vh/rest-server
1
0
Fork 0
mirror of https://github.com/restic/rest-server.git synced 2025-12-06 17:15:45 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Merge pull request #348 from restic/clarify-umask-for-group-accessible
Some checks failed
test / Linux Go 1.23.x (push) Has been cancelled
Details
test / Linux (race) Go 1.24.x (push) Has been cancelled
Details
test / Linux Go 1.24.x (push) Has been cancelled
Details
test / lint (push) Has been cancelled
Details
test / Analyze results (push) Has been cancelled
Details

Browse Source 
Improve description of group-accessible option
This commit is contained in:
rawtaz
2025-05-27 20:58:05 +02:00
committed by GitHub
parent 9f8bb0c87c 0adcfa2619
commit 2a77536ce5
3 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@@ -160,6 +160,10 @@ The server can be started with `--prometheus` to expose [Prometheus](https://pro
This repository contains an example full stack Docker Compose setup with a Grafana dashboard in [examples/compose-with-grafana/](examples/compose-with-grafana/).
## Group-accessible Repositories
Rest-server supports making repositories accessible to the filesystem group by setting the `--group-accessible-repos` option. Note that permissions of existing files are not modified. To allow the group to read and write file, use a umask of `007`. To only grant read access use `027`. To make an existing repository group-accessible, use `chmod -R g+rwX /path/to/repo`.
## Why use Rest Server?
Compared to the SFTP backend, the REST backend has better performance, especially so if you can skip additional crypto overhead by using plain HTTP transport (restic already properly encrypts all data it sends, so using HTTPS is mostly about authentication).

5
changelog/unreleased/issue-189
View File

@@ -2,8 +2,9 @@ Enhancement: Support group accessible repositories
Rest-server now supports making repositories accessible to the filesystem group
by setting the `--group-accessible-repos` option. Note that permissions of
existing files are not modified. To make an existing repository group-accessible,
use `chmod -R g+rwX /path/to/repo`.
existing files are not modified. To allow the group to read and write file,
use a umask of `007`. To only grant read access use `027`. To make an existing
repository group-accessible, use `chmod -R g+rwX /path/to/repo`.
https://github.com/restic/rest-server/issues/189
https://github.com/restic/rest-server/pull/308

5
examples/systemd/rest-server.service
View File

@@ -26,8 +26,9 @@ RestartSec=5
# The following line must be customised to your individual requirements.
ReadWritePaths=/path/to/backups
# Set to `UMask=007` and pass `--group-accessible-repos` to rest-server to
# make created files group-readable
# Files in the data repository are only user accessible by default. Default to
# `UMask=077` for consistency. To make created files group-readable, set to
# `UMask=007` and pass `--group-accessible-repos` to rest-server via `ExecStart`.
UMask=077
# If your system doesn't support all of the features below (e.g. because of