Drop STORAGE_TYPE in favour of just using PAPERLESS_PASSPHRASE

src/documents/consumer.py

@@ -48,15 +48,9 @@ def __init__(self, consume=settings.CONSUMPTION_DIR,
         except FileExistsError:
             pass
 
-        acceptable_storage_types = [_[0] for _ in Document.STORAGE_TYPES]
-        if settings.STORAGE_TYPE not in acceptable_storage_types:
-            raise ConsumerError(
-                'Invalid STORAGE_TYPE "{}" defined.  It must be one of {}.  '
-                'Exiting.'.format(
-                    settings.STORAGE_TYPE,
-                    ", ".join(acceptable_storage_types)
-                )
-            )
+        self.storage_type = Document.STORAGE_TYPE_UNENCRYPTED
+        if settings.PASSPHRASE:
+            self.storage_type = Document.STORAGE_TYPE_GPG
 
         self.stats = {}
         self._ignore = []
@@ -209,7 +203,7 @@ def _store(self, text, doc, thumbnail, date):
                 checksum=hashlib.md5(f.read()).hexdigest(),
                 created=created,
                 modified=created,
-                storage_type=settings.STORAGE_TYPE
+                storage_type=self.storage_type
             )
 
         relevant_tags = set(list(Tag.match_all(text)) + list(file_info.tags))
@@ -231,7 +225,7 @@ def _write(self, document, source, target):
                 if document.storage_type == Document.STORAGE_TYPE_UNENCRYPTED:
                     write_file.write(read_file.read())
                     return
-                self.log("debug", "Encrypting the thumbnail")
+                self.log("debug", "Encrypting")
                 write_file.write(GnuPG.encrypted(read_file))
 
     def _cleanup_doc(self, doc):

src/manage.py

@@ -6,16 +6,6 @@
 
     os.environ.setdefault("DJANGO_SETTINGS_MODULE", "paperless.settings")
 
-    from django.conf import settings
     from django.core.management import execute_from_command_line
 
-    # The runserver and consumer need to have access to the passphrase, so it
-    # must be entered at start time to keep it safe.
-    if "runserver" in sys.argv or "document_consumer" in sys.argv:
-        if not settings.STORAGE_TYPE == "unencrypted":
-            while not settings.PASSPHRASE:
-                settings.PASSPHRASE = input(
-                    "settings.PASSPHRASE is unset.  Input passphrase: "
-                )
-
     execute_from_command_line(sys.argv)

src/paperless/settings.py

@@ -251,21 +251,17 @@
 # slowly, you may want to use a higher value than the default.
 CONSUMER_LOOP_TIME = int(os.getenv("PAPERLESS_CONSUMER_LOOP_TIME", 10))
 
-# By default, Paperless will attempt to GPG encrypt your PDF files using the
-# PASSPHRASE specified below.  If however you're not concerned about encrypting
-# these files (for example if you have disk encryption locally) then
-# you don't need this and can safely turn it off by setting STORAGE_TYPE to
-# "unencrypted" here.  In such a case, the PASSPHRASE value set below will be
-# ignored.
-STORAGE_TYPE = os.getenv("PAPERLESS_STORAGE_TYPE", "gpg")
-
-# This is used to encrypt the original documents and decrypt them later when
-# you want to download them.  Set it and change the permissions on this file to
-# 0600, or set it to `None` and you'll be prompted for the passphrase at
-# runtime.  The default looks for an environment variable.
-# DON'T FORGET TO SET THIS as leaving it blank may cause some strange things
-# with GPG, including an interesting case where it may "encrypt" zero-byte
-# files.
+# Pre-2.x versions of Paperless stored your documents locally with GPG
+# encryption, but that is no longer the default.  This behaviour is still
+# available, but it must be explicitly enabled by setting
+# `PAPERLESS_PASSPHRASE` in your environment or config file.  The default is to
+# store these files unencrypted.
+#
+# Translation:
+# * If you're a new user, you can safely ignore this setting.
+# * If you're upgrading from 1.x, this must be set, OR you can run
+#   `./manage.py change_storage_type gpg unencrypted` to decrypt your files,
+#   after which you can unset this value.
 PASSPHRASE = os.getenv("PAPERLESS_PASSPHRASE")
 
 # Trigger a script after every successful document consumption?