How To Install Borgmatic on Fedora 42

In today’s digital landscape, data protection has become more critical than ever before. System administrators and Linux enthusiasts require robust backup solutions that combine reliability, security, and ease of use. Borgmatic emerges as a powerful backup tool that addresses these needs by providing a user-friendly wrapper around the renowned BorgBackup utility.

Borgmatic simplifies the backup process through its intuitive YAML configuration files, automated scheduling capabilities, and extensive customization options. Unlike traditional backup solutions that often require complex scripting or manual intervention, Borgmatic streamlines backup operations while maintaining the advanced features that system administrators demand.

Fedora 42 represents the latest iteration of Red Hat’s cutting-edge Linux distribution, known for its bleeding-edge software packages, robust security features, and excellent hardware support. This release introduces enhanced container technologies, improved performance optimizations, and updated system management tools that make it an ideal platform for implementing comprehensive backup strategies.

The combination of Borgmatic and Fedora 42 creates a powerful ecosystem for data protection. Fedora’s commitment to open-source technologies aligns perfectly with Borgmatic’s community-driven development approach, ensuring users receive regular updates, security patches, and feature enhancements.

Modern Linux environments face numerous threats including hardware failures, ransomware attacks, accidental deletions, and system corruption. A well-implemented backup strategy using Borgmatic can mean the difference between minor inconvenience and catastrophic data loss. The importance of reliable backups extends beyond individual files to include system configurations, application data, and user settings that collectively represent countless hours of work and customization.

Understanding Borgmatic: Key Features and Benefits

Borgmatic distinguishes itself from other backup solutions through its comprehensive feature set and user-centric design philosophy. The tool serves as an intelligent wrapper around BorgBackup, inheriting its deduplication capabilities, encryption strength, and cross-platform compatibility while adding layers of convenience and automation.

Deduplication and Compression: Borgmatic leverages BorgBackup’s advanced deduplication algorithms to eliminate redundant data across backup archives. This technology significantly reduces storage requirements by identifying and storing only unique data blocks, making it possible to maintain multiple backup versions without proportional storage growth. The built-in compression further optimizes storage utilization.

Encryption and Security: Security remains paramount in backup strategies. Borgmatic supports multiple encryption modes including AES-256 encryption with authenticated encryption modes. Repository encryption ensures that backup data remains protected even if storage media falls into unauthorized hands. The tool supports both passphrase-based and key-based encryption methods.

YAML Configuration: The human-readable YAML configuration format eliminates the complexity traditionally associated with backup tool configuration. Users can define backup sources, destinations, retention policies, and advanced options using straightforward syntax that promotes maintainability and reduces configuration errors.

Flexible Scheduling and Automation: Borgmatic integrates seamlessly with system scheduling tools including cron and systemd timers. This integration enables unattended backup operations that run according to predefined schedules, ensuring consistent data protection without manual intervention.

Monitoring and Notifications: The tool provides comprehensive monitoring capabilities through hooks that can trigger notifications, health checks, and custom scripts. Integration with monitoring services helps administrators maintain visibility into backup operations and quickly identify potential issues.

Cross-Platform Compatibility: Borgmatic operates across various Linux distributions, macOS, and other Unix-like systems. This compatibility ensures consistent backup strategies across heterogeneous environments and simplifies migration scenarios.

The open-source nature of Borgmatic fosters community involvement, regular security audits, and transparent development processes. Users benefit from active community support, extensive documentation, and frequent updates that address emerging needs and security concerns.

Prerequisites and System Preparation

Before installing Borgmatic on Fedora 42, several prerequisites must be satisfied to ensure successful deployment and optimal performance. Proper system preparation prevents common installation issues and establishes a solid foundation for backup operations.

System Requirements Verification: Fedora 42 systems require sufficient disk space for both the Borgmatic installation and backup repositories. A minimum of 1GB free space is recommended for the software installation, while backup repository requirements depend on the volume of data being protected. Memory requirements are minimal, though larger backup operations benefit from additional RAM.

Administrative Privileges: Borgmatic installation and configuration require root or sudo privileges. System-wide installations typically use the /etc/borgmatic/ directory for configuration files, necessitating elevated permissions for proper setup. Users should verify sudo access or coordinate with system administrators before beginning the installation process.

