add explanation of restic automation

every time i look at restic, i block on this and figured it may be useful for others
This commit is contained in:
Antoine Beaupré 2017-09-16 10:17:36 -04:00
parent c784a15aaa
commit 7a0b4428e3
No known key found for this signature in database
GPG key ID: 3EA1DDDDB261D97B
2 changed files with 25 additions and 1 deletions

View file

@ -19,7 +19,7 @@ import os
# Add any Sphinx extension module names here, as strings. They can be # Add any Sphinx extension module names here, as strings. They can be
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom # extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
# ones. # ones.
extensions = [] extensions = ['sphinx.ext.extlinks']
# Add any paths that contain templates here, relative to this directory. # Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates'] templates_path = ['_templates']
@ -104,3 +104,7 @@ html_static_path = ['_static']
# Output file base name for HTML help builder. # Output file base name for HTML help builder.
htmlhelp_basename = 'resticdoc' htmlhelp_basename = 'resticdoc'
extlinks = {
'issue': ('https://github.com/restic/restic/issues/%s', '#'),
}

View file

@ -26,3 +26,23 @@ The message means that there is more data stored in the repo than
strictly necessary. With high probability this is duplicate data. In strictly necessary. With high probability this is duplicate data. In
order to clean it up, the command ``restic prune`` can be used. The order to clean it up, the command ``restic prune`` can be used. The
cause of this bug is not yet known. cause of this bug is not yet known.
How can I specify encryption passwords automatically?
-----------------------------------------------------
When you run ``restict create``, you need to enter the passphrase on
the console. This is not very convenient for automated backups, so you
can also provide the password through the ``--password-file`` option
or ``RESTIC_PASSWORD`` environment. A discussion is in progress over
implementing unattended backups happens in :issue:`533`.
.. important:: Be careful how you set the environment; using the env
command, a `system()` call or using inline shell
scripts (e.g. `RESTIC_PASSWORD=password borg ...`)
might expose the credentials in the process list
directly and they will be readable to all users on a
system. Using export in a shell script file should be
safe, however, as the environment of a process is
`accessible only to that user`_.
.. _accessible only to that user: https://security.stackexchange.com/questions/14000/environment-variable-accessibility-in-linux/14009#14009