, location_config, dry_run, extract_process):
     '''
-    Restore the given MySQL/MariaDB databases from disk. The databases are supplied as a sequence of
-    dicts, one dict describing each database as per the configuration schema. Use the given log
-    prefix in any log entries. If this is a dry run, then don't actually restore anything.
+    Restore the given MySQL/MariaDB database from an extract stream. The database is supplied as a
+    one-element sequence containing a dict describing the database, as per the configuration schema.
+    Use the given log prefix in any log entries. If this is a dry run, then don't actually restore
+    anything. Trigger the given active extract process (an instance of subprocess.Popen) to produce
+    output to consume.
     '''
     dry_run_label = ' (dry run; not actually restoring anything)' if dry_run else ''
 
-    for database in databases:
-        dump_filename = dump.make_database_dump_filename(
-            DUMP_PATH, database['name'], database.get('hostname')
-        )
-        restore_command = (
-            ('mysql', '--batch')
-            + (('--host', database['hostname']) if 'hostname' in database else ())
-            + (('--port', str(database['port'])) if 'port' in database else ())
-            + (('--protocol', 'tcp') if 'hostname' in database or 'port' in database else ())
-            + (('--user', database['username']) if 'username' in database else ())
-        )
-        extra_environment = {'MYSQL_PWD': database['password']} if 'password' in database else None
+    if len(database_config) != 1:
+        raise ValueError('The database configuration value is invalid')
 
-        logger.debug(
-            '{}: Restoring MySQL database {}{}'.format(log_prefix, database['name'], dry_run_label)
-        )
-        if not dry_run:
-            execute_command(
-                restore_command, input_file=open(dump_filename), extra_environment=extra_environment
-            )
+    database = database_config[0]
+    restore_command = (
+        ('mysql', '--batch')
+        + (('--host', database['hostname']) if 'hostname' in database else ())
+        + (('--port', str(database['port'])) if 'port' in database else ())
+        + (('--protocol', 'tcp') if 'hostname' in database or 'port' in database else ())
+        + (('--user', database['username']) if 'username' in database else ())
+    )
+    extra_environment = {'MYSQL_PWD': database['password']} if 'password' in database else None
+
+    logger.debug(
+        '{}: Restoring MySQL database {}{}'.format(log_prefix, database['name'], dry_run_label)
+    )
+    if dry_run:
+        return
+
+    execute_command_with_processes(
+        restore_command,
+        [extract_process],
+        output_log_level=logging.DEBUG,
+        input_file=extract_process.stdout,
+        extra_environment=extra_environment,
+        borg_local_path=location_config.get('local_path', 'borg'),
+    )

borgmatic/hooks/pagerduty.py

@@ -0,0 +1,83 @@
+import datetime
+import json
+import logging
+import platform
+
+import requests
+
+from borgmatic.hooks import monitor
+
+logger = logging.getLogger(__name__)
+
+EVENTS_API_URL = 'https://events.pagerduty.com/v2/enqueue'
+
+
+def initialize_monitor(
+    integration_key, config_filename, monitoring_log_level, dry_run
+):  # pragma: no cover
+    '''
+    No initialization is necessary for this monitor.
+    '''
+    pass
+
+
+def ping_monitor(hook_config, config_filename, state, monitoring_log_level, dry_run):
+    '''
+    If this is an error state, create a PagerDuty event with the configured integration key. Use
+    the given configuration filename in any log entries. If this is a dry run, then don't actually
+    create an event.
+    '''
+    if state != monitor.State.FAIL:
+        logger.debug(
+            '{}: Ignoring unsupported monitoring {} in PagerDuty hook'.format(
+                config_filename, state.name.lower()
+            )
+        )
+        return
+
+    dry_run_label = ' (dry run; not actually sending)' if dry_run else ''
+    logger.info('{}: Sending failure event to PagerDuty {}'.format(config_filename, dry_run_label))
+
+    if dry_run:
+        return
+
+    hostname = platform.node()
+    local_timestamp = (
+        datetime.datetime.utcnow().replace(tzinfo=datetime.timezone.utc).astimezone().isoformat()
+    )
+    payload = json.dumps(
+        {
+            'routing_key': hook_config['integration_key'],
+            'event_action': 'trigger',
+            'payload': {
+                'summary': 'backup failed on {}'.format(hostname),
+                'severity': 'error',
+                'source': hostname,
+                'timestamp': local_timestamp,
+                'component': 'borgmatic',
+                'group': 'backups',
+                'class': 'backup failure',
+                'custom_details': {
+                    'hostname': hostname,
+                    'configuration filename': config_filename,
+                    'server time': local_timestamp,
+                },
+            },
+        }
+    )
+    logger.debug('{}: Using PagerDuty payload: {}'.format(config_filename, payload))
+
+    logging.getLogger('urllib3').setLevel(logging.ERROR)
+    try:
+        requests.post(EVENTS_API_URL, data=payload.encode('utf-8'))
+    except requests.exceptions.RequestException as error:
+        logger.warning(f'{config_filename}: PagerDuty error: {error}')
+
+
+def destroy_monitor(
+    ping_url_or_uuid, config_filename, monitoring_log_level, dry_run
+):  # pragma: no cover
+    '''
+    No destruction is necessary for this monitor.
+    '''
+    pass

borgmatic/hooks/postgresql.py

@@ -1,104 +1,179 @@
 import logging
-import os
 
-from borgmatic.execute import execute_command
+from borgmatic.execute import execute_command, execute_command_with_processes
 from borgmatic.hooks import dump
 
-DUMP_PATH = '~/.borgmatic/postgresql_databases'
 logger = logging.getLogger(__name__)
 
 
-def dump_databases(databases, log_prefix, dry_run):
+def make_dump_path(location_config):  # pragma: no cover
     '''
-    Dump the given PostgreSQL databases to disk. The databases are supplied as a sequence of dicts,
-    one dict describing each database as per the configuration schema. Use the given log prefix in
-    any log entries. If this is a dry run, then don't actually dump anything.
+    Make the dump path from the given location configuration and the name of this hook.
+    '''
+    return dump.make_database_dump_path(
+        location_config.get('borgmatic_source_directory'), 'postgresql_databases'
+    )
+
+
+def make_extra_environment(database):
+    '''
+    Make the extra_environment dict from the given database configuration.
+    '''
+    extra = dict()
+    if 'password' in database:
+        extra['PGPASSWORD'] = database['password']
+    extra['PGSSLMODE'] = database.get('ssl_mode', 'disable')
+    if 'ssl_cert' in database:
+        extra['PGSSLCERT'] = database['ssl_cert']
+    if 'ssl_key' in database:
+        extra['PGSSLKEY'] = database['ssl_key']
+    if 'ssl_root_cert' in database:
+        extra['PGSSLROOTCERT'] = database['ssl_root_cert']
+    if 'ssl_crl' in database:
+        extra['PGSSLCRL'] = database['ssl_crl']
+    return extra
+
+
+def dump_databases(databases, log_prefix, location_config, dry_run):
+    '''
+    Dump the given PostgreSQL databases to a named pipe. The databases are supplied as a sequence of
+    dicts, one dict describing each database as per the configuration schema. Use the given log
+    prefix in any log entries. Use the given location configuration dict to construct the
+    destination path.
+
+    Return a sequence of subprocess.Popen instances for the dump processes ready to spew to a named
+    pipe. But if this is a dry run, then don't actually dump anything and return an empty sequence.
     '''
     dry_run_label = ' (dry run; not actually dumping anything)' if dry_run else ''
+    processes = []
 
     logger.info('{}: Dumping PostgreSQL databases{}'.format(log_prefix, dry_run_label))
 
     for database in databases:
         name = database['name']
-        dump_filename = dump.make_database_dump_filename(DUMP_PATH, name, database.get('hostname'))
+        dump_filename = dump.make_database_dump_filename(
+            make_dump_path(location_config), name, database.get('hostname')
+        )
         all_databases = bool(name == 'all')
+        dump_format = database.get('format', 'custom')
         command = (
-            ('pg_dumpall' if all_databases else 'pg_dump', '--no-password', '--clean')
-            + ('--file', dump_filename)
+            (
+                'pg_dumpall' if all_databases else 'pg_dump',
+                '--no-password',
+                '--clean',
+                '--if-exists',
+            )
             + (('--host', database['hostname']) if 'hostname' in database else ())
             + (('--port', str(database['port'])) if 'port' in database else ())
             + (('--username', database['username']) if 'username' in database else ())
-            + (() if all_databases else ('--format', database.get('format', 'custom')))
+            + (() if all_databases else ('--format', dump_format))
+            + (('--file', dump_filename) if dump_format == 'directory' else ())
             + (tuple(database['options'].split(' ')) if 'options' in database else ())
             + (() if all_databases else (name,))
+            # Use shell redirection rather than the --file flag to sidestep synchronization issues
+            # when pg_dump/pg_dumpall tries to write to a named pipe. But for the directory dump
+            # format in a particular, a named destination is required, and redirection doesn't work.
+            + (('>', dump_filename) if dump_format != 'directory' else ())
         )
-        extra_environment = {'PGPASSWORD': database['password']} if 'password' in database else None
+        extra_environment = make_extra_environment(database)
 
         logger.debug(
             '{}: Dumping PostgreSQL database {} to {}{}'.format(
                 log_prefix, name, dump_filename, dry_run_label
             )
         )
-        if not dry_run:
-            os.makedirs(os.path.dirname(dump_filename), mode=0o700, exist_ok=True)
-            execute_command(command, extra_environment=extra_environment)
+        if dry_run:
+            continue
+
+        if dump_format == 'directory':
+            dump.create_parent_directory_for_dump(dump_filename)
+        else:
+            dump.create_named_pipe_for_dump(dump_filename)
+
+        processes.append(
+            execute_command(
+                command, shell=True, extra_environment=extra_environment, run_to_completion=False
+            )
+        )
+
+    return processes
 
 
-def remove_database_dumps(databases, log_prefix, dry_run):  # pragma: no cover
+def remove_database_dumps(databases, log_prefix, location_config, dry_run):  # pragma: no cover
     '''
-    Remove the database dumps for the given databases. The databases are supplied as a sequence of
-    dicts, one dict describing each database as per the configuration schema. Use the log prefix in
-    any log entries. If this is a dry run, then don't actually remove anything.
+    Remove all database dump files for this hook regardless of the given databases. Use the log
+    prefix in any log entries. Use the given location configuration dict to construct the
+    destination path. If this is a dry run, then don't actually remove anything.
     '''
-    dump.remove_database_dumps(DUMP_PATH, databases, 'PostgreSQL', log_prefix, dry_run)
+    dump.remove_database_dumps(make_dump_path(location_config), 'PostgreSQL', log_prefix, dry_run)
 
 
-def make_database_dump_patterns(databases, log_prefix, names):
+def make_database_dump_pattern(
+    databases, log_prefix, location_config, name=None
+):  # pragma: no cover
     '''
-    Given a sequence of configurations dicts, a prefix to log with, and a sequence of database
-    names to match, return the corresponding glob patterns to match the database dumps in an
-    archive. An empty sequence of names indicates that the patterns should match all dumps.
+    Given a sequence of configurations dicts, a prefix to log with, a location configuration dict,
+    and a database name to match, return the corresponding glob patterns to match the database dump
+    in an archive.
     '''
-    return [
-        dump.make_database_dump_filename(DUMP_PATH, name, hostname='*') for name in (names or ['*'])
-    ]
+    return dump.make_database_dump_filename(make_dump_path(location_config), name, hostname='*')
 
 
-def restore_database_dumps(databases, log_prefix, dry_run):
+def restore_database_dump(database_config, log_prefix, location_config, dry_run, extract_process):
     '''
-    Restore the given PostgreSQL databases from disk. The databases are supplied as a sequence of
-    dicts, one dict describing each database as per the configuration schema. Use the given log
-    prefix in any log entries. If this is a dry run, then don't actually restore anything.
+    Restore the given PostgreSQL database from an extract stream. The database is supplied as a
+    one-element sequence containing a dict describing the database, as per the configuration schema.
+    Use the given log prefix in any log entries. If this is a dry run, then don't actually restore
+    anything. Trigger the given active extract process (an instance of subprocess.Popen) to produce
+    output to consume.
+
+    If the extract process is None, then restore the dump from the filesystem rather than from an
+    extract stream.
     '''
     dry_run_label = ' (dry run; not actually restoring anything)' if dry_run else ''
 
-    for database in databases:
-        dump_filename = dump.make_database_dump_filename(
-            DUMP_PATH, database['name'], database.get('hostname')
-        )
-        restore_command = (
-            ('pg_restore', '--no-password', '--clean', '--if-exists', '--exit-on-error')
-            + (('--host', database['hostname']) if 'hostname' in database else ())
-            + (('--port', str(database['port'])) if 'port' in database else ())
-            + (('--username', database['username']) if 'username' in database else ())
-            + ('--dbname', database['name'])
-            + (dump_filename,)
-        )
-        extra_environment = {'PGPASSWORD': database['password']} if 'password' in database else None
-        analyze_command = (
-            ('psql', '--no-password', '--quiet')
-            + (('--host', database['hostname']) if 'hostname' in database else ())
-            + (('--port', str(database['port'])) if 'port' in database else ())
-            + (('--username', database['username']) if 'username' in database else ())
-            + ('--dbname', database['name'])
-            + ('--command', 'ANALYZE')
-        )
+    if len(database_config) != 1:
+        raise ValueError('The database configuration value is invalid')
 
-        logger.debug(
-            '{}: Restoring PostgreSQL database {}{}'.format(
-                log_prefix, database['name'], dry_run_label
-            )
+    database = database_config[0]
+    all_databases = bool(database['name'] == 'all')
+    dump_filename = dump.make_database_dump_filename(
+        make_dump_path(location_config), database['name'], database.get('hostname')
+    )
+    analyze_command = (
+        ('psql', '--no-password', '--quiet')
+        + (('--host', database['hostname']) if 'hostname' in database else ())
+        + (('--port', str(database['port'])) if 'port' in database else ())
+        + (('--username', database['username']) if 'username' in database else ())
+        + (('--dbname', database['name']) if not all_databases else ())
+        + ('--command', 'ANALYZE')
+    )
+    restore_command = (
+        ('psql' if all_databases else 'pg_restore', '--no-password')
+        + (
+            ('--if-exists', '--exit-on-error', '--clean', '--dbname', database['name'])
+            if not all_databases
+            else ()
         )
-        if not dry_run:
-            execute_command(restore_command, extra_environment=extra_environment)
-            execute_command(analyze_command, extra_environment=extra_environment)
+        + (('--host', database['hostname']) if 'hostname' in database else ())
+        + (('--port', str(database['port'])) if 'port' in database else ())
+        + (('--username', database['username']) if 'username' in database else ())
+        + (() if extract_process else (dump_filename,))
+    )
+    extra_environment = make_extra_environment(database)
+
+    logger.debug(
+        '{}: Restoring PostgreSQL database {}{}'.format(log_prefix, database['name'], dry_run_label)
+    )
+    if dry_run:
+        return
+
+    execute_command_with_processes(
+        restore_command,
+        [extract_process] if extract_process else [],
+        output_log_level=logging.DEBUG,
+        input_file=extract_process.stdout if extract_process else None,
+        extra_environment=extra_environment,
+        borg_local_path=location_config.get('local_path', 'borg'),
+    )
+    execute_command(analyze_command, extra_environment=extra_environment)

borgmatic/logger.py

@@ -1,4 +1,5 @@
 import logging
+import logging.handlers
 import os
 import sys
 
@@ -26,7 +27,7 @@ def interactive_console():
     Return whether the current console is "interactive". Meaning: Capable of
     user input and not just something like a cron job.
     '''
-    return sys.stdout.isatty() and os.environ.get('TERM') != 'dumb'
+    return sys.stderr.isatty() and os.environ.get('TERM') != 'dumb'
 
 
 def should_do_markup(no_color, configs):
@@ -48,6 +49,42 @@ def should_do_markup(no_color, configs):
     return interactive_console()
 
 
+class Multi_stream_handler(logging.Handler):
+    '''
+    A logging handler that dispatches each log record to one of multiple stream handlers depending
+    on the record's log level.
+    '''
+
+    def __init__(self, log_level_to_stream_handler):
+        super(Multi_stream_handler, self).__init__()
+        self.log_level_to_handler = log_level_to_stream_handler
+        self.handlers = set(self.log_level_to_handler.values())
+
+    def flush(self):  # pragma: no cover
+        super(Multi_stream_handler, self).flush()
+
+        for handler in self.handlers:
+            handler.flush()
+
+    def emit(self, record):
+        '''
+        Dispatch the log record to the approriate stream handler for the record's log level.
+        '''
+        self.log_level_to_handler[record.levelno].emit(record)
+
+    def setFormatter(self, formatter):  # pragma: no cover
+        super(Multi_stream_handler, self).setFormatter(formatter)
+
+        for handler in self.handlers:
+            handler.setFormatter(formatter)
+
+    def setLevel(self, level):  # pragma: no cover
+        super(Multi_stream_handler, self).setLevel(level)
+
+        for handler in self.handlers:
+            handler.setLevel(level)
+
+
 LOG_LEVEL_TO_COLOR = {
     logging.CRITICAL: colorama.Fore.RED,
     logging.ERROR: colorama.Fore.RED,
@@ -74,7 +111,11 @@ def color_text(color, message):
 
 
 def configure_logging(
-    console_log_level, syslog_log_level=None, log_file_log_level=None, log_file=None
+    console_log_level,
+    syslog_log_level=None,
+    log_file_log_level=None,
+    monitoring_log_level=None,
+    log_file=None,
 ):
     '''
     Configure logging to go to both the console and (syslog or log file). Use the given log levels,
@@ -86,8 +127,22 @@ def configure_logging(
         syslog_log_level = console_log_level
     if log_file_log_level is None:
         log_file_log_level = console_log_level
+    if monitoring_log_level is None:
+        monitoring_log_level = console_log_level
 
-    console_handler = logging.StreamHandler()
+    # Log certain log levels to console stderr and others to stdout. This supports use cases like
+    # grepping (non-error) output.
+    console_error_handler = logging.StreamHandler(sys.stderr)
+    console_standard_handler = logging.StreamHandler(sys.stdout)
+    console_handler = Multi_stream_handler(
+        {
+            logging.CRITICAL: console_error_handler,
+            logging.ERROR: console_error_handler,
+            logging.WARN: console_standard_handler,
+            logging.INFO: console_standard_handler,
+            logging.DEBUG: console_standard_handler,
+        }
+    )
     console_handler.setFormatter(Console_color_formatter())
     console_handler.setLevel(console_log_level)
 
@@ -97,6 +152,8 @@ def configure_logging(
             syslog_path = '/dev/log'
         elif os.path.exists('/var/run/syslog'):
             syslog_path = '/var/run/syslog'
+        elif os.path.exists('/var/run/log'):
+            syslog_path = '/var/run/log'
 
     if syslog_path and not interactive_console():
         syslog_handler = logging.handlers.SysLogHandler(address=syslog_path)
@@ -112,5 +169,6 @@ def configure_logging(
         handlers = (console_handler,)
 
     logging.basicConfig(
-        level=min(console_log_level, syslog_log_level, log_file_log_level), handlers=handlers
+        level=min(console_log_level, syslog_log_level, log_file_log_level, monitoring_log_level),
+        handlers=handlers,
     )

borgmatic/signals.py

@@ -1,18 +1,34 @@
+import logging
 import os
 import signal
+import sys
+
+logger = logging.getLogger(__name__)
 
 
-def _handle_signal(signal_number, frame):  # pragma: no cover
+EXIT_CODE_FROM_SIGNAL = 128
+
+
+def handle_signal(signal_number, frame):
     '''
-    Send the signal to all processes in borgmatic's process group, which includes child process.
+    Send the signal to all processes in borgmatic's process group, which includes child processes.
     '''
+    # Prevent infinite signal handler recursion. If the parent frame is this very same handler
+    # function, we know we're recursing.
+    if frame.f_back.f_code.co_name == handle_signal.__name__:
+        return
+
     os.killpg(os.getpgrp(), signal_number)
 
+    if signal_number == signal.SIGTERM:
+        logger.critical('Exiting due to TERM signal')
+        sys.exit(EXIT_CODE_FROM_SIGNAL + signal.SIGTERM)
 
-def configure_signals():  # pragma: no cover
+
+def configure_signals():
     '''
     Configure borgmatic's signal handlers to pass relevant signals through to any child processes
     like Borg. Note that SIGINT gets passed through even without these changes.
     '''
     for signal_number in (signal.SIGHUP, signal.SIGTERM, signal.SIGUSR1, signal.SIGUSR2):
-        signal.signal(signal_number, _handle_signal)
+        signal.signal(signal_number, handle_signal)

docs/Dockerfile

@@ -1,13 +1,14 @@
-FROM python:3.7.4-alpine3.10 as borgmatic
+FROM python:3.8-alpine3.13 as borgmatic
 
 COPY . /app
+RUN apk add --no-cache py3-ruamel.yaml py3-ruamel.yaml.clib
 RUN pip install --no-cache /app && generate-borgmatic-config && chmod +r /etc/borgmatic/config.yaml
 RUN borgmatic --help > /command-line.txt \
-    && for action in init prune create check extract mount umount restore list info; do \
+    && for action in init prune compact create check extract export-tar mount umount restore list info borg; do \
            echo -e "\n--------------------------------------------------------------------------------\n" >> /command-line.txt \
            && borgmatic "$action" --help >> /command-line.txt; done
 
-FROM node:12.10.0-alpine as html
+FROM node:15.2.1-alpine as html
 
 ARG ENVIRONMENT=production
 
@@ -16,6 +17,7 @@ WORKDIR /source
 RUN npm install @11ty/eleventy \
     @11ty/eleventy-plugin-syntaxhighlight \
     @11ty/eleventy-plugin-inclusive-language \
+    @11ty/eleventy-navigation \
     markdown-it \
     markdown-it-anchor \
     markdown-it-replace-link
@@ -25,7 +27,7 @@ COPY . /source
 RUN NODE_ENV=${ENVIRONMENT} npx eleventy --input=/source/docs --output=/output/docs \
   && mv /output/docs/index.html /output/index.html
 
-FROM nginx:1.16.1-alpine
+FROM nginx:1.19.4-alpine
 
 COPY --from=html /output /usr/share/nginx/html
 COPY --from=borgmatic /etc/borgmatic/config.yaml /usr/share/nginx/html/docs/reference/config.yaml

docs/SECURITY.md

@@ -0,0 +1,19 @@
+---
+title: Security policy
+permalink: security-policy/index.html
+---
+
+## Supported versions
+
+While we want to hear about security vulnerabilities in all versions of
+borgmatic, security fixes will only be made to the most recently released
+version. It's not practical for our small volunteer effort to maintain
+multiple different release branches and put out separate security patches for
+each.
+
+## Reporting a vulnerability
+
+If you find a security vulnerability, please [file a
+ticket](https://torsion.org/borgmatic/#issues) or [send email
+directly](mailto:witten@torsion.org) as appropriate. You should expect to hear
+back within a few days at most, and generally sooner.

docs/_includes/components/lists.css

@@ -1,8 +1,7 @@
 /* Buzzwords */
 @keyframes rainbow {
 	0% { background-position: 0% 50%; }
-	50% { background-position: 100% 50%; }
-	100% { background-position: 0% 50%; }
+	100% { background-position: 100% 50%; }
 }
 .buzzword-list,
 .inlinelist {
@@ -25,6 +24,7 @@
 	margin: 4px 4px 4px 0;
 	transition: .15s linear outline;
 }
+
 .inlinelist .inlinelist-item.active {
 	background-color: #222;
 	color: #fff;
@@ -36,6 +36,38 @@
 }
 .inlinelist .inlinelist-item code {
 	background-color: transparent;
+	font-size: 80%;
+	margin-left: 6px;
+	padding-left: 6px;
+	display: inline-block;
+	position: relative;
+}
+@media (max-width: 26.8125em) { /* 429px */
+	.inlinelist .inlinelist-item {
+		overflow: hidden;
+	}
+	.inlinelist .inlinelist-item code {
+		float: right;
+		line-height: 1.75;
+	}
+}
+@media (min-width: 26.875em) { /* 430px */
+	.inlinelist .inlinelist-item code {
+		float: none;
+	}
+	.inlinelist .inlinelist-item code:before {
+		content: " ";
+		border-left: 1px solid rgba(255,255,255,.8);
+		position: absolute;
+		left: -2px;
+		top: -2px;
+		bottom: 2px;
+	}
+	@media (prefers-color-scheme: dark) {
+		.inlinelist .inlinelist-item code:before {
+			border-left-color: rgba(0,0,0,.8);
+		}
+	}
 }
 a.buzzword {
 	text-decoration: underline;
@@ -59,44 +91,74 @@ a.buzzword {
 .buzzword {
 	background-color: #f7f7f7;
 }
+@media (prefers-color-scheme: dark) {
+	.buzzword-list li,
+	.buzzword {
+		background-color: #080808;
+	}
+}
 .inlinelist .inlinelist-item {
 	background-color: #e9e9e9;
 }
+@media (prefers-color-scheme: dark) {
+	.inlinelist .inlinelist-item {
+		background-color: #000;
+	}
+	.inlinelist .inlinelist-item a {
+		color: #fff;
+	}
+	.inlinelist .inlinelist-item code {
+		color: inherit;
+	}
+}
 .inlinelist .inlinelist-item:hover,
 .inlinelist .inlinelist-item:focus,
 .buzzword-list li:hover,
 .buzzword-list li:focus,
 .buzzword:hover,
-.buzzword:focus {
+.buzzword:focus,
+.rainbow-active:hover,
+.rainbow-active:focus {
 	position: relative;
 	background-image: linear-gradient(238deg, #ff0000, #ff8000, #ffff00, #80ff00, #00ff00, #00ff80, #00ffff, #0080ff, #0000ff, #8000ff, #ff0080);
 	background-size: 1200% 1200%;
+	background-position: 2% 80%;
 	color: #fff;
 	text-shadow: 0 0 2px rgba(0,0,0,.9);
-	animation: rainbow 1.6s infinite;
+	animation: rainbow 4s ease-out alternate infinite;
+}
+.rainbow-active-noanim {
+	animation: none !important;
 }
 .inlinelist .inlinelist-item:hover a,
 .inlinelist .inlinelist-item:focus a,
 .buzzword-list li:hover a,
 .buzzword-list li:focus a,
 a.buzzword:hover,
-a.buzzword:focus {
+a.buzzword:focus,
+a.rainbow-active:hover,
+a.rainbow-active:focus {
 	color: #fff;
 	text-decoration: none;
 }
-/*
-I wish there were a PE friendly way to do this but media queries don’t work work with @supports
-@media (prefers-reduced-motion: no-preference) {
+@media (prefers-reduced-motion: reduce) {
+	.inlinelist .inlinelist-item:hover,
+	.inlinelist .inlinelist-item:focus,
+	.buzzword-list li:hover,
+	.buzzword-list li:focus,
 	.buzzword:hover,
-	.buzzword:focus {
-		animation: rainbow 1s infinite;
+	.buzzword:focus,
+	.rainbow-active:hover,
+	.rainbow-active:focus {
+		animation: none;
 	}
-}*/
+}
+
 .buzzword-list li:hover:after,
 .buzzword-list li:focus:after,
 .buzzword:hover:after,
 .buzzword:focus:after {
-	font-family: system-ui, sans-serif;
+	font-family: system-ui, -apple-system, sans-serif;
 	content: "Buzzword alert!!!";
 	position: absolute;
 	left: 0;
@@ -123,4 +185,94 @@ main h2 a.buzzword,
 main h3 a.buzzword,
 main p a.buzzword {
 	text-decoration: underline;
-}
+}
+
+/* Small viewport */
+@media (max-width: 26.8125em) { /* 429px */
+	.inlinelist .inlinelist-item {
+		display: block;
+		width: auto;
+		padding: 0;
+		line-height: 1.4;
+	}
+	.inlinelist .inlinelist-item > a {
+		display: block;
+		padding: .2em .5em;
+	}
+}
+@media (min-width: 26.875em) { /* 430px */
+	.inlinelist .inlinelist-item > a {
+		display: inline-block;
+		white-space: nowrap;
+	}
+}
+
+.numberflag {
+	display: inline-flex;
+	align-items: center;
+	justify-content: center;
+	background-color: #dff7ff;
+	border-radius: 50%;
+	width: 1.75em;
+	height: 1.75em;
+	font-weight: 600;
+}
+@media (prefers-color-scheme: dark) {
+	.numberflag {
+		background-color: #00bcd4;
+		color: #222;
+	}
+}
+h1 .numberflag,
+h2 .numberflag,
+h3 .numberflag,
+h4 .numberflag,
+h5 .numberflag {
+	width: 1.25em;
+	height: 1.25em;
+}
+h2 .numberflag {
+	position: relative;
+	margin-right: 0.25em; /* 10px /40 */
+}
+h2 .numberflag:after {
+	content: " ";
+	position: absolute;
+	bottom: -1px;
+	left: 0;
+	height: 1px;
+	background-color: #fff;
+	width: calc(100% + 0.4em); /* 16px /40 */
+}
+@media (prefers-color-scheme: dark) {
+	h2 .numberflag:after {
+		background-color: #222;
+	}
+}
+
+/* Super featured list on home page */
+.list-superfeatured .avatar {
+	width: calc(30px + 5vw);
+	height: calc(30px + 5vw);
+	max-width: 60px;
+	max-height: 60px;
+	margin-left: 0;
+}
+@media (max-width: 26.8125em) { /* 429px */
+	.list-superfeatured .inlinelist-item > a {
+		white-space: nowrap;
+		overflow: hidden;
+		text-overflow: ellipsis;
+	}
+}
+@media (min-width: 26.875em) { /* 430px */
+	.list-superfeatured .inlinelist-item {
+		font-size: 110%;
+	}
+}
+
+/* Only top level */
+.inlinelist-no-nest ul,
+.inlinelist-no-nest ol {
+	display: none;
+}

docs/_includes/components/minilink.css

@@ -10,7 +10,20 @@
 	font-weight: 500;
 	margin: 0 0.4285714285714em 0.07142857142857em 0; /* 0 6px 1px 0 /14 */
 	line-height: 1.285714285714; /* 18px /14 */
-	font-family: system-ui, sans-serif;
+	font-family: system-ui, -apple-system, sans-serif;
+}
+@media (prefers-color-scheme: dark) {
+  .minilink {
+    background-color: #222;
+    /*
+      !important to override .elv-callout a
+      see _includes/components/callout.css
+     */
+    color: #fff !important;
+  }
+}
+table .minilink {
+	margin-top: 6px;
 }
 .minilink[href] {
 	box-shadow: 0 1px 1px 0 rgba(0,0,0,.5);
@@ -19,6 +32,12 @@
 .minilink[href]:focus {
 	background-color: #bbb;
 }
+@media (prefers-color-scheme: dark) {
+  .minilink[href]:hover,
+  .minilink[href]:focus {
+    background-color: #444;
+  }
+}
 pre + .minilink {
 	color: #fff;
 	border-radius: 0 0 0.2857142857143em 0.2857142857143em; /* 4px /14 */
@@ -35,6 +54,54 @@ p.minilink {
 	margin-left: 2em;
 	margin-bottom: 2em;
 }
+h1 .minilink,
+h2 .minilink,
+h3 .minilink,
+h4 .minilink {
+	font-size: 0.9375rem; /* 15px /16 */
+	vertical-align: middle;
+	margin-left: 1em;
+}
+h3 .minilink,
+h4 .minilink {
+	font-size: 0.8125rem; /* 13px /16 */
+}
 .minilink + pre[class*=language-] {
 	clear: both;
-}
+}
+
+.minilink-addedin {
+	text-transform: none;
+	box-shadow: 0 0 0 1px rgba(0,0,0,0.3);
+}
+@media (prefers-color-scheme: dark) {
+  .minilink-addedin {
+    box-shadow: 0 0 0 1px rgba(255,255,255,0.3);
+  }
+}
+.minilink-addedin:not(:first-child) {
+	margin-left: .5em;
+}
+.minilink-addedin.minilink-inline {
+	margin: 0 4px;
+	background-color: #fff;
+}
+
+.minilink-lower {
+	text-transform: none;
+	background-color: transparent;
+}
+.minilink-lower[href] {
+	box-shadow: 0 0 0 1px rgba(0,0,0,0.5);
+}
+.minilink-lower[href]:hover,
+.minilink-lower[href]:focus {
+	background-color: #eee;
+}
+
+.minilink > .minilink {
+	margin: -.125em .375em -.125em -.375em;
+	box-shadow: none;
+	border-top-right-radius: 0;
+	border-bottom-right-radius: 0;
+}

docs/_includes/components/suggestion-form.css

@@ -1,18 +0,0 @@
-#suggestion-form textarea {
-	font-family: sans-serif;
-	width: 100%;
-}
-
-#suggestion-form label {
-	font-weight: bold;
-}
-
-#suggestion-form input[type=email] {
-	font-size: 16px;
-	width: 100%;
-}
-
-#suggestion-form .form-error {
-        color: red;
-}
-

docs/_includes/components/suggestion-form.html

@@ -1,33 +0,0 @@
-<h2>Improve this documentation</h2>
-
-<p>Have an idea on how to make this documentation even better? Send your
-feedback below! (But if you need help installing or using borgmatic, please
-use our <a href="https://torsion.org/borgmatic/#issues">issue tracker</a>
-instead.)</p>
-
-<form id="suggestion-form">
-    <div><label for="suggestion">Suggestion</label></div>
-    <textarea id="suggestion" rows="8" cols="60" name="suggestion"></textarea>
-    <div data-sk-error="suggestion" class="form-error"></div>
-    <input id="_page" type="hidden" name="_page">
-    <input id="_subject" type="hidden" name="_subject" value="borgmatic documentation suggestion">
-    <br />
-    <label for="email">Email address</label>
-    <div><input id="email" type="email" name="email" placeholder="Only required if you want a response!"></div>
-    <div data-sk-error="email" class="form-error"></div>
-    <br />
-    <div><button type="submit">Send</button></div>
-    <br />
-</form>
-
-<script>
-    document.getElementById('_page').value = window.location.href;
-    window.sk=window.sk||function(){(sk.q=sk.q||[]).push(arguments)};
-  
-    sk('form', 'init', {
-        id: '1d536680ab96',
-        element: '#suggestion-form'
-    });
-</script>
-
-<script defer src="https://js.statickit.com/statickit.js"></script>

docs/_includes/components/suggestion-link.html

@@ -0,0 +1,5 @@
+<h2>Improve this documentation</h2>
+
+<p>Have an idea on how to make this documentation even better? Use our <a
+href="https://projects.torsion.org/borgmatic-collective/borgmatic/issues">issue tracker</a> to send your
+feedback!</p>

docs/_includes/components/toc.css

@@ -1,63 +1,111 @@
 .elv-toc {
 	font-size: 1rem; /* Reset */
 }
+.elv-toc details {
+	--details-force-closed: (max-width: 63.9375em); /* 1023px */
+}
+.elv-toc details > summary {
+	font-size: 1.375rem; /* 22px /16 */
+	margin-bottom: .5em;
+}
 @media (min-width: 64em) { /* 1024px */
 	.elv-toc {
 		position: absolute;
-		left: -17rem;
+		left: 3rem;
 		width: 16rem;
+		z-index: 1;
+	}
+	.elv-toc details > summary {
+		margin-top: 0;
+	}
+	.js .elv-toc details > summary {
+		display: none;
 	}
 }
 
-
 .elv-toc-list {
+	display: flex;
+	flex-wrap: wrap;
+	justify-content: space-between;
 	padding-left: 0;
 	padding-right: 0;
+	margin: 0 0 2.5em;
 	list-style: none;
 }
+.elv-toc-list li {
+	font-size: 0.9375em; /* 15px /16 */
+	line-height: 1.466666666667; /* 22px /15 */
+}
 /* Nested lists */
 .elv-toc-list ul {
-	padding: 0;
-	display: none;
-	margin-bottom: 1.5em;
+	padding: 0 0 .75em 0;
+	margin: 0;
 	list-style: none;
 }
-.elv-toc-list ul li {
-	padding-left: 0.875em; /* 14px /16 */
+
+/* Menus nested 2 or more deep */
+.elv-toc-list ul ul {
+	padding-bottom: 0;
+	padding-left: 0.625rem; /* 10px /16 */
 }
-@media (min-width: 64em) and (min-height: 48em) { /* 1024 x 768px */
-	.elv-toc-list ul {
-		display: block;
-	}
+/* Hide inactive menus 3 or more deep */
+.elv-toc-list ul ul > li:not(.elv-toc-active) > ul > li:not(.elv-toc-active) {
+	display: none;
 }
 
 /* List items */
+.elv-toc summary,
+.elv-toc-list a {
+	padding: .15em .25em;
+}
+.elv-toc-list a {
+	display: block;
+}
 .elv-toc-list a:not(:hover) {
 	text-decoration: none;
 }
 .elv-toc-list li {
-	padding-top: 0;
-	padding-bottom: 0;
-	margin: .1em 0 .5em;
+	margin: 0;
+	padding: 0;
+}
+.elv-toc-list > li {
+	flex-grow: 1;
+	flex-basis: 14.375rem; /* 230px /16 */
 }
 /* Top level links */
 .elv-toc-list > li > a {
-	font-weight: 400;
-	font-size: 1.0625em; /* 17px /16 */
 	color: #222;
+	font-weight: 600;
+	border-bottom: 1px solid #ddd;
+	margin-bottom: 0.25em; /* 4px /16 */
+}
+@media (prefers-color-scheme: dark) {
+  .elv-toc-list > li > a {
+    color: #fff;
+    border-color: #444;
+  }
 }
 
 /* Active links */
 .elv-toc-list li.elv-toc-active > a {
-	font-weight: 700;
-	text-decoration: underline;
+	background-color: #dff7ff;
 }
-.elv-toc-active > a:after {
-	content: " ⬅";
-	line-height: .5;
+@media (prefers-color-scheme: dark) {
+  .elv-toc-list li.elv-toc-active > a {
+    background-color: #353535;
+  }
 }
+.elv-toc-list ul .elv-toc-active > a:after {
+	content: "";
+}
+
 /* Show only active nested lists */
 .elv-toc-list ul.elv-toc-active,
 .elv-toc-list li.elv-toc-active > ul {
 	display: block;
-}
+}
+
+/* Footer catgory navigation */
+.elv-cat-list-active {
+	font-weight: 600;
+}

docs/_includes/index.css

@@ -181,7 +181,7 @@ pre {
 	padding: .5em;
 	margin: 1em -.5em 2em -.5em;
 	overflow-x: auto;
-	background-color: #eee;
+	background-color: #fafafa;
 	font-size: 0.75em; /* 12px /16 */
 }
 pre,
@@ -194,7 +194,7 @@ code {
 	-webkit-hyphens: manual;
 	-moz-hyphens: manual;
 	hyphens: manual;
-	background-color: #efefef;
+	background-color: #fafafa;
 }
 pre + pre[class*="language-"] {
 	margin-top: 1em;
@@ -234,6 +234,9 @@ pre + .note {
 	max-width: 42rem;
 	clear: both;
 }
+header.elv-layout {
+	padding: 0 1rem;
+}
 footer.elv-layout {
 	margin-bottom: 5em;
 }
@@ -242,7 +245,7 @@ footer.elv-layout {
 }
 @media (min-width: 64em) { /* 1024px */
 	.elv-layout-toc {
-		margin-left: 18rem;
+		padding-left: 15rem;
 		max-width: 60rem;
 		margin-right: 1rem;
 		position: relative;
@@ -254,14 +257,21 @@ footer.elv-layout {
 
 /* Header */
 .elv-header {
-	color: #222;
 	position: relative;
+        text-align: center;
 }
 .elv-header-default {
 	display: flex;
 	flex-direction: column;
 	justify-content: center;
 	align-items: center;
+	padding-top: 0;
+}
+.elv-header-c {
+	width: 100%;
+}
+.elv-header-docs .elv-header-c {
+	padding: 1rem 0;
 }
 .elv-header-docs:before,
 .elv-header-docs:after {
@@ -272,53 +282,89 @@ footer.elv-layout {
 	clear: both;
 }
 /* Header Hero */
-.elv-hero img {
-	max-width: 80vw;
-	max-height: 60vh;
+.elv-hero {
+	background-color: #222;
 }
+@media (prefers-color-scheme: dark) {
+	.elv-hero {
+		background-color: #292929;
+	}
+}
+.elv-hero img,
+.elv-hero svg {
+	width: 42.95774646vh;
+	height: 60vh;
+}
+.elv-hero:hover img,
+.elv-hero:hover svg {
+	background-color: inherit;
+}
+.elv-header-default .elv-hero {
+	display: flex;
+	justify-content: center;
+	width: calc(100% + 2rem);
+	margin-left: -1rem;
+	margin-right: -1rem;
+}
+.elv-hero:hover {
+	background-color: #333;
+}
+
 .elv-header-docs .elv-hero {
 	float: left;
-	margin-right: 1.5em;
+	margin-right: .5em;
 }
-.elv-header-docs .elv-hero img {
+.elv-header-default .elv-hero img,
+.elv-header-default .elv-hero svg {
+	position: relative;
+	background-color: transparent;
+	z-index: 1;
+}
+.elv-header-docs .elv-hero img,
+.elv-header-docs .elv-hero svg {
+	width: auto;
 	height: 3em;
 }
-@media (min-width: 37.5em) { /* 600px */
-	.elv-header-docs .elv-hero img {
+@media (min-width: 43.75em) { /* 700px */
+	.elv-header-docs .elv-hero {
+		margin-right: 1em;
+	}
+	.elv-header-docs .elv-hero img,
+	.elv-header-docs .elv-hero svg {
 		width: 4.303125em; /* 68.85px /16 */
 		height: 6em;
 	}
 }
 /* Header Possum */
+.elv-possum-anchor {
+	display: block;
+}
 .elv-possum {
-	display: none;
 	position: absolute;
-	right: 1em;
-	top: 1em;
-	width: 16vmin;
+	right: .5rem;
+	top: 1rem;
+	transition: .3s opacity ease-out;
 }
-@media (min-width: 31.25em) { /* 500px */
-	.elv-possum {
-		display: block;
-	}
+.elv-header-docs .elv-possum {
+	width: 15vw;
+	max-width: 6.25rem; /* 100px /16 */
 }
-
-/* Header Heading */
-.elv-hed {
-	font-size: 3em;
-	margin-top: 1.5em;
-	margin-bottom: .25em;
-	text-align: center;
-	text-transform: none;
+.elv-header-default {
+	overflow: hidden;
 }
-.elv-header-docs .elv-hed {
-	font-size: 2.3em;
-	margin: 0;
-	text-align: left;
+.elv-header-default .elv-possum {
+	pointer-events: none;
+	width: auto;
+	height: calc((60vh - 2rem) / 1.6);
+	top: 36%;
+	left: 1vw;
+	right: auto;
+	animation-duration: 180s;
+	animation-name: balloonFloat;
 }
-@media (min-width: 37.5em) { /* 600px */
-	.elv-header-docs .elv-hed {
-		font-size: 3em;
+@media (prefers-reduced-motion: reduce) {
+	.elv-header-default .elv-possum {
+		display: none;
 	}
 }
 

docs/_includes/layouts/base.njk

@@ -11,7 +11,6 @@
 {% include 'components/minilink.css' %}
 {% include 'components/toc.css' %}
 {% include 'components/info-blocks.css' %}
-{% include 'components/suggestion-form.css' %}
 {% include 'prism-theme.css' %}
 {% include 'asciinema.css' %}
 {% endset %}

docs/_includes/layouts/main.njk

@@ -6,9 +6,27 @@ headerClass: elv-header-default
 {% include "header.njk" %}
 
 <main class="elv-layout{% if layoutClass %} {{ layoutClass }}{% endif %}">
-    <article>
-        {{ content | safe }}
+    <div id="documentation" class="elv-toc">
+        <div>
+            {% set navPages = collections.all | eleventyNavigation %}
+            {% macro renderNavListItem(entry) -%}
+            <li{% if entry.url == page.url %} class="elv-toc-active"{% endif %}>
+              <a {% if entry.url %}href="https://torsion.org/borgmatic/docs{{ entry.url | url }}"{% endif %}>{{ entry.title }}</a>
+            {%- if entry.children.length -%}
+              <ul>
+                {%- for child in entry.children %}{{ renderNavListItem(child) }}{% endfor -%}
+              </ul>
+            {%- endif -%}
+            </li>
+            {%- endmacro %}
 
-        {% include 'components/suggestion-form.html' %}
-    </article>
+            <ul class="elv-toc-list">
+            {%- for entry in navPages %}{{ renderNavListItem(entry) }}{%- endfor -%}
+            </ul>
+        </div>
+    </div>
+
+    {{ content | safe }}
+
+    {% include 'components/suggestion-link.html' %}
 </main>

docs/_includes/prism-theme.css

@@ -3,9 +3,12 @@
  * Based on dabblet (http://dabblet.com)
  * @author Lea Verou
  */
+/*
+ * Modified with an approximation of the One Light syntax highlighting theme.
+ */
 code[class*="language-"],
 pre[class*="language-"] {
-  color: #ABB2BF;
+  color: #494b53;
   background: none;
   font-family: Consolas, Monaco, 'Andale Mono', 'Ubuntu Mono', monospace;
   text-align: left;
@@ -26,13 +29,15 @@ pre[class*="language-"] {
 pre[class*="language-"]::-moz-selection, pre[class*="language-"] ::-moz-selection,
 code[class*="language-"]::-moz-selection, code[class*="language-"] ::-moz-selection {
   text-shadow: none;
-  background: #383e49;
+  color: #232324;
+  background: #dbdbdc;
 }
 
 pre[class*="language-"]::selection, pre[class*="language-"] ::selection,
 code[class*="language-"]::selection, code[class*="language-"] ::selection {
   text-shadow: none;
-  background: #9aa2b1;
+  color: #232324;
+  background: #dbdbdc;
 }
 
 @media print {
@@ -50,7 +55,7 @@ pre[class*="language-"] {
 
 :not(pre) > code[class*="language-"],
 pre[class*="language-"] {
-  background: #282c34;
+  background: #fafafa;
 }
 
 /* Inline code */
@@ -64,16 +69,16 @@ pre[class*="language-"] {
 .token.prolog,
 .token.doctype,
 .token.cdata {
-  color: #5C6370;
+  color: #505157;
 }
 
 .token.punctuation {
-  color: #abb2bf;
+  color: #526fff;
 }
 
 .token.selector,
 .token.tag {
-  color: #e06c75;
+  color: none;
 }
 
 .token.property,
@@ -83,7 +88,7 @@ pre[class*="language-"] {
 .token.symbol,
 .token.attr-name,
 .token.deleted {
-  color: #d19a66;
+  color: #986801;
 }
 
 .token.string,
@@ -91,7 +96,7 @@ pre[class*="language-"] {
 .token.attr-value,
 .token.builtin,
 .token.inserted {
-  color: #98c379;
+  color: #50a14f;
 }
 
 .token.operator,
@@ -99,22 +104,22 @@ pre[class*="language-"] {
 .token.url,
 .language-css .token.string,
 .style .token.string {
-  color: #56b6c2;
+  color: #526fff;
 }
 
 .token.atrule,
 .token.keyword {
-  color: #e06c75;
+  color: #e45649;
 }
 
 .token.function {
-  color: #61afef;
+  color: #4078f2;
 }
 
 .token.regex,
 .token.important,
 .token.variable {
-  color: #c678dd;
+  color: #e45649;
 }
 
 .token.important,

docs/how-to/add-preparation-and-cleanup-steps-to-backups.md

@@ -1,13 +1,18 @@
 ---
 title: How to add preparation and cleanup steps to backups
+eleventyNavigation:
+  key: 🧹 Add preparation and cleanup steps
+  parent: How-to guides
+  order: 8
 ---
 ## Preparation and cleanup hooks
 
-If you find yourself performing prepraration tasks before your backup runs, or
+If you find yourself performing preparation tasks before your backup runs, or
 cleanup work afterwards, borgmatic hooks may be of interest. Hooks are shell
-commands that borgmatic executes for you at various points, and they're
-configured in the `hooks` section of your configuration file. But if you're
-looking to backup a database, it's probably easier to use the [database backup
+commands that borgmatic executes for you at various points as it runs, and
+they're configured in the `hooks` section of your configuration file. But if
+you're looking to backup a database, it's probably easier to use the [database
+backup
 feature](https://torsion.org/borgmatic/docs/how-to/backup-your-databases/)
 instead.
 
@@ -23,11 +28,40 @@ hooks:
         - umount /some/filesystem
 ```
 
-The `before_backup` and `after_backup` hooks each run once per configuration
-file. `before_backup` hooks run prior to backups of all repositories in a
-configuration file, right before the `create` action. `after_backup` hooks run
-afterwards, but not if an error occurs in a previous hook or in the backups
-themselves.
+The `before_backup` and `after_backup` hooks each run once per repository in a
+configuration file. `before_backup` hooks runs right before the `create`
+action for a particular repository, and `after_backup` hooks run afterwards,
+but not if an error occurs in a previous hook or in the backups themselves.
+(Prior to borgmatic 1.6.0, these hooks instead ran once per configuration file
+rather than once per repository.)
+
+There are additional hooks that run before/after other actions as well. For
+instance, `before_prune` runs before a `prune` action for a repository, while
+`after_prune` runs after it.
+
+## Variable interpolation
+
+The before and after action hooks support interpolating particular runtime
+variables into the hook command. Here's an example that assumes you provide a
+separate shell script:
+
+```yaml
+hooks:
+    after_prune:
+        - record-prune.sh "{configuration_filename}" "{repository}"
+```
+
+In this example, when the hook is triggered, borgmatic interpolates runtime
+values into the hook command: the borgmatic configuration filename and the
+paths of the current Borg repository. Here's the full set of supported
+variables you can use here:
+
+ * `configuration_filename`: borgmatic configuration filename in which the
+   hook was defined
+ * `repository`: path of the current repository as configured in the current
+   borgmatic configuration file
+
+## Global hooks
 
 You can also use `before_everything` and `after_everything` hooks to perform
 global setup or cleanup:
@@ -50,6 +84,8 @@ but only if there is a `create` action. It runs even if an error occurs during
 a backup or a backup hook, but not if an error occurs during a
 `before_everything` hook.
 
+## Error hooks
+
 borgmatic also runs `on_error` hooks if an error occurs, either when creating
 a backup or running a backup hook. See the [monitoring and alerting
 documentation](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/)
@@ -69,11 +105,3 @@ with the user permissions of borgmatic itself. So to prevent potential shell
 injection or privilege escalation, do not forget to set secure permissions
 on borgmatic configuration files (`chmod 0600`) and scripts (`chmod 0700`)
 invoked by hooks.
-
-
-## Related documentation
-
- * [Set up backups with borgmatic](https://torsion.org/borgmatic/docs/how-to/set-up-backups/)
- * [Backup your databases](https://torsion.org/borgmatic/docs/how-to/backup-your-databases/)
- * [Inspect your backups](https://torsion.org/borgmatic/docs/how-to/inspect-your-backups/)
- * [Monitor your backups](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/)

docs/how-to/backup-to-a-removable-drive-or-an-intermittent-server.md

@@ -0,0 +1,120 @@
+---
+title: How to backup to a removable drive or an intermittent server
+eleventyNavigation:
+  key: 💾 Backup to a removable drive/server
+  parent: How-to guides
+  order: 9
+---
+## Occasional backups
+
+A common situation is backing up to a repository that's only sometimes online.
+For instance, you might send most of your backups to the cloud, but
+occasionally you want to plug in an external hard drive or backup to your
+buddy's sometimes-online server for that extra level of redundancy.
+
+But if you run borgmatic and your hard drive isn't plugged in, or your buddy's
+server is offline, then you'll get an annoying error message and the overall
+borgmatic run will fail (even if individual repositories still complete).
+
+Another variant is when the source machine is only sometimes available for
+backups, e.g. a laptop where you want to skip backups when the battery falls
+below a certain level.
+
+So what if you want borgmatic to swallow the error of a missing drive
+or an offline server or a low battery—and exit gracefully? That's where the
+concept of "soft failure" come in.
+
+
+## Soft failure command hooks
+
+This feature leverages [borgmatic command
+hooks](https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/),
+so first familiarize yourself with them. The idea is that you write a simple
+test in the form of a borgmatic hook to see if backups should proceed or not.
+
+The way the test works is that if any of your hook commands return a special
+exit status of 75, that indicates to borgmatic that it's a temporary failure,
+and borgmatic should skip all subsequent actions for that configuration file.
+If you return any other status, then it's a standard success or error. (Zero is
+success; anything else other than 75 is an error).
+
+So for instance, if you have an external drive that's only sometimes mounted,
+declare its repository in its own [separate configuration
+file](https://torsion.org/borgmatic/docs/how-to/make-per-application-backups/),
+say at `/etc/borgmatic.d/removable.yaml`:
+
+```yaml
+location:
+    source_directories:
+        - /home
+
+    repositories:
+        - /mnt/removable/backup.borg
+```
+
+Then, write a `before_backup` hook in that same configuration file that uses
+the external `findmnt` utility to see whether the drive is mounted before
+proceeding.
+
+```yaml
+hooks:
+    before_backup:
+      - findmnt /mnt/removable > /dev/null || exit 75
+```
+
+What this does is check if the `findmnt` command errors when probing for a
+particular mount point. If it does error, then it returns exit code 75 to
+borgmatic. borgmatic logs the soft failure, skips all further actions in that
+configurable file, and proceeds onward to any other borgmatic configuration
+files you may have.
+
+You can imagine a similar check for the sometimes-online server case:
+
+```yaml
+location:
+    source_directories:
+        - /home
+
+    repositories:
+        - me@buddys-server.org:backup.borg
+
+hooks:
+    before_backup:
+      - ping -q -c 1 buddys-server.org > /dev/null || exit 75
+```
+
+Or to only run backups if the battery level is high enough:
+
+```yaml
+hooks:
+    before_backup:
+      - is_battery_percent_at_least.sh 25
+```
+
+(Writing the battery script is left as an exercise to the reader.)
+
+
+## Caveats and details
+
+There are some caveats you should be aware of with this feature.
+
+ * You'll generally want to put a soft failure command in the `before_backup`
+   hook, so as to gate whether the backup action occurs. While a soft failure is
+   also supported in the `after_backup` hook, returning a soft failure there
+   won't prevent any actions from occuring, because they've already occurred!
+   Similiarly, you can return a soft failure from an `on_error` hook, but at
+   that point it's too late to prevent the error.
+ * Returning a soft failure does prevent further commands in the same hook from
+   executing. So, like a standard error, it is an "early out". Unlike a standard
+   error, borgmatic does not display it in angry red text or consider it a
+   failure.
+ * The soft failure only applies to the scope of a single borgmatic
+   configuration file. So put anything that you don't want soft-failed, like
+   always-online cloud backups, in separate configuration files from your
+   soft-failing repositories.
+ * The soft failure doesn't have to apply to a repository. You can even perform
+   a test to make sure that individual source directories are mounted and
+   available. Use your imagination!
+ * The soft failure feature also works for before/after hooks for other
+   actions as well. But it is not implemented for `before_everything` or
+   `after_everything`.

docs/how-to/backup-your-databases.md

@@ -1,5 +1,9 @@
 ---
 title: How to backup your databases
+eleventyNavigation:
+  key: 🗄️ Backup your databases
+  parent: How-to guides
+  order: 7
 ---
 ## Database dump hooks
 
@@ -11,7 +15,8 @@ consistent snapshot that is more suited for backups.
 
 Fortunately, borgmatic includes built-in support for creating database dumps
 prior to running backups. For example, here is everything you need to dump and
-backup a couple of local PostgreSQL databases and a MySQL/MariaDB database:
+backup a couple of local PostgreSQL databases, a MySQL/MariaDB database, and a
+MongoDB database:
 
