borgmatic-collective/borgmatic
9
71
Fork 44
Code Issues 56 Pull Requests 6 Actions 1 Packages Releases 154 Activity

Access borg repositories in read only mode #388

New Issue
Open
opened 2021-01-29 08:47:48 +00:00 by icrc-fdeniger · 5 comments
icrc-fdeniger commented 2021-01-29 08:47:48 +00:00
Copy Link

What I'm trying to do and why

Use borgmatic extract/list commands in a secured environement where borg repository are in read-only mode.
Borg add the option --bypass-lock to be compliant with read-only repository.

Other notes / implementation ideas

  1. Add extra-command for borg list / borg extract operation (--bypass-lock).
  2. A global configuration "Read-only" that will prevent all write operations

Environment

borgmatic version: [version here]

1.5.12

borgmatic installation method:
Docker

Borg version: [version here]

1.1.15

Python version: [version here]

Use python3 --version

operating system and version:
Alpine

#### What I'm trying to do and why Use borgmatic extract/list commands in a secured environement where borg repository are in read-only mode. Borg add the option --bypass-lock to be compliant with read-only repository. #### Other notes / implementation ideas 1. Add extra-command for borg list / borg extract operation (--bypass-lock). 1. A global configuration "Read-only" that will prevent all write operations #### Environment **borgmatic version:** [version here] 1.5.12 **borgmatic installation method:** Docker **Borg version:** [version here] 1.1.15 **Python version:** [version here] Use `python3 --version` **operating system and version:** Alpine
witten added the good first issue label 2023-03-27 04:13:40 +00:00
witten commented 2023-03-27 04:14:03 +00:00
Owner
Copy Link

I apologize for the super lengthy delay in this getting any attention. A borgmatic list --bypass-lock flag seems like a good idea to me. But do you think it would be needed if there was a "read only" borgmatic configuration option as you suggest? That way borgmatic would be responsible for issuing --bypass-lock as needed. Or perhaps borgmatic could support both in order to handle one-off lock bypassing and global read-only use cases.

I apologize for the super lengthy delay in this getting any attention. A `borgmatic list --bypass-lock` flag seems like a good idea to me. But do you think it would be needed if there was a "read only" borgmatic configuration option as you suggest? That way borgmatic would be responsible for issuing `--bypass-lock` as needed. Or perhaps borgmatic could support both in order to handle one-off lock bypassing *and* global read-only use cases.
witten commented 2024-11-20 06:37:43 +00:00
Owner
Copy Link

Looks like --bypass-lock is gone in Borg 2.

Looks like `--bypass-lock` is gone in [Borg 2](https://borgbackup.readthedocs.io/en/2.0.0b14/changes.html).
gautamaggarwal2810 commented 2025-03-27 03:34:12 +00:00
Contributor
Copy Link

I would like to work on this issue.How should I proceed with this and what remains to be implemented??

I would like to work on this issue.How should I proceed with this and what remains to be implemented??
witten removed the good first issue label 2025-03-28 18:34:21 +00:00
witten commented 2025-03-28 18:53:05 +00:00
Owner
Copy Link

I've removed the "good first issue" label, but you're still welcome to work on this. I removed it because with --bypass-lock gone in Borg 2, the implementation here is no longer quite as straightforward IMO. Here's how I would state the high-level requirement: Some users want to use borgmatic with a read-only Borg repository, e.g. a repo burned to a physical disc or on read-only network storage. With Borg 1, one way to support that need would be with an option that causes --bypass-lock to get passed to relevant Borg subcommands. For instance, I could envision adding an optional read_only option to each repository within repositories:. That way, you could indicate whether a repo is read-only with that option, and if set, borgmatic would take care of passing --bypass-lock for any actions where Borg would put a lock in place.

There is the question what to do about Borg 2 though. It might be worth a little experimenting to see how a read-only Borg 2 repository works with borgmatic today—and whether borgmatic needs to make any changes to support such a scenario. It's possible that the feature described above could be documented as Borg 1 only.

An alternate approach would be not to add --bypass-lock functionality directly, especially since its going away eventually. Instead, this ticket could be closed and #427 could be implemented instead to allow users to self-service extra flags.

I've removed the "good first issue" label, but you're still welcome to work on this. I removed it because with `--bypass-lock` gone in Borg 2, the implementation here is no longer quite as straightforward IMO. Here's how I would state the high-level requirement: Some users want to use borgmatic with a read-only Borg repository, e.g. a repo burned to a physical disc or on read-only network storage. With Borg 1, one way to support that need would be with an option that causes [`--bypass-lock`](https://borgbackup.readthedocs.io/en/stable/usage/general.html#common-options) to get passed to relevant Borg subcommands. For instance, I could envision adding an optional `read_only` option to each repository within `repositories:`. That way, you could indicate whether a repo is read-only with that option, and if set, borgmatic would take care of passing `--bypass-lock` for any actions where Borg would put a lock in place. There is the question what to do about Borg 2 though. It might be worth a little experimenting to see how a read-only Borg 2 repository works with borgmatic today—and whether borgmatic needs to make any changes to support such a scenario. It's possible that the feature described above could be documented as Borg 1 only. An alternate approach would be *not* to add `--bypass-lock` functionality directly, especially since its going away eventually. Instead, this ticket could be closed and #427 could be implemented instead to allow users to self-service extra flags.
gautamaggarwal2810 commented 2025-03-29 12:26:24 +00:00
Contributor
Copy Link

Thanks for taking time to write such a detailed explanation @witten !! But since this is no longer a beginner friendly good-first issue,I am not confident enough to take this issue right now as I have yet to get started on my gsoc proposal and time is ticking by. I will visit this issue again in some time and try to solve this. Thanks

Thanks for taking time to write such a detailed explanation @witten !! But since this is no longer a beginner friendly good-first issue,I am not confident enough to take this issue right now as I have yet to get started on my gsoc proposal and time is ticking by. I will visit this issue again in some time and try to solve this. Thanks
👍 1
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
blocked
breaking
bug
data loss
design finalized
good first issue
new feature area
question / support
security
waiting for response
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
witten
No Assignees
3 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: borgmatic-collective/borgmatic#388
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?