borgmatic-collective/borgmatic
borgmatic-collective
/
borgmatic
15
57
Fork 40
Code Issues 54 Pull Requests 1 Actions Packages Releases 121 Activity

Borg with-lock? How to use.? #79

New Issue
Closed
opened 2018-07-21 22:38:10 +00:00 by patricko · 11 comments
patricko commented 2018-07-21 22:38:10 +00:00
Copy Link

Hello, I use borgmatic because it simplifies stuff and allows me to discover config option easily

but how to activate borg with-lock to prevent errors?

Hello, I use borgmatic because it simplifies stuff and allows me to discover config option easily but how to activate borg with-lock to prevent errors?
witten added the
question / support
 label 2018-07-22 17:29:06 +00:00
witten commented 2018-07-22 17:33:19 +00:00
Owner
Copy Link

You should still be able to run the Borg with-lock sub-command manually outside of borgmatic. Could you tell me a little bit more about your use case / how you're wanting to use with-lock with borgmatic? Thanks!

Also note that borgmatic has support for "hooks" that will execute your custom commands before or after a backup. However, right now they don't run within Borg's with-lock. Maybe that would be a good enhancement to make? Finding out about your use case will help me determine whether that'll actually solve your problem.

You should still be able to run the Borg `with-lock` sub-command manually outside of borgmatic. Could you tell me a little bit more about your use case / how you're wanting to use `with-lock` with borgmatic? Thanks! Also note that borgmatic has support for "hooks" that will execute your custom commands before or after a backup. However, right now they don't run within Borg's `with-lock`. Maybe that would be a good enhancement to make? Finding out about your use case will help me determine whether that'll actually solve your problem.
patricko commented 2018-07-23 00:08:39 +00:00
Author
Copy Link

I have to make a tar archive of my borg repo and send it through ftp so that would come in handy to avoid corruption I guess?

I have to make a tar archive of my borg repo and send it through ftp so that would come in handy to avoid corruption I guess?
witten commented 2018-07-23 04:56:58 +00:00
Owner
Copy Link

Got it. Is that the sort of thing you'd want to trigger after a borgmatic backup completes? For reference, here's the current documentation for borgmatic hooks:

# Shell commands or scripts to execute before and after a backup or if an error has occurred.
# IMPORTANT: All provided commands and scripts are executed with user permissions of borgmatic.
# Do not forget to set secure permissions on this file as well as on any script listed (chmod 0700) to
# prevent potential shell injection or privilege escalation.
hooks:
    # List of one or more shell commands or scripts to execute before creating a backup.
    before_backup:
        - echo "`date` - Starting a backup job."

    # List of one or more shell commands or scripts to execute after creating a backup.
    after_backup:
        - echo "`date` - Backup created."

    # List of one or more shell commands or scripts to execute in case an exception has occurred.
    on_error:
        - echo "`date` - Error while creating a backup."

So does after_backup sounds like it would work for your needs if the hook command uses borg with-lock?

Got it. Is that the sort of thing you'd want to trigger after a borgmatic backup completes? For reference, here's the current documentation for borgmatic hooks: ```shell # Shell commands or scripts to execute before and after a backup or if an error has occurred. # IMPORTANT: All provided commands and scripts are executed with user permissions of borgmatic. # Do not forget to set secure permissions on this file as well as on any script listed (chmod 0700) to # prevent potential shell injection or privilege escalation. hooks: # List of one or more shell commands or scripts to execute before creating a backup. before_backup: - echo "`date` - Starting a backup job." # List of one or more shell commands or scripts to execute after creating a backup. after_backup: - echo "`date` - Backup created." # List of one or more shell commands or scripts to execute in case an exception has occurred. on_error: - echo "`date` - Error while creating a backup." ``` So does `after_backup` sounds like it would work for your needs if the hook command uses `borg with-lock`?
patricko commented 2018-07-23 14:26:45 +00:00
Author
Copy Link

Hey, sorry I'm a real beginner, I'm not even sure about the use of borg with-lock but Thomas Waldmann said to use it in my case to prevent corruption

Actually I made a script like this:

launch borgmatic
tar the repo
send through ftp

Do you suggest me to remove "launch borgmatic" from the script and add the script in the hooks part? and just run borgmatic regularly

but the with-lock part must be added into borgmatic's source right?

