Update README

.gitignore

@@ -161,3 +161,5 @@ cython_debug/
 #.idea/
 
 src/config.py
+latest-success
+logs

README.md

@@ -1,3 +1,20 @@
 # backups
 
-Auto backup script
+Auto backup script. The objectives are the following:
+- Have a raspberry-pi `RPI` (or any other device) doing automatic backups of a remote server `SERVER` every day
+- Backups are incremental, without redundancy, it is easy to get data out of a specific snapshot
+- `RPI` is not vulnerable to physical access (in a reasonable way):
+    + The backup disk is encrypted, but the key is not stored on `RPI`
+    + The keys to access `SERVER` are locked and can be "revoked at distance"
+- Conversely, if a malicious access is made to `SERVER`, backups are not compromised
+- If a backup fails for any reason, a notification is sent (via Discord)
+- `RPI` can be accessed remotely, without needing to expose one of its ports
+
+## Installation
+
+On a raspbian distribution, this requires:
+- The packages `cryptsetup sshpass`
+- a filesystem (in a LUKS device with `LUKS_KEY`) formatted in xfs or btrf (needs either `xfsprogs` or `btrfs-progs`)
+- an ssh key locked with `SSH_PASSPHRASE` to access to the server to backup
+- Two urls containing each `LUKS_KEY` or `SSH_PASSPHRASE`
+- a (Discord) webhook

src/main.py

@@ -25,10 +25,10 @@ if not os.path.exists(config.DISK):
     exit(1)
 
 passwd = requests.get(config.PWD_URL).text.strip()
-log("Got password :", passwd)
+log("Got password")
 
 ssh_key_passwd = requests.get(config.SSH_KEY_PWD_URL).text.strip()
-log("Got password :", ssh_key_passwd)
+log("Got ssh passphrase")
 
 
 class Drive():