linkEnvironment

⚠ Available since version v1.4.0

Sometimes it's favorable not having the encryption keys in the config files. For that autorestic allows passing the env variables to backend password as ENV variables, or through an env file. You can also pass whatever env variable to restic by prefixing it with AUTORESTIC_[BACKEND NAME]_.

ℹ️ Env variables and file overwrite the config file in the following order:

Env Variables > Env File (.autorestic.env) > Config file (.autorestic.yaml)

linkEnv file

Alternatively autorestic can load an env file, located next to .autorestic.yml called .autorestic.env.

1linkAUTORESTIC_FOO_RESTIC_PASSWORD=secret123

linkExample with repository password

The syntax for the ENV variables is as follows: AUTORESTIC_[BACKEND NAME]_RESTIC_PASSWORD.

autorestic.yaml
1linkbackend:

2link  foo:

3link    type: ...

4link    path: ...

5link    key: secret123 # => AUTORESTIC_FOO_RESTIC_PASSWORD=secret123

This means we could remove key: secret123 from .autorestic.yaml and execute as follows:

1link$AUTORESTIC_FOO_RESTIC_PASSWORD=secret123 autorestic backup ...

linkExample with Backblaze B2

autorestic.yaml
1linkbackends:

2link  bb:

3link    type: b2

4link    path: myBucket

5link    key: myPassword

6link    env:

7link      B2_ACCOUNT_ID: 123

8link      B2_ACCOUNT_KEY: 456

You could create an .autorestic.env or pass the following ENV variables to autorestic:

1linkAUTORESTIC_BB_RESTIC_PASSWORD=myPassword

2linkAUTORESTIC_BB_B2_ACCOUNT_ID=123

3linkAUTORESTIC_BB_B2_ACCOUNT_KEY=456

autorestic.yaml
1linkbackends:

2link  bb:

3link    type: b2

4link    path: myBucket