Update current progress

CHANGELOG

@@ -1,4 +1,4 @@
-## Current master
+## Shortly planned
  
   ! - Add policy like restic forget --keep-within-daily 30d --keep-within-weekly 1m --keep-within-monthly 1y --keep-within-yearly 3y
   default policy restic forget --keep-within-hourly 72h --keep-within-daily 30d --keep-within-weekly 1m --keep-within-monthly 1y --keep-within-yearly 3y
@@ -12,38 +12,38 @@
       - Launch now
    - NPBackup Operation mode
       - manages multiple repos with generic key (restic key add) or specified key
-
+  !- NTP server
+  !- Viewer can have a configuration file
+ ! - Reimplement autoupgrade
+ 
 ## 3.0.0
-    - Major config file rewrite, now repo can inherit common settings from repo groups
+ - This is a major rewrite that allows using multiple repositories, adds repository groups and implements repository settings inheritance from group settings
 
   !- New operation planifier for backups / cleaning / checking repos
   !- Implemented retention policies
   !  - Optional time server update to make sure we don't drift before doing retention operations
-  !  - Optional repo check befoire doing retention operations
-
-  !- Backup admin password is now stored in a more secure way
-  !- Added backup client privileges
+  !  - Optional repo check before doing retention operations
   !- Pre and post-execution scripts
   !  - Multiple pre and post execution scripts are now allowed
   !  - Post-execution script can now be force run on error / exit
   !  - Script result now has prometheus metrics
-  !- NTP server
+
 
 ## Features
   - New viewer mode allowing to browse/restore restic repositories without any NPBackup configuation
-    !- Viewer can have a configuration file
+
   - Multi repository support
   - Group settings for repositories
   !- Operation center
-    -- GUI operation center allowing to mass execute actions on repos / groups
-    !- CLI operation center via `--group-operation --repo-group=default_group`
+    - GUI operation center allowing to mass execute actions on repos / groups
+    - CLI operation center via `--group-operation --repo-group=somegroup`
     !- Implemented retention policies
     !- Operation planifier allows to create scheduled tasks for operations
       !- Implemented scheduled task creator for Windows & Unix
          !(simple list of tasks, actions, stop on error)
     - Implemented repo quick check / full check / repair index / repair snapshots / unlock / forget / prune / dump / stats commands
   - Added per repo permission management
-    - Repos now have backup, restore and full privileges, allowing to restrict access for end users
+    - Repos now have backup, restore and full privileges, optionally allowing to restrict access for end users
   - Added snapshot tag to snapshot list on main window
   - Split npbackup into separate CLI and GUI
     - Status window has been refactored so GUI now has full stdout / stderr returns from runner and backend
@@ -63,6 +63,7 @@
   - Show anonymized repo uri in GUI
   - Fix deletion failed message for en lang
   - Fix Google cloud storage backend detection in repository uri
+  - Backup admin password is now stored in a more secure way
 
 ## Misc
   - Current backup state now shows more precise backup state, including last backup date when relevant

ROADMAP.md

@@ -1,21 +1,19 @@
 ## What's planned / considered
 
 ### Daemon mode
-
 Instead of relying on scheduled tasks, we could launch backup & housekeeping operations as deamon.
 Caveats:
  - We need a windows service (nuitka commercial implements one)
  - We need to use apscheduler (wait for v4)
  - We need a resurrect service config for systemd and windows service
 
-### Web interface
-
+### Web interface (planned)
 Since runner can discuss in JSON mode, we could simply wrap it all in FastAPI
 Caveats:
- - We'll need a web interface, with templates, whistles and belles
+ - We'll need a web interface, with templates, whistles and bells
  - We'll probably need an executor (Celery ?) in order to not block threads
 
-### KVM Backup plugin
+### KVM Backup plugin (planned, already exists as external script)
 Since we run cube backup, we could "bake in" full KVM support
 Caveats:
  - We'll need to re-implement libvirt controller class for linux
@@ -28,11 +26,9 @@ In the latter case, shell (bash, zsh, ksh) would need `shopt -o pipefail`, and m
 The pipefail will not be given to npbackup-cli, so we'd need to wrap everything into a script, which defeats the prometheus metrics.
 
 ### Key management
-
 Possibility to add new keys to current repo, and delete old keys if more than one key present
 
-### Provision server
-
+### Provision server (planned)
 Possibility to auto load repo settings for new instances from central server
 We actually could improve upgrade_server to do so
 

SECURITY.md

@@ -38,4 +38,9 @@ Hence, update permissions should only happen in two cases:
 Since encryption is symmetric, we need to protect our sensible data.
 Best ways:
 - Compile with alternative aes-key
-- Use --aes-key with alternative aes-key which is protected by system
+- Use --aes-key with alternative aes-key which is protected by system
+
+# NPF-SEC-00008: Don't show manager password / sensible data with --show-config
+
+Since v3.0.0, we have config inheritance. Showing the actual config helps diag issues, but we need to be careful not
+to show actual secrets.