diff options
| author |  Joey Hess <joey@kitenet.net> | 2012-11-19 17:32:58 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2012-11-19 17:32:58 -0400 |
| commit | cf415b5bd3dc63b20b5c167eaecfc431786196a3 (patch) | |
| tree | a0bb86a7130ac7834ca8338b8ac3696e167b1259 /doc/special_remotes/webdav.mdwn | |
| parent | 877ca5d739c6a80b1ee91ba00f828bc576e08569 (diff) | |
Allow controlling whether login credentials for S3 and webdav are committed to the repository, by setting embedcreds=yes|no when running initremote.
Diffstat (limited to 'doc/special_remotes/webdav.mdwn')
| -rw-r--r-- | doc/special_remotes/webdav.mdwn | 28 |
1 files changed, 18 insertions, 10 deletions
diff --git a/doc/special_remotes/webdav.mdwn b/doc/special_remotes/webdav.mdwn index 8421dd5f4..570b6f949 100644 --- a/doc/special_remotes/webdav.mdwn +++ b/doc/special_remotes/webdav.mdwn @@ -3,21 +3,29 @@ This special remote type stores file contents in a WebDAV server. ## configuration The environment variables `WEBDAV_USERNAME` and `WEBDAV_PASSWORD` are used -to supply login credentials. When encryption is enabled, they are stored in -encrypted form by `git annex initremote`. Without encryption, they are -stored in a file only you can read inside the local git repository. So you -do not need to keep the environment variables set after the initial -initalization of the remote. +to supply login credentials. You need to set these only when running +`git annex initremote`, as they will be cached in a file only you +can read inside the local git repository. A number of parameters can be passed to `git annex initremote` to configure the webdav remote. -* `encryption` - Required. Either "none" to disable encryption - (not recommended), +* `encryption` - Required. Either "none" to disable encryption (not recommended), or a value that can be looked up (using gpg -k) to find a gpg encryption - key that will be given access to the remote. Note that additional gpg - keys can be given access to a remote by rerunning initremote with - the new key id. See [[encryption]]. + key that will be given access to the remote, or "shared" which allows + every clone of the repository to access the encrypted data (use with caution). + + Note that additional gpg keys can be given access to a remote by + rerunning initremote with the new key id. See [[encryption]]. + +* `embedcreds` - Optional. Set to "yes" embed the login credentials inside + the git repository, which allows other clones to also access them. This is + the default when gpg encryption is enabled; the credentials are stored + encrypted and only those with the repository's keys can access them. + + It is not the default when using shared encryption, or no encryption. + Think carefully about who can access your repository before using + embedcreds without gpg encryption. * `url` - Required. The URL to the WebDAV directory where files will be stored. This can be a subdirectory of a larger WebDAV repository, and will |