Datieve Watcher

A secure desktop file monitoring and synchronization application built with Wails (Go + React).

Features

• File Watching: Real-time monitoring of selected folders
• Secure Encryption: AES-256-GCM encryption for all file transfers
• Cloud Sync: Hourly metadata sync to Supabase backend
• Auto-decryption: Automatically decrypts .datieve files in downloads folder
• Approval System: Manual or automatic file request approval
• Professional UI: Clean, modern React interface

Architecture

Backend (Go)

• Config: Settings management at platform-specific location:
  • Windows: %APPDATA%\Datieve\settings.json
  • macOS: ~/Library/Application Support/Datieve/settings.json
  • Linux: ~/.config/datieve/settings.json
• Database: SQLite local index at platform-specific location:
  • Windows: %APPDATA%\Datieve\index.sqlite
  • macOS: ~/Library/Application Support/Datieve/index.sqlite
  • Linux: ~/.config/datieve/index.sqlite
• Auth: Supabase authentication with JWT refresh
• Watcher: Real-time file system monitoring with fsnotify
• Crypto: AES-256-GCM encryption/decryption
• Sync: Hourly metadata sync to Supabase

Frontend (React)

• Setup Wizard: 5-step onboarding process
• Main UI: Professional settings management interface
• Welcome Screen: Animated splash screen
• Login: Secure authentication

Setup

Prerequisites

• Go 1.24+
• Node.js 16+
• Wails CLI
• Supabase project (for backend)
• Cloudflare R2 bucket (for file storage)

Installation

1. Clone the repository:

git clone <repository-url>
cd datieve-watcher

2. Install Wails:

go install github.com/wailsapp/wails/v2/cmd/wails@latest

3. Install frontend dependencies:

cd frontend
npm install
cd ..

4. Configure environment variables:

Create a .env file in the project root:

# Supabase Configuration
SUPABASE_URL=https://your-project.supabase.co
SUPABASE_ANON_KEY=your-supabase-anon-key-here

# Cloudflare R2 Configuration
R2_ACCOUNT_ID=your-r2-account-id
R2_ACCESS_KEY_ID=your-r2-access-key-id
R2_SECRET_ACCESS_KEY=your-r2-secret-access-key
R2_BUCKET_NAME=your-bucket-name

Replace all placeholder values with your actual credentials.

Getting your credentials:

• Supabase: Get these from your Supabase project settings → Settings → API
• Cloudflare R2: Get these from your Cloudflare dashboard → R2 → Manage R2 API Tokens

5. Build the application:

wails build

The built application will be in build/bin/.

6. Run in development mode:

wails dev

Important: Environment Configuration

The .env file must be placed in the same directory as the executable.

When distributing the application:

1. Users must create their own .env file next to the executable
2. The file must contain all 6 required environment variables (see above)
3. They need to fill in their own credentials from Supabase and Cloudflare R2

Alternative: System Environment Variables

Instead of a .env file, users can set system environment variables:

Windows (PowerShell):

$env:SUPABASE_URL="https://xxxxx.supabase.co"
$env:SUPABASE_ANON_KEY="your-actual-key-here"
$env:R2_ACCOUNT_ID="your-account-id"
$env:R2_ACCESS_KEY_ID="your-access-key"
$env:R2_SECRET_ACCESS_KEY="your-secret-key"
$env:R2_BUCKET_NAME="your-bucket"

macOS/Linux:

export SUPABASE_URL="https://xxxxx.supabase.co"
export SUPABASE_ANON_KEY="your-actual-key-here"
export R2_ACCOUNT_ID="your-account-id"
export R2_ACCESS_KEY_ID="your-access-key"
export R2_SECRET_ACCESS_KEY="your-secret-key"
export R2_BUCKET_NAME="your-bucket"

Configuration

On first run, the setup wizard will guide you through:

1. Authentication: Enter your Datieve account credentials
2. Watch Folders: Add folders to monitor
3. Approval Method: Choose manual or auto-approval
4. Encryption Key: Enter the key provided by your admin
5. Downloads Folder: Select where to monitor for incoming files

Settings are stored in platform-specific locations (see Architecture section above) in JSON format with your watched folders, approval mode, encryption key, and downloads folder path.

Note: On Windows, use double backslashes (\\) or forward slashes (/) in paths.

Usage

Main Interface

• Watch Folders: Add/remove folders to monitor
• Approval Method: Toggle between manual/auto approval
• Encryption Key: View/update encryption key
• Downloads Folder: Change downloads monitoring location
• Sync to Cloud: Manually trigger metadata sync
• Save & Exit: Save changes and restart watchers

Profile Menu

• View email and user ID
• Logout (deletes local data)

Notifications

• View pending file requests
• Currently shows count only (full implementation pending)

How It Works

1. File Watching: The app monitors configured folders in real-time
2. Local Indexing: File metadata is stored in SQLite
3. Cloud Sync: Metadata syncs to Supabase every hour
4. JWT Refresh: Authentication token refreshes hourly
5. File Requests: When approved, files are encrypted and uploaded
6. Auto-decryption: .datieve files in downloads are auto-decrypted

Security

• Passwords are never stored locally
• JWT tokens kept in memory only
• AES-256-GCM encryption for all file transfers
• Encryption key validation (8+ chars, mixed case, numbers, symbols)

Development

Project Structure

datieve-watcher/
├── internal/
│   ├── auth/         # Supabase authentication
│   ├── config/       # Settings management
│   ├── crypto/       # AES-256-GCM encryption
│   ├── database/     # SQLite operations
│   ├── sync/         # Cloud sync logic
│   └── watcher/      # File system monitoring
├── frontend/
│   └── src/
│       ├── components/
│       │   ├── Welcome.jsx
│       │   ├── Setup.jsx
│       │   ├── LoginPrompt.jsx
│       │   └── MainUI.jsx
│       └── App.jsx
├── app.go            # Main application logic
└── main.go           # Entry point

Building

Development:

wails dev

Production:

wails build

Binary location: build/bin/

Database Schema

The local SQLite database stores:

file_metadata (
  id, user_id, file_name, file_path,
  file_size, file_type, file_extension,
  modified_time, created_at, updated_at, is_deleted
)

Troubleshooting

"Failed to load environment configuration" error

This means the application cannot find your .env file or environment variables are not set.

Solution:

1. Ensure .env file exists in the same directory as the executable
2. Check that all 6 required variables are set:
   • SUPABASE_URL
   • SUPABASE_ANON_KEY
   • R2_ACCOUNT_ID
   • R2_ACCESS_KEY_ID
   • R2_SECRET_ACCESS_KEY
   • R2_BUCKET_NAME
3. Verify there are no typos in variable names
4. On Windows, ensure the file is named .env (not .env.txt)

Authentication fails

• Verify your SUPABASE_URL and SUPABASE_ANON_KEY are correct
• Check your Supabase project is active
• Ensure the user account exists in your Supabase project

File upload/download issues

• Verify your R2 credentials are correct
• Check the R2 bucket exists and is accessible
• Ensure the R2 access token has read/write permissions

Building for Distribution

To build for all platforms:

./build-all.sh

This creates binaries for:

• Windows (amd64)
• macOS (Universal)
• Linux (amd64)

Important for distribution:

• Provide setup instructions for users to create their .env file
• Document all 6 required environment variables
• Never include your actual .env file in the distribution

Contributing

1. Fork the repository
2. Create a feature branch
3. Make your changes
4. Submit a pull request

License

This project is licensed under the MIT License - see the LICENSE file for details.