The Important Files: Part 4
All notes in this series:
In these notes I create a FreeNAS jail (using iocage rather than warden), install borg inside the jail, and use borg to communicate with a remote borg server hosted by rsync.net. Initially I try using Wasabi rather than rsync.net, but decide against Wasabi.
As usual, the notes were gathered as I ran through the process, and tidied up a little afterwards, so this is not a slick guide. I go back on myself and try alternative routes.
Set up jail with borg installed §
Going to install borg in a FreeNAS jail and set it up to back up to Wasabi. Here are the official borg installation instructions.
Through the FreeNAS UI, I create jail named “borg-jail”.
(NOTE: I am using FreeNAS 11.1. Later in these notes I find out that FreeNAS is in the process of transitioning from one “jail manager” to another. From FreeNAS 11.2 onwards “iocage” will be the supported jail, but prior to 11.2 “warden” is the supported jail. FreeNAS 11.1 includes both iocage and warden, which allows you to prepare for the transition, however jails created in the UI of FreeNAS 11.1 are warden jails. At a later step I retrace my steps and recreate the jail in the CLI using iocage).
In the UI, open jail console.
Find the borg package:
The one we want is borgbackup. Install the package:
Add storage to jail §
This is so that borg can read the storage to back it up.
Select the jail in the UI and click “Add storage” at the bottom.
Set source to /mnt/storage/media
.
Set destination to /mnt/media
.
Set as read-only. Borg only needs to read from this mount, and by not allowing writes we avoid the possibility of a bug in borg (or in our mis-configuration of borg) potentially deleting the very data we are trying to preserve.
Create borg-backups storage §
As well using a remote borg server to store backups remotely, I will be using another local mount to store backups locally.
Through the UI, create a new dataset at /mnt/storage/backups
.
Add borg-backups storage to jail §
Set source to /mnt/storage/backups
.
Set destination to /mnt/backups
.
Do not set as read-only. Borg needs to write to this mount in order to store the backup repository.
Allow sshing into FreeNAS jail §
Through the UI, you can open up a console into the jail. If you want to be able to remotely SSH into the jail, follow these steps:
(NOTE: Again, this is not really necessary because further on I switch to using iocage rather than warden. I found the console in the FreeNAS UI clunky for interacting with the jail and wanted a real terminal, so decided to set up SSH. Further on when I switch to iocage this is no longer necessary, since iocage jails can only be accessed through the CLI in FreeNAS 11.1).
Edit rc.conf
:
Edit sshd_config
:
Start the SSH service:
By default the root
jail user has no password, so one needs to be set in order to log in via SSH:
Further reading on SSH in jails:
Create the backup repository §
Now let’s use borg to create a local borg repository:
Unfortunately, the above command gives the following error:
It turns out I am not the first to encounter this issue. The advice is to use an iocage jail rather than a warden jail, since warden jails are EOL for FreeNAS 11.1.
Jails: warden (old) vs iocage (new) §
FreeNAS v11.2 was scheduled to come out 20 days ago on 2018-07-09. It should include iocage as the default jail manager with the UI.
Instead of waiting for that release, let’s see if we can use the new iocage jail manager with our current installation of FreeNAS 11.1.
Creating a jail through the UI creates a warden jail by default.
To create an iocage jail it must be done through the CLI.
Switch back to the FreeNAS CLI. No more UIs from here on!
Before you can make a jail with iocage, it needs to fetch a release. Since we are using FreeNAS 11.1, we must select the 11.1-RELEASE
option. (At least, I tried using 11-2.RELEASE
and although it downloaded, it was not possible to create a jail).
Now you can create a jail named borg-jail
with iocage:
Configure iocage jail networking §
Jails created through the UI seem to be automatically configured with an IP address, while iocage jails are not:
In order for it to be useful for our purposes, we need to give it an IP address. This can be done as follows. bge0
is the name of the network interface on the FreeNAS, 192.168.0.3/24
is the address and subnet that I am assigning to borg-jail
.
Mount storage §
As with the warden jail, we need to configure this iocage jail to have storage. This can be done through the CLI as follows:
Now we can start the jail:
Unfortunately, upon starting I got this issue:
Again it turned out I am not the first person to encounter this.
Had this problem trying to start the jail after setting the fstab configuration:
Solving the resource deadlock issue §
Fortunately, I found that by simply deleting the jail and re-creating it the problem went away…!
This time however I named the jail fnbbu
rather than borg-jail
, short for FreeNAS Box Backer Upper.
Starting the jail §
This time when starting the jail I got errors about the mounted directories not existing. Fortunately simply creating the directories and then trying again seemed to fix things:
Installing borg §
Now we can go inside our fnbbu
jail and install borg:
As before…
Tentative testing… §
Ran through some quick borg examples just to verify that things are working this time:
Creating the repository worked this time - hooray!
I won’t post the commands here, but at this point I did manage to create backups in the repository, and very importantly, managed to retrieve files out of the backup and restore them in place.
rclone §
(NOTE: At this point my plan was to use rclone to copy the borg repository to Wasabi. Later I change to instead simply using borg to create a remote backup inside a remote borg repository hosted by rsync.net, removing the need for rclone).
Install rclone in same jail as borg.
The one we want is rclone, not bomberclone:
Set up rclone configuration for Wasabi:
At this point I struggled to get rclone to talk to Wasabi. This prompted me to look into other options again.
rsync.net §
There is a special discount for rsync.net users who only want to use borg, and none of the other fancy features. More about that in the next installament of these notes.