Skip to content

joeig/eee-safe

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

152 Commits
.github
.github
 
 
api
api
 
 
cmd/eee-safe
cmd/eee-safe
 
 
configs
configs
 
 
init
init
 
 
pkg
pkg
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

eee-safe

A custom Threema Safe server implementation with multi-backend support.

Test coverage Go Report Card

Currently supported backends:

  • DynamoDB
  • Filesystem

Client setup

Threema supports third party backup servers out of the box. Simply choose "Threema Safe", "Expert settings" and deactivate "Use default server". You will be asked for your custom server endpoint and credentials.

Server setup

Install from source

You need go and GOBIN in your PATH. Once that is done, install eee-safe using the following command:

go install github.com/joeig/eee-safe/cmd/eee-safe@latest

Configuration

After that, copy config.dist.yml to config.yml, replace the default settings and run the binary:

eee-safe -config=/path/to/config.yml

If you're intending to add the application to your systemd runlevel, you may want to take a look at init/eee-safe.service.

Threema requires a valid CA certificate.

Choose one of the following storage backends:

Storage backend DynamoDB Filesystem
Built-in TTL yes no
Thread safe yes no
Works without further efforts no yes

DynamoDB settings

This option requires a pre-configured AWS environment.

Table settings

Create a new table with the following settings:

  • Table name in this example: EEESafe
  • Primary key: backupID
  • Time to live attribute: expirationTime
  • Turn backup functionality on if required.
IAM

Required IAM permissions to access the DynamoDB table (change the resource ARN if necessary):

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