Hi:
I’m starting to use restic-server and, in order to implement authentication, I need to leave .htpasswd with hashed passwords on the root of the repository path (if I’m not wrong).
Questions:
The way that I use for putting repo files on the cloud doesn’t me allow to ignore .htpasswd. I don’t see a big issue put this file with this server local pass on it, but is there any way to specify another path, not the repository one, for this location?
Does it supports any kind of hash?
Thanks
It’s actually called/named rest-server.
It should be in the path that you supply to rest-server using the --path option. So this would be the directory where the repositories are stored, e.g. if you supply --path /data/restic/ then that is the directory where your .htpasswd should be, and the various repositories would be created by the clients in e.g. /data/restic/user1/, /data/restic/user2/, etc.
Can you elaborate on what you’re doing here - are you talking about just hosting the rest-server in a cloud server or similar, or are you talking about synchronizing your rest-server’s data directory somewhere into the clouds?
There’s currently no way to specify a separate location for the .htpasswd file, you’ll have to do that e.g. using a symlink to a file outside the repository path, e.g. if you place your .htaccess in /etc/restic/.htaccess and then symlink from /data/restic/.htaccess to that file, then if you clone/sync the /data/restic/ directory somewhere into the cloud, the .htaccess shouldn’t follow along (assuming your sync software doesn’t follow symlinks but backs them up as the references they are).
It supports SHA1 and bcrypt, see rest-server/htpasswd.go at master · restic/rest-server · GitHub .
I’m copying all my repository to cloud. The app that automatically uploads everything can only ignore files based on its extension. Therefore I assume htpasswd will be also uploaded, since has no extension. I tried to add a extension to the file but server did not accept it (doesn’t find the file).
That’s is perfect. Thanks. I’ll do that.