$
, strip out $
as this character is not part of the commandcat << "EOF"
, select all lines at once (from cat << "EOF"
to EOF
inclusively) as they are part of the same (single) commandHeads-up: steps 1 to 4 are only required if using BorgBase or rsync.net (don’t forget to enable 2FA).
borg
SSH key pair (if using BorgBase or rsync.net)When asked for file in which to save key, enter borg
.
When asked for passphrase, use output from openssl rand -base64 24
(and store passphrase in password manager).
Use borg.pub
public key when configuring Borg server.
borg-append-only
SSH key pair (if using BorgBase or rsync.net)When asked for file in which to save key, enter borg-append-only
.
When asked for passphrase, leave field empty for no passphrase (this public key will be used for append-only operations).
Use borg-append-only.pub
public key when configuring Borg server.
Go to SSH Keys and add borg.pub
and borg-append-only.pub
keys.
Go to Repositories and add repository.
authorized_keys
file (if using rsync.net)authorized_keys
fileauthorized_keys
fileHeads-up: when installing Borg using
brew install borgbackup
, one can no longer runbrew mount
(see issue) so I created a tap that includes a patched version of borgbackup called borgbackup-fuse.
Heads-up: if
brew install --cask macfuse
fails, trybrew cask install macfuse
(see issue).
openssl
and add passphrase to “Keychain Access”Heads-up: replace
borg@185.112.147.115:backup
with self-hosted or cloud-based repo.
~/.config/borg
and ~/Library/Keychains
folders (learn how here)Heads-up: both key (stored in
~/.config/borg
) and passphrase (stored in~/Library/Keychains
) are required to decrypt backup.
Heads-up: replace
borg@185.112.147.115:backup
with self-hosted or cloud-based repo and set backup name.
/usr/local/bin/borg-backup.sh
script/usr/local/bin/borg-backup.sh
script/usr/local/bin/borg-list.sh
script/usr/local/bin/borg-check.sh
script/usr/local/bin/borg-restore.sh
script/usr/local/bin/borg-prune.sh
script/usr/local/var/log
directoryHeads-up: given “Borg Wrapper” is developed outside the Apple Developer Program, macOS prevents opening the app without explicit user consent (granted by clicking “Open Anyway” in “System Preferences” / “Privacy & Security”).
Backup completed
👍
👍
Done
👍
Done
👍
Done
👍
Heads-up: given “FUSE for macOS” is a third-party extension, macOS prevents using the extension without explicit user consent (granted by clicking “Allow” in “System Preferences” / “Privacy & Security”).
Done
👍
Done
👍