Open piegamesde opened 6 years ago
from my understanding this is completely incompatible with the current design of borgbackup
How much reading is needed to perform the most basic backup operation? If the write-only happens for the actual data but reading of metadata is needed this could still go fine.
In any case, a backup needs to read/modify/write the manifest.
If the chunks cache is out of sync, it needs to read metadata of all missing archives.
Assuming the cache is in sync, is anything else read except for the manifest?
BTW, answer depends a bit on "by whom". IIRC, from code above the repo api, there is nothing else read. But the repository code itself might read/check more, e.g. for transaction processing. But you can easily try that yourself if you want to dig in that deep.
If we set potential asymmetric encryption as our end goal, every read action is problematic, independently of who does it.
Have you checked borgbackup docs, FAQ, and open Github issues?
Not extensively
Is this a BUG / ISSUE report or a QUESTION?
QUESTION (Feature request)
System information. For client/server mode post info for both machines.
Your borg version (borg -V).
Not installed
Operating system (distribution) and version.
Arch Linux
I've got a simple-sounding feature request: Add a write-only mode, where backing up the data will not read anything from the repository (that has been encrypted). This will probably be like the append-only mode, but even more restrictive: No pruning, compaction and other things like this. I am fine if this will require parts (or the whole) of the database to be cached locally.
Why might one want such a thing, you might ask? Limiting the read access will pave the path of asymmetric encryption and scheduled backups without storing any passwords. I hope asking for this first will focus the discussion of this feature more on the technical aspects, since #672 went pretty off-topic and #120 was closed for being too broad.