Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] borgserver

Featured Replies

https://hub.docker.com/r/nold360/borgserver

 

Quote

Debian based container image, running openssh-daemon only accessable by user named "borg" using SSH-Publickey Auth & "borgbackup" as client. Backup-Repositoriees, client's SSH-Keys & SSHd's Hostkeys will be stored in persistent storage. For every ssh-key added, a own borg-repository will be created.

 

Many Thanks for the Thread, Template and your Work!

 

For the Fixing of this too!

Greetings!

 

Revan335

Plesse fixit! @Balya

  • 10 months later...

Hello, I setup passwordless login to my unraid server from laptop. I set path in Borgserver container: image.png.b93308066c36397713b527b193122221.png

`ERROR: No SSH-Pubkey file found in /sshkeys`

Regards.

You need to create the SSH Keys that he not found.

1 hour ago, Revan335 said:

You need to create the SSH Keys that he not found.

I create ssh keys in my laptop and transfer then to unRAID with `ssh copy-id`. 

So now I have to also create keys from unRAID terminal?

Regards.

You must create the Key Pair from the Device that will Access to the Server.

For example the Client/PC make your Backup to the Borg Server Docker on Unraid.

You create the Key Pair on the Client and Copy the Public key to the Borg Server in the SSH Key Folder.

Than Reboot the Docker and he create a Folder with the Name of the SSH Key in the other Backup Folder.

Than you can Access/Backup your Client.

 

A Documentary for the Create is in the linked Thread. From mgutt. rsync-server.

 

The First is this Thread. The Second is the Thread from mgutt and his rsync-server with a Documentary for the Key Pair Creation.

Edited by Revan335

14 hours ago, Revan335 said:

You must create the Key Pair from the Device that will Access to the Server.

For example the Client/PC make your Backup to the Borg Server Docker on Unraid.

You create the Key Pair on the Client and Copy the Public key to the Borg Server in the SSH Key Folder.

Than Reboot the Docker and he create a Folder with the Name of the SSH Key in the other Backup Folder.

Than you can Access/Backup your Client.

 

A Documentary for the Create is in the linked Thread. From mgutt. rsync-server.

 

The First is this Thread. The Second is the Thread from mgutt and his rsync-server with a Documentary for the Key Pair Creation.

Hi, I copy key from my laptop (called matebook.pub) to /mnt/user/borg/sshkeys/clients/ and it still shows me that there's no key:
 

ERROR: No SSH-Pubkey file found in /sshkeys

image.thumb.png.f4299680f77a233e47bf7a5a652e57b9.png

I change owner like for /backup folder and also don't see that key.

 

image.thumb.png.9da938b771477c4a0118bdd17562d5ab.png

Regards.

 

Do you Restart the Docker?

Can you access the Docker/Server via terminal from your Client?

 

I renamed the keys to matebook in the Docker ssh key folder. But that is maybe Cosmetic.

  • 1 month later...

Thanks for the contribution, it's working fine! A bit of trouble at first with ssh keys in the script but nothing you can't fix with a couple of BORG variables 😄

 

Any plans for upgrade? borg version in the container is 1.1.16 and is unsupported. Could you upgrade to last stable 1.2.7?

 

Thanks

On 12/12/2023 at 11:48 AM, MarianKoniuszko said:

Hi, I copy key from my laptop (called matebook.pub) to /mnt/user/borg/sshkeys/clients/ and it still shows me that there's no key:
 

ERROR: No SSH-Pubkey file found in /sshkeys

image.thumb.png.f4299680f77a233e47bf7a5a652e57b9.png

I change owner like for /backup folder and also don't see that key.

 

image.thumb.png.9da938b771477c4a0118bdd17562d5ab.png

Regards.

 

 

I think the problem is your bind mount. You must remove the "clients" part and left only "/mnt/user/borg/sshkeys/". You must still put your keys in the clients folder but the container path must point to the parent.

2 hours ago, ChuskyX said:

Any plans for upgrade? borg version in the container is 1.1.16 and is unsupported. Could you upgrade to last stable 1.2.7?

😱 Your right. Strange, in the Docker Hub in the first Post are Posts Versions/Releases with 1.2.x Name/Tag.

 

For example https://hub.docker.com/layers/nold360/borgserver/1.2.2/images/sha256-b1eb29720204e61b925d64632bbd4ea4f0738c2b2c2154888d481d5b914ca683?context=explore

 

Is this correct or a wrong Name?

 

Maybe can @Balya bring Light in the Darkness?

Edited by Revan335

4 hours ago, Revan335 said:

😱 Your right. Strange, in the Docker Hub in the first Post are Posts Versions/Releases with 1.2.x Name/Tag.

 

For example https://hub.docker.com/layers/nold360/borgserver/1.2.2/images/sha256-b1eb29720204e61b925d64632bbd4ea4f0738c2b2c2154888d481d5b914ca683?context=explore

 

Is this correct or a wrong Name?

 

Maybe can @Balya bring Light in the Darkness?

 

I'm using the tag "latest" so it could be expected to have the last Borg version.

 

Thinking about it, Borg have a lot of compatility issues between versions, you need to convert repositories, change scripts, etc.. Maybe the latest tag points to the legacy version and only users aware of the implications of an upgrade, must use the 1.2 tag. Most users don't read the change logs prior upgrading containers and this might be needed to have reliable backups.

  • 2 months later...

Can someone tell me what I'm doing wrong?

 

Docker is set to port 22:2222

 

image.thumb.png.fcf8f1438f79d1c795cf1f0c2e5166ff.png

 

Logs look ok

 

image.png.f198faf6a9e723f15a55485cd3935fe9.png

 

Can't SSH into the docker container on 2222

 

image.png.cd9a3b8106d5118c6680f84f07e0fa68.png

 

 

In answer to the above the correct command is

SSH [email protected] -p 2222

Edited by kiwijunglist

Hmm still can't get things to work

 

I ran the borgmatic (client) container, and loaded a console in the container

Then I created a ssh key pair

Then I copied the .pub file into borgserver container, and restarted borgserver container.

 

When I try to SSH into borgserver container from borgmatic container, I get the following error:

Permission denied (publickey)

 

Edited by kiwijunglist

that error means you are trying to use a ssh password. You have to setup borgmatic to use the key. The ssh parameter is "-i keyfile". I don't use borgmatic, so i don't know where to put it.

 

I run borg directly from command line, and I use the env variable BORG_RSH to put the key, something like export BORG_RSH=' -i path/to/keyfile'

 

 

 

Edited by ChuskyX

Thanks, I got it working.  I now have borgmatic docker connecting to borg-server docker.

 

This is the config.yaml I had to use for borgmatic docker.

source_directories:
    - /mnt/user/somethingtobackuplocation

repositories:
    - path: ssh://[email protected]:2222/backup/borg
      label: backupserver

ssh_command: ssh -i /root/.ssh/borg -p 2222

 

I am now trying to get vorta-docker to work... I keep geting "invalid user" error in the borg-server docker log file.

Edited by kiwijunglist

OMG I WANT ABOUT 4 HOURS OF MY LIFE BACK! 😞

 

Debian based container image, running openssh-daemon only accessable by user named "borg" using SSH-Publickey Auth & "borgbackup" as client.

 

So you can use different SSH key pairs for multiple repos, but the username for ssh connection is always called "borg".

  • 8 months later...

How do I actually make a backup with the default settings? I've followed every issue here and I got to the point where the logs showed the connection from the client was accepted, but the client gives an error that it doesn't have permission to write to '/backup' or '/backup/borg' like kiwijunglist outlines below:

On 4/13/2024 at 1:29 AM, kiwijunglist said:

Thanks, I got it working.  I now have borgmatic docker connecting to borg-server docker.

 

This is the config.yaml I had to use for borgmatic docker.

source_directories:
    - /mnt/user/somethingtobackuplocation

repositories:
    - path: ssh://[email protected]:2222/backup/borg
      label: backupserver

ssh_command: ssh -i /root/.ssh/borg -p 2222

 

I am now trying to get vorta-docker to work... I keep geting "invalid user" error in the borg-server docker log file.

 

I did some digging and found that my authorized_keys file in ~/.ssh/ starts with

restrict,command="cd /backup/id_rsa.pub; borg serve --restrict-to-path /backup/id_rsa.pub "

which seems to limit the clients access (via the -restrict-to-path argument) to only the id_rsa.pub file. I changed the --restrict-to-path argument to allow access to the entire /backup directory and I was finally able to make a backup. The backup finished with warnings that some cert files changed during the process, however, and the authorized_keys file reverts back to the original on an update or container stop/start.

 

Did I set something up wrong to restrict access to the /backup directory? Am I backing up to the wrong target directory?

Edited by bigggtuna
punctuation

  • 2 months later...

Hi can i please have some advice on the Tailscale settings? Specifically:

 

image.png.4ee57667dd6b66367c7e3c69a5d163ee.png

 

What do these do? If i disable Tailscale SSH, how does borg communicate across-sites?

 

Thanks.

 

Edited by Derek_

On 3/7/2025 at 8:25 AM, Derek_ said:

Hi can i please have some advice on the Tailscale settings? Specifically:

 

image.png.4ee57667dd6b66367c7e3c69a5d163ee.png

 

What do these do? If i disable Tailscale SSH, how does borg communicate across-sites?

 

Thanks.

 

You don't need tailscale ssh is you already have ssh client and server to communicate with. Tailscale ssh is used to provide ssh access with tailscale credentials and/or get access to the terminal if you don't have another ssh server running.

 

Userspace networking is a fallback measure if your container can't create the tailscale tunnel the standard way.

 

Tailscale serve i guess is to use the serve command inside the container: to allow inbound connections to your container to share folders and files.

10 hours ago, ChuskyX said:

You don't need tailscale ssh is you already have ssh client and server to communicate with. Tailscale ssh is used to provide ssh access with tailscale credentials and/or get access to the terminal if you don't have another ssh server running.

 

Userspace networking is a fallback measure if your container can't create the tailscale tunnel the standard way.

 

Tailscale serve i guess is to use the serve command inside the container: to allow inbound connections to your container to share folders and files.

Thanks very much for those descriptions. I do want to use Tailscale tunneling, i'm not confident to expose SSH to the interwebs and i've used Tailscale successfully with Duplicacy. It's just that i'm not happy with Duplicacy for server to server backup. It's done well for client to server backup. I guess there's less to transmit.

 

For Tailscale Serve, i'm not sure - wouldn't that have to be a 'yes' to allow Borg to communicate back and forth?

 

Thank you :)

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.