6 ヶ月前 · 467ddd0e93
--- a/docs/how-to/provide-your-passwords.md
+++ b/docs/how-to/provide-your-passwords.md
@@ -39,9 +39,15 @@ Save your password as an encrypted credential to `/etc/credstore.encrypted/borgm
 
				 # systemd-ask-password -n | systemd-creds encrypt - /etc/credstore.encrypted/borgmatic.pw
			
 
				 ```
			
 
				 
			
 
				+Then uncomment or use the following in your configuration file:
			
 
				+
			
 
				+```yaml
			
 
				+encryption_passcommand: "cat ${CREDENTIALS_DIRECTORY}/borgmatic.pw"
			
 
				+```
			
 
				+
			
 
				 Note that the name `borgmatic.pw` is hardcoded in the systemd service file.
			
 
				 
			
 
				-If you use multiple different passwords, save them as encrypted credentials to `/etc/credstore.encrypted/borgmatic/`, e.g.,
			
 
				+To use multiple different passwords, save them as encrypted credentials to `/etc/credstore.encrypted/borgmatic/`, e.g.,
			
 
				 
			
 
				 ```
			
 
				 # mkdir /etc/credstore.encrypted/borgmatic
			
@@ -49,17 +55,29 @@ If you use multiple different passwords, save them as encrypted credentials to `
 
				 # systemd-ask-password -n | systemd-creds encrypt --name=borgmatic_pw2 - /etc/credstore.encrypted/borgmatic/pw2
			
 
				 ...
			
 
				 ```
			
 
				+
			
 
				 Ensure that the file names, (e.g. `backupserver1`) match the corresponding part of
			
 
				-the `--name` option *after* the underscore (_). The `borgmatic` folder is hardcoded in the systemd service file.
			
 
				+the `--name` option *after* the underscore (_), and that the part *before* 
			
 
				+the underscore matches the directory name (e.g. `borgmatic`).
			
 
				 
			
 
				-Then uncomment or use one of the following in your configuration file. Adjust `borgmatic_backupserver1`
			
 
				-according to the name given to the credential.
			
 
				+Then, uncomment the appropriate line in the systemd service file:
			
 
				 
			
 
				-```yaml
			
 
				-encryption_passcommand: "cat ${CREDENTIALS_DIRECTORY}/borgmatic.pw"
			
 
				+```
			
 
				+# systemctl edit borgmatic.service
			
 
				+...
			
 
				+# Load multiple encrypted credentials.
			
 
				+LoadCredentialEncrypted=borgmatic:/etc/credstore.encrypted/borgmatic/
			
 
				+```
			
 
				+
			
 
				+Finally, use the following in your configuration file:
			
 
				+
			
 
				+```
			
 
				 encryption_passcommand: "cat ${CREDENTIALS_DIRECTORY}/borgmatic_backupserver1"
			
 
				 ```
			
 
				 
			
 
				+Adjust `borgmatic_backupserver1` according to the name given to the credential 
			
 
				+and the directory set in the service file.
			
 
				+
			
 
				 ### Environment variable interpolation
			
 
				 
			
 
				 <span class="minilink minilink-addedin">New in version 1.6.4</span> borgmatic
			
--- a/sample/systemd/borgmatic.service
+++ b/sample/systemd/borgmatic.service
@@ -10,10 +10,12 @@ Documentation=https://torsion.org/borgmatic/
 
				 [Service]
			
 
				 Type=oneshot
			
 
				 
			
 
				-# Load encrypted credentials.
			
 
				-LoadCredentialEncrypted=borgmatic:/etc/credstore.encrypted/borgmatic/
			
 
				+# Load single encrypted credential.
			
 
				 LoadCredentialEncrypted=borgmatic.pw
			
 
				 
			
 
				+# Load multiple encrypted credentials.
			
 
				+# LoadCredentialEncrypted=borgmatic:/etc/credstore.encrypted/borgmatic/
			
 
				+
			
 
				 # Security settings for systemd running as root, optional but recommended to improve security. You
			
 
				 # can disable individual settings if they cause problems for your use case. For more details, see
			
 
				 # the systemd manual: https://www.freedesktop.org/software/systemd/man/systemd.exec.html