I’m having some trouble using the services.borgbackup options to backup from one machine to another. Both are running Nixos and are in my tailnet. I can ssh from client to target and even manually run borg create through that tailnet ssh connection. However, I have no luck configuring the services.borgbackup options to make backups work declaratively.
In my configuration I have this module:
{ config, pkgs, ... }:
{
services.borgbackup.jobs."client" = {
paths = "/home";
user = "root";
repo = "root@target:/mnt/borg2/borg_repos/TEST";
startAt = "*-*-* 12:00:00";
encryption = {
mode = "repokey-blake2";
passCommand = "cat ${config.sops.secrets."borg/client/pw".path}";
};
compression = "auto,lz4";
};
}
However after starting the service:
sudo systemctl restart borgbackup-job-client
Checking the status I get 2/INVALIDARGUMENT:
× borgbackup-job-client.service - BorgBackup job client
Loaded: loaded (/etc/systemd/system/borgbackup-job-client.service; linked; preset: ignored)
Active: failed (Result: exit-code) since Tue 2025-02-11 16:25:42 CET; 21min ago
Duration: 805ms
Invocation: 7d9f5d98e9f244f38dad92f86aa521fb
TriggeredBy: ● borgbackup-job-client.timer
Process: 136434 ExecStart=/nix/store/85vn68dhpxrx21lw4v9vvpc4qxzji46c-unit-script-borgbackup-job-client-start/bin/borgbackup-job-client-start (code=exited, status=2)
[...]
Feb 11 16:25:41 client systemd[1]: Started BorgBackup job client.
Feb 11 16:25:42 client borgbackup-job-client-start[136463]: Remote: Host key verification failed.
Feb 11 16:25:42 client borgbackup-job-client-start[136463]: Connection closed by remote host. Is borg working on the server?
Feb 11 16:25:42 client borgbackup-job-client-start[136472]: Remote: Host key verification failed.
Feb 11 16:25:42 client borgbackup-job-client-start[136472]: Connection closed by remote host. Is borg working on the server?
Feb 11 16:25:42 client systemd[1]: borgbackup-job-client.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
Feb 11 16:25:42 client systemd[1]: borgbackup-job-client.service: Failed with result 'exit-code'.
Feb 11 16:25:42 client systemd[1]: borgbackup-job-client.service:
Manually executing the failing ExecStart script gives:
[...]
borg list: error: argument REPOSITORY_OR_ARCHIVE: Invalid location format: ""
[...]
borg init: error: argument REPOSITORY: Invalid location format: ""
The BORG_REPO environment variable is set correctly, but these commands seem to expect another variable. Is the repo syntax not correct? Or is do the host key errors indicate that a ssh target without a key somehow not supported?
The working borg create:
export BORG_REPO=ssh://root@target/mnt/borg2/borg_repos/TEST
borg create --verbose --filter AME --list --show-rc --stats --progress --compression lz4 ::{hostname}-{now} /home