 ```yaml
 hooks:
@@ -20,11 +25,25 @@ hooks:
         - name: orders
     mysql_databases:
         - name: posts
+    mongodb_databases:
+        - name: messages
 ```
 
-Prior to each backup, borgmatic dumps each configured database to a file
-(located in `~/.borgmatic/`) and includes it in the backup. After the backup
-completes, borgmatic removes the database dump files to recover disk space.
+As part of each backup, borgmatic streams a database dump for each configured
+database directly to Borg, so it's included in the backup without consuming
+additional disk space. (The exceptions are the PostgreSQL/MongoDB "directory"
+dump formats, which can't stream and therefore do consume temporary disk
+space. Additionally, prior to borgmatic 1.5.3, all database dumps consumed
+temporary disk space.)
+
+To support this, borgmatic creates temporary named pipes in `~/.borgmatic` by
+default. To customize this path, set the `borgmatic_source_directory` option
+in the `location` section of borgmatic's configuration.
+
+Also note that using a database hook implicitly enables both the
+`read_special` and `one_file_system` configuration settings (even if they're
+disabled in your configuration) to support this dump and restore streaming.
+See Limitations below for more on this.
 
 Here's a more involved example that connects to remote databases:
 
@@ -45,6 +64,14 @@ hooks:
           username: root
           password: trustsome1
           options: "--skip-comments"
+    mongodb_databases:
+        - name: messages
+          hostname: database3.example.org
+          port: 27018
+          username: dbuser
+          password: trustsome1
+          authentication_database: mongousers
+          options: "--ssl"
 ```
 
 If you want to dump all databases on a host, use `all` for the database name:
@@ -55,11 +82,24 @@ hooks:
         - name: all
     mysql_databases:
         - name: all
+    mongodb_databases:
+        - name: all
 ```
 
 Note that you may need to use a `username` of the `postgres` superuser for
 this to work with PostgreSQL.
 
+If you would like to backup databases only and not source directories, you can
+specify an empty `source_directories` value (as it is a mandatory field):
+
+```yaml
+location:
+    source_directories: []
+hooks:
+    mysql_databases:
+        - name: all
+```
+
 
 ### Configuration backups
 
@@ -72,7 +112,7 @@ bring back any missing configuration files in order to restore a database.
 
 ## Supported databases
 
-As of now, borgmatic supports PostgreSQL and MySQL/MariaDB databases
+As of now, borgmatic supports PostgreSQL, MySQL/MariaDB, and MongoDB databases
 directly. But see below about general-purpose preparation and cleanup hooks as
 a work-around with other database systems. Also, please [file a
 ticket](https://torsion.org/borgmatic/#issues) for additional database systems
@@ -108,6 +148,12 @@ borgmatic restore --archive host-2019-01-02T04:06:07.080910
 
 (No borgmatic `restore` action? Upgrade borgmatic!)
 
+With newer versions of borgmatic, you can simplify this to:
+
+```bash
+borgmatic restore --archive latest
+```
+
 The `--archive` value is the name of the archive to restore from. This
 restores all databases dumps that borgmatic originally backed up to that
 archive.
@@ -152,15 +198,28 @@ borgmatic's own configuration file. So include your configuration file in
 backups to avoid getting caught without a way to restore a database.
 3. borgmatic does not currently support backing up or restoring multiple
 databases that share the exact same name on different hosts.
+4. Because database hooks implicitly enable the `read_special` configuration
+setting to support dump and restore streaming, you'll need to ensure that any
+special files are excluded from backups (named pipes, block devices,
+character devices, and sockets) to prevent hanging. Try a command like
+`find /your/source/path -type c,b,p,s` to find such files. Common directories
+to exclude are `/dev` and `/run`, but that may not be exhaustive.
 
 
 ### Manual restoration
 
 If you prefer to restore a database without the help of borgmatic, first
 [extract](https://torsion.org/borgmatic/docs/how-to/extract-a-backup/) an
-archive containing a database dump, and then manually restore the dump file
-found within the extracted `~/.borgmatic/` path (e.g. with `pg_restore` or
-`mysql` commands).
+archive containing a database dump.
+
+borgmatic extracts the dump file into the *`username`*`/.borgmatic/` directory
+within the extraction destination path, where *`username`* is the user that
+created the backup. For example, if you created the backup with the `root`
+user and you're extracting to `/tmp`, then the dump will be in
+`/tmp/root/.borgmatic`.
+
+After extraction, you can manually restore the dump file using native database
+commands like `pg_restore`, `mysql`, `mongorestore` or similar.
 
 
 ## Preparation and cleanup hooks
@@ -190,10 +249,13 @@ hooks:
           options: "--single-transaction --quick"
 ```
 
+### borgmatic hangs during backup
 
-## Related documentation
+See Limitations above about `read_special`. You may need to exclude certain
+paths with named pipes, block devices, character devices, or sockets on which
+borgmatic is hanging.
 
- * [Set up backups with borgmatic](https://torsion.org/borgmatic/docs/how-to/set-up-backups/)
- * [Add preparation and cleanup steps to backups](https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/)
- * [Inspect your backups](https://torsion.org/borgmatic/docs/how-to/inspect-your-backups/)
- * [Extract a backup](https://torsion.org/borgmatic/docs/how-to/extract-a-backup/)
+Alternatively, if excluding special files is too onerous, you can create two
+separate borgmatic configuration files—one for your source files and a
+separate one for backing up databases. That way, the database `read_special`
+option will not be active when backing up special files.

docs/how-to/deal-with-very-large-backups.md

@@ -1,23 +1,28 @@
 ---
 title: How to deal with very large backups
+eleventyNavigation:
+  key: 📏 Deal with very large backups
+  parent: How-to guides
+  order: 3
 ---
 ## Biggish data
 
 Borg itself is great for efficiently de-duplicating data across successive
 backup archives, even when dealing with very large repositories. But you may
-find that while borgmatic's default mode of "prune, create, and check" works
-well on small repositories, it's not so great on larger ones. That's because
-running the default consistency checks takes a long time on large
-repositories.
+find that while borgmatic's default mode of `prune`, `compact`, `create`, and
+`check` works well on small repositories, it's not so great on larger ones.
+That's because running the default pruning, compact, and consistency checks
+take a long time on large repositories.
 
 ### A la carte actions
 
 If you find yourself in this situation, you have some options. First, you can
-run borgmatic's pruning, creating, or checking actions separately. For
-instance, the the following optional actions are available:
+run borgmatic's `prune`, `compact`, `create`, or `check` actions separately.
+For instance, the following optional actions are available:
 
 ```bash
 borgmatic prune
+borgmatic compact
 borgmatic create
 borgmatic check
 ```
@@ -27,15 +32,24 @@ borgmatic check
 
 You can run with only one of these actions provided, or you can mix and match
 any number of them in a single borgmatic run. This supports approaches like
-making backups with `create` on a frequent schedule, while only running
-expensive consistency checks with `check` on a much less frequent basis from
-a separate cron job.
+skipping certain actions while running others. For instance, this skips
+`prune` and `compact` and only runs `create` and `check`:
+
+```bash
+borgmatic create check
+```
+
+Or, you can make backups with `create` on a frequent schedule (e.g. with
+`borgmatic create` called from one cron job), while only running expensive
+consistency checks with `check` on a much less frequent basis (e.g. with
+`borgmatic check` called from a separate cron job).
+
 
 ### Consistency check configuration
 
 Another option is to customize your consistency checks. The default
 consistency checks run both full-repository checks and per-archive checks
-within each repository.
+within each repository no more than once a month.
 
 But if you find that archive checks are too slow, for example, you can
 configure borgmatic to run repository checks only. Configure this in the
@@ -44,9 +58,50 @@ configure borgmatic to run repository checks only. Configure this in the
 ```yaml
 consistency:
     checks:
-        - repository
+        - name: repository
 ```
 
+(Prior to borgmatic 1.6.2, `checks` was a plain list of strings without the `name:` part.)
+
+Here are the available checks from fastest to slowest:
+
+ * `repository`: Checks the consistency of the repository itself.
+ * `archives`: Checks all of the archives in the repository.
+ * `extract`: Performs an extraction dry-run of the most recent archive.
+ * `data`: Verifies the data integrity of all archives contents, decrypting and decompressing all data (implies `archives` as well).
+
+See [Borg's check documentation](https://borgbackup.readthedocs.io/en/stable/usage/check.html) for more information.
+
+### Check frequency
+
+As of borgmatic 1.6.2, you can optionally configure checks to run on a
+periodic basis rather than every time borgmatic runs checks. For instance:
+
+```yaml
+consistency:
+    checks:
+        - name: repository
+          frequency: 2 weeks
+```
+
+This tells borgmatic to run this consistency check at most once every two
+weeks for a given repository. The `frequency` value is a number followed by a
+unit of time, e.g. "3 days", "1 week", "2 months", etc. The `frequency`
+defaults to "always", which means run this check every time checks run.
+
+Unlike a real scheduler like cron, borgmatic only makes a best effort to run
+checks on the configured frequency. It compares that frequency with how long
+it's been since the last check for a given repository (as recorded in a file
+within `~/.borgmatic/checks`). If it hasn't been long enough, the check is
+skipped. And you still have to run `borgmatic check` (or just `borgmatic`) in
+order for checks to run, even when a `frequency` is configured!
+
+If you want to temporarily ignore your configured frequencies, you can invoke
+`borgmatic check --force` to run checks unconditionally.
+
+
+### Disabling checks
+
 If that's still too slow, you can disable consistency checks entirely,
 either for a single repository or for all repositories.
 
@@ -55,7 +110,7 @@ Disabling all consistency checks looks like this:
 ```yaml
 consistency:
     checks:
-        - disabled
+        - name: disabled
 ```
 
 Or, if you have multiple repositories in your borgmatic configuration file,
@@ -76,7 +131,8 @@ borgmatic check --only data --only extract
 ```
 
 This is useful for running slow consistency checks on an infrequent basis,
-separate from your regular checks.
+separate from your regular checks. It is still subject to any configured
+check frequencies unless the `--force` flag is used.
 
 
 ## Troubleshooting
@@ -102,8 +158,3 @@ the following to the `~/.ssh/config` file on the client:
 
 This should make the client keep the connection alive while validating
 backups.
-
-
-## Related documentation
-
- * [Set up backups with borgmatic](https://torsion.org/borgmatic/docs/how-to/set-up-backups/)

docs/how-to/develop-on-borgmatic.md

@@ -1,22 +1,26 @@
 ---
 title: How to develop on borgmatic
+eleventyNavigation:
+  key: 🏗️ Develop on borgmatic
+  parent: How-to guides
+  order: 12
 ---
 ## Source code
 
 To get set up to hack on borgmatic, first clone master via HTTPS or SSH:
 
 ```bash
-git clone https://projects.torsion.org/witten/borgmatic.git
+git clone https://projects.torsion.org/borgmatic-collective/borgmatic.git
 ```
 
 Or:
 
 ```bash
-git clone ssh://git@projects.torsion.org:3022/witten/borgmatic.git
+git clone ssh://git@projects.torsion.org:3022/borgmatic-collective/borgmatic.git
 ```
 
 Then, install borgmatic
-"[editable](https://pip.pypa.io/en/stable/reference/pip_install/#editable-installs)"
+"[editable](https://pip.pypa.io/en/stable/cli/pip_install/#editable-installs)"
 so that you can run borgmatic commands while you're hacking on them to
 make sure your changes work.
 
@@ -62,8 +66,6 @@ following:
 tox -e black
 ```
 
-Note that Black requires at minimum Python 3.6.
-
 And if you get a complaint from the
 [isort](https://github.com/timothycrosley/isort) Python import orderer, you
 can ask isort to order your imports for you:
@@ -75,14 +77,22 @@ tox -e isort
 ### End-to-end tests
 
 borgmatic additionally includes some end-to-end tests that integration test
-with Borg for a few representative scenarios. These tests don't run by default
-because they're relatively slow and depend on Borg. If you would like to run
-them:
+with Borg and supported databases for a few representative scenarios. These
+tests don't run by default when running `tox`, because they're relatively slow
+and depend on Docker containers for runtime dependencies. These tests tests do
+run on the continuous integration (CI) server, and running them on your
+developer machine is the closest thing to CI test parity.
+
+If you would like to run the full test suite, first install Docker and [Docker
+Compose](https://docs.docker.com/compose/install/). Then run:
 
 ```bash
-tox -e end-to-end
+scripts/run-full-dev-tests
 ```
 
+Note that this scripts assumes you have permission to run Docker. If you
+don't, then you may need to run with `sudo`.
+
 ## Code style
 
 Start with [PEP 8](https://www.python.org/dev/peps/pep-0008/). But then, apply
@@ -106,7 +116,7 @@ See the Black, Flake8, and isort documentation for more information.
 
 Each pull request triggers a continuous integration build which runs the test
 suite. You can view these builds on
-[build.torsion.org](https://build.torsion.org/witten/borgmatic), and they're
+[build.torsion.org](https://build.torsion.org/borgmatic-collective/borgmatic), and they're
 also linked from the commits list on each pull request.
 
 ## Documentation development
@@ -131,7 +141,3 @@ http://localhost:8080 to view the documentation with your changes.
 To close the documentation server, ctrl-C the script. Note that it does not
 currently auto-reload, so you'll need to stop it and re-run it for any
 additional documentation changes to take effect.
-
-## Related documentation
-
- * [Inspect your backups](https://torsion.org/borgmatic/docs/how-to/inspect-your-backups/)

docs/how-to/extract-a-backup.md

@@ -1,5 +1,9 @@
 ---
 title: How to extract a backup
+eleventyNavigation:
+  key: 📤 Extract a backup
+  parent: How-to guides
+  order: 6
 ---
 ## Extract
 
@@ -31,6 +35,12 @@ borgmatic extract --archive host-2019-01-02T04:06:07.080910
 (No borgmatic `extract` action? Try the old-style `--extract`, or upgrade
 borgmatic!)
 
+With newer versions of borgmatic, you can simplify this to:
+
+```bash
+borgmatic extract --archive latest
+```
+
 The `--archive` value is the name of the archive to extract. This extracts the
 entire contents of the archive to the current directory, so make sure you're
 in the right place before running the command.
@@ -106,6 +116,12 @@ Omit the `--archive` flag to mount all archives (lazy-loaded):
 borgmatic mount --mount-point /mnt
 ```
 
+Or use the "latest" value for the archive to mount the latest archive:
+
+```bash
+borgmatic mount --archive latest --mount-point /mnt
+```
+
 If you'd like to restrict the mounted filesystem to only particular paths from
 your archive, use the `--path` flag, similar to the `extract` action above.
 For instance:
@@ -120,11 +136,3 @@ When you're all done exploring your files, unmount your mount point. No
 ```bash
 borgmatic umount --mount-point /mnt
 ```
-
-
-## Related documentation
-
- * [Set up backups with borgmatic](https://torsion.org/borgmatic/docs/how-to/set-up-backups/)
- * [Inspect your backups](https://torsion.org/borgmatic/docs/how-to/inspect-your-backups/)
- * [Monitor your backups](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/)
- * [Backup your databases](https://torsion.org/borgmatic/docs/how-to/backup-your-databases/)

docs/how-to/index.md

@@ -0,0 +1,5 @@
+---
+eleventyNavigation:
+  key: How-to guides
+permalink: false
+---

docs/how-to/inspect-your-backups.md

@@ -1,5 +1,9 @@
 ---
 title: How to inspect your backups
+eleventyNavigation:
+  key: 🔎 Inspect your backups
+  parent: How-to guides
+  order: 4
 ---
 ## Backup progress
 
@@ -47,6 +51,31 @@ borgmatic info
 `--info`. Or upgrade borgmatic!)
 
 
+### Searching for a file
+
+Let's say you've accidentally deleted a file and want to find the backup
+archive(s) containing it. `borgmatic list` provides a `--find` flag for
+exactly this purpose (as of borgmatic 1.6.3). For instance, if you're looking
+for a `foo.txt`:
+
+```bash
+borgmatic list --find foo.txt
+```
+
+This will list your archives and indicate those with files matching
+`*foo.txt*` anywhere in the archive. The `--find` parameter can alternatively
+be a [Borg
+pattern](https://borgbackup.readthedocs.io/en/stable/usage/help.html#borg-patterns).
+
+To limit the archives searched, use the standard `list` parameters for
+filtering archives such as `--last`, `--archive`, `--glob-archives`, etc. For
+example, to search only the last five archives:
+
+```bash
+borgmatic list --find foo.txt --last 5
+```
+
+
 ## Logging
 
 By default, borgmatic logs to a local syslog-compatible daemon if one is
@@ -95,13 +124,6 @@ borgmatic --log-file /path/to/file.log
 ```
 
 Note that if you use the `--log-file` flag, you are responsible for rotating
-the log file so it doesn't grow too large. Also, there is a
+the log file so it doesn't grow too large, for example with
+[logrotate](https://wiki.archlinux.org/index.php/Logrotate). Also, there is a
 `--log-file-verbosity` flag to customize the log file's log level.
-
-
-## Related documentation
-
- * [Set up backups with borgmatic](https://torsion.org/borgmatic/docs/how-to/set-up-backups/)
- * [Monitor your backups](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/)
- * [Add preparation and cleanup steps to backups](https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/)
- * [Develop on borgmatic](https://torsion.org/borgmatic/docs/how-to/develop-on-borgmatic/)

docs/how-to/make-backups-redundant.md

@@ -0,0 +1,44 @@
+---
+title: How to make backups redundant
+eleventyNavigation:
+  key: ☁️  Make backups redundant
+  parent: How-to guides
+  order: 2
+---
+## Multiple repositories
+
+If you really care about your data, you probably want more than one backup of
+it. borgmatic supports this in its configuration by specifying multiple backup
+repositories. Here's an example:
+
+```yaml
+location:
+    # List of source directories to backup.
+    source_directories:
+        - /home
+        - /etc
+
+    # Paths of local or remote repositories to backup to.
+    repositories:
+        - 1234@usw-s001.rsync.net:backups.borg
+        - k8pDxu32@k8pDxu32.repo.borgbase.com:repo
+        - /var/lib/backups/local.borg
+```
+
+When you run borgmatic with this configuration, it invokes Borg once for each
+configured repository in sequence. (So, not in parallel.) That means—in each
+repository—borgmatic creates a single new backup archive containing all of
+your source directories.
+
+Here's a way of visualizing what borgmatic does with the above configuration:
+
+1. Backup `/home` and `/etc` to `1234@usw-s001.rsync.net:backups.borg`
+2. Backup `/home` and `/etc` to `k8pDxu32@k8pDxu32.repo.borgbase.com:repo`
+3. Backup `/home` and `/etc` to `/var/lib/backups/local.borg`
+
+This gives you redundancy of your data across repositories and even
+potentially across providers.
+
+See [Borg repository URLs
+documentation](https://borgbackup.readthedocs.io/en/stable/usage/general.html#repository-urls)
+for more information on how to specify local and remote repository paths.

docs/how-to/make-per-application-backups.md

@@ -1,5 +1,9 @@
 ---
 title: How to make per-application backups
+eleventyNavigation:
+  key: 🔀 Make per-application backups
+  parent: How-to guides
+  order: 1
 ---
 ## Multiple backup configurations
 
@@ -22,10 +26,22 @@ When you set up multiple configuration files like this, borgmatic will run
 each one in turn from a single borgmatic invocation. This includes, by
 default, the traditional `/etc/borgmatic/config.yaml` as well.
 
-And if you need even more customizability, you can specify alternate
-configuration paths on the command-line with borgmatic's `--config` option.
-See `borgmatic --help` for more information.
+Each configuration file is interpreted independently, as if you ran borgmatic
+for each configuration file one at a time. In other words, borgmatic does not
+perform any merging of configuration files by default. If you'd like borgmatic
+to merge your configuration files, see below about configuration includes.
 
+Additionally, the `~/.config/borgmatic.d/` directory works the same way as
+`/etc/borgmatic.d`.
+
+If you need even more customizability, you can specify alternate configuration
+paths on the command-line with borgmatic's `--config` flag. (See `borgmatic
+--help` for more information.) For instance, if you want to schedule your
+various borgmatic backups to run at different times, you'll need multiple
+entries in your [scheduling software of
+choice](https://torsion.org/borgmatic/docs/how-to/set-up-backups/#autopilot),
+each entry using borgmatic's `--config` flag instead of relying on
+`/etc/borgmatic.d`.
 
 ## Configuration includes
 
@@ -59,6 +75,10 @@ themselves and complaining that they are not valid configuration files, you
 should put them in a directory other than `/etc/borgmatic.d/`. (A subdirectory
 is fine.)
 
+When a configuration include is a relative path, borgmatic loads it from either
+the current working directory or from the directory containing the file doing
+the including.
+
 Note that this form of include must be a YAML value rather than a key. For
 example, this will not work:
 
@@ -70,7 +90,7 @@ location:
 !include /etc/borgmatic/common_retention.yaml
 ```
 
-But if you do want to merge in a YAML key and its values, keep reading!
+But if you do want to merge in a YAML key *and* its values, keep reading!
 
 
 ## Include merging
@@ -79,37 +99,107 @@ If you need to get even fancier and pull in common configuration options while
 potentially overriding individual options, you can perform a YAML merge of
 included configuration using the YAML `<<` key. For instance, here's an
 example of a main configuration file that pulls in two retention options via
-an include, and then overrides one of them locally:
+an include and then overrides one of them locally:
 
 ```yaml
+<<: !include /etc/borgmatic/common.yaml
+
 location:
    ...
 
 retention:
     keep_daily: 5
-    <<: !include /etc/borgmatic/common_retention.yaml
 ```
 
-This is what `common_retention.yaml` might look like:
+This is what `common.yaml` might look like:
 
 ```yaml
-keep_hourly: 24
-keep_daily: 7
+retention:
+    keep_hourly: 24
+    keep_daily: 7
 ```
 
 Once this include gets merged in, the resulting configuration would have a
 `keep_hourly` value of `24` and an overridden `keep_daily` value of `5`.
 
-When there is a collision of an option between the local file and the merged
-include, the local file's option takes precedent. And note that this is a
-shallow merge rather than a deep merge, so the merging does not descend into
-nested values.
+When there's an option collision between the local file and the merged
+include, the local file's option takes precedence. And as of borgmatic 1.6.0,
+this feature performs a deep merge, meaning that values are merged at all
+levels in the two configuration files. Colliding list values are appended
+together. This allows you to include common configuration—up to full borgmatic
+configuration files—while overriding only the parts you want to customize.
 
 Note that this `<<` include merging syntax is only for merging in mappings
-(keys/values). If you'd like to include other types like scalars or lists
-directly, please see the section above about standard includes.
+(configuration options and their values). But if you'd like to include a
+single value directly, please see the section above about standard includes.
+
+Additionally, there is a limitation preventing multiple `<<` include merges
+per section. So for instance, that means you can do one `<<` merge at the
+global level, another `<<` within each configuration section, etc. (This is a
+YAML limitation.)
 
 
-## Related documentation
+## Configuration overrides
 
- * [Set up backups with borgmatic](https://torsion.org/borgmatic/docs/how-to/set-up-backups/)
+In more complex multi-application setups, you may want to override particular
+borgmatic configuration file options at the time you run borgmatic. For
+instance, you could reuse a common configuration file for multiple
+applications, but then set the repository for each application at runtime. Or
+you might want to try a variant of an option for testing purposes without
+actually touching your configuration file.
+
+Whatever the reason, you can override borgmatic configuration options at the
+command-line via the `--override` flag. Here's an example:
+
+```bash
+borgmatic create --override location.remote_path=/usr/local/bin/borg1
+```
+
+What this does is load your configuration files, and for each one, disregard
+the configured value for the `remote_path` option in the `location` section,
+and use the value of `/usr/local/bin/borg1` instead.
+
+You can even override multiple values at once. For instance:
+
+```bash
+borgmatic create --override section.option1=value1 section.option2=value2
+```
+
+This will accomplish the same thing:
+
+```bash
+borgmatic create --override section.option1=value1 --override section.option2=value2
+```
+
+Note that each value is parsed as an actual YAML string, so you can even set
+list values by using brackets. For instance:
+
+```bash
+borgmatic create --override location.repositories=[test1.borg,test2.borg]
+```
+
+Or even a single list element:
+
+```bash
+borgmatic create --override location.repositories=[/root/test.borg]
+```
+
+If your override value contains special YAML characters like colons, then
+you'll need quotes for it to parse correctly:
+
+```bash
+borgmatic create --override location.repositories="['user@server:test.borg']"
+```
+
+There is not currently a way to override a single element of a list without
+replacing the whole list.
+
+Note that if you override an option of the list type (like
+`location.repositories`), you do need to use the `[ ]` list syntax. See the
+[configuration
+reference](https://torsion.org/borgmatic/docs/reference/configuration/) for
+which options are list types. (YAML list values look like `- this` with an
+indentation and a leading dash.)
+
+Be sure to quote your overrides if they contain spaces or other characters
+that your shell may interpret.

docs/how-to/monitor-your-backups.md

@@ -1,5 +1,9 @@
 ---
 title: How to monitor your backups
+eleventyNavigation:
+  key: 🚨 Monitor your backups
+  parent: How-to guides
+  order: 5
 ---
 
 ## Monitoring and alerting
@@ -10,46 +14,68 @@ and alerting comes in.
 
 There are several different ways you can monitor your backups and find out
 whether they're succeeding. Which of these you choose to do is up to you and
-your particular infrastructure:
+your particular infrastructure.
 
-1. **Job runner alerts**: The easiest place to start is with failure alerts
-from the [scheduled job
-runner](https://torsion.org/borgmatic/docs/how-to/set-up-backups/#autopilot) (cron,
-systemd, etc.) that's running borgmatic. But note that if the job doesn't even
-get scheduled (e.g. due to the job runner not running), you probably won't get
-an alert at all! Still, this is a decent first line of defense, especially
-when combined with some of the other approaches below.
-2. **borgmatic error hooks**: The `on_error` hook allows you to run an arbitrary
-command or script when borgmatic itself encounters an error running your
-backups. So for instance, you can run a script to send yourself a text message
-alert. But note that if borgmatic doesn't actually run, this alert won't fire.
-See [error
+### Job runner alerts
+
+The easiest place to start is with failure alerts from the [scheduled job
+runner](https://torsion.org/borgmatic/docs/how-to/set-up-backups/#autopilot)
+(cron, systemd, etc.) that's running borgmatic. But note that if the job
+doesn't even get scheduled (e.g. due to the job runner not running), you
+probably won't get an alert at all! Still, this is a decent first line of
+defense, especially when combined with some of the other approaches below.
+
+### Commands run on error
+
+The `on_error` hook allows you to run an arbitrary command or script when
+borgmatic itself encounters an error running your backups. So for instance,
+you can run a script to send yourself a text message alert. But note that if
+borgmatic doesn't actually run, this alert won't fire.  See [error
 hooks](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/#error-hooks)
 below for how to configure this.
-4. **borgmatic monitoring hooks**: This feature integrates with monitoring
-   services like [Healthchecks](https://healthchecks.io/),
-[Cronitor](https://cronitor.io), and [Cronhub](https://cronhub.io), and pings
-these services whenever borgmatic runs. That way, you'll receive an alert when
-something goes wrong or the service doesn't hear from borgmatic for a
-configured interval. See
-[Healthchecks
-hook](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/#healthchecks-hook), [Cronitor
-hook](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/#cronitor-hook), and [Cronhub
-hook](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/#cronhub-hook)
+
+### Third-party monitoring services
+
+borgmatic integrates with monitoring services like
+[Healthchecks](https://healthchecks.io/), [Cronitor](https://cronitor.io),
+[Cronhub](https://cronhub.io), and [PagerDuty](https://www.pagerduty.com/) and
+pings these services whenever borgmatic runs. That way, you'll receive an
+alert when something goes wrong or (for certain hooks) the service doesn't
+hear from borgmatic for a configured interval. See [Healthchecks
+hook](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/#healthchecks-hook),
+[Cronitor
+hook](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/#cronitor-hook),
+[Cronhub
+hook](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/#cronhub-hook),
+and [PagerDuty
+hook](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/#pagerduty-hook)
 below for how to configure this.
-3. **Third-party monitoring software**: You can use traditional monitoring
-software to consume borgmatic JSON output and track when the last
-successful backup occurred. See [scripting
+
+While these services offer different features, you probably only need to use
+one of them at most.
+
+### Third-party monitoring software
+
+You can use traditional monitoring software to consume borgmatic JSON output
+and track when the last successful backup occurred. See [scripting
 borgmatic](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/#scripting-borgmatic)
+and [related
+software](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/#related-software)
 below for how to configure this.
-5. **Borg hosting providers**: Most [Borg hosting
+
+### Borg hosting providers
+
+Most [Borg hosting
 providers](https://torsion.org/borgmatic/#hosting-providers) include
 monitoring and alerting as part of their offering. This gives you a dashboard
 to check on all of your backups, and can alert you if the service doesn't hear
 from borgmatic for a configured interval.
-6. **borgmatic consistency checks**: While not strictly part of monitoring, if you
-really want confidence that your backups are not only running but are
-restorable as well, you can configure particular [consistency
+
+### Consistency checks
+
+While not strictly part of monitoring, if you really want confidence that your
+backups are not only running but are restorable as well, you can configure
+particular [consistency
 checks](https://torsion.org/borgmatic/docs/how-to/deal-with-very-large-backups/#consistency-check-configuration)
 or even script full [extract
 tests](https://torsion.org/borgmatic/docs/how-to/extract-a-backup/).
@@ -57,10 +83,10 @@ tests](https://torsion.org/borgmatic/docs/how-to/extract-a-backup/).
 
 ## Error hooks
 
-When an error occurs during a backup or another action, borgmatic can run
-configurable shell commands to fire off custom error notifications or take
-other actions, so you can get alerted as soon as something goes wrong. Here's
-a not-so-useful example:
+When an error occurs during a `prune`, `compact`, `create`, or `check` action,
+borgmatic can run configurable shell commands to fire off custom error
+notifications or take other actions, so you can get alerted as soon as
+something goes wrong. Here's a not-so-useful example:
 
 ```yaml
 hooks:
@@ -78,10 +104,9 @@ hooks:
         - send-text-message.sh "{configuration_filename}" "{repository}"
 ```
 
-In this example, when the error occurs, borgmatic interpolates a few runtime
-values into the hook command: the borgmatic configuration filename, and the
-path of the repository. Here's the full set of supported variables you can use
-here:
+In this example, when the error occurs, borgmatic interpolates runtime values
+into the hook command: the borgmatic configuration filename, and the path of
+the repository. Here's the full set of supported variables you can use here:
 
  * `configuration_filename`: borgmatic configuration filename in which the
    error occurred
@@ -91,10 +116,11 @@ here:
  * `output`: output of the command that failed (may be blank if an error
    occurred without running a command)
 
-Note that borgmatic runs the `on_error` hooks for any action in which an error
-occurs, not just the `create` action. But borgmatic does not run `on_error`
-hooks if an error occurs within a `before_everything` or `after_everything`
-hook. For more about hooks, see the [borgmatic hooks
+Note that borgmatic runs the `on_error` hooks only for `prune`, `compact`,
+`create`, or `check` actions or hooks in which an error occurs, and not other
+actions. borgmatic does not run `on_error` hooks if an error occurs within a
+`before_everything` or `after_everything` hook. For more about hooks, see the
+[borgmatic hooks
 documentation](https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/),
 especially the security information.
 
@@ -110,28 +136,33 @@ URL" for your project. Here's an example:
 
 ```yaml
 hooks:
-    healthchecks: https://hc-ping.com/addffa72-da17-40ae-be9c-ff591afb942a
+    healthchecks:
+        ping_url: https://hc-ping.com/addffa72-da17-40ae-be9c-ff591afb942a
 ```
 
 With this hook in place, borgmatic pings your Healthchecks project when a
-backup begins, ends, or errors. Specifically, before the <a
+backup begins, ends, or errors. Specifically, after the <a
 href="https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/">`before_backup`
-hooks</a> run, borgmatic lets Healthchecks know that a backup has started.
+hooks</a> run, borgmatic lets Healthchecks know that it has started if any of
+the `prune`, `compact`, `create`, or `check` actions are run.
 
-Then, if the backup completes successfully, borgmatic notifies Healthchecks of
+Then, if the actions complete successfully, borgmatic notifies Healthchecks of
 the success after the `after_backup` hooks run, and includes borgmatic logs in
 the payload data sent to Healthchecks. This means that borgmatic logs show up
 in the Healthchecks UI, although be aware that Healthchecks currently has a
 10-kilobyte limit for the logs in each ping.
 
-If an error occurs during the backup, borgmatic notifies Healthchecks after
-the `on_error` hooks run, also tacking on logs including the error itself. But
-the logs are only included for errors that occur within the borgmatic `create`
-action (and not other actions).
+If an error occurs during any action or hook, borgmatic notifies Healthchecks
+after the `on_error` hooks run, also tacking on logs including the error
+itself. But the logs are only included for errors that occur when a `prune`,
+`compact`, `create`, or `check` action is run.
 
-Note that borgmatic sends logs to Healthchecks by applying the maximum of any
-other borgmatic verbosity level (`--verbosity`, `--syslog-verbosity`, etc.),
-as there is not currently a dedicated Healthchecks verbosity setting.
+You can customize the verbosity of the logs that are sent to Healthchecks with
+borgmatic's `--monitoring-verbosity` flag. The `--files` and `--stats` flags
+may also be of use. See `borgmatic --help` for more information. Additionally,
+see the [borgmatic configuration
+file](https://torsion.org/borgmatic/docs/reference/configuration/) for
+additional Healthchecks options.
 
 You can configure Healthchecks to notify you by a [variety of
 mechanisms](https://healthchecks.io/#welcome-integrations) when backups fail
@@ -149,16 +180,18 @@ API URL" for your monitor. Here's an example:
 
 ```yaml
 hooks:
-    cronitor: https://cronitor.link/d3x0c1
+    cronitor:
+        ping_url: https://cronitor.link/d3x0c1
 ```
 
 With this hook in place, borgmatic pings your Cronitor monitor when a backup
-begins, ends, or errors. Specifically, before the <a
+begins, ends, or errors. Specifically, after the <a
 href="https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/">`before_backup`
-hooks</a> run, borgmatic lets Cronitor know that a backup has started. Then,
-if the backup completes successfully, borgmatic notifies Cronitor of the
-success after the `after_backup` hooks run. And if an error occurs during the
-backup, borgmatic notifies Cronitor after the `on_error` hooks run.
+hooks</a> run, borgmatic lets Cronitor know that it has started if any of the
+`prune`, `compact`, `create`, or `check` actions are run. Then, if the actions
+complete successfully, borgmatic notifies Cronitor of the success after the
+`after_backup` hooks run. And if an error occurs during any action or hook,
+borgmatic notifies Cronitor after the `on_error` hooks run.
 
 You can configure Cronitor to notify you by a [variety of
 mechanisms](https://cronitor.io/docs/cron-job-notifications) when backups fail
@@ -176,16 +209,18 @@ URL" for your monitor. Here's an example:
 
 ```yaml
 hooks:
-    cronhub: https://cronhub.io/start/1f5e3410-254c-11e8-b61d-55875966d031
+    cronhub:
+        ping_url: https://cronhub.io/start/1f5e3410-254c-11e8-b61d-55875966d031
 ```
 
 With this hook in place, borgmatic pings your Cronhub monitor when a backup
-begins, ends, or errors. Specifically, before the <a
+begins, ends, or errors. Specifically, after the <a
 href="https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/">`before_backup`
-hooks</a> run, borgmatic lets Cronhub know that a backup has started. Then,
-if the backup completes successfully, borgmatic notifies Cronhub of the
-success after the `after_backup` hooks run. And if an error occurs during the
-backup, borgmatic notifies Cronhub after the `on_error` hooks run.
+hooks</a> run, borgmatic lets Cronhub know that it has started if any of the
+`prune`, `compact`, `create`, or `check` actions are run. Then, if the actions
+complete successfully, borgmatic notifies Cronhub of the success after the
+`after_backup` hooks run. And if an error occurs during any action or hook,
+borgmatic notifies Cronhub after the `on_error` hooks run.
 
 Note that even though you configure borgmatic with the "start" variant of the
 ping URL, borgmatic substitutes the correct state into the URL when pinging
@@ -196,6 +231,45 @@ mechanisms](https://docs.cronhub.io/integrations.html) when backups fail
 or it doesn't hear from borgmatic for a certain period of time.
 
 
+## PagerDuty hook
+
+In case you're new here: [borgmatic](https://torsion.org/borgmatic/) is
+simple, configuration-driven backup software for servers and workstations,
+powered by [Borg Backup](https://www.borgbackup.org/).
+
+[PagerDuty](https://www.pagerduty.com/) provides incident monitoring and
+alerting. borgmatic has built-in integration that can notify you via PagerDuty
+as soon as a backup fails, so you can make sure your backups keep working.
+
+First, create a PagerDuty account and <a
+href="https://support.pagerduty.com/docs/services-and-integrations">service</a>
+on their site. On the service, add an integration and set the Integration Type
+to "borgmatic".
+
+Then, configure borgmatic with the unique "Integration Key" for your service.
+Here's an example:
+
+
+```yaml
+hooks:
+    pagerduty:
+        integration_key: a177cad45bd374409f78906a810a3074
+```
+
+With this hook in place, borgmatic creates a PagerDuty event for your service
+whenever backups fail. Specifically, if an error occurs during a `create`,
+`prune`, `compact`, or `check` action, borgmatic sends an event to PagerDuty
+before the `on_error` hooks run. Note that borgmatic does not contact
+PagerDuty when a backup starts or ends without error.
+
+You can configure PagerDuty to notify you by a [variety of
+mechanisms](https://support.pagerduty.com/docs/notifications) when backups
+fail.
+
+If you have any issues with the integration, [please contact
+us](https://torsion.org/borgmatic/#support-and-contributing).
+
+
 ## Scripting borgmatic
 
 To consume the output of borgmatic in other software, you can include an
@@ -207,33 +281,18 @@ suppressed so as not to interfere with the captured JSON. Also note that JSON
 output only shows up at the console, and not in syslog.
 
 
-### Successful backups
+## Related software
 
-`borgmatic list` includes support for a `--successful` flag that only lists
-successful (non-checkpoint) backups. This flag works via a basic heuristic: It
-assumes that non-checkpoint archive names end with a digit (e.g. from a
-timestamp), while checkpoint archive names do not. This means that if you're
-using custom archive names that do not end in a digit, the `--successful` flag
-will not work as expected.
+ * [Borgmacator GNOME AppIndicator](https://github.com/N-Coder/borgmacator/)
 
-Combined with a built-in Borg flag like `--last`, you can list the last
-successful backup for use in your monitoring scripts. Here's an example
-combined with `--json`:
+
+### Latest backups
+
+All borgmatic actions that accept an "--archive" flag allow you to specify an
+archive name of "latest". This lets you get the latest archive without having
+to first run "borgmatic list" manually, which can be handy in automated
+scripts. Here's an example:
 
 ```bash
-borgmatic list --successful --last 1 --json
+borgmatic info --archive latest
 ```
-
-Note that this particular combination will only work if you've got a single
-backup "series" in your repository. If you're instead backing up, say, from
-multiple different hosts into a single repository, then you'll need to get
-fancier with your archive listing. See `borg list --help` for more flags.
-
-
-## Related documentation
-
- * [Set up backups with borgmatic](https://torsion.org/borgmatic/docs/how-to/set-up-backups/)
- * [Inspect your backups](https://torsion.org/borgmatic/docs/how-to/inspect-your-backups/)
- * [Add preparation and cleanup steps to backups](https://torsion.org/borgmatic/docs/how-to/add-preparation-and-cleanup-steps-to-backups/)
- * [Extract a backup](https://torsion.org/borgmatic/docs/how-to/extract-a-backup/)
- * [Develop on borgmatic](https://torsion.org/borgmatic/docs/how-to/develop-on-borgmatic/)

docs/how-to/run-arbitrary-borg-commands.md

@@ -0,0 +1,94 @@
+---
+title: How to run arbitrary Borg commands
+eleventyNavigation:
+  key: 🔧 Run arbitrary Borg commands
+  parent: How-to guides
+  order: 10
+---
+## Running Borg with borgmatic
+
+Borg has several commands (and options) that borgmatic does not currently
+support. Sometimes though, as a borgmatic user, you may find yourself wanting
+to take advantage of these off-the-beaten-path Borg features. You could of
+course drop down to running Borg directly. But then you'd give up all the
+niceties of your borgmatic configuration. You could file a [borgmatic
+ticket](https://torsion.org/borgmatic/#issues) or even a [pull
+request](https://torsion.org/borgmatic/#contributing) to add the feature. But
+what if you need it *now*?
+
+That's where borgmatic's support for running "arbitrary" Borg commands comes
+in. Running Borg commands with borgmatic takes advantage of the following, all
+based on your borgmatic configuration files or command-line arguments:
+
+ * configured repositories (automatically runs your Borg command once for each
+   one)
+ * local and remote Borg binary paths
+ * SSH settings and Borg environment variables
+ * lock wait settings
+ * verbosity
+
+
+### borg action
+
+The way you run Borg with borgmatic is via the `borg` action. Here's a simple
+example:
+
+```bash
+borgmatic borg break-lock
+```
+
+(No `borg` action in borgmatic? Time to upgrade!)
+
+This runs Borg's `break-lock` command once on each configured borgmatic
+repository. Notice how the repository isn't present in the specified Borg
+options, as that part is provided by borgmatic.
+
+You can also specify Borg options for relevant commands:
+
+```bash
+borgmatic borg list --progress
+```
+
+This runs Borg's `list` command once on each configured borgmatic
+repository. However, the native `borgmatic list` action should be preferred
+for most use.
+
+What if you only want to run Borg on a single configured borgmatic repository
+when you've got several configured? Not a problem.
+
+```bash
+borgmatic borg --repository repo.borg break-lock
+```
+
+And what about a single archive?
+
+```bash
+borgmatic borg --archive your-archive-name list
+```
+
+### Limitations
+
+borgmatic's `borg` action is not without limitations:
+
+ * The Borg command you want to run (`create`, `list`, etc.) *must* come first
+   after the `borg` action. If you have any other Borg options to specify,
+   provide them after. For instance, `borgmatic borg list --progress` will work,
+   but `borgmatic borg --progress list` will not.
+ * borgmatic supplies the repository/archive name to Borg for you (based on
+   your borgmatic configuration or the `borgmatic borg --repository`/`--archive`
+   arguments), so do not specify the repository/archive otherwise.
+ * The `borg` action will not currently work for any Borg commands like `borg
+   serve` that do not accept a repository/archive name.
+ * Do not specify any global borgmatic arguments to the right of the `borg`
+   action. (They will be passed to Borg instead of borgmatic.) If you have
+   global borgmatic arguments, specify them *before* the `borg` action.
+ * Unlike other borgmatic actions, you cannot combine the `borg` action with
+   other borgmatic actions. This is to prevent ambiguity in commands like
+   `borgmatic borg list`, in which `list` is both a valid Borg command and a
+   borgmatic action. In this case, only the Borg command is run.
+ * Unlike normal borgmatic actions that support JSON, the `borg` action will
+   not disable certain borgmatic logs to avoid interfering with JSON output.
+
+In general, this `borgmatic borg` feature should be considered an escape
+valve—a feature of second resort. In the long run, it's preferable to wrap
+Borg commands with borgmatic actions that can support them fully.

docs/how-to/set-up-backups.md

@@ -1,66 +1,118 @@
 ---
-title: How to set up backups with borgmatic
+title: How to set up backups
+eleventyNavigation:
+  key: 📥 Set up backups
+  parent: How-to guides
+  order: 0
 ---
 ## Installation
 
-To get up and running, first [install
-Borg](https://borgbackup.readthedocs.io/en/stable/installation.html), at
-least version 1.1.
+Many users need to backup system files that require privileged access, so
+these instructions install and run borgmatic as root. If you don't need to
+backup such files, then you are welcome to install and run borgmatic as a
+non-root user.
 
-By default, borgmatic looks for its configuration files in `/etc/borgmatic/`
-and `/etc/borgmatic.d/`, where the root user typically has read access.
+First, manually [install
+Borg](https://borgbackup.readthedocs.io/en/stable/installation.html), at least
+version 1.1. borgmatic does not install Borg automatically so as to avoid
+conflicts with existing Borg installations.
 
-So, to download and install borgmatic as the root user, run the following
-commands:
+Then, download and install borgmatic as a [user site
+installation](https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site)
+by running the following command:
 
 ```bash
 sudo pip3 install --user --upgrade borgmatic
 ```
 
-This is a [recommended user site
-installation](https://packaging.python.org/tutorials/installing-packages/#installing-to-the-user-site).
-You will need to ensure that `/root/.local/bin` is available on your `$PATH`
-so
-that the borgmatic executable is available. For instance, adding this to
-root's `~/.profile` or `~/.bash_profile` may do the trick:
+This installs borgmatic and its commands at the `/root/.local/bin` path.
+
+Your pip binary may have a different name than "pip3". Make sure you're using
+Python 3.7+, as borgmatic does not support older versions of Python.
+
+The next step is to ensure that borgmatic's commands available are on your
+system `PATH`, so that you can run borgmatic:
 
 ```bash
-export PATH="$PATH:~/.local/bin"
+echo export 'PATH="$PATH:/root/.local/bin"' >> ~/.bashrc
+source ~/.bashrc
 ```
 
-Note that your pip binary may have a different name than "pip3". Make sure
-you're using Python 3, as borgmatic does not support Python 2.
+This adds `/root/.local/bin` to your non-root user's system `PATH`.
+
+If you're using a command shell other than Bash, you may need to use different
+commands here.
+
+You can check whether all of this worked with:
+
+```bash
+sudo borgmatic --version
+```
+
+If borgmatic is properly installed, that should output your borgmatic version.
+
+As an alternative to adding the path to `~/.bashrc` file, if you're using sudo
+to run borgmatic, you can configure [sudo's
+`secure_path` option](https://man.archlinux.org/man/sudoers.5) to include
+borgmatic's path.
+
+
+### Global install option
+
+If you try the user site installation above, and have problems making
+borgmatic commands runnable on your system `PATH`, an alternate approach is to
+install borgmatic globally.
+
+The following uninstalls borgmatic, and then reinstalls it such that borgmatic
+commands are on the default system `PATH`:
+
+```bash
+sudo pip3 uninstall borgmatic
+sudo pip3 install --upgrade borgmatic
+```
+
+The main downside of a global install is that borgmatic is less cleanly
+separated from the rest of your Python software, and there's the theoretical
+possibility of library conflicts. But if you're okay with that, for instance
+on a relatively dedicated system, then a global install can work out fine.
+
 
 ### Other ways to install
 
-Along with the above process, you have several other options for installing
-borgmatic:
+Besides the approaches described above, there are several other options for
+installing borgmatic:
 
- * [Docker image with scheduled backups](https://hub.docker.com/r/b3vis/borgmatic/)
- * [Docker base image](https://hub.docker.com/r/monachus/borgmatic/)
+ * [Docker image with scheduled backups](https://hub.docker.com/r/b3vis/borgmatic/) (+ Docker Compose files)
+ * [Docker image with multi-arch and Docker CLI support](https://hub.docker.com/r/modem7/borgmatic-docker/)
  * [Debian](https://tracker.debian.org/pkg/borgmatic)
  * [Ubuntu](https://launchpad.net/ubuntu/+source/borgmatic)
  * [Fedora official](https://bodhi.fedoraproject.org/updates/?search=borgmatic)
  * [Fedora unofficial](https://copr.fedorainfracloud.org/coprs/heffer/borgmatic/)
  * [Arch Linux](https://www.archlinux.org/packages/community/any/borgmatic/)
+ * [Alpine Linux](https://pkgs.alpinelinux.org/packages?name=borgmatic)
  * [OpenBSD](http://ports.su/sysutils/borgmatic)
  * [openSUSE](https://software.opensuse.org/package/borgmatic)
- * [stand-alone binary](https://github.com/cmarquardt/borgmatic-binary)
+ * [macOS (via Homebrew)](https://formulae.brew.sh/formula/borgmatic)
+ * [Ansible role](https://github.com/borgbase/ansible-role-borgbackup)
  * [virtualenv](https://virtualenv.pypa.io/en/stable/)
 
 
 ## Hosting providers
 
-Need somewhere to store your encrypted offsite backups? The following hosting
-providers include specific support for Borg/borgmatic. Using these links and
-services helps support borgmatic development and hosting. (These are referral
-links, but without any tracking scripts or cookies.)
+Need somewhere to store your encrypted off-site backups? The following hosting
+providers include specific support for Borg/borgmatic—and fund borgmatic
+development and hosting when you use these links to sign up. (These are
+referral links, but without any tracking scripts or cookies.)
 
 <ul>
- <li class="referral"><a href="https://www.rsync.net/cgi-bin/borg.cgi?campaign=borg&adgroup=borgmatic">rsync.net</a>: Cloud Storage provider with full support for borg and any other SSH/SFTP tool</li>
  <li class="referral"><a href="https://www.borgbase.com/?utm_source=borgmatic">BorgBase</a>: Borg hosting service with support for monitoring, 2FA, and append-only repos</li>
 </ul>
 
+Additionally, [rsync.net](https://www.rsync.net/products/borg.html) and
+[Hetzner](https://www.hetzner.com/storage/storage-box) have compatible storage
+offerings, but do not currently fund borgmatic development or hosting.
+
+
 ## Configuration
 
 After you install borgmatic, generate a sample configuration file:
@@ -72,10 +124,13 @@ sudo generate-borgmatic-config
 If that command is not found, then it may be installed in a location that's
 not in your system `PATH` (see above). Try looking in `~/.local/bin/`.
 
-This generates a sample configuration file at /etc/borgmatic/config.yaml (by
-default). You should edit the file to suit your needs, as the values are
-representative. All options are optional except where indicated, so feel free
-to ignore anything you don't need.
+This generates a sample configuration file at `/etc/borgmatic/config.yaml` by
+default. If you'd like to use another path, use the `--destination` flag, for
+instance: `--destination ~/.config/borgmatic/config.yaml`.
+
+You should edit the configuration file to suit your needs, as the generated
+values are only representative. All options are optional except where
+indicated, so feel free to ignore anything you don't need.
 
 Note that the configuration file is organized into distinct sections, each
 with a section name like `location:` or `storage:`. So take care that if you
@@ -83,19 +138,17 @@ uncomment a particular option, also uncomment its containing section name, or
 else borgmatic won't recognize the option. Also be sure to use spaces rather
 than tabs for indentation; YAML does not allow tabs.
 
-You can also get the same sample configuration file from the [configuration
+You can get the same sample configuration file from the [configuration
 reference](https://torsion.org/borgmatic/docs/reference/configuration/), the
 authoritative set of all configuration options. This is handy if borgmatic has
-added new options
-since you originally created your configuration file. Also check out how to
-[upgrade your
+added new options since you originally created your configuration file. Also
+check out how to [upgrade your
 configuration](https://torsion.org/borgmatic/docs/how-to/upgrade/#upgrading-your-configuration).
 
 
 ### Encryption
 
-Note that if you plan to run borgmatic on a schedule with cron, and you
-encrypt your Borg repository with a passphrase instead of a key file, you'll
+If you encrypt your Borg repository with a passphrase or a key file, you'll
 either need to set the borgmatic `encryption_passphrase` configuration
 variable or set the `BORG_PASSPHRASE` environment variable. See the
 [repository encryption
@@ -109,6 +162,13 @@ FAQ](http://borgbackup.readthedocs.io/en/stable/faq.html#how-can-i-specify-the-e
 for more info.
 
 
+### Redundancy
+
+If you'd like to configure your backups to go to multiple different
+repositories, see the documentation on how to [make backups
+redundant](https://torsion.org/borgmatic/docs/how-to/make-backups-redundant/).
+
+
 ### Validation
 
 If you'd like to validate that your borgmatic configuration is valid, the
@@ -134,7 +194,7 @@ this step if you already have a Borg repository.) To create a repository, run
 a command like the following:
 