System Updates: Ensuring system currency before software installation prevents compatibility issues and security vulnerabilities. Fedora 42 systems should be updated to the latest package versions using the DNF package manager. This preparation step also updates system libraries and dependencies that Borgmatic relies upon.

sudo dnf update -y
sudo dnf upgrade -y

Network Connectivity: Stable internet connectivity is essential for downloading packages and dependencies. Remote backup configurations additionally require reliable network access to backup destinations. Consider network bandwidth limitations when planning backup schedules for large datasets.

BorgBackup Dependency Understanding: Borgmatic operates as a wrapper around BorgBackup, making the latter a critical dependency. BorgBackup handles the actual backup operations including deduplication, compression, and encryption, while Borgmatic provides configuration management and scheduling capabilities. Understanding this relationship helps troubleshoot issues and optimize performance.

Storage Considerations: Backup destinations require adequate storage capacity with appropriate read/write permissions. Local backup repositories need sufficient disk space with considerations for growth over time. Remote repositories require network access and proper authentication mechanisms.

Python Environment: Borgmatic requires Python 3.6 or newer, which Fedora 42 provides by default. However, users choosing alternative installation methods like pip or pipx should verify Python version compatibility and consider virtual environment implications.

Methods to Install Borgmatic on Fedora 42

Fedora 42 offers multiple pathways for installing Borgmatic, each with distinct advantages and considerations. Understanding these methods enables users to select the approach that best aligns with their system architecture and maintenance preferences.

Installing via Fedora’s Official Repositories

The official Fedora repository provides the most straightforward installation method, offering packages that have undergone testing and integration with the broader Fedora ecosystem. This approach ensures compatibility with system libraries and simplifies future updates through the standard package management workflow.

Step-by-Step Installation Process:

Update Package Cache: Begin by refreshing the DNF package cache to ensure access to the latest package information:
```
sudo dnf check-update
```
Install Borgmatic Package: Execute the primary installation command:
```
sudo dnf install borgmatic
```
Verify Installation: Confirm successful installation by checking the installed version:
```
borgmatic --version
borg --version
```

Advantages of Repository Installation:

Automatic dependency resolution ensures all required components are installed
Integration with system update mechanisms provides seamless maintenance
Digital signatures and package verification enhance security
Consistent with Fedora’s package management philosophy

Potential Limitations:

Package versions may lag behind upstream releases
Limited flexibility for version-specific requirements
Dependency conflicts with other packages may occur in complex environments

The repository installation automatically installs BorgBackup as a dependency, eliminating manual dependency management. This integration ensures version compatibility between Borgmatic and its underlying backup engine.

Installing Using pipx (Python User Environment)

Pipx provides isolated Python application installation, preventing dependency conflicts while maintaining easy access to installed applications. This method particularly benefits users requiring specific Borgmatic versions or those managing multiple Python applications.

Pipx Installation and Setup:

Install Pipx Package Manager:
```
sudo dnf install pipx
```
Configure Pipx Path Environment:
```
pipx ensurepath
```
Install Borgmatic via Pipx:
```
pipx install borgmatic
```
Verify Installation Success:
```
borgmatic --version
which borgmatic
```

Benefits of Pipx Installation:

Isolated installation prevents system library conflicts
Access to latest upstream versions
Easy application updates and removal
User-level installation doesn’t require system modifications

Considerations:

Requires separate BorgBackup installation
PATH configuration may need manual adjustment
Additional maintenance overhead for managing isolated environments

Installing via pip (User Scope)

Traditional pip installation offers maximum flexibility for users comfortable with Python package management. This method provides access to development versions and enables precise version control for specialized requirements.

User-Scope Pip Installation:

Install Prerequisites:

sudo dnf install python3-pip python3-devel

Install Borgmatic for Current User:
```
pip3 install --user borgmatic
```

Update PATH Variable:

echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.bashrc
source ~/.bashrc

Verify Installation:
```
borgmatic --version
```

Pip Installation Advantages:

Maximum version control and flexibility
Access to development and pre-release versions
Integration with Python development workflows
Minimal system impact

Potential Challenges:

Manual dependency management required
PATH configuration complexity
Potential conflicts with system Python packages
Requires ongoing maintenance for security updates

Post-Installation Checklist

Completing the installation process requires verification steps that ensure proper software functionality and system integration. A comprehensive post-installation checklist prevents common configuration issues and establishes baseline functionality.

Version Verification: Confirm both Borgmatic and BorgBackup installations by checking version information. Version mismatches or missing components can cause operational failures:

borgmatic --version
borg --version

Dependency Assessment: Verify that all required dependencies are properly installed and accessible. Missing dependencies may not immediately manifest but can cause failures during backup operations:

borgmatic --help

Command Accessibility: Ensure borgmatic commands are accessible from the standard shell environment. PATH configuration issues can prevent normal operation:

which borgmatic
which borg

Permission Verification: Test command execution with appropriate privilege levels. Some operations require elevated permissions while others should function with standard user rights:

sudo borgmatic --help
borgmatic --help

Configuration Directory Check: Verify the existence and permissions of configuration directories. Proper directory structure prevents configuration file issues:

ls -la /etc/borgmatic/
ls -la ~/.config/borgmatic/

Initial Configuration of Borgmatic

Borgmatic’s configuration system balances simplicity with comprehensive functionality through its YAML-based approach. Proper initial configuration establishes the foundation for reliable backup operations and determines the scope and behavior of backup activities.

Directory Setup and Permissions

System-Wide Configuration: System-wide configurations reside in /etc/borgmatic/ and affect all system users. This approach suits multi-user environments and server deployments where centralized backup management is preferred:

sudo mkdir -p /etc/borgmatic
sudo chmod 755 /etc/borgmatic

User-Specific Configuration: Individual user configurations use ~/.config/borgmatic/ and provide personalized backup settings without affecting other users:

mkdir -p ~/.config/borgmatic
chmod 755 ~/.config/borgmatic

Permission Best Practices: Configuration files should be readable by the backup user but protected from unauthorized access. Sensitive information like encryption keys requires additional protection:

sudo chmod 600 /etc/borgmatic/config.yaml
chmod 600 ~/.config/borgmatic/config.yaml

Generating the Configuration File

Borgmatic provides a configuration generator that creates comprehensive template files with detailed explanations and examples. This automated approach prevents common configuration errors and introduces users to available options.

Generate System Configuration:

sudo borgmatic config generate

Generate User Configuration:

borgmatic config generate --destination ~/.config/borgmatic/config.yaml

Configuration File Structure: The generated configuration file contains extensive comments explaining each option. Major sections include:

Source Directories: Defines which files and directories to backup
Repository Settings: Specifies backup destinations and access methods
Retention Policies: Controls how long backups are retained
Encryption Settings: Configures security and access controls
Hooks and Monitoring: Defines pre/post backup actions and notifications

Editing and Customizing Configuration

Essential Configuration Elements: Successful backup operations require proper configuration of source directories, destination repositories, and retention policies. These fundamental settings determine what gets backed up, where it goes, and how long it’s kept.

Source Directory Configuration:

source_directories:
    - /home
    - /etc
    - /var/log
    - /opt

Repository Configuration:

repositories:
    - /mnt/backup/borg-repo
    - user@backup-server:/backup/repos/hostname

Retention Policy Setup:

retention:
    keep_daily: 7
    keep_weekly: 4
    keep_monthly: 6
    keep_yearly: 2

Encryption Configuration: Choose encryption methods based on security requirements and key management preferences:

encryption_passphrase: "your-secure-passphrase"
# OR
encryption_passcommand: "pass show borg-passphrase"

Advanced Configuration Options: Borgmatic supports sophisticated configuration scenarios including multiple configuration files for different backup policies. The /etc/borgmatic.d/ directory enables modular configurations:

sudo mkdir -p /etc/borgmatic.d

Individual configuration files in this directory handle specific backup scenarios such as database backups, application data, or user files.

Creating and Managing Borg Backup Repositories

Backup repositories serve as the destination for all backup data and require proper initialization before use. Repository creation involves encryption setup, access configuration, and initial formatting that establishes the foundation for all subsequent backup operations.

