Hi,
for the past three days i have tried to set up the official Docker image of kopia as a repository server and failed. The documentation is of no help since a lot of things are missing or outdated…
What i have done so far:
I have successfully logged in to the web interface and created a local repository on the server.
After that things are getting complicated…
I can’t create users using the command line because it keeps telling me
ERROR failed to open repository: unable to create format manager: invalid repository password
ERROR open repository: unable to open repository: unable to create format manager: invalid repository password
Even tho i have successfully connected to my repository using
kopia repository connect filesystem --path=REPOPATH --password=REPOPASSWORD
Connected to repository.
The documentation mentions nothing about this. It doesn’t mention how to connect to a repo at all, i got that information from the cli command man page…
And while there are some arguments given here Repository Server | Kopia
It doesn’t say what do with it. The part about TLS for example, what is that?
Is that a docker env variable? Am i supposed to put this into the console?
Why does the same thing have so many different Names and places to be? The repository Password for example is all over the place getting set several times, depending on what section of the documentation you follow.
All sections of the documentation also fail to mention the existence and necessity of a htpasswd file, despite it being the default for the Docker image.
Multiple repositories isn’t even mentioned anywhere, even it is pretty much a necessity for having multiple users backing up to the same server.
I will gladly help you fix the documentation, if you provide an actual series of events that needs to happen to set up a repository server.
Can you please add some context? Was this command run inside the container or on the host? Was this command run before the container was started the first time? Is the container creating a repository if none exists?
Note: I personally never used Kopia with Docker.
Maybe I’m already too tired, but I’m really having a hard time understanding what the issue is. Most arguments are either self-explanatory or used with examples. Which arguments are unclear to you?
What exactly is unclear about TLS? There are multiple paragrahps describing the setup in detail.
AFAIK there are no env variables regarding TLS. What makes you think so?
There is only one repository password. Are you referring to the server control password? Can you provide examples?
The documentation states that htpasswd files were used only until release v0.8, which was released in 2021. What makes you think it is still a necessity?
No, it isn’t necessary. Multiple users (clients) can connect to a single server just fine.
I will gladly answer questions to the best of my knowledge when asked specific questions. Please don’t expect people to write a lenghty post when most of it is already in the documentation.
Maybe start by creating a server on a test machine without Docker to get familiar with the concept and the commands. Here’s a very basic list of commands to get started:
Create a new repository on the server: kopia repo create filesystem --path=/path/to/repo
Start the Repository Server and auto-generate TLS certificates: kopia server start --tls-generate-cert --tls-cert-file ~/my.cert --tls-key-file ~/my.key --address 0.0.0.0:51515
Save the certificate fingerprint which is shown on screen. This will be needed when connecting the clients.
Optional but recommended: enable server Access Control Lists kopia server acl enable
Create a new user for your client kopia server user add myuser@mylaptop
Stop the Repository Server and start it again without --tls-generate-cert kopia server start --tls-cert-file ~/my.cert --tls-key-file ~/my.key --address 0.0.0.0:51515
Connect to the Repository Server on your client. The --server-cert-fingerprint is the fingerprint value you saved earlier. kopia repository connect server --url https://<address>:51515 \ --server-cert-fingerprint 48537cce585fed39fb26c639eb8ef38143592ba4b4e7677a84a31916398d40f7
