forked from TrueCloudLab/restic
Merge pull request #1245 from anarcat/faq
add explanation of restic automation
This commit is contained in:
commit
e91749bbb0
2 changed files with 28 additions and 1 deletions
|
@ -19,7 +19,7 @@ import os
|
||||||
# Add any Sphinx extension module names here, as strings. They can be
|
# Add any Sphinx extension module names here, as strings. They can be
|
||||||
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
|
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
|
||||||
# ones.
|
# ones.
|
||||||
extensions = []
|
extensions = ['sphinx.ext.extlinks']
|
||||||
|
|
||||||
# Add any paths that contain templates here, relative to this directory.
|
# Add any paths that contain templates here, relative to this directory.
|
||||||
templates_path = ['_templates']
|
templates_path = ['_templates']
|
||||||
|
@ -104,3 +104,7 @@ html_static_path = ['_static']
|
||||||
|
|
||||||
# Output file base name for HTML help builder.
|
# Output file base name for HTML help builder.
|
||||||
htmlhelp_basename = 'resticdoc'
|
htmlhelp_basename = 'resticdoc'
|
||||||
|
|
||||||
|
extlinks = {
|
||||||
|
'issue': ('https://github.com/restic/restic/issues/%s', '#'),
|
||||||
|
}
|
||||||
|
|
23
doc/faq.rst
23
doc/faq.rst
|
@ -26,3 +26,26 @@ The message means that there is more data stored in the repo than
|
||||||
strictly necessary. With high probability this is duplicate data. In
|
strictly necessary. With high probability this is duplicate data. In
|
||||||
order to clean it up, the command ``restic prune`` can be used. The
|
order to clean it up, the command ``restic prune`` can be used. The
|
||||||
cause of this bug is not yet known.
|
cause of this bug is not yet known.
|
||||||
|
|
||||||
|
How can I specify encryption passwords automatically?
|
||||||
|
-----------------------------------------------------
|
||||||
|
|
||||||
|
When you run ``restic backup``, you need to enter the passphrase on
|
||||||
|
the console. This is not very convenient for automated backups, so you
|
||||||
|
can also provide the password through the ``--password-file`` option
|
||||||
|
or ``RESTIC_PASSWORD`` environment. A discussion is in progress over
|
||||||
|
implementing unattended backups happens in :issue:`533`.
|
||||||
|
|
||||||
|
.. important:: Be careful how you set the environment; using the env
|
||||||
|
command, a `system()` call or using inline shell
|
||||||
|
scripts (e.g. `RESTIC_PASSWORD=password borg ...`)
|
||||||
|
might expose the credentials in the process list
|
||||||
|
directly and they will be readable to all users on a
|
||||||
|
system. Using export in a shell script file should be
|
||||||
|
safe, however, as the environment of a process is
|
||||||
|
`accessible only to that user`_. Please make sure that
|
||||||
|
the permissions on the files where the password is
|
||||||
|
eventually stored are safe (e.g. `0600` and owned by
|
||||||
|
root).
|
||||||
|
|
||||||
|
.. _accessible only to that user: https://security.stackexchange.com/questions/14000/environment-variable-accessibility-in-linux/14009#14009
|
||||||
|
|
Loading…
Reference in a new issue