Local Repository Creation: Local repositories reside on directly attached storage devices including internal drives, external USB drives, or network-mounted filesystems:

borg init --encryption=repokey-blake2 /mnt/backup/borg-repo

Remote Repository Setup: Remote repositories enable offsite backup storage through SSH connections. This approach provides geographic separation and additional protection against local disasters:

borg init --encryption=repokey-blake2 user@backup-server:/backup/repos/hostname

Encryption Mode Selection: BorgBackup offers several encryption modes with different security and usability characteristics:

repokey-blake2: Stores encryption key in repository with BLAKE2b hashing
keyfile-blake2: Stores encryption key in separate file with BLAKE2b hashing
authenticated-blake2: Provides authentication without encryption
none: No encryption (not recommended for sensitive data)

SSH Key Configuration: Remote repositories require SSH authentication setup for unattended operation:

ssh-keygen -t ed25519 -f ~/.ssh/borg_backup_key
ssh-copy-id -i ~/.ssh/borg_backup_key.pub user@backup-server

Repository Verification: After initialization, verify repository accessibility and proper configuration:

borg info /mnt/backup/borg-repo
borg list /mnt/backup/borg-repo

Multiple Repository Management: Advanced configurations may employ multiple repositories for different data types or backup frequencies. This approach enables tailored retention policies and optimizes storage utilization.

Running and Scheduling Backups

Effective backup strategies require both manual execution capabilities for testing and automated scheduling for consistent data protection. Understanding both operational modes ensures reliable backup coverage and enables troubleshooting when issues arise.

Manual Backup Runs

Basic Backup Execution: Manual backup runs provide immediate feedback and enable testing of configuration changes:

sudo borgmatic

Verbose Output: Detailed output assists with troubleshooting and monitoring backup progress:

sudo borgmatic --verbosity 1

Dry Run Testing: Test configuration changes without actually performing backup operations:

sudo borgmatic --dry-run

Specific Configuration Files: Execute backups using specific configuration files for targeted operations:

sudo borgmatic --config /etc/borgmatic.d/database-backup.yaml

Output Interpretation: Borgmatic provides comprehensive output including:

Files processed and transfer statistics
Deduplication savings and compression ratios
Repository size changes and available space
Error messages and warnings requiring attention

Automated Scheduling with Cron

Cron Integration: Traditional cron scheduling provides reliable automation for backup operations. System-wide backups typically use root’s crontab while user backups employ individual crontabs:

sudo crontab -e

Sample Cron Entries:

# Daily backup at 2:00 AM
0 2 * * * /usr/bin/borgmatic

# Weekly full backup on Sundays at 1:00 AM  
0 1 * * 0 /usr/bin/borgmatic --config /etc/borgmatic.d/weekly.yaml

# Database backup every 6 hours
0 */6 * * * /usr/bin/borgmatic --config /etc/borgmatic.d/database.yaml

Environment Variables: Cron environments may lack necessary environment variables. Consider using wrapper scripts or explicitly setting required variables:

#!/bin/bash
export PATH="/usr/local/bin:/usr/bin:/bin"
/usr/bin/borgmatic

Logging and Monitoring: Capture backup output for monitoring and troubleshooting purposes:

0 2 * * * /usr/bin/borgmatic >> /var/log/borgmatic.log 2>&1

Systemd Integration

Systemd Service Creation: Modern Linux systems benefit from systemd integration which provides superior process management and logging capabilities:

sudo systemctl edit --force --full borgmatic.service

Service Unit Configuration:

[Unit]
Description=Borgmatic Backup
After=network.target

[Service]
Type=oneshot
ExecStart=/usr/bin/borgmatic
User=root
Group=root

[Install]
WantedBy=multi-user.target

Timer Unit Setup: Systemd timers provide advanced scheduling capabilities with built-in logging and monitoring:

sudo systemctl edit --force --full borgmatic.timer

Timer Configuration:

[Unit]
Description=Run Borgmatic Backup
Requires=borgmatic.service

[Timer]
OnCalendar=daily
Persistent=true
RandomizedDelaySec=300

[Install]
WantedBy=timers.target

Enable and Start Timer:

sudo systemctl enable borgmatic.timer
sudo systemctl start borgmatic.timer
sudo systemctl status borgmatic.timer

Systemd Advantages: Systemd integration provides superior process management, automatic restart capabilities, comprehensive logging, and integration with system monitoring tools.

Restoring Data with Borgmatic

Data restoration represents the ultimate test of backup system effectiveness. Borgmatic provides flexible restoration capabilities ranging from complete system recovery to selective file retrieval, ensuring users can recover from various data loss scenarios.

Archive Listing: Begin restoration by identifying available backup archives:

borgmatic list

Detailed Archive Information: Examine specific archives to understand their contents and creation dates:

borgmatic info --archive hostname-2024-07-25T14:30:15

Complete Archive Extraction: Restore entire archives to specified destinations:

borgmatic extract --destination /tmp/restore --archive hostname-2024-07-25T14:30:15

Selective File Restoration: Restore specific files or directories without extracting entire archives:

borgmatic extract --destination /tmp/restore --archive hostname-2024-07-25T14:30:15 --path home/user/documents

Pattern-Based Restoration: Use patterns to restore multiple files matching specific criteria:

borgmatic extract --destination /tmp/restore --archive hostname-2024-07-25T14:30:15 --pattern '*.conf'

Restoration Best Practices:

Always restore to temporary locations first to verify content
Test restoration procedures regularly to ensure they work correctly
Document restoration procedures for emergency situations
Consider permissions and ownership when restoring system files

Archive Mounting: Advanced users can mount archives as filesystems for browsing and selective recovery:

mkdir /mnt/borg-archive
borg mount /path/to/repo::hostname-2024-07-25T14:30:15 /mnt/borg-archive

Advanced Configuration and Use Cases

Advanced Borgmatic configurations address complex backup requirements through sophisticated features including multiple configuration files, hook scripts, database integration, and monitoring systems.

Multiple Configuration Files: Large environments benefit from modular configuration approaches using the /etc/borgmatic.d/ directory structure:

sudo mkdir -p /etc/borgmatic.d

Database Backup Integration: Borgmatic hooks enable database backups that coordinate with filesystem backups:

hooks:
    postgresql_databases:
        - name: production_db
          username: postgres
          password: secure_password
    mysql_databases:
        - name: application_db
          username: backup_user
          password: backup_password

Pre and Post Hooks: Custom scripts can execute before and after backup operations to handle application-specific requirements:

hooks:
    before_backup:
        - /usr/local/bin/stop-services.sh
    after_backup:
        - /usr/local/bin/start-services.sh
    on_error:
        - /usr/local/bin/notify-admin.sh

Monitoring Integration: Health check services can monitor backup success and alert administrators to failures:

hooks:
    healthchecks: https://hc-ping.com/your-unique-uuid
    ntfy:
        topic: backup-notifications
        server: https://ntfy.sh

Multi-Repository Strategies: Complex environments may employ multiple repositories for different data types, retention policies, or geographic distribution:

repositories:
    - path: /mnt/local-backup/repo
      label: local
    - path: user@remote-server:/backup/repo  
      label: offsite

Bandwidth Throttling: Network backup operations can be throttled to prevent overwhelming network connections:

borg_base_directory: /tmp/borg
storage:
    upload_rate_limit: 1000  # KB/s

Troubleshooting and Common Issues

Effective troubleshooting requires systematic approaches to identify and resolve common issues that may arise during installation, configuration, or operation of Borgmatic systems.

Permission Errors: Permission-related issues frequently occur when backup processes attempt to access restricted files or directories:

# Fix permission issues by running as appropriate user
sudo borgmatic --verbosity 2

# Check file permissions causing issues
ls -la /path/to/problematic/files

Repository Lock Issues: Repository locks may persist after interrupted backup operations:

# Break locks with caution (ensure no other processes are running)
borg break-lock /path/to/repository

Network Connectivity Problems: Remote repository access issues often relate to SSH configuration or network connectivity:

# Test SSH connectivity
ssh -i ~/.ssh/borg_backup_key user@backup-server

# Verify repository accessibility  
borg info user@backup-server:/backup/repo

Disk Space Issues: Insufficient disk space on source or destination systems can cause backup failures:

# Check available space
df -h /mnt/backup

# Clean up old archives if needed
borgmatic prune --dry-run
borgmatic prune

Configuration Validation: Syntax errors in YAML configuration files cause startup failures:

# Validate configuration syntax
borgmatic --dry-run --verbosity 2

Dependency Conflicts: Package dependency issues may arise, particularly with pip installations:

# Check installed packages
pip list | grep borg

# Reinstall if necessary
pip uninstall borgmatic borgbackup
pip install borgmatic

Log Analysis: Comprehensive logging provides insights into backup operations and error conditions:

# System logs
journalctl -u borgmatic.service

# Application logs
tail -f /var/log/borgmatic.log

Community Resources: Active community support provides assistance for complex issues:

Official Borgmatic documentation and FAQ
GitHub issue tracker for bug reports and feature requests
Fedora community forums and mailing lists
BorgBackup community resources and documentation

Best Practices and Security Tips

Implementing security best practices ensures backup systems provide effective protection while maintaining confidentiality and integrity of backed-up data.

Encryption Implementation: Always employ strong encryption for backup repositories, particularly when using remote storage or removable media:

encryption_passphrase: "complex-unique-passphrase-with-symbols-123!"

Passphrase Management: Store encryption passphrases securely using dedicated password managers or encrypted key stores:

encryption_passcommand: "pass show borg/repository-key"

SSH Key Security: Use dedicated SSH keys for backup operations with restricted permissions and regular rotation:

# Generate dedicated backup keys
ssh-keygen -t ed25519 -f ~/.ssh/borg_backup_key -C "borgmatic-backup-key"

# Restrict key usage in authorized_keys
command="borg serve --restrict-to-path /backup/repos",restrict ssh-ed25519 AAAA...

Repository Verification: Regularly verify repository integrity to detect corruption or tampering:

borgmatic check --repository-only
borgmatic check --archives-only

Offsite Backup Strategy: Implement geographic separation through offsite backup repositories to protect against local disasters:

Cloud storage providers with strong security practices
Remote servers in different physical locations
Removable media stored in secure offsite locations

Restoration Testing: Regularly test restoration procedures to ensure backups are recoverable when needed:

# Schedule monthly restoration tests
0 3 1 * * /usr/local/bin/test-backup-restoration.sh

Access Control: Implement principle of least privilege for backup processes and repository access:

# Create dedicated backup user
sudo useradd -r -s /bin/false borgmatic-backup
sudo chown -R borgmatic-backup:borgmatic-backup /etc/borgmatic

Monitoring and Alerting: Implement comprehensive monitoring to detect backup failures promptly:

hooks:
    on_error:
        - /usr/local/bin/send-alert.sh "Backup failed on $(hostname)"

Update Management: Maintain current software versions to benefit from security patches and feature improvements:

# Regular update schedule
sudo dnf update borgmatic borgbackup

Uninstalling Borgmatic

Proper removal procedures ensure complete cleanup while preserving backup data and configuration files for potential future use.

DNF Package Removal: Remove Borgmatic installed through Fedora repositories:

sudo dnf remove borgmatic

Pipx Uninstallation: Remove Borgmatic installed via pipx:

pipx uninstall borgmatic

Pip User Installation Removal: Clean up pip user installations:

pip uninstall borgmatic borgbackup

Configuration Cleanup: Remove configuration files and directories:

# System-wide configurations
sudo rm -rf /etc/borgmatic
sudo rm -rf /etc/borgmatic.d

# User configurations  
rm -rf ~/.config/borgmatic

Scheduled Task Removal: Clean up cron jobs and systemd units:

# Remove cron entries
sudo crontab -e

# Disable and remove systemd units
sudo systemctl disable borgmatic.timer
sudo systemctl stop borgmatic.timer
sudo rm /etc/systemd/system/borgmatic.service
sudo rm /etc/systemd/system/borgmatic.timer
sudo systemctl daemon-reload

Repository Preservation: Backup repositories remain intact after Borgmatic removal and can be accessed using BorgBackup directly or after reinstalling Borgmatic.

Congratulations! You have successfully installed Borgmatic. Thanks for using this tutorial for installing the Borgmatic backup program on your Fedora 42 Linux system. For additional help or useful information, we recommend you check the official Borgmatic website.

VPS Manage Service Offer

If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!