Amazon Glacier special remote; 100% working
This commit is contained in:
Joey Hess
parent
d093587abf
commit
a5111a6d85
16 changed files with 429 additions and 33 deletions
51
doc/special_remotes/glacier.mdwn
Normal file
51
doc/special_remotes/glacier.mdwn
Normal file
|
|
@ -0,0 +1,51 @@
|
|||
This special remote type stores file contents in Amazon Glacier.
|
||||
|
||||
To use it, you need to have [glacier-cli](http://github.com/basak/glacier-cli)
|
||||
installed.
|
||||
|
||||
The unusual thing about Amazon Glacier is the multiple-hour delay it takes
|
||||
to retrieve information out of Glacier. To deal with this, commands like
|
||||
"git-annex get" request Glacier start the retrieval process, and will fail
|
||||
due to the data not yet being available. You can then wait appriximately
|
||||
four hours, re-run the same command, and this time, it will actually
|
||||
download the data.
|
||||
|
||||
## configuration
|
||||
|
||||
The standard environment variables `AWS_ACCESS_KEY_ID` and
|
||||
`AWS_SECRET_ACCESS_KEY` are used to supply login credentials
|
||||
for Amazon. You need to set these only when running
|
||||
`git annex initremote`, as they will be cached in a file only you
|
||||
can read inside the local git repository.
|
||||
|
||||
A number of parameters can be passed to `git annex initremote` to configure
|
||||
the Glacier remote.
|
||||
|
||||
* `encryption` - Required. Either "none" to disable encryption (not recommended),
|
||||
or a value that can be looked up (using gpg -k) to find a gpg encryption
|
||||
key that will be given access to the remote, or "shared" which allows
|
||||
every clone of the repository to access the encrypted data (use with caution).
|
||||
|
||||
Note that additional gpg keys can be given access to a remote by
|
||||
rerunning initremote with the new key id. See [[encryption]].
|
||||
|
||||
* `embedcreds` - Optional. Set to "yes" embed the login credentials inside
|
||||
the git repository, which allows other clones to also access them. This is
|
||||
the default when gpg encryption is enabled; the credentials are stored
|
||||
encrypted and only those with the repository's keys can access them.
|
||||
|
||||
It is not the default when using shared encryption, or no encryption.
|
||||
Think carefully about who can access your repository before using
|
||||
embedcreds without gpg encryption.
|
||||
|
||||
* `datacenter` - Defaults to "us-east-1".
|
||||
|
||||
* `vault` - Glacier requires that vaults have a globally unique name,
|
||||
so by default, a vault name is chosen based on the remote name
|
||||
and UUID. This can be specified to pick a valult name.
|
||||
|
||||
* `fileprefix` - By default, git-annex places files in a tree rooted at the
|
||||
top of the Glacier vault. When this is set, it's prefixed to the filenames
|
||||
used. For example, you could set it to "foo/" in one special remote,
|
||||
and to "bar/" in another special remote, and both special remotes could
|
||||
then use the same vault.
|
||||
Loading…
Add table
Add a link
Reference in a new issue