sysutils/git-backup Add ability to hide secret from git backup #4558
Conversation
|
I think this has popped up a couple of times, but in reality it will only offer a false feeling of security as most of the configuration is sensitive by its nature. With google drive deprecating we are investigating adding something like |
|
Thanks for the feedback! I understand that a large portion of the configuration is sensitive by nature, but I believe there’s still value in allowing users to minimize exposure of the most critical data. While full trust in the Git target is ideal, the reality is that even trusted systems can be compromised. Giving users control over what gets stored in plaintext could reduce risk in some scenarios. SFTP is definitely a good alternative for secure backups, but since Git remains useful for version tracking, I think an optional masking feature could complement that rather than replace it. If you think it’s worth exploring, I’d be happy to refine the idea further. Let me know what you think! |
Hello,
Since Git backups are not encrypted, they are useful for version control. However, it would be beneficial to have an option to remove sensitive information such as passwords and private keys.
Enabling this option would prevent users from fully restoring the backup, but it would allow for a clear history of changes outside of OPNsense without compromising security—especially considering that even GitLab has had significant CVEs.
Instead of a global option, I could implement a multi-select button to choose which types of sensitive data to hide.
Additionally, I could restrict specific paths for certain fields, such as private keys for certificates instead of the global prv field.
While encrypting the entire file is an option, it would make it impossible to track differences between versions. Let me know your thoughts!