I am running Kopia inside a docker container, and using the WebGUI to do backups of my local system to the cloud. So far so good, everything seems to be running quite smoothly, highly impressed!
However, I cannot get rid of the feeling that the configuration of the Kopia server is somewhat beyond my understanding, and I find the documentation on the various features a bit confusing. It seems that by running kopia server start, I am not only starting the webgui, but also a backup backend, which other clients could potentially connect to?
Is this understanding correct? If so, how can I disable this kopia backend, so that no backup clients can ever connect, I just want to use the WebGUI to start/schedule/check on my local backups in a lazy way.
This is what I use to run the server as docker entrypoint:
kopia server start --insecure --readonly --htpasswd-file /config/htpasswd --address 0.0.0.0:51515 --server-username=XXX --random-server-control-password
Is this a secure configuration if I just want the GUI? Any better options?
Also, it seems I need to set the repository pwd via the container variable KOPIA_PASSWORD, which I don’t like, I don’t want my container config to contain credentials. Is there any way to supply the password in a file, or by other (automated) means on container start? Reading from console is not possible because of the docker setup.
Thanks in advance