Be more explicit in documentation that you don't have to use an environment variable for passphrases.
This commit is contained in:
parent
e07efdf68f
commit
09594c85bf
1 changed files with 18 additions and 11 deletions
|
@ -9,9 +9,15 @@ eleventyNavigation:
|
||||||
|
|
||||||
If you want to use a Borg repository passphrase or database passwords with
|
If you want to use a Borg repository passphrase or database passwords with
|
||||||
borgmatic, you can set them directly in your borgmatic configuration file,
|
borgmatic, you can set them directly in your borgmatic configuration file,
|
||||||
treating those secrets like any other option value. But if you'd rather store
|
treating those secrets like any other option value. For instance, you can
|
||||||
them outside of borgmatic, whether for convenience or security reasons, read
|
specify your Borg passhprase with:
|
||||||
on.
|
|
||||||
|
```yaml
|
||||||
|
encryption_passphrase: yourpassphrase
|
||||||
|
```
|
||||||
|
|
||||||
|
But if you'd rather store them outside of borgmatic, whether for convenience
|
||||||
|
or security reasons, read on.
|
||||||
|
|
||||||
<span class="minilink minilink-addedin">New in version 1.6.4</span> borgmatic
|
<span class="minilink minilink-addedin">New in version 1.6.4</span> borgmatic
|
||||||
supports interpolating arbitrary environment variables directly into option
|
supports interpolating arbitrary environment variables directly into option
|
||||||
|
@ -20,14 +26,14 @@ pull your repository passphrase, your database passwords, or any other option
|
||||||
values from environment variables. For instance:
|
values from environment variables. For instance:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
encryption_passphrase: ${MY_PASSPHRASE}
|
encryption_passphrase: ${YOUR_PASSPHRASE}
|
||||||
```
|
```
|
||||||
|
|
||||||
<span class="minilink minilink-addedin">Prior to version 1.8.0</span> Put
|
<span class="minilink minilink-addedin">Prior to version 1.8.0</span> Put
|
||||||
this option in the `storage:` section of your configuration.
|
this option in the `storage:` section of your configuration.
|
||||||
|
|
||||||
This uses the `MY_PASSPHRASE` environment variable as your encryption
|
This uses the `YOUR_PASSPHRASE` environment variable as your encryption
|
||||||
passphrase. Note that the `{` `}` brackets are required. `$MY_PASSPHRASE` by
|
passphrase. Note that the `{` `}` brackets are required. `$YOUR_PASSPHRASE` by
|
||||||
itself will not work.
|
itself will not work.
|
||||||
|
|
||||||
In the case of `encryption_passphrase` in particular, an alternate approach
|
In the case of `encryption_passphrase` in particular, an alternate approach
|
||||||
|
@ -42,25 +48,26 @@ the same approach applies. For example:
|
||||||
```yaml
|
```yaml
|
||||||
postgresql_databases:
|
postgresql_databases:
|
||||||
- name: users
|
- name: users
|
||||||
password: ${MY_DATABASE_PASSWORD}
|
password: ${YOUR_DATABASE_PASSWORD}
|
||||||
```
|
```
|
||||||
|
|
||||||
<span class="minilink minilink-addedin">Prior to version 1.8.0</span> Put
|
<span class="minilink minilink-addedin">Prior to version 1.8.0</span> Put
|
||||||
this option in the `hooks:` section of your configuration.
|
this option in the `hooks:` section of your configuration.
|
||||||
|
|
||||||
This uses the `MY_DATABASE_PASSWORD` environment variable as your database
|
This uses the `YOUR_DATABASE_PASSWORD` environment variable as your database
|
||||||
password.
|
password.
|
||||||
|
|
||||||
|
|
||||||
### Interpolation defaults
|
### Interpolation defaults
|
||||||
|
|
||||||
If you'd like to set a default for your environment variables, you can do so with the following syntax:
|
If you'd like to set a default for your environment variables, you can do so
|
||||||
|
with the following syntax:
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
encryption_passphrase: ${MY_PASSPHRASE:-defaultpass}
|
encryption_passphrase: ${YOUR_PASSPHRASE:-defaultpass}
|
||||||
```
|
```
|
||||||
|
|
||||||
Here, "`defaultpass`" is the default passphrase if the `MY_PASSPHRASE`
|
Here, "`defaultpass`" is the default passphrase if the `YOUR_PASSPHRASE`
|
||||||
environment variable is not set. Without a default, if the environment
|
environment variable is not set. Without a default, if the environment
|
||||||
variable doesn't exist, borgmatic will error.
|
variable doesn't exist, borgmatic will error.
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue