I installed 2.2.0.3_stable, in Release: 2.2.0.102 (Canary) 2025-12-12 I read Duplicati now uses a “default secret provider”. I’m assuming this is part of 2.2.0.3_stable (?)
I went and installed pass and initialized it. However when I run duplicati it keeps showing the legend:
No database encryption key was found. The database will be stored unencrypted. Supply an encryption key via the environment variable SETTINGS_ENCRYPTION_KEY or disable database encryption with the option --disable-db-encryption
How to make duplicati to use pass?
(I customized the folder used by pass by setting PASSWORD_STORE_DIR, could that be the reason it’s not finding it?)
Then make sure the database encryption key is stored in pass under duplicati-server-encryption-key. Once the next stable is released, you can then remove the two arguments, as that will be the default setting.
Thanks, by using that I don’t get the warning anymore when starting Duplicati.
Now, how to confirm it is encrypted? I am browsing the DBs, in the server DB I see multiple fields are readable, but for example Backup.TargetURL seem to be encrypted, as the text starts with “enc-v1…”
In the other DB I can see for example PathPrefix.Filter is not encrypted, is that expected?