Skip to content
This repository has been archived by the owner on Feb 26, 2024. It is now read-only.
/ hot-copy Public archive

Encrypts and Decrypts data. To be used in conjunction with tools such as Syncthing

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Starttoaster/hot-copy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
images
images
 
 
release
release
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
hotcopy.go
hotcopy.go
 
 
hotcopy_test.go
hotcopy_test.go
 
 

Repository files navigation

HotCopy

pipeline status coverage report

What this is

Simply put, this is a docker image for bidirectional input and output between encrypted and unencrypted data. Using the SHA256 hashing algorithm for a user configured password, and the AES-256 encryption standard, this manages a directory of unencrypted data, and encrypts-decrypts it on the fly (preserving the original directory tree.)

This is meant to run alongside something such as a Syncthing instance. Syncthing is an impressive self-hosted, distributed, file syncing service. For security reasons, it encrypts your documents in transit, however, it lacks the functionality to keep data encrypted at rest. What this means is, when your data exits or enters a node it is encrypted, and then immediately unencrypted for the destination node.

What this is meant to solve

The problem this repo is meant to solve is the ability to treat some nodes as untrustworthy relay servers. If you have a server hosted in a public cloud, you may not want to allow it to store unencrypted copies of your personal data. To give a more detailed example, see the diagram shared below with three computers all running Syncthing.

Diagram

Quick Start

  • Build the image: docker build -t hot-copy -f 'release/Dockerfile' .
  • Run the image:
docker container run \
   --restart unless-stopped \
   -v ~/path/to/data:/data \
   -v ~/path/to/enc-data:/enc-data \
   -e HC_PASSWORD="MyNewPassword" \
   -e PUID="1000" \
   -e PGID="1000" \
   --name hot-copy \
   hot-copy

Environment Variables and Volumes

Variable/Volume Function
-e HC_PASSWORD This is the password you will use to encrypt and decrypt files with
-e PUID Your host username's ID number. Find with id -u <username>
-e PGID Your host username's group number. Find with id -g <username>
-v /data Your directory with unencrypted data
-v /enc-data The encrypted copies of all of your data

TODO

This repo is still in early development. Feel free to contribute or send a pull request if you have an idea. For starters:

  • Further debugging, dealing with large numbers of files and directories, or large files
  • Further Go unit testing

For testing

docker build -t hot-copy-test -f 'test/Dockerfile' .
docker container run --rm hot-copy-test

About

Encrypts and Decrypts data. To be used in conjunction with tools such as Syncthing

Topics

hash volumes encrypted-files syncthing-servers unencrypt

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages