|
|
|
@ -181,9 +181,12 @@
|
|
|
|
|
|
|
|
|
|
yadm.gpg-recipient
|
|
|
|
|
Asymmetrically encrypt files with a gpg public/private key pair.
|
|
|
|
|
Provice a key ID to encrypt against that public key.
|
|
|
|
|
If left blank or not provided, symmetric encryption is used
|
|
|
|
|
instead. This feature is disabled by deafult.
|
|
|
|
|
Provide a "key ID" to specify which public key to encrypt with.
|
|
|
|
|
The key must exist in your public keyrings. If left blank or
|
|
|
|
|
not provided, symmetric encryption is used instead. If set to
|
|
|
|
|
"ASK", gpg will interactively ask for recipients. See the
|
|
|
|
|
ENCRYPTION section for more details. This feature is disabled
|
|
|
|
|
by default.
|
|
|
|
|
|
|
|
|
|
## ALTERNATES
|
|
|
|
|
When managing a set of files across different systems, it can be useful
|
|
|
|
@ -264,16 +267,19 @@
|
|
|
|
|
provide the correct password. After files are decrypted, permissions
|
|
|
|
|
are automatically updated as described in the PERMISSIONS section.
|
|
|
|
|
|
|
|
|
|
NOTE: It is recommended that you use a private repository when keeping
|
|
|
|
|
Symmetric encryption is used by default, but asymmetric encryption may
|
|
|
|
|
be enabled using the yadm.gpg-recipient configuration.
|
|
|
|
|
|
|
|
|
|
NOTE: It is recommended that you use a private repository when keeping
|
|
|
|
|
confidential files, even though they are encrypted.
|
|
|
|
|
|
|
|
|
|
## PERMISSIONS
|
|
|
|
|
When files are checked out of a Git repository, their initial permis-
|
|
|
|
|
When files are checked out of a Git repository, their initial permis-
|
|
|
|
|
sions are dependent upon the user's umask. This can result in confiden-
|
|
|
|
|
tial files with lax permissions.
|
|
|
|
|
|
|
|
|
|
To prevent this, yadm will automatically update the permissions of con-
|
|
|
|
|
fidential files. The "group" and "others" permissions will be removed
|
|
|
|
|
fidential files. The "group" and "others" permissions will be removed
|
|
|
|
|
from the following files:
|
|
|
|
|
|
|
|
|
|
- $HOME/.yadm/files.gpg
|
|
|
|
@ -285,13 +291,13 @@
|
|
|
|
|
- The GPG directory and files, .gnupg/*
|
|
|
|
|
|
|
|
|
|
yadm will automatically update permissions by default. This can be dis-
|
|
|
|
|
abled using the yadm.auto-perms configuration. Even if disabled, per-
|
|
|
|
|
abled using the yadm.auto-perms configuration. Even if disabled, per-
|
|
|
|
|
missions can be manually updated by running yadm perms. The SSH direc-
|
|
|
|
|
tory processing can be disabled using the yadm.ssh-perms configuration.
|
|
|
|
|
|
|
|
|
|
## FILES
|
|
|
|
|
The following are the default paths yadm uses for its own data. These
|
|
|
|
|
paths can be altered using universal options. See the OPTIONS section
|
|
|
|
|
The following are the default paths yadm uses for its own data. These
|
|
|
|
|
paths can be altered using universal options. See the OPTIONS section
|
|
|
|
|
for details.
|
|
|
|
|
|
|
|
|
|
$HOME/.yadm
|
|
|
|
|