X-Git-Url: https://ruderich.org/simon/gitweb/?a=blobdiff_plain;f=README;h=f559110f4669b88277f42e4e5002307f8627753c;hb=ba614f8f445aa5490484427ecb3f643345b69358;hp=059fe51d2cd376fc965180dfadec1277dec93dda;hpb=8f5ef7f3c96520b4a83fb1842e452ffe272ef8a1;p=nsscash%2Fnsscash.git diff --git a/README b/README index 059fe51..f559110 100644 --- a/README +++ b/README @@ -24,11 +24,12 @@ Nsscash is very careful when deploying the changes: message and a non-zero exit status. This prevents hiding possibly important errors. In addition all files are fetched first and then deployed to try to prevent inconsistent state if only one file can be downloaded. The state - file (containing last file modifications) is only updated when all - operations were successful. + file (containing last file modification and content hash) is only updated + when all operations were successful. - To prevent unexpected permissions, `nsscash` does not create new files. The user must create them first and `nsscash` will then re-use the permissions - and owner/group when updating the file (see examples below). + (without the write bits to discourage manual modifications) and owner/group + when updating the file (see examples below). - To prevent misconfigurations, empty files (no users/groups) are not permitted and will not be written to disk. This is designed to prevent the accidental loss of all users/groups on a system. @@ -95,6 +96,10 @@ running processes! Now configure `nsscash` to run regularly, for example via cron or a systemd timer. +To monitor `nsscash` for errors one can use the last modification time of the +state file (see below). It's written on each successful run and not modified +if an error occurs. + === CONFIGURATION Nsscash is configured through a simple configuration file written in TOML. A @@ -123,9 +128,11 @@ typical configuration looks like this: The following global keys are available: -- `statepath`: Path to a JSON file which stores the last modification time of - each file; automatically updated by `nsscash`. Used to fetch data only when - something has changed to reduce the required traffic. +- `statepath`: Path to a JSON file which stores the last modification time and + hash of each file; automatically updated by `nsscash`. Used to fetch data + only when something has changed to reduce the required traffic, via + `If-Modified-Since`. When the hash of a file has changed the download is + forced. Each `file` block describes a single file to download/write. The following keys are available: