dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity
configpolicy/roles/restic
History
Dustin 7d93ba836e r/restic: Enhance restic-backup security sandbox 
Since `restic` needs to run as root in order to back up files regardless
of their permissions, we need to restrict it to doing only that.  Using
systemd sandbox features, especially the capability bounding set, we can
remove all of _root_'s powers except the ability to read all files.
 		2024-09-04 17:43:24 -05:00
..
defaults restic: Add role+playbook for Restic backups 2024-09-04 09:40:29 -05:00
files r/restic: Enhance restic-backup security sandbox 2024-09-04 17:43:24 -05:00
handlers restic: Add role+playbook for Restic backups 2024-09-04 09:40:29 -05:00
tasks restic: Add role+playbook for Restic backups 2024-09-04 09:40:29 -05:00
templates restic: Add role+playbook for Restic backups 2024-09-04 09:40:29 -05:00
vars restic: Add role+playbook for Restic backups 2024-09-04 09:40:29 -05:00