docker.recipes

BorgBackup Server

intermediate

Deduplicating backup server.

Overview

BorgBackup is a deduplicating backup program that provides secure, compressed backups with client-side encryption. Originally developed as a fork of Attic, Borg has become the go-to solution for efficient backup storage, using content-defined chunking to identify and eliminate duplicate data across backups. This Docker configuration deploys a centralized Borg backup server using the nold360/borgserver image, which provides SSH-based access for multiple Borg clients to store their encrypted backup repositories remotely. The borgserver container creates a dedicated SSH server listening on port 2222, allowing Borg clients to connect and manage their backup repositories securely. The server handles authentication through SSH public keys stored in a dedicated volume, while backup data is stored in a separate persistent volume. This architecture enables multiple clients to back up to the same server while maintaining complete isolation between repositories and leveraging Borg's advanced deduplication algorithms that can reduce storage requirements by 50-90% compared to traditional backup methods. This setup is ideal for organizations and advanced users who need a centralized, secure backup solution that maximizes storage efficiency. System administrators managing multiple servers, developers working on distributed teams, and homelab enthusiasts with multiple systems will benefit from Borg's combination of security, efficiency, and reliability. The containerized deployment simplifies server maintenance while preserving all of Borg's powerful features including incremental backups, compression, and client-side encryption.

Key Features

  • Content-defined chunking deduplication reduces backup storage by 50-90% across all client repositories
  • Client-side AES-256 encryption ensures backup data remains secure even if the server is compromised
  • SSH-based authentication with public key management for secure multi-client access
  • Incremental backup support with efficient delta storage using rolling hash algorithms
  • Built-in compression using LZ4, ZLIB, LZMA, or ZSTD algorithms for optimal space utilization
  • Repository integrity verification with cryptographic checksums and repair capabilities
  • Cross-platform client compatibility supporting Linux, macOS, Windows, and BSD systems
  • Atomic backup operations ensuring repository consistency even during interrupted transfers

Common Use Cases

  • 1Centralized backup server for multiple development workstations and production servers
  • 2Homelab backup solution for NAS devices, virtual machines, and personal computers
  • 3Small business infrastructure backup with encrypted offsite storage requirements
  • 4Development team collaboration requiring shared backup storage with individual repository isolation
  • 5Docker container and persistent volume backup for containerized application environments
  • 6Long-term archival storage with space-efficient deduplication for compliance requirements
  • 7Multi-tenant backup service where different users need isolated encrypted repositories

Prerequisites

  • Docker and Docker Compose installed with at least 512MB RAM allocated for the container
  • Port 2222 available and accessible from client machines that will perform backups
  • SSH public keys generated for each client that will connect to the backup server
  • Sufficient disk space for backup repositories (calculate based on data size minus expected deduplication savings)
  • Basic understanding of SSH key authentication and Borg client configuration
  • Network connectivity and firewall rules allowing SSH access on port 2222 from backup clients

For development & testing. Review security settings, change default credentials, and test thoroughly before production use. See Terms

docker-compose.yml

docker-compose.yml
1services: 
2  borgserver: 
3    image: nold360/borgserver:latest
4    container_name: borgserver
5    restart: unless-stopped
6    environment: 
7      PUID: 1000
8      PGID: 1000
9    volumes: 
10      - borg_backup:/backup
11      - borg_sshkeys:/sshkeys
12    ports: 
13      - "2222:22"
14
15volumes: 
16  borg_backup: 
17  borg_sshkeys:

.env Template

.env
1# Add SSH keys to sshkeys volume

Usage Notes

  1. 1Docs: https://borgbackup.readthedocs.io/
  2. 2SSH-based backup server on port 2222
  3. 3Add client SSH public keys to /sshkeys volume
  4. 4Client init: borg init ssh://user@server:2222/backup/myrepo
  5. 5Deduplication saves 50-90% space on typical backups
  6. 6Export BORG_PASSPHRASE on client for automation

Quick Start

terminal
1# 1. Create the compose file
2cat > docker-compose.yml << 'EOF'
3services:
4  borgserver:
5    image: nold360/borgserver:latest
6    container_name: borgserver
7    restart: unless-stopped
8    environment:
9      PUID: 1000
10      PGID: 1000
11    volumes:
12      - borg_backup:/backup
13      - borg_sshkeys:/sshkeys
14    ports:
15      - "2222:22"
16
17volumes:
18  borg_backup:
19  borg_sshkeys:
20EOF
21
22# 2. Create the .env file
23cat > .env << 'EOF'
24# Add SSH keys to sshkeys volume
25EOF
26
27# 3. Start the services
28docker compose up -d
29
30# 4. View logs
31docker compose logs -f

One-Liner

Run this command to download and set up the recipe in one step:

terminal
1curl -fsSL https://docker.recipes/api/recipes/borg-backup/run | bash

Troubleshooting

  • Permission denied (publickey): Ensure client SSH public keys are properly added to the /sshkeys volume and the container has been restarted
  • Repository does not exist error: Initialize the repository first using 'borg init --encryption=repokey ssh://user@server:2222/backup/reponame'
  • Connection refused on port 2222: Verify the container is running and port 2222 is not blocked by firewall rules
  • Lock timeout errors during backup: Another Borg process may be running - check for stale locks or wait for concurrent operations to complete
  • BORG_PASSPHRASE required: Set the BORG_PASSPHRASE environment variable on the client or use 'export BORG_PASSPHRASE=your_passphrase'
  • Insufficient space errors: Monitor the backup volume usage and consider pruning old archives using 'borg prune' with appropriate retention policies

Community Notes

Loading...
Loading notes...

Download Recipe Kit

Get all files in a ready-to-deploy package

Includes docker-compose.yml, .env template, README, and license

Components

borgbackup

Tags

#borg#backup#dedup#encrypted

Category

Storage & Backup

Related Recipes

Ad Space