 ```bash
-borgmatic init --encryption repokey
+sudo borgmatic init --encryption repokey
 ```
 
 (No borgmatic `init` action? Try the old-style `--init` flag, or upgrade
@@ -166,16 +226,23 @@ good idea to test that borgmatic is working. So to run borgmatic and start a
 backup, you can invoke it like this:
 
 ```bash
-borgmatic --verbosity 1
+sudo borgmatic --verbosity 1 --files
 ```
 
-By default, this will also prune any old backups as per the configured
-retention policy, and check backups for consistency problems due to things
-like file damage.
+(No borgmatic `--files` flag? It's only present in newer versions of
+borgmatic. So try leaving it out, or upgrade borgmatic!)
 
-The verbosity flag makes borgmatic list the files that it's archiving, which
-are those that are new or changed since the last backup. Eyeball the list and
-see if it matches your expectations based on the configuration.
+By default, this will also prune any old backups as per the configured
+retention policy, compact segments to free up space (with Borg 1.2+), and
+check backups for consistency problems due to things like file damage.
+
+The verbosity flag makes borgmatic show the steps it's performing. And the
+files flag lists each file that's new or changed since the last backup.
+Eyeball the list and see if it matches your expectations based on the
+configuration.
+
+If you'd like to specify an alternate configuration file path, use the
+`--config` flag. See `borgmatic --help` for more information.
 
 
 ## Autopilot
@@ -187,7 +254,7 @@ that, you can configure a separate job runner to invoke it periodically.
 ### cron
 
 If you're using cron, download the [sample cron
-file](https://projects.torsion.org/witten/borgmatic/src/master/sample/cron/borgmatic).
+file](https://projects.torsion.org/borgmatic-collective/borgmatic/src/master/sample/cron/borgmatic).
 Then, from the directory where you downloaded it:
 
 ```bash
@@ -195,33 +262,90 @@ sudo mv borgmatic /etc/cron.d/borgmatic
 sudo chmod +x /etc/cron.d/borgmatic
 ```
 
-You can modify the cron file if you'd like to run borgmatic more or less frequently.
+If borgmatic is installed at a different location than
+`/root/.local/bin/borgmatic`, edit the cron file with the correct path. You
+can also modify the cron file if you'd like to run borgmatic more or less
+frequently.
 
 ### systemd
 
-If you're using systemd instead of cron to run jobs, download the [sample
-systemd service
-file](https://projects.torsion.org/witten/borgmatic/raw/branch/master/sample/systemd/borgmatic.service)
+If you're using systemd instead of cron to run jobs, you can still configure
+borgmatic to run automatically.
+
+(If you installed borgmatic from [Other ways to
+install](https://torsion.org/borgmatic/docs/how-to/set-up-backups/#other-ways-to-install),
+you may already have borgmatic systemd service and timer files. If so, you may
+be able to skip some of the steps below.)
+
+First, download the [sample systemd service
+file](https://projects.torsion.org/borgmatic-collective/borgmatic/raw/branch/master/sample/systemd/borgmatic.service)
 and the [sample systemd timer
-file](https://projects.torsion.org/witten/borgmatic/raw/branch/master/sample/systemd/borgmatic.timer).
+file](https://projects.torsion.org/borgmatic-collective/borgmatic/raw/branch/master/sample/systemd/borgmatic.timer).
+
 Then, from the directory where you downloaded them:
 
 ```bash
 sudo mv borgmatic.service borgmatic.timer /etc/systemd/system/
-sudo systemctl enable borgmatic.timer
-sudo systemctl start borgmatic.timer
+sudo systemctl enable --now borgmatic.timer
 ```
 
+Review the security settings in the service file and update them as needed.
+If `ProtectSystem=strict` is enabled and local repositories are used, then
+the repository path must be added to the `ReadWritePaths` list.
+
 Feel free to modify the timer file based on how frequently you'd like
 borgmatic to run.
 
-## Colored output
+### launchd in macOS
+
+If you run borgmatic in macOS with launchd, you may encounter permissions
+issues when reading files to backup. If that happens to you, you may be
+interested in an [unofficial work-around for Full Disk
+Access](https://projects.torsion.org/borgmatic-collective/borgmatic/issues/293).
+
+
+## Niceties
+
+
+### Shell completion
+
+borgmatic includes a shell completion script (currently only for Bash) to
+support tab-completing borgmatic command-line actions and flags. Depending on
+how you installed borgmatic, this may be enabled by default. But if it's not,
+start by installing the `bash-completion` Linux package or the
+[`bash-completion@2`](https://formulae.brew.sh/formula/bash-completion@2)
+macOS Homebrew formula. Then, install the shell completion script globally:
+
+```bash
+sudo su -c "borgmatic --bash-completion > $(pkg-config --variable=completionsdir bash-completion)/borgmatic"
+```
+
+If you don't have `pkg-config` installed, you can try the following path
+instead:
+
+```bash
+sudo su -c "borgmatic --bash-completion > /usr/share/bash-completion/completions/borgmatic"
+```
+
+Or, if you'd like to install the script for just the current user:
+
+```bash
+mkdir --parents ~/.local/share/bash-completion/completions
+borgmatic --bash-completion > ~/.local/share/bash-completion/completions/borgmatic
+```
+
+Finally, restart your shell (`exit` and open a new shell) so the completions
+take effect.
+
+
+### Colored output
+
+borgmatic produces colored terminal output by default. It is disabled when a
+non-interactive terminal is detected (like a cron job), or when you use the
+`--json` flag. Otherwise, you can disable it by passing the `--no-color` flag,
+setting the environment variable `PY_COLORS=False`, or setting the `color`
+option to `false` in the `output` section of configuration.
 
-Borgmatic produces colored terminal output by default. It is disabled when a
-non-interactive terminal is detected (like a cron job). Otherwise, you can
-disable it by passing the `--no-color` flag, setting the environment variable
-`PY_COLORS=False`, or setting the `color` option to `false` in the `output`
-section of configuration.
 
 ## Troubleshooting
 
@@ -250,14 +374,3 @@ YAML library. If so, not to worry. borgmatic should install and function
 correctly even without the C YAML library. And borgmatic won't be any faster
 with the C library present, so you don't need to go out of your way to install
 it.
-
-
-## Related documentation
-
- * [Make per-application backups](https://torsion.org/borgmatic/docs/how-to/make-per-application-backups/)
- * [Deal with very large backups](https://torsion.org/borgmatic/docs/how-to/deal-with-very-large-backups/)
- * [Inspect your backups](https://torsion.org/borgmatic/docs/how-to/inspect-your-backups/)
- * [Monitor your backups](https://torsion.org/borgmatic/docs/how-to/monitor-your-backups/)
- * [Upgrade borgmatic](https://torsion.org/borgmatic/docs/how-to/upgrade/)
- * [borgmatic configuration reference](https://torsion.org/borgmatic/docs/reference/configuration/)
- * [borgmatic command-line reference](https://torsion.org/borgmatic/docs/reference/command-line/)

docs/how-to/upgrade.md

@@ -1,5 +1,9 @@
 ---
 title: How to upgrade borgmatic
+eleventyNavigation:
+  key: 📦 Upgrade borgmatic
+  parent: How-to guides
+  order: 11
 ---
 ## Upgrading
 
@@ -111,8 +115,3 @@ sudo pip3 install --user borgmatic
 
 That's it! borgmatic will continue using your /etc/borgmatic configuration
 files.
-
-
-## Related documentation
-
- * [Develop on borgmatic](https://torsion.org/borgmatic/docs/how-to/develop-on-borgmatic/)

docs/reference/command-line.md

@@ -1,5 +1,9 @@
 ---
-title: borgmatic command-line reference
+title: Command-line reference
+eleventyNavigation:
+  key: ⌨️ Command-line reference
+  parent: Reference guides
+  order: 1
 ---
 ## borgmatic options
 

docs/reference/configuration.md

@@ -1,5 +1,9 @@
 ---
-title: borgmatic configuration reference
+title: Configuration reference
+eleventyNavigation:
+  key: ⚙️ Configuration reference
+  parent: Reference guides
+  order: 0
 ---
 ## Configuration file
 

docs/reference/index.md

@@ -0,0 +1,5 @@
+---
+eleventyNavigation:
+  key: Reference guides
+permalink: false
+---

sample/cron/borgmatic

@@ -1,3 +1,3 @@
 # You can drop this file into /etc/cron.d/ to run borgmatic nightly.
 
-0 3 * * * root PATH=$PATH:/usr/bin:/usr/local/bin /root/.local/bin/borgmatic --syslog-verbosity 1
+0 3 * * * root PATH=$PATH:/usr/bin:/usr/local/bin /root/.local/bin/borgmatic --verbosity -1 --syslog-verbosity 1

sample/systemd/borgmatic.service

@@ -2,11 +2,50 @@
 Description=borgmatic backup
 Wants=network-online.target
 After=network-online.target
+# Prevent borgmatic from running unless the machine is plugged into power. Remove this line if you
+# want to allow borgmatic to run anytime.
 ConditionACPower=true
 
 [Service]
 Type=oneshot
 
+# Security settings for systemd running as root, optional but recommended to improve security. You
+# can disable individual settings if they cause problems for your use case. For more details, see
+# the systemd manual: https://www.freedesktop.org/software/systemd/man/systemd.exec.html
+LockPersonality=true
+# Certain borgmatic features like Healthchecks integration need MemoryDenyWriteExecute to be off.
+# But you can try setting it to "yes" for improved security if you don't use those features.
+MemoryDenyWriteExecute=no
+NoNewPrivileges=yes
+PrivateDevices=yes
+PrivateTmp=yes
+ProtectClock=yes
+ProtectControlGroups=yes
+ProtectHostname=yes
+ProtectKernelLogs=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallErrorNumber=EPERM
+# To restrict write access further, change "ProtectSystem" to "strict" and uncomment
+# "ReadWritePaths", "ReadOnlyPaths", "ProtectHome", and "BindPaths". Then add any local repository
+# paths to the list of "ReadWritePaths" and local backup source paths to "ReadOnlyPaths". This
+# leaves most of the filesystem read-only to borgmatic.
+ProtectSystem=full
+# ReadWritePaths=-/mnt/my_backup_drive
+# ReadOnlyPaths=-/var/lib/my_backup_source
+# This will mount a tmpfs on top of /root and pass through needed paths
+# ProtectHome=tmpfs
+# BindPaths=-/root/.cache/borg -/root/.cache/borg -/root/.borgmatic
+
+# May interfere with running external programs within borgmatic hooks.
+CapabilityBoundingSet=CAP_DAC_READ_SEARCH CAP_NET_RAW
+
 # Lower CPU and I/O priority.
 Nice=19
 CPUSchedulingPolicy=batch
@@ -15,8 +54,11 @@ IOSchedulingPriority=7
 IOWeight=100
 
 Restart=no
+# Prevent rate limiting of borgmatic log events. If you are using an older version of systemd that
+# doesn't support this (pre-240 or so), you may have to remove this option.
 LogRateLimitIntervalSec=0
 
-# Delay start to prevent backups running during boot.
+# Delay start to prevent backups running during boot. Note that systemd-inhibit requires dbus and
+# dbus-user-session to be installed.
 ExecStartPre=sleep 1m
-ExecStart=systemd-inhibit --who="borgmatic" --why="Prevent interrupting scheduled backup" /root/.local/bin/borgmatic --syslog-verbosity 1
+ExecStart=systemd-inhibit --who="borgmatic" --why="Prevent interrupting scheduled backup" /root/.local/bin/borgmatic --verbosity -1 --syslog-verbosity 1

sample/systemd/borgmatic.timer

@@ -4,6 +4,7 @@ Description=Run borgmatic backup
 [Timer]
 OnCalendar=daily
 Persistent=true
+RandomizedDelaySec=3h
 
 [Install]
 WantedBy=timers.target

scripts/find-unsupported-borg-options

@@ -38,7 +38,7 @@ for sub_command in prune create check list info; do
             | grep -v '^--json$' \
             | grep -v '^--keep-last$' \
             | grep -v '^--list$' \
-            | grep -v '^--nobsdflags$' \
+            | grep -v '^--bsdflags$' \
             | grep -v '^--pattern$' \
             | grep -v '^--progress$' \
             | grep -v '^--stats$' \
@@ -54,7 +54,7 @@ for sub_command in prune create check list info; do
             | grep -v '^--format' \
             | grep -v '^--glob-archives' \
             | grep -v '^--last' \
-            | grep -v '^--list-format' \
+            | grep -v '^--format' \
             | grep -v '^--patterns-from' \
             | grep -v '^--prefix' \
             | grep -v '^--short' \

scripts/release

@@ -15,6 +15,12 @@ if [[ ! -f NEWS ]]; then
 fi
 
 version=$(head --lines=1 NEWS)
+
+if [[ $version =~ .*dev* ]]; then
+    echo "Refusing to release a dev version: $version"
+    exit 1
+fi
+
 git tag $version
 git push origin $version
 git push github $version
@@ -23,14 +29,17 @@ git push github $version
 rm -fr dist
 python3 setup.py bdist_wheel
 python3 setup.py sdist
-twine upload -r pypi dist/borgmatic-*.tar.gz
-twine upload -r pypi dist/borgmatic-*-py3-none-any.whl
+gpg --detach-sign --armor dist/borgmatic-*.tar.gz
+gpg --detach-sign --armor dist/borgmatic-*-py3-none-any.whl
+twine upload -r pypi --username __token__ dist/borgmatic-*.tar.gz dist/borgmatic-*.tar.gz.asc
+twine upload -r pypi --username __token__ dist/borgmatic-*-py3-none-any.whl dist/borgmatic-*-py3-none-any.whl.asc
 
-# Set release changelogs on projects.evoworx.org and GitHub.
+# Set release changelogs on projects.torsion.org and GitHub.
 release_changelog="$(cat NEWS | sed '/^$/q' | grep -v '^\S')"
 escaped_release_changelog="$(echo "$release_changelog" | sed -z 's/\n/\\n/g' | sed -z 's/\"/\\"/g')"
 curl --silent --request POST \
-    "https://projects.torsion.org/api/v1/repos/witten/borgmatic/releases?access_token=$projects_token" \
+    "https://projects.torsion.org/api/v1/repos/borgmatic-collective/borgmatic/releases" \
+    --header "Authorization: token $projects_token" \
     --header "Accept: application/json" \
     --header "Content-Type: application/json" \
     --data "{\"body\": \"$escaped_release_changelog\", \"draft\": false, \"name\": \"borgmatic $version\", \"prerelease\": false, \"tag_name\": \"$version\"}"

scripts/run-full-dev-tests

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+# This script is for running all tests, including end-to-end tests, on a developer machine. It sets
+# up database containers to run tests against, runs the tests, and then tears down the containers.
+#
+# Run this script from the root directory of the borgmatic source.
+#
+# For more information, see:
+# https://torsion.org/borgmatic/docs/how-to/develop-on-borgmatic/
+
+set -e
+
+docker-compose --file tests/end-to-end/docker-compose.yaml up --force-recreate \
+    --renew-anon-volumes --abort-on-container-exit

scripts/run-full-tests

@@ -0,0 +1,21 @@
+#!/bin/sh
+
+# This script installs test dependencies and runs all tests, including end-to-end tests. It
+# is designed to run inside a test container, and presumes that other test infrastructure like
+# databases are already running. Therefore, on a developer machine, you should not run this script
+# directly. Instead, run scripts/run-full-dev-tests
+#
+# For more information, see:
+# https://torsion.org/borgmatic/docs/how-to/develop-on-borgmatic/
+
+set -e
+
+apk add --no-cache python3 py3-pip borgbackup postgresql-client mariadb-client mongodb-tools \
+    py3-ruamel.yaml py3-ruamel.yaml.clib bash
+# If certain dependencies of black are available in this version of Alpine, install them.
+apk add --no-cache py3-typed-ast py3-regex || true
+python3 -m pip install --no-cache --upgrade pip==22.0.3 setuptools==60.8.1
+pip3 install tox==3.24.5
+export COVERAGE_FILE=/tmp/.coverage
+tox --workdir /tmp/.tox --sitepackages
+tox --workdir /tmp/.tox --sitepackages -e end-to-end

scripts/run-tests

@@ -1,13 +0,0 @@
-#!/bin/sh
-
-# This script is intended to be run from the continuous integration build
-# server, and not on a developer machine. For that, see:
-# https://torsion.org/borgmatic/docs/how-to/develop-on-borgmatic/
-
-set -e
-
-python -m pip install --upgrade pip==19.3.1
-pip install tox==3.14.0
-tox
-apk add --no-cache borgbackup
-tox -e end-to-end

setup.cfg

@@ -1,5 +1,5 @@
 [metadata]
-description-file=README.md
+description_file=README.md
 
 [tool:pytest]
 testpaths = tests

setup.py

@@ -1,6 +1,6 @@
 from setuptools import find_packages, setup
 
-VERSION = '1.4.18'
+VERSION = '1.6.3.dev0'
 
 
 setup(
@@ -30,11 +30,12 @@ setup(
     },
     obsoletes=['atticmatic'],
     install_requires=(
-        'pykwalify>=1.6.0,<14.06',
-        'requests',
-        'ruamel.yaml>0.15.0,<0.17.0',
-        'setuptools',
         'colorama>=0.4.1,<0.5',
+        'jsonschema',
+        'requests',
+        'ruamel.yaml>0.15.0,<0.18.0',
+        'setuptools',
     ),
     include_package_data=True,
+    python_requires='>=3.7',
 )

test_requirements.txt

@@ -1,25 +1,23 @@
-appdirs==1.4.3
-atomicwrites==1.3.0
-attrs==19.3.0
-black==19.3b0; python_version >= '3.6'
-click==7.0
-colorama==0.4.1
-coverage==4.5.4
-docopt==0.6.2
-flake8==3.7.9
+appdirs==1.4.4; python_version >= '3.8'
+attrs==20.3.0; python_version >= '3.8'
+black==19.10b0; python_version >= '3.8'
+click==7.1.2; python_version >= '3.8'
+colorama==0.4.4
+coverage==5.3
+flake8==4.0.1
 flexmock==0.10.4
-isort==4.3.21
+isort==5.9.1
 mccabe==0.6.1
-more-itertools==7.2.0
-pluggy==0.13.0
-py==1.8.0
-pycodestyle==2.5.0
-pyflakes==2.1.1
-pykwalify==1.7.0
-pytest==5.2.2
-pytest-cov==2.8.1
-python-dateutil==2.8.0
-PyYAML==5.1.2
-requests==2.22.0
-ruamel.yaml>0.15.0,<0.17.0
-toml==0.10.0
+pluggy==0.13.1
+pathspec==0.8.1; python_version >= '3.8'
+py==1.10.0
+pycodestyle==2.8.0
+pyflakes==2.4.0
+jsonschema==3.2.0
+pytest==6.2.5
+pytest-cov==3.0.0
+regex; python_version >= '3.8'
+requests==2.25.0
+ruamel.yaml>0.15.0,<0.18.0
+toml==0.10.2; python_version >= '3.8'
+typed-ast; python_version >= '3.8'

tests/end-to-end/docker-compose.yaml

@@ -0,0 +1,30 @@
+version: '3'
+services:
+  postgresql:
+    image: postgres:13.1-alpine
+    environment:
+      POSTGRES_PASSWORD: test
+      POSTGRES_DB: test
+  mysql:
+    image: mariadb:10.5
+    environment:
+      MYSQL_ROOT_PASSWORD: test
+      MYSQL_DATABASE: test
+  mongodb:
+    image: mongo:5.0.5
+    environment:
+      MONGO_INITDB_ROOT_USERNAME: root
+      MONGO_INITDB_ROOT_PASSWORD: test
+  tests:
+    image: alpine:3.13
+    volumes:
+      - "../..:/app:ro"
+    tmpfs:
+      - "/app/borgmatic.egg-info"
+    tty: true
+    working_dir: /app
+    command:
+      - /app/scripts/run-full-tests
+    depends_on:
+      - postgresql
+      - mysql

tests/end-to-end/test_borgmatic.py

@@ -19,6 +19,8 @@ def generate_configuration(config_path, repository_path):
         open(config_path)
         .read()
         .replace('user@backupserver:sourcehostname.borg', repository_path)
+        .replace('- user@backupserver:{fqdn}', '')
+        .replace('- /home/user/path with spaces', '')
         .replace('- /home', '- {}'.format(config_path))
         .replace('- /etc', '')
         .replace('- /var/log/syslog*', '')
@@ -44,13 +46,13 @@ def test_borgmatic_command():
         generate_configuration(config_path, repository_path)
 
         subprocess.check_call(
-            'borgmatic -v 2 --config {} --init --encryption repokey'.format(config_path).split(' ')
+            'borgmatic -v 2 --config {} init --encryption repokey'.format(config_path).split(' ')
         )
 
         # Run borgmatic to generate a backup archive, and then list it to make sure it exists.
         subprocess.check_call('borgmatic --config {}'.format(config_path).split(' '))
         output = subprocess.check_output(
-            'borgmatic --config {} --list --json'.format(config_path).split(' ')
+            'borgmatic --config {} list --json'.format(config_path).split(' ')
         ).decode(sys.stdout.encoding)
         parsed_output = json.loads(output)
 
@@ -61,16 +63,16 @@ def test_borgmatic_command():
         # Extract the created archive into the current (temporary) directory, and confirm that the
         # extracted file looks right.
         output = subprocess.check_output(
-            'borgmatic --config {} --extract --archive {}'.format(config_path, archive_name).split(
+            'borgmatic --config {} extract --archive {}'.format(config_path, archive_name).split(
                 ' '
             )
         ).decode(sys.stdout.encoding)
         extracted_config_path = os.path.join(extract_path, config_path)
         assert open(extracted_config_path).read() == open(config_path).read()
 
-        # Exercise the info flag.
+        # Exercise the info action.
         output = subprocess.check_output(
-            'borgmatic --config {} --info --json'.format(config_path).split(' ')
+            'borgmatic --config {} info --json'.format(config_path).split(' ')
         ).decode(sys.stdout.encoding)
         parsed_output = json.loads(output)
 

tests/end-to-end/test_completion.py

@@ -0,0 +1,5 @@
+import subprocess
+
+
+def test_bash_completion_runs_without_error():
+    subprocess.check_call('borgmatic --bash-completion | bash', shell=True)

tests/end-to-end/test_database.py

@@ -0,0 +1,171 @@
+import json
+import os
+import shutil
+import subprocess
+import sys
+import tempfile
+
+import pytest
+
+
+def write_configuration(
+    config_path, repository_path, borgmatic_source_directory, postgresql_dump_format='custom'
+):
+    '''
+    Write out borgmatic configuration into a file at the config path. Set the options so as to work
+    for testing. This includes injecting the given repository path, borgmatic source directory for
+    storing database dumps, dump format (for PostgreSQL), and encryption passphrase.
+    '''
+    config = '''
+location:
+    source_directories:
+        - {}
+    repositories:
+        - {}
+    borgmatic_source_directory: {}
+
+storage:
+    encryption_passphrase: "test"
+
+hooks:
+    postgresql_databases:
+        - name: test
+          hostname: postgresql
+          username: postgres
+          password: test
+          format: {}
+        - name: all
+          hostname: postgresql
+          username: postgres
+          password: test
+    mysql_databases:
+        - name: test
+          hostname: mysql
+          username: root
+          password: test
+        - name: all
+          hostname: mysql
+          username: root
+          password: test
+    mongodb_databases:
+        - name: test
+          hostname: mongodb
+          username: root
+          password: test
+          authentication_database: admin
+        - name: all
+          hostname: mongodb
+          username: root
+          password: test
+'''.format(
+        config_path, repository_path, borgmatic_source_directory, postgresql_dump_format
+    )
+
+    with open(config_path, 'w') as config_file:
+        config_file.write(config)
+
+
+def test_database_dump_and_restore():
+    # Create a Borg repository.
+    temporary_directory = tempfile.mkdtemp()
+    repository_path = os.path.join(temporary_directory, 'test.borg')
+    borgmatic_source_directory = os.path.join(temporary_directory, '.borgmatic')
+
+    original_working_directory = os.getcwd()
+
+    try:
+        config_path = os.path.join(temporary_directory, 'test.yaml')
+        write_configuration(config_path, repository_path, borgmatic_source_directory)
+
+        subprocess.check_call(
+            ['borgmatic', '-v', '2', '--config', config_path, 'init', '--encryption', 'repokey']
+        )
+
+        # Run borgmatic to generate a backup archive including a database dump.
+        subprocess.check_call(['borgmatic', 'create', '--config', config_path, '-v', '2'])
+
+        # Get the created archive name.
+        output = subprocess.check_output(
+            ['borgmatic', '--config', config_path, 'list', '--json']
+        ).decode(sys.stdout.encoding)
+        parsed_output = json.loads(output)
+
+        assert len(parsed_output) == 1
+        assert len(parsed_output[0]['archives']) == 1
+        archive_name = parsed_output[0]['archives'][0]['archive']
+
+        # Restore the database from the archive.
+        subprocess.check_call(
+            ['borgmatic', '--config', config_path, 'restore', '--archive', archive_name]
+        )
+    finally:
+        os.chdir(original_working_directory)
+        shutil.rmtree(temporary_directory)
+
+
+def test_database_dump_and_restore_with_directory_format():
+    # Create a Borg repository.
+    temporary_directory = tempfile.mkdtemp()
+    repository_path = os.path.join(temporary_directory, 'test.borg')
+    borgmatic_source_directory = os.path.join(temporary_directory, '.borgmatic')
+
+    original_working_directory = os.getcwd()
+
+    try:
+        config_path = os.path.join(temporary_directory, 'test.yaml')
+        write_configuration(
+            config_path,
+            repository_path,
+            borgmatic_source_directory,
+            postgresql_dump_format='directory',
+        )
+
+        subprocess.check_call(
+            ['borgmatic', '-v', '2', '--config', config_path, 'init', '--encryption', 'repokey']
+        )
+
+        # Run borgmatic to generate a backup archive including a database dump.
+        subprocess.check_call(['borgmatic', 'create', '--config', config_path, '-v', '2'])
+
+        # Restore the database from the archive.
+        subprocess.check_call(
+            ['borgmatic', '--config', config_path, 'restore', '--archive', 'latest']
+        )
+    finally:
+        os.chdir(original_working_directory)
+        shutil.rmtree(temporary_directory)
+
+
+def test_database_dump_with_error_causes_borgmatic_to_exit():
+    # Create a Borg repository.
+    temporary_directory = tempfile.mkdtemp()
+    repository_path = os.path.join(temporary_directory, 'test.borg')
+    borgmatic_source_directory = os.path.join(temporary_directory, '.borgmatic')
+
+    original_working_directory = os.getcwd()
+
+    try:
+        config_path = os.path.join(temporary_directory, 'test.yaml')
+        write_configuration(config_path, repository_path, borgmatic_source_directory)
+
+        subprocess.check_call(
+            ['borgmatic', '-v', '2', '--config', config_path, 'init', '--encryption', 'repokey']
+        )
+
+        # Run borgmatic with a config override such that the database dump fails.
+        with pytest.raises(subprocess.CalledProcessError):
+            subprocess.check_call(
+                [
+                    'borgmatic',
+                    'create',
+                    '--config',
+                    config_path,
+                    '-v',
+                    '2',
+                    '--override',
+                    "hooks.postgresql_databases=[{'name': 'nope'}]",
+                ]
+            )
+    finally:
+        os.chdir(original_working_directory)
+        shutil.rmtree(temporary_directory)

tests/integration/borg/test_feature.py

@@ -0,0 +1,17 @@
+from borgmatic.borg import feature as module
+
+
+def test_available_true_for_new_enough_borg_version():
+    assert module.available(module.Feature.COMPACT, '1.3.7')
+
+
+def test_available_true_for_borg_version_introducing_feature():
+    assert module.available(module.Feature.COMPACT, '1.2.0a2')
+
+
+def test_available_true_for_borg_stable_version_introducing_feature():
+    assert module.available(module.Feature.COMPACT, '1.2.0')
+
+
+def test_available_false_for_too_old_borg_version():
+    assert not module.available(module.Feature.COMPACT, '1.1.5')

tests/integration/commands/test_arguments.py

@@ -71,6 +71,35 @@ def test_parse_arguments_with_log_file_verbosity_overrides_default():
     assert global_arguments.log_file_verbosity == -1
 
 
+def test_parse_arguments_with_single_override_parses():
+    flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
+
+    arguments = module.parse_arguments('--override', 'foo.bar=baz')
+
+    global_arguments = arguments['global']
+    assert global_arguments.overrides == ['foo.bar=baz']
+
+
+def test_parse_arguments_with_multiple_overrides_parses():
+    flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
+
+    arguments = module.parse_arguments('--override', 'foo.bar=baz', 'foo.quux=7')
+
+    global_arguments = arguments['global']
+    assert global_arguments.overrides == ['foo.bar=baz', 'foo.quux=7']
+
+
+def test_parse_arguments_with_multiple_overrides_and_flags_parses():
+    flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
+
+    arguments = module.parse_arguments(
+        '--override', 'foo.bar=baz', '--override', 'foo.quux=7', 'this.that=8'
+    )
+
+    global_arguments = arguments['global']
+    assert global_arguments.overrides == ['foo.bar=baz', 'foo.quux=7', 'this.that=8']
+
+
 def test_parse_arguments_with_list_json_overrides_default():
     arguments = module.parse_arguments('list', '--json')
 
@@ -98,12 +127,14 @@ def test_parse_arguments_with_no_actions_defaults_to_all_actions_enabled():
 def test_parse_arguments_with_no_actions_passes_argument_to_relevant_actions():
     flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
 
-    arguments = module.parse_arguments('--stats')
+    arguments = module.parse_arguments('--stats', '--files')
 
     assert 'prune' in arguments
     assert arguments['prune'].stats
+    assert arguments['prune'].files
     assert 'create' in arguments
     assert arguments['create'].stats
+    assert arguments['create'].files
     assert 'check' in arguments
 
 
@@ -132,6 +163,24 @@ def test_parse_arguments_with_help_and_action_shows_action_help(capsys):
     assert 'create arguments:' in captured.out
 
 
+def test_parse_arguments_with_action_before_global_options_parses_options():
+    flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
+
+    arguments = module.parse_arguments('prune', '--verbosity', '2')
+
+    assert 'prune' in arguments
+    assert arguments['global'].verbosity == 2
+
+
+def test_parse_arguments_with_global_options_before_action_parses_options():
+    flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
+
+    arguments = module.parse_arguments('--verbosity', '2', 'prune')
+
+    assert 'prune' in arguments
+    assert arguments['global'].verbosity == 2
+
+
 def test_parse_arguments_with_prune_action_leaves_other_actions_disabled():
     flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
 
@@ -247,15 +296,6 @@ def test_parse_arguments_disallows_init_and_dry_run():
         )
 
 
-def test_parse_arguments_disallows_glob_archives_with_successful():
-    flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
-
-    with pytest.raises(ValueError):
-        module.parse_arguments(
-            '--config', 'myconfig', 'list', '--glob-archives', '*glob*', '--successful'
-        )
-
-
 def test_parse_arguments_disallows_repository_unless_action_consumes_it():
     flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
 
@@ -391,12 +431,6 @@ def test_parse_arguments_allows_progress_and_extract():
     module.parse_arguments('--progress', 'extract', '--archive', 'test', 'list')
 
 
-def test_parse_arguments_allows_progress_and_restore():
-    flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
-
-    module.parse_arguments('--progress', 'restore', '--archive', 'test', 'list')
-
-
 def test_parse_arguments_disallows_progress_without_create():
     flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
 
@@ -423,6 +457,25 @@ def test_parse_arguments_with_stats_flag_but_no_create_or_prune_flag_raises_valu
         module.parse_arguments('--stats', 'list')
 
 
+def test_parse_arguments_with_files_and_create_flags_does_not_raise():
+    flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
+
+    module.parse_arguments('--files', 'create', 'list')
+
+
+def test_parse_arguments_with_files_and_prune_flags_does_not_raise():
+    flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
+
+    module.parse_arguments('--files', 'prune', 'list')
+
+
+def test_parse_arguments_with_files_flag_but_no_create_or_prune_or_restore_flag_raises_value_error():
+    flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
+
+    with pytest.raises(SystemExit):
+        module.parse_arguments('--files', 'list')
+
+
 def test_parse_arguments_allows_json_with_list_or_info():
     flexmock(module.collect).should_receive('get_default_config_paths').and_return(['default'])
 

tests/integration/commands/test_completion.py

@@ -0,0 +1,5 @@
+from borgmatic.commands import completion as module
+
+
+def test_bash_completion_does_not_raise():
+    assert module.bash_completion()

tests/integration/commands/test_generate_config.py

@@ -1,13 +1,25 @@
 from borgmatic.commands import generate_config as module
 
 
-def test_parse_arguments_with_no_arguments_uses_defaults():
+def test_parse_arguments_with_no_arguments_uses_default_destination():
     parser = module.parse_arguments()
 
     assert parser.destination_filename == module.DEFAULT_DESTINATION_CONFIG_FILENAME
 
 
-def test_parse_arguments_with_filename_argument_overrides_defaults():
+def test_parse_arguments_with_destination_argument_overrides_default():
     parser = module.parse_arguments('--destination', 'config.yaml')
 
     assert parser.destination_filename == 'config.yaml'
+
+
+def test_parse_arguments_parses_source():
+    parser = module.parse_arguments('--source', 'source.yaml', '--destination', 'config.yaml')
+
+    assert parser.source_filename == 'source.yaml'
+
+
+def test_parse_arguments_parses_overwrite():
+    parser = module.parse_arguments('--destination', 'config.yaml', '--overwrite')
+
+    assert parser.overwrite