diff options
| author |  Joey Hess <joey@kitenet.net> | 2012-11-20 16:43:58 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2012-11-20 16:43:58 -0400 |
| commit | 0d378285e709833f87547fd6fedc4e8b2f4884c4 (patch) | |
| tree | 6caa2c4ba7710c917751d26c5bf58cce2a1163e2 /doc/special_remotes/glacier.mdwn | |
| parent | cba848b472a4ac323693b44fcef9ddbbe535c929 (diff) | |
Amazon Glacier special remote; 100% working
Diffstat (limited to 'doc/special_remotes/glacier.mdwn')
| -rw-r--r-- | doc/special_remotes/glacier.mdwn | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/doc/special_remotes/glacier.mdwn b/doc/special_remotes/glacier.mdwn new file mode 100644 index 000000000..f02f36694 --- /dev/null +++ b/doc/special_remotes/glacier.mdwn @@ -0,0 +1,51 @@ +This special remote type stores file contents in Amazon Glacier. + +To use it, you need to have [glacier-cli](http://github.com/basak/glacier-cli) +installed. + +The unusual thing about Amazon Glacier is the multiple-hour delay it takes +to retrieve information out of Glacier. To deal with this, commands like +"git-annex get" request Glacier start the retrieval process, and will fail +due to the data not yet being available. You can then wait appriximately +four hours, re-run the same command, and this time, it will actually +download the data. + +## configuration + +The standard environment variables `AWS_ACCESS_KEY_ID` and +`AWS_SECRET_ACCESS_KEY` are used to supply login credentials +for Amazon. You need to set these only when running +`git annex initremote`, as they will be cached in a file only you +can read inside the local git repository. + +A number of parameters can be passed to `git annex initremote` to configure +the Glacier remote. + +* `encryption` - Required. Either "none" to disable encryption (not recommended), + or a value that can be looked up (using gpg -k) to find a gpg encryption + key that will be given access to the remote, or "shared" which allows + every clone of the repository to access the encrypted data (use with caution). + + Note that additional gpg keys can be given access to a remote by + rerunning initremote with the new key id. See [[encryption]]. + +* `embedcreds` - Optional. Set to "yes" embed the login credentials inside + the git repository, which allows other clones to also access them. This is + the default when gpg encryption is enabled; the credentials are stored + encrypted and only those with the repository's keys can access them. + + It is not the default when using shared encryption, or no encryption. + Think carefully about who can access your repository before using + embedcreds without gpg encryption. + +* `datacenter` - Defaults to "us-east-1". + +* `vault` - Glacier requires that vaults have a globally unique name, + so by default, a vault name is chosen based on the remote name + and UUID. This can be specified to pick a valult name. + +* `fileprefix` - By default, git-annex places files in a tree rooted at the + top of the Glacier vault. When this is set, it's prefixed to the filenames + used. For example, you could set it to "foo/" in one special remote, + and to "bar/" in another special remote, and both special remotes could + then use the same vault. |