mirror of
https://github.com/borgbackup/borg.git
synced 2024-12-23 08:16:54 +00:00
docs: deployment: hosting repositories
This commit is contained in:
parent
c5d2c7c799
commit
13fe802713
2 changed files with 74 additions and 0 deletions
|
@ -10,3 +10,4 @@ This chapter details deployment strategies for the following scenarios.
|
||||||
:titlesonly:
|
:titlesonly:
|
||||||
|
|
||||||
deployment/central-backup-server
|
deployment/central-backup-server
|
||||||
|
deployment/hosting-repositories
|
||||||
|
|
73
docs/deployment/hosting-repositories.rst
Normal file
73
docs/deployment/hosting-repositories.rst
Normal file
|
@ -0,0 +1,73 @@
|
||||||
|
.. include:: ../global.rst.inc
|
||||||
|
.. highlight:: none
|
||||||
|
|
||||||
|
Hosting repositories
|
||||||
|
====================
|
||||||
|
|
||||||
|
This sections shows how to securely provide repository storage for users.
|
||||||
|
Optionally, each user can have a storage quota.
|
||||||
|
|
||||||
|
Repositories are accessed through SSH. Each user of the service should
|
||||||
|
have her own login which is only able to access the user's files.
|
||||||
|
Technically it would be possible to have multiple users share one login,
|
||||||
|
however, separating them is better. Separate logins increase isolation
|
||||||
|
and are thus an additional layer of security and safety for both the
|
||||||
|
provider and the users.
|
||||||
|
|
||||||
|
For example, if a user manages to breach ``borg serve`` then she can
|
||||||
|
only damage her own data (assuming that the system does not have further
|
||||||
|
vulnerabilities).
|
||||||
|
|
||||||
|
Use the standard directory structure of the operating system. Each user
|
||||||
|
is assigned a home directory and repositories of the user reside in her
|
||||||
|
home directory.
|
||||||
|
|
||||||
|
The following ``~user/.ssh/authorized_keys`` file is the most important
|
||||||
|
piece for a correct deployment. It allows the user to login via
|
||||||
|
their public key (which must be provided by the user), and restricts
|
||||||
|
SSH access to safe operations only.
|
||||||
|
|
||||||
|
::
|
||||||
|
|
||||||
|
restrict,command="borg serve --restrict-to-repository /home/<user>/repository"
|
||||||
|
<key type> <key> <key host>
|
||||||
|
|
||||||
|
.. note:: The text shown above needs to be written on a **single** line!
|
||||||
|
|
||||||
|
.. warning::
|
||||||
|
|
||||||
|
If this file should be automatically updated (e.g. by a web console),
|
||||||
|
pay **utmost attention** to sanitizing user input. Strip all whitespace
|
||||||
|
around the user-supplied key, ensure that it **only** contains ASCII
|
||||||
|
with no control characters and that it consists of three parts separated
|
||||||
|
by a single space. Ensure that no newlines are contained within the key.
|
||||||
|
|
||||||
|
The `restrict` keyword enables all restrictions, i.e. disables port, agent
|
||||||
|
and X11 forwarding, as well as disabling PTY allocation and execution of ~/.ssh/rc.
|
||||||
|
If any future restriction capabilities are added to authorized_keys
|
||||||
|
files they will be included in this set.
|
||||||
|
|
||||||
|
The `command` keyword forces execution of the specified command line
|
||||||
|
upon login. This must be ``borg serve``. The `--restrict-to-repository`
|
||||||
|
option permits access to exactly **one** repository. It can be given
|
||||||
|
multiple times to permit access to more than one repository.
|
||||||
|
|
||||||
|
The repository may not exist yet; it can be initialized by the user,
|
||||||
|
which allows for encryption.
|
||||||
|
|
||||||
|
Storage quotas can be enabled by adding the ``--storage-quota`` option
|
||||||
|
to the ``borg serve`` command line::
|
||||||
|
|
||||||
|
restrict,command="borg serve --storage-quota 20G ..." ...
|
||||||
|
|
||||||
|
The storage quotas of repositories are completely independent. If a
|
||||||
|
client is able to access multiple repositories, each repository
|
||||||
|
can be filled to the specified quota.
|
||||||
|
|
||||||
|
If storage quotas are used, ensure that all deployed Borg releases
|
||||||
|
support storage quotas.
|
||||||
|
|
||||||
|
Refer to :ref:`internals_storage_quota` for more details on storage quotas.
|
||||||
|
|
||||||
|
Refer to the `sshd(8) <http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/sshd.8>`_
|
||||||
|
for more details on securing SSH.
|
Loading…
Reference in a new issue