Hey, sorry I'm a real beginner, I'm not even sure about the use of borg with-lock but Thomas Waldmann said to use it in my case to prevent corruption Actually I made a script like this: ``` launch borgmatic tar the repo send through ftp ``` Do you suggest me to remove "launch borgmatic" from the script and add the script in the hooks part? and just run borgmatic regularly but the with-lock part must be added into borgmatic's source right?
witten commented 2018-07-24 03:22:13 +00:00
Owner
Copy Link

Okay, one last question (hopefully): Can you clarify what part you'd like to run within the protection of the with-lock? Is it actually making the backup and tarring the repo and sending it through FTP? Or is it just tarring the repo and sending it through FTP? Thanks.

Okay, one last question (hopefully): Can you clarify what part you'd like to run within the protection of the `with-lock`? Is it actually making the backup *and* tarring the repo *and* sending it through FTP? Or is it just tarring the repo and sending it through FTP? Thanks.
patricko commented 2018-07-24 14:23:10 +00:00
Author
Copy Link

I really don't know, it's just for added security. That's what borg author told me to do.

I have nothing that conflicts with the repo, no operation is ran during the backup IN THEORY. At first sight I don't need it but why does it exist and why did the author advise to use it then?

I really don't know, it's just for added security. That's what borg author told me to do. I have nothing that conflicts with the repo, no operation is ran during the backup IN THEORY. At first sight I don't need it but why does it exist and why did the author advise to use it then?
witten commented 2018-07-25 01:47:25 +00:00
Owner
Copy Link

Not sure what the Borg author had in mind, but my guess is that the operation of tarring up the Borg repo could result in an inconsistent/broken tarball if another process happens to be writing to the Borg repository at the same time.

Given what you've said so far, and looking at the contents of your script, there shouldn't be another process writing to the Borg repository at the same time as the tar operation. But if you wanted to protect against that just to be safe, here's what I'd recommend. You can implement one of the two following options:

  1. Change the tar command in your script to be wrapped with a borg with-lock invocation, referencing the desired repository. That should work with no changes to borgmatic. I'm saying that based on my understanding that, anytime borgmatic invokes Borg, Borg takes out its own repository lock.
  2. Or, move both the tar invocation and the "send through ftp" invocation into borgmatic's hooks configuration as an after_backup hook. There, you'd still have to wrap the tar invocation with borg with-lock. Given that you'd be calling with-lock yourself, that wouldn't require any borgmatic changes either.

Which one you do depends on whether you want to keep your own script around to do the tarring and FTPing, or whether you'd prefer borgmatic to handle that for you from a common configuration file.

Let me know if that sounds like either of those will work for you.

Not sure what the Borg author had in mind, but my *guess* is that the operation of tarring up the Borg repo could result in an inconsistent/broken tarball if another process happens to be writing to the Borg repository at the same time. Given what you've said so far, and looking at the contents of your script, there *shouldn't* be another process writing to the Borg repository at the same time as the `tar` operation. But if you wanted to protect against that just to be safe, here's what I'd recommend. You can implement one of the two following options: 1. Change the `tar` command in your script to be wrapped with a `borg with-lock` invocation, referencing the desired repository. That should work with no changes to borgmatic. I'm saying that based on my understanding that, anytime borgmatic invokes Borg, Borg takes out its own repository lock. 2. Or, move both the `tar` invocation and the "send through ftp" invocation into borgmatic's hooks configuration as an `after_backup` hook. There, you'd still have to wrap the `tar` invocation with `borg with-lock`. Given that you'd be calling `with-lock` yourself, that wouldn't require any borgmatic changes either. Which one you do depends on whether you want to keep your own script around to do the tarring and FTPing, or whether you'd prefer borgmatic to handle that for you from a common configuration file. Let me know if that sounds like either of those will work for you.
patricko commented 2018-07-30 18:37:42 +00:00
Author
Copy Link

Ok so, I just discovered how the command is used thanks to you... I think borgbackup docs are not so obvious lol

so I can use it like that:

borg with-lock repo ls -l repo

both options are the same, right? it's just that if I choose option 2 I need to remake my script

Ok so, I just discovered how the command is used thanks to you... I think borgbackup docs are not so obvious lol so I can use it like that: borg with-lock repo ls -l repo both options are the same, right? it's just that if I choose option 2 I need to remake my script
witten commented 2018-07-31 04:56:32 +00:00
Owner
Copy Link

Yup, basically the same thing in either case. Really a matter of preference.

Yup, basically the same thing in either case. Really a matter of preference.
patricko commented 2018-07-31 17:47:40 +00:00
Author
Copy Link

ok then I understand better, borgmatic will automatically lock the repo as it's calling borg (and I suppose it's a default setting?)

If I lock the repo when doing tar, it will prevent me from doing anything to the repo manually while the script is running.

So I guess the solution is found and sorry, in the end it was not really related to borgmatic (well I learned about the "after_backup" hook though)

Thank you :P

ok then I understand better, borgmatic will automatically lock the repo as it's calling borg (and I suppose it's a default setting?) If I lock the repo when doing tar, it will prevent me from doing anything to the repo manually while the script is running. So I guess the solution is found and sorry, in the end it was not really related to borgmatic (well I learned about the "after_backup" hook though) Thank you :P
witten commented 2018-08-01 05:09:44 +00:00
Owner
Copy Link

That's all correct. No need to apologize.. Always happy to help!

That's all correct. No need to apologize.. Always happy to help!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
spot-check
1.8.10
1.8.9
1.8.8
1.8.7
1.8.6
1.8.5
1.8.4
1.8.3
1.8.2
1.8.1
1.8.0
1.7.15
1.7.14
1.7.13
1.7.12
1.7.11
1.7.10
1.7.9
1.7.8
1.7.7
1.7.6
1.7.5
1.7.4
1.7.3
1.7.2
1.7.1
1.7.0
1.6.6
1.6.5
1.6.4
1.6.3
1.6.2
1.6.1
1.6.0
1.5.24
1.5.23
1.5.22
1.5.21
1.5.20
1.5.19
1.5.18
1.5.17
1.5.16
1.5.15
1.5.14
1.5.13
1.5.12
1.5.11
1.5.10
1.5.9
1.5.8
1.5.7
1.5.7.dev0
1.5.6
1.5.5
1.5.4
1.5.3
1.5.2
1.5.1
1.5.0
1.4.22
1.4.21
1.4.20
1.4.19
1.4.18
1.4.17
1.4.16
1.4.15
1.4.14
1.4.13
1.4.12
1.4.11
1.4.10
1.4.9
1.4.8
1.4.7
1.4.6
1.4.5
1.4.4
1.4.3
1.4.2
1.4.1
1.4.0
1.3.26
1.3.25
1.3.24
1.3.23
1.3.22
1.3.21
1.3.20
1.3.19
1.3.18
1.3.17
1.3.16
1.3.15
1.3.14
1.3.13
1.3.12
1.3.11
1.3.10
1.3.9
1.3.8
1.3.7
1.3.6
1.3.5
1.3.4
1.3.3
1.3.2
1.3.1
1.3.0
1.2.18
1.2.17
1.2.16
1.2.15
1.2.14
1.2.13
1.2.12
1.2.11
1.2.10
1.2.9
1.2.8
1.2.7
1.2.6
1.2.5
1.2.4
1.2.3
1.2.2
1.2.1
1.2.0
1.1.15
1.1.14
1.1.13
1.1.12
1.1.11
1.1.10
1.1.9
1.1.7
1.1.6
1.1.5
1.1.4
1.1.3
1.1.2
1.1.1
1.1.0
1.0.3
1.0.2
1.0.1
1.0.0
0.1.8
0.1.7
0.1.6
0.1.5
0.1.4
0.1.3
0.1.2
0.1.1
0.1.0
0.0.7
0.0.6
0.0.5
0.0.4
0.0.3
0.0.2
Labels
Clear labels   
bug

   
data loss

   
design finalized

   
good first issue

   
new feature area

   
question / support

   
security

   
waiting for response
No Label
bug
data loss
design finalized
good first issue
new feature area
question / support
security
waiting for response
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: borgmatic-collective/borgmatic#79
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?