BorgBackup

BorgBackup manages efficient and secure data backup by employing a deduplicating archiver with compression and encryption. The technical architecture of Borg is built around global data deduplication, which significantly reduces storage requirements by only storing unique data blocks. This is achieved through a rolling hash algorithm that identifies and eliminates duplicate data segments.

Borg supports various compression algorithms, including lz4, zstd, zlib, and lzma, allowing for a balance between speed and compression ratio. Additionally, it uses AES encryption via OpenSSL, authenticated by a HMAC, to ensure the security and integrity of the backups. This makes Borg suitable for storing backups on untrusted targets, such as off-site servers accessible over SSH, where performance gains can be substantial if Borg is installed on the remote host.

Operationally, Borg allows backups to be mounted as filesystems using FUSE, enabling easy interactive examination and restoration of files. The tool is designed for ease of use, with simple commands for creating and managing backup repositories and archives. However, it is important to note that the upcoming version 2.0, currently in beta, will introduce breaking changes and require a non-reversible upgrade process.

Key technical details include the support for various platforms such as Linux, macOS, and BSD, with pre-built binaries available for these systems. Borg also handles special files like hardlinks, symlinks, and device files, and it includes metadata like owner/group permissions and POSIX ACLs in the backup archives. The project emphasizes the importance of verifying the integrity of backups, and it provides extensive documentation on its internal workings and security practices, including GPG key verification for binary signatures.