Before pruning a repo, we must ensure that the client machine backing-up to this repo has not been compromised.

For now there is a cron that checks for free space and will email tech@ when 90% is used.

Why do we keep append-only mode enabled? We could ditch it and just have automated prune, but keeping it would save us if an attack was visible enough for us to find out when it happened and roll back the borg repo (the hints.*, index.*, integrity.* files)

Prune the repo

  • On spica:
    • Remove --append-only in the corresponding client line in /home/borgy/.ssh/authorized_keys
    • Change append-only = 1 to append-only = 0 in repo/config
  • On the client:
    • Comment out the prefix: entry in /etc/borgmatic/config.yaml
    • Run borgmatic prune
  • Wait till it's finished
  • On the client:
    • Uncomment the prefix: entry in borgmatic's config
  • On spica:
    • Add --append-only in the borg serve part of the client's line in /home/borgy/.ssh/authorized_keys
    • Change back append-only = from 0 to 1 in repo/config