diff --git a/.gitignore b/.gitignore
index 6320cd248dd8aeaab759d5871f8781b5c0505172..279069bc35a57082c73f100e175f06f9f8d60341 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
-data
\ No newline at end of file
+data
+sec
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index 2140882f8ab8be6365afa3bd7b9fa2e5f0a2fa30..12a3e110c722fa7ce2b416d0d8756a4e5d244f97 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -11,9 +11,18 @@ services:
environment:
EXEC_INTERVAL_MINUTE: 10
RUN_ON_STARTUP: true
- RESTIC_USER: $USER
- RESTIC_PASSWORD: '%24---%40'
- # %24 means $, %40 means @
+ RESTIC_USER_FILE: /run/secrets/USERNAME
+ RESTIC_PASSWORD_FILE: /run/secrets/PASSWORD
# DEBUG: true
RESTIC_HOST: restic-lab.phys.ethz.ch
+ secrets:
+ - USERNAME
+ - PASSWORD
+
+secrets:
+ USERNAME:
+ file: ./secrets/USERNAME
+ PASSWORD:
+ file: ./secrets/PASSWORD
+
\ No newline at end of file
diff --git a/scripts/000-config.sh b/scripts/000-config.sh
index 2475bb0cd5dfa19678daacb9bc623bbb5b6e5cae..37520a8b7257edcce8526feb66fc234d2d0f0aff 100644
--- a/scripts/000-config.sh
+++ b/scripts/000-config.sh
@@ -2,13 +2,15 @@
RESTIC_DIR="${HOME}/.backupbox-phys"
-if [ -z "$RESTIC_USER" ]; then
- echo "Please provide your restic user from the backupbox web interface: "
+if [ -z $RESTIC_HOST ]; then
+ echo "Please provide your restic host from the backupbox web interface: "
exit 1
fi
-if [ -z $RESTIC_HOST ]; then
- echo "Please provide your restic host from the backupbox web interface: "
+if [ -f "$RESTIC_USER_FILE" ]; then
+ RESTIC_USER=$(cat $RESTIC_USER_FILE)
+elif [ -z "$RESTIC_USER" ]; then
+ echo "Please provide your restic user from the backupbox web interface: "
exit 1
fi
diff --git a/secrets/.gitignore b/secrets/.gitignore
new file mode 100644
index 0000000000000000000000000000000000000000..c96a04f008ee21e260b28f7701595ed59e2839e3
--- /dev/null
+++ b/secrets/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
\ No newline at end of file