From 70d37d47b5a48efe7e75d7620ef4948bcaf75a91 Mon Sep 17 00:00:00 2001 From: "Scott E. Graves" Date: Wed, 13 Aug 2025 20:12:04 -0500 Subject: [PATCH] Update Providers --- Providers.md | 74 +++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 56 insertions(+), 18 deletions(-) diff --git a/Providers.md b/Providers.md index 895fa4d..ff62467 100644 --- a/Providers.md +++ b/Providers.md @@ -1,26 +1,64 @@ -## Provider Type Details +# 🌐 Providers in Repertory -`repertory` currently supports 3 different back-end providers: `S3`, `Sia` and `Encryption`. +`repertory` currently supports **three backend provider types**: -### S3 Provider +- **S3 Provider** +- **Sia Provider** +- **Encryption Provider** (Work‑in‑Progress — use with caution) -* The S3 provider utilizes the de facto standard AWS S3 HTTP REST API via `libcurl`. -* An access key and secret key are required for operation, configured via `S3Config.AccessKey` and `S3Config.SecretKey` in `config.json` -* A bucket name is required, configured via `S3Config.Bucket` in `config.json`. -* Both path-style and virtual hosted-style are supported, configured via the `S3Config.UsePathStyle` setting in `config.json`. -* Optionally, file/directory names and file content can be transparently encrypted using `XChaCha20-Poly1305`. - * Locally, files remain unencrypted. The encryption/decryption process takes place while transferring to/from the S3 provider. - * This is enabled by specifying a secure password via the `S3Config.EncryptionToken` setting in `config.json`. +--- -### Sia Provider +## 🪣 S3 Provider -* The Sia provider utilizes the `renterd` native HTTP REST API via `libcurl` +- Implements the **AWS S3 HTTP REST API** via `libcurl`. +- Requires: + - `S3Config.AccessKey` — your access key + - `S3Config.SecretKey` — your secret key + - `S3Config.Bucket` — target bucket name +- Supports both **path-style** and **virtual-hosted–style** addressing, controlled via `S3Config.UsePathStyle`. +- Optional **transparent encryption** (file/directory names + content) using `XChaCha20-Poly1305`: + - Enabled with `S3Config.EncryptionToken` in `config.json` + - **Note:** files remain unencrypted locally; encryption happens during transfer. -### Encryption Provider +--- -#### [WIP-Use with caution] +## ☁️ Sia Provider -* The encryption provider takes a local path and transparently encrypts file/directory names and file content using `XChaCha20-Poly1305`. -* This is a pass-through provider, meaning all encryption operations happen at the time of file access. -* This is useful for securing data prior to being uploaded to online backup providers like [IDrive](https://www.idrive.com/). -* **IMPORTANT - There currently is no decryption provider to reverse this process. Future `repertory` versions will include this.** \ No newline at end of file +- Uses the **renterd HTTP REST API** via `libcurl` +- Supports the same encryption capabilities as S3 using `XChaCha20-Poly1305` +- Configuration is handled within the **SiaConfig** section of `config.json` + +--- + +## 🔒 Encryption Provider (WIP — Use With Caution) + +- Acts as a **local pass-through provider** +- Transparently encrypts file/directory names and file data using `XChaCha20-Poly1305` as you read/write. +- **Important:** There is currently **no decryption provider**. Data encrypted this way cannot be decrypted by Repertory; additional support is planned for future versions. + +--- + +## 📌 When to Use Each Provider + +| Provider | Best For | +|----------------------|----------------------------------------------------------------------------------------| +| **S3 Provider** | Using standard S3-compatible storage (e.g., AWS S3, MinIO, etc.), with optional encryption at transfer time | +| **Sia Provider** | Mounting Sia buckets with `renterd`, optionally encrypted | +| **Encryption Provider** | Locally encrypting data before uploading elsewhere — but be mindful of irreversible encryption | + +--- + +## ⚙️ Example Configuration (S3 with Encryption) + +```json +{ + "S3Config": { + "URL": "https://my-s3-endpoint.com", + "Bucket": "my-bucket", + "AccessKey": "YOUR_ACCESS_KEY", + "SecretKey": "YOUR_SECRET_KEY", + "UsePathStyle": true, + "EncryptionToken": "StrongRandomPassphrase123" + } +} +```