diff --git a/src/documents/consumer.py b/src/documents/consumer.py index 5abba9862..84a1ff3ca 100644 --- a/src/documents/consumer.py +++ b/src/documents/consumer.py @@ -48,15 +48,9 @@ def __init__(self, consume=settings.CONSUMPTION_DIR, except FileExistsError: pass - acceptable_storage_types = [_[0] for _ in Document.STORAGE_TYPES] - if settings.STORAGE_TYPE not in acceptable_storage_types: - raise ConsumerError( - 'Invalid STORAGE_TYPE "{}" defined. It must be one of {}. ' - 'Exiting.'.format( - settings.STORAGE_TYPE, - ", ".join(acceptable_storage_types) - ) - ) + self.storage_type = Document.STORAGE_TYPE_UNENCRYPTED + if settings.PASSPHRASE: + self.storage_type = Document.STORAGE_TYPE_GPG self.stats = {} self._ignore = [] @@ -209,7 +203,7 @@ def _store(self, text, doc, thumbnail, date): checksum=hashlib.md5(f.read()).hexdigest(), created=created, modified=created, - storage_type=settings.STORAGE_TYPE + storage_type=self.storage_type ) relevant_tags = set(list(Tag.match_all(text)) + list(file_info.tags)) @@ -231,7 +225,7 @@ def _write(self, document, source, target): if document.storage_type == Document.STORAGE_TYPE_UNENCRYPTED: write_file.write(read_file.read()) return - self.log("debug", "Encrypting the thumbnail") + self.log("debug", "Encrypting") write_file.write(GnuPG.encrypted(read_file)) def _cleanup_doc(self, doc): diff --git a/src/manage.py b/src/manage.py index 782981628..e708eaba6 100755 --- a/src/manage.py +++ b/src/manage.py @@ -6,16 +6,6 @@ os.environ.setdefault("DJANGO_SETTINGS_MODULE", "paperless.settings") - from django.conf import settings from django.core.management import execute_from_command_line - # The runserver and consumer need to have access to the passphrase, so it - # must be entered at start time to keep it safe. - if "runserver" in sys.argv or "document_consumer" in sys.argv: - if not settings.STORAGE_TYPE == "unencrypted": - while not settings.PASSPHRASE: - settings.PASSPHRASE = input( - "settings.PASSPHRASE is unset. Input passphrase: " - ) - execute_from_command_line(sys.argv) diff --git a/src/paperless/settings.py b/src/paperless/settings.py index 33765c748..ccafe956d 100644 --- a/src/paperless/settings.py +++ b/src/paperless/settings.py @@ -251,21 +251,17 @@ # slowly, you may want to use a higher value than the default. CONSUMER_LOOP_TIME = int(os.getenv("PAPERLESS_CONSUMER_LOOP_TIME", 10)) -# By default, Paperless will attempt to GPG encrypt your PDF files using the -# PASSPHRASE specified below. If however you're not concerned about encrypting -# these files (for example if you have disk encryption locally) then -# you don't need this and can safely turn it off by setting STORAGE_TYPE to -# "unencrypted" here. In such a case, the PASSPHRASE value set below will be -# ignored. -STORAGE_TYPE = os.getenv("PAPERLESS_STORAGE_TYPE", "gpg") - -# This is used to encrypt the original documents and decrypt them later when -# you want to download them. Set it and change the permissions on this file to -# 0600, or set it to `None` and you'll be prompted for the passphrase at -# runtime. The default looks for an environment variable. -# DON'T FORGET TO SET THIS as leaving it blank may cause some strange things -# with GPG, including an interesting case where it may "encrypt" zero-byte -# files. +# Pre-2.x versions of Paperless stored your documents locally with GPG +# encryption, but that is no longer the default. This behaviour is still +# available, but it must be explicitly enabled by setting +# `PAPERLESS_PASSPHRASE` in your environment or config file. The default is to +# store these files unencrypted. +# +# Translation: +# * If you're a new user, you can safely ignore this setting. +# * If you're upgrading from 1.x, this must be set, OR you can run +# `./manage.py change_storage_type gpg unencrypted` to decrypt your files, +# after which you can unset this value. PASSPHRASE = os.getenv("PAPERLESS_PASSPHRASE") # Trigger a script after every successful document consumption?