azure domain can be overridden with env variable
This commit is contained in:
Michael Eischer 2023-07-07 21:17:01 +00:00 committed by GitHub
commit 825651a135
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 35 additions and 6 deletions

View file

@ -0,0 +1,10 @@
Enhancement: Add support for non-global Azure clouds
Restic backups on Azure only supported storages using the global domain
`core.windows.net`. This meant that backups to other domains such as Azure
China (`core.chinacloudapi.cn') or Azure Germany (`core.cloudapi.de`) were
not supported. Restic now allows overriding the global domain using the
environment variable `AZURE_ENDPOINT_SUFFIX'.
https://github.com/restic/restic/issues/2468
https://github.com/restic/restic/pull/4387

View file

@ -537,6 +537,13 @@ or
$ export AZURE_ACCOUNT_NAME=<ACCOUNT_NAME>
$ export AZURE_ACCOUNT_SAS=<SAS_TOKEN>
Restic will by default use Azure's global domain ``core.windows.net`` as endpoint suffix.
You can specify other suffixes as follows:
.. code-block:: console
$ export AZURE_ENDPOINT_SUFFIX=<ENDPOINT_SUFFIX>
Afterwards you can initialize a repository in a container called ``foo`` in the
root path like this:

View file

@ -614,6 +614,7 @@ environment variables. The following lists these environment variables:
AZURE_ACCOUNT_NAME Account name for Azure
AZURE_ACCOUNT_KEY Account key for Azure
AZURE_ACCOUNT_SAS Shared access signatures (SAS) for Azure
AZURE_ENDPOINT_SUFFIX Endpoint suffix for Azure Storage (default: core.windows.net)
GOOGLE_PROJECT_ID Project ID for Google Cloud Storage
GOOGLE_APPLICATION_CREDENTIALS Application Credentials for Google Cloud Storage (e.g. $HOME/.config/gs-secret-restic-key.json)

View file

@ -53,7 +53,13 @@ func open(cfg Config, rt http.RoundTripper) (*Backend, error) {
var client *azContainer.Client
var err error
url := fmt.Sprintf("https://%s.blob.core.windows.net/%s", cfg.AccountName, cfg.Container)
var endpointSuffix string
if cfg.EndpointSuffix != "" {
endpointSuffix = cfg.EndpointSuffix
} else {
endpointSuffix = "core.windows.net"
}
url := fmt.Sprintf("https://%s.blob.%s/%s", cfg.AccountName, endpointSuffix, cfg.Container)
opts := &azContainer.ClientOptions{
ClientOptions: azcore.ClientOptions{
Transport: &http.Client{Transport: rt},

View file

@ -13,11 +13,12 @@ import (
// Config contains all configuration necessary to connect to an azure compatible
// server.
type Config struct {
AccountName string
AccountSAS options.SecretString
AccountKey options.SecretString
Container string
Prefix string
AccountName string
AccountSAS options.SecretString
AccountKey options.SecretString
EndpointSuffix string
Container string
Prefix string
Connections uint `option:"connections" help:"set a limit for the number of concurrent connections (default: 5)"`
}
@ -71,4 +72,8 @@ func (cfg *Config) ApplyEnvironment(prefix string) {
if cfg.AccountSAS.String() == "" {
cfg.AccountSAS = options.NewSecretString(os.Getenv(prefix + "AZURE_ACCOUNT_SAS"))
}
if cfg.EndpointSuffix == "" {
cfg.EndpointSuffix = os.Getenv(prefix + "AZURE_ENDPOINT_SUFFIX")
}
}