psw/borgmatic
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Document that passphrase is used for Borg keyfile encryption, not just repokey encryption (#373).

Browse source
This commit is contained in:
Dan Helfman 2020-11-25 18:36:23 -08:00
parent c0ae01f5d5
commit 41bf520585
3 changed files with 11 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
NEWS
View file

@ -1,4 +1,5 @@
1.5.13.dev0 1.5.13.dev0
* #373: Document that passphrase is used for Borg keyfile encryption, not just repokey encryption.
* Drop support for Python 3.5, which has been end-of-lifed. * Drop support for Python 3.5, which has been end-of-lifed.
* Update versions of test dependencies (test_requirements.txt and test containers). * Update versions of test dependencies (test_requirements.txt and test containers).
* Only support black code formatter on Python 3.8+. New black dependencies make installation * Only support black code formatter on Python 3.8+. New black dependencies make installation

16
borgmatic/config/schema.yaml
View file

@ -185,19 +185,19 @@ map:
desc: | desc: |
The standard output of this command is used to unlock the The standard output of this command is used to unlock the
encryption key. Only use on repositories that were encryption key. Only use on repositories that were
initialized with passcommand/repokey encryption. Note that initialized with passcommand/repokey/keyfile encryption. Note
if both encryption_passcommand and encryption_passphrase are that if both encryption_passcommand and encryption_passphrase
set, then encryption_passphrase takes precedence. Defaults are set, then encryption_passphrase takes precedence.
to not set. Defaults to not set.
example: "secret-tool lookup borg-repository repo-name" example: "secret-tool lookup borg-repository repo-name"
encryption_passphrase: encryption_passphrase:
type: str type: str
desc: | desc: |
Passphrase to unlock the encryption key with. Only use on Passphrase to unlock the encryption key with. Only use on
repositories that were initialized with passphrase/repokey repositories that were initialized with
encryption. Quote the value if it contains punctuation, so passphrase/repokey/keyfile encryption. Quote the value if it
it parses correctly. And backslash any quote or backslash contains punctuation, so it parses correctly. And backslash
literals as well. Defaults to not set. any quote or backslash literals as well. Defaults to not set.
example: "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~" example: "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"
checkpoint_interval: checkpoint_interval:
type: int type: int

4
docs/how-to/set-up-backups.md
View file

@ -139,8 +139,8 @@ configuration](https://torsion.org/borgmatic/docs/how-to/upgrade/#upgrading-your
### Encryption ### Encryption
If you encrypt your Borg repository with a passphrase instead of a key file, If you encrypt your Borg repository with a passphrase or a key file, you'll
you'll either need to set the borgmatic `encryption_passphrase` configuration either need to set the borgmatic `encryption_passphrase` configuration
variable or set the `BORG_PASSPHRASE` environment variable. See the variable or set the `BORG_PASSPHRASE` environment variable. See the
[repository encryption [repository encryption
section](https://borgbackup.readthedocs.io/en/stable/quickstart.html#repository-encryption) section](https://borgbackup.readthedocs.io/en/stable/quickstart.html#repository-encryption)