Merge pull request #1245 from anarcat/faq

add explanation of restic automation
This commit is contained in:
Alexander Neumann 2017-09-19 10:46:55 +02:00
commit e91749bbb0
2 changed files with 28 additions and 1 deletions

View file

@ -19,7 +19,7 @@ import os
# Add any Sphinx extension module names here, as strings. They can be # Add any Sphinx extension module names here, as strings. They can be
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones. # ones.
extensions = [] extensions = ['sphinx.ext.extlinks']
# Add any paths that contain templates here, relative to this directory. # Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates'] templates_path = ['_templates']
@ -104,3 +104,7 @@ html_static_path = ['_static']
# Output file base name for HTML help builder. # Output file base name for HTML help builder.
htmlhelp_basename = 'resticdoc' htmlhelp_basename = 'resticdoc'
extlinks = {
'issue': ('https://github.com/restic/restic/issues/%s', '#'),
}

View file

@ -26,3 +26,26 @@ The message means that there is more data stored in the repo than
strictly necessary. With high probability this is duplicate data. In strictly necessary. With high probability this is duplicate data. In
order to clean it up, the command ``restic prune`` can be used. The order to clean it up, the command ``restic prune`` can be used. The
cause of this bug is not yet known. cause of this bug is not yet known.
How can I specify encryption passwords automatically?
-----------------------------------------------------
When you run ``restic backup``, you need to enter the passphrase on
the console. This is not very convenient for automated backups, so you
can also provide the password through the ``--password-file`` option
or ``RESTIC_PASSWORD`` environment. A discussion is in progress over
implementing unattended backups happens in :issue:`533`.
.. important:: Be careful how you set the environment; using the env
command, a `system()` call or using inline shell
scripts (e.g. `RESTIC_PASSWORD=password borg ...`)
might expose the credentials in the process list
directly and they will be readable to all users on a
system. Using export in a shell script file should be
safe, however, as the environment of a process is
`accessible only to that user`_. Please make sure that
the permissions on the files where the password is
eventually stored are safe (e.g. `0600` and owned by
root).
.. _accessible only to that user: https://security.stackexchange.com/questions/14000/environment-variable-accessibility-in-linux/14009#14009