Skip to content

FR: add Host-level access control #248

Description

@mirabilos

Output of rest-server --version

rest-server version rest-server 0.11.0 compiled with go1.17.6 on linux/amd64

What should rest-server do differently?

Add per-user Host-level access control: for each HTTP-level user, add the ability to provide a whitelist of Hosts they may see (to back up to, restore, inspect, etc).

What are you trying to do? What is your use case?

I have multiple servers backing up to the same repository to use deduplication, but not all of them are (yet) full-disc-encrypted. Since I need to use the same repository password to make use of deduplication, a root breach on one can be used to access all others’ data.

(On that topic, once this is implemented and/or once I will have converted all servers to FDE, how do I change it to achieve a secure state?)

Did rest-server help you today? Did it make you happy in any way?

I was very sceptical at first, especially because these things are implemented in issue9, but I’ve begun using it once I had more than one GNU/Linux box under me. I’ll have to find a solution for my BSD boxen for which there’s no issue9 port but even manually-triggered backups there are better than none (just rsync copies of actual user data), especially to save system re-setup time.

So, yes, it does help me (restic + rest-server). Danke, fd0!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions