wl storage - Storage management

Synopsis

wl {storage|storages} list
wl storage create <type> --container <container> [<type-specific-options>] <storage>
wl storage {sign|verify|edit} [...]
wl storage create-from-template --storage-template <storage_template> <container>
wl storage modify [--location <path>] [--add-access <user>] [--del-access <user>] <file>
wl storage publish <storage>
wl storage unpublish <storage>

Description

Todo

Write general description.

Commands

wl {storage|storages} list

Display known storages.

wl storage delete [--force] [--no-cascade] [--container <container>] NAME [NAME ...]

Delete a storage from local filesystem.

--force, -f

Delete even if the storage is used by containers. The containers in Widland directory (~/.config/wildland/containers/) will be examined.

--no-cascade

Do not delete the reference to storage from containers.

--container <container>

Chose container from which the storage will be removed. (Required if NAME is ambiguous.)

wl storage create local --container <container> [--manifest-pattern <glob>] [--subcontainer-manifest <path>] --location <filesystem_path> [--no-publish] <storage>

Create local storage.

A local storage refers to a directory on a local filesystem. To access a directory, storage owner either needs to be listed in local-owners config option, or in a .wildland-owners file in the directory (or any of it parents). For example, to allow user 0x123456 to access files under /home/user/Dropbox, create a /home/user/Dropbox/.wildland-owners file with content like this:

# empty lines and comments starting with ‘#’ are ignored 0x123456

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--location <filesystem_path>

Path to directory containing the backend. Required.

--subcontainer-manifest <path_in_storage>

Absolute path to a subcontainer manifest (can be repeated). Optional.

--manifest-pattern <glob>

Glob pattern to find manifest files in the storage, e.g. /*.{object-type}.yaml. Can use {path}` and * special characters.

wl storage create local-cached --container <container> --location <filesystem_path> [--no-publish] <storage>

Create cached local storage. See local storage description above for details.

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--location <filesystem_path>

Path to directory containing the backend. Required.

wl storage create local-dir-cached --container <container> --location <filesystem_path> [--no-publish] <storage>

Create directory cached local storage. See local storage description above for details.

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--location <filesystem_path>

Path to directory containing the backend. Required.

wl storage create timeline --container <container> --reference-container-url <url> [--timeline-root <dir>] [--no-publish] <storage>

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--reference-container-url <url>

Inner container URL for this storage.

--timeline-root <dir>

The name of the root of the timeline tree. Defaults to ‘/timeline’

wl storage create delegate --container <container> --reference-container-url <url> [--subdirectory <dir>] [--no-publish] <storage>

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--reference-container-url <url>

Inner container URL for this storage.

--subdirectory <path>

Subdirectory within reference container. When set, content of this directory will be considered content of the container.

wl storage create dummy --container <container> [--no-publish]

Creates dummy storage, presenting empty directory not backed by any actual data.

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

wl storage create static --container <container> [--file <path>=<content> ...] [--no-publish]

Creates static storage, presenting files included directly in the storage manifest.

Example call:

wl storage create static --container C1 --file 'foo.txt=content of foo.txt' --file 'foo/bar.txt=content of bar.txt inside foo directory'

This will result in storage manifest with the following field:

content:
  foo.txt: content of foo.txt
  foo:
    bar.txt: content of bar.txt inside foo directory
--file <path>=<content>

Single file to be included in the storage. The file path may contain slash (/) to put it into a subdirectory. Path should be relative (without leading slash).

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

wl storage create zip-archive --container <container> --location <filesystem_path> [--no-publish] <storage>

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--location <filesystem_path>

Path to ZIP archive.

wl storage create http --container <container> --url <url> [--no-publish] <storage>

This is a HTTP storage that relies on directory listings. Currently used for buckets published using S3.

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--url <url>

HTTP URL.

--subcontainer-manifest <path_in_storage>

Absolute path to a subcontainer manifest (can be repeated). Optional.

--manifest-pattern <glob>

Glob pattern to find manifest files in the storage, e.g. /*.{object-type}.yaml. Can use {path}` and * special characters.

wl storage create imap --container <container> --host <host> --login <login> --password <password> [--folder <folder>] [--no-publish] <storage>

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--host <host>

IMAP server hostname. Required.

--login <login>

IMAP account / login name. Required.

--password <password>

IMAP account password. Required.

--folder <folder>

IMAP folder to expose (defaults to INBOX).

--ssl, --no-ssl

Use SSL or unencrypted connection. Default is to use SSL.

wl storage create dropbox --container <container> --token <access_token> --app-key <app_key> [--refresh-token <refresh_token>] [--no-publish]

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--location <absolute_path>

Absolute path to root directory in your Dropbox account.

--token <access_token>

Dropbox app token. You can generate it with Dropbox App Console. Required if not –app-key.

--app-key <app_key>

Dropbox App Key. You obtain it in Dropbox App Console when creating an application. Required. if not –token.

--refresh-token <refresh_token>

Dropbox refresh token. You can generate it with Dropbox SDK or API. Optional.

--subcontainer-manifest <path_in_storage>

Absolute path to a subcontainer manifest (can be repeated). Optional.

--manifest-pattern <glob>

Glob pattern to find manifest files in the storage, e.g. /*.{object-type}.yaml. Can use {path}` and * special characters.

wl storage create categorization --container <container> --reference-container-url <url> [--with-unclassified-category] [--unclassified-category-path <path>] [--no-publish] <storage>

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--reference-container-url <url>

Inner container URL for this storage. Required.

--with-unclassified-category

Create unclassified directory holding all of the untagged directories. Not set by default.

--unclassified-category-path <path>

Path to directory where unclassified directories are mounted (/unclassified by default). This option is ignored unless –with-unclassified-category is set.

wl storage create transpose --container <container> --reference-container-url <url> --rules <rules> --conflict <conflict> [--no-publish] <storage>

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--reference-container-url <url>

Inner container URL for this storage.

--rules <rules>

Rules to be followed when modifying the initial categories of the subcontainers, each to be passed as a dictionary enclosed in single quotes, e.g.: ‘{“match-with:: “/category”, “replace-with”: “/other”}’ Whenever a capture group is to be used in a regex rule, the user should precede the rule that includes a backreference with a raw string indicator, e.g.: ‘{“match-category-regex: “/(.*)”, “replace-with”: r”/prefix/1”}’

--conflict <conflict>

A keyword explaining the behaviour of the backend when encountering conflicting rules (first-apply|last-apply|all-apply)

wl storage create googledrive --container <container> --credentials <credentials> --skip-interaction [--no-publish]

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--location <absolute_path>

Absolute path to root directory in your Google Drive account.

--credentials <credentials>

Google Drive Client Congifuration Object. You can generate it in Google Developer Console. Required. More info: https://developers.google.com/drive/api/v3/quickstart/python#step_1_turn_on_the

--skip-interaction

Enable this optional flag if user passes authorization token object as credentials

--subcontainer-manifest <path_in_storage>

Absolute path to a subcontainer manifest (can be repeated). Optional.

--manifest-pattern <glob>

Glob pattern to find manifest files in the storage, e.g. /*.{object-type}.yaml. Can use {path}` and * special characters.

wl storage create s3 --container <container> --url <url> <storage> [--no-publish]

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--s3-url <url>

S3 URL, of the form s3://bucket/ or s3://bucket/path/. Required.

--endpoint-url <URL>

Override default AWS S3 URL with the given URL.

--with-index

Generate index pages. When this option is enabled, Wildland will maintain an / (yes, just slash) file with directory listing in every directory. These files will be invisible in the mounted filesystem, but they can be used to browse the S3 bucket when it’s exposed using public HTTP.

--access-key STRING

S3 access key

--secret-key STRING

S3 secret key (omit for a prompt)

--subcontainer-manifest <path_in_storage>

Absolute path to a subcontainer manifest (can be repeated). Optional.

--manifest-pattern <glob>

Glob pattern to find manifest files in the storage, e.g. /*.{object-type}.yaml. Can use {path}` and * special characters.

wl storage create sshfs --container <container> [--sshfs-command <cmd>] --host <host> [--path <path>] [--ssh-user <user>] [--ssh-identity <path>|--pwprompt] [-mount-options <OPT1>[,OPT2,OPT3,...]]

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--sshfs-command <cmd>

Command to use to internally mount an SSHFS filesystem, overriding default sshfs. Depending on your system configuration, you may need to provide an absolute path to this command (i.e. /usr/local/bin/sshfs).

--host <host>

Provide a hostname or IP address of SSH server to connect to.

--path <path>

Path on SSH server to access.

--ssh-user <user>

Username for authentication with SSH server, overriding local user name.

--ssh-identity <path>

Path to file containing private key which will be used for authentication. The contents of this file is embedded in the manifest.

--pwprompt

When backend is created, prompt user for password used to login to the SSH server. Provided password will be embedded in the manifest and used to authenticate with SSH server.

--mount-options <opt1,[opt2[,opt3[,...]]]>

Additional options that are passed to sshfs command.

wl storage create ipfs --container <container> --ipfs-hash <url> --endpoint-addr <multiaddress> <storage> [--no-publish]

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--ipfs-hash <URL>

IPFS CID or IPNS name to access the resource, of the form /ipfs/CID or /ipns/name. Required.

--endpoint-addr <multiaddress>

Override default IPFS gateway address (/ip4/127.0.0.1/tcp/8080/http) with the given address.

wl storage create encrypted --container <container> --reference-container-url <url> <storage>

Create encrypted storage for a given container. Please read details below to understand its limitations.

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--reference-container-url <url>

Inner container URL for this storage. Required.

--engine <ENGINE>

Cryptographic filesystem to use. Choices are: GoCryptFS or EncFS.

Both choices do not provide integrity protection. Sophisticated attacker might achieve a remote code execution on your machine, breaking confidentiality.

Please note that GoCryptFS is secure against attacker with read-only access to encrypted data.

EncFS (v1.x) is considered insecure! Use it only as a last resort measure! For details, see https://github.com/vgough/encfs/issues/9

When considering what option should be used, and if any of the options provided are good enough, please think in terms of your own threat model. E.g. who might want to break confidentiality of data you store? Are they sophisticated enough? What will happen if they will succeed?

wl storage create webdav --container <container> --url <url> --login <login> --password <password> <storage [--no-publish]

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--url <url>

Base URL for WebDAV resource. Required.

--login <login>

Login. Required.

--password <password>

Password. Required.

--subcontainer-manifest <path_in_storage>

Absolute path to a subcontainer manifest (can be repeated). Optional.

--manifest-pattern <glob>

Glob pattern to find manifest files in the storage, e.g. /*.container.yaml. Can use {path}` and * special characters.

wl storage create bear-db --container <container> --path <path> [--no-publish]

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--path <path>

Path to Bear SQLite database. Required.

wl storage create gitlab --container <container> [--server-url <url>] --personal-token <personal-token> --projectid <id> [--no-publish] <storage>

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--server-url <url>

GitLab url; default value set to https://gitlab.com/. Necessary in order to communicate with the server.

--personal-token <personal-token>

Personal access token generated by GitLab. Used for authorisation purposes.

--projectid <id>

(Optional) GitLab project ID. When provided, only the issues from said project will be retrieved from the server. Otherwise, we retrieve all issues from all the projects that the user is a member of.

wl storage create gitlab-graphql --container <container> --personal-token <personal-token> --project-path <path> [--no-publish] <storage>

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--personal-token <personal-token>

Personal access token generated by GitLab. Used for authorisation purposes.

--project-path <id>

(Optional) GitLab full project path (e.g. wildland/wildland-client). When provided, only the issues from said project will be retrieved from the server. Otherwise, we retrieve all issues from all the projects that the user is a member of.

wl storage create jira --container <container> --workspace-url <url> [--username <username>] [--personal-token <personal-token>] [--project-name <project-name>] [--limit <issues-limit>] <storage>

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--workspace-url <url>

Address of the REST endpoint of your Jira Work Management Cloud site. For example https://{your site name}.atlassian.net/rest/api/2. The plugin works only with version v2 of Jira REST API. Necessary in order to communicate with the server.

--username <username>

(Optional) The name of Jira user. Used for authorisation purposes.

--personal-token <personal-token>

(Optional) Personal access token generated by Jira. Used for authorisation purposes.

--project-name <project-name>

(Optional, Multiple) when defined, only issues associated with the project (or projects) will be mounted. By default, all issues from the projects accessible by the user in the given Jira Work Management Cloud site will be exposed.

--limit <issues-limit>

(Optional) The maximum number of issues is limited to avoid unintentionally cloning large workspaces. By default 1000 of the most recently updated issues is fetched.

wl storage create git --container <container> --url <url> [--username <username>] [--password <password>] [--no-publish] <storage>

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--url <url>

The git URL leading to the repository which is to be exposed; Should follow the ‘http[s]://host.xz[:port]/path/to/repo.git’ format.

--username <username>

The git username used for authorization purposes. Paired with the personal token (passed as the –password parameter) can be used to skip the default authorization via the command line

--password <password>

The git password/personal token.

wl storage create redis --container <container> --hostname <string> --database <int> [--password <string>] [--port 6379]

--container <container>

Choose container, for which the storage will be created. This option is required.

--trusted

Make the storage trusted. Wildland will load unsigned manifests from a trusted storage, as long as the owner matches. Default: false.

--inline

Add the storage definition directly to container manifest. (This is the default behavior)

--no-inline

Create a separate storage manifest instead of adding the storage definition directly to container manifest.

--watcher-interval SECONDS

Sets naive storage watcher interval (in seconds).

--access USER

Allow an additional user or user path access to this storage manifest. By default, storage manifests inherit access settings from the container.

--encrypt-manifest

Encrypt storage manifest so that it’s readable only by the owner. This is the default. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-encrypt-manifest

Do not encrypt container manifest at all. This option makes sense only together with -no-inline, otherwise encryption is inherited from the container manifest.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

--prefix <absolute_path>

Redis key prefix as an absolute path, defaults to /. Optional.

--database <int>

Redis DB index

--hostname <string>

Server hostname

--port <int>

Server port, defaults to 6379. Optional.

--username <string>

Server username. Optional.

--password <string>

Server password. Optional.

--tls <boolean>

Use TLS. Optional.

--subcontainer-manifest <path_in_storage>

Absolute path to a subcontainer manifest (can be repeated). Optional.

--manifest-pattern <glob>

Glob pattern to find manifest files in the storage, e.g. /*.{object-type}.yaml. Can use {path}` and * special characters.

wl storage {sign|verify|edit} [...]

See wl sign, wl verify, wl dump and wl edit documentation.

wl storage create-from-template --storage-template <storage_template> <container>

Create storages for a given container based on the storage template provided.

--storage-template <storage_template>, --template, -t

Storage template to use.

--local-dir <local_dir>

Local directory to be passed to storage templates as a parameter.

--no-publish

Do not publish the container after adding storage. By default, if the container owner has proper infrastructure defined in the user manifest, the container is published.

wl storage modify [--location <path>] [--add-access <user>] [--del-access <user>] <file>

Modify a storage manifest given by <file>.

--location

Path to directory containing the backend.

--add-access

User or user path to add access for. Can be repeated.

--del-access

User to revoke access from. Can be repeated.

wl storage publish <storage>

Publish a storage manifest into user’s manifests catalog (first container from the catalog that provides read-write storage will be used).

wl storage unpublish <storage>

Unublish a storage manifest from the whole of a user’s manifests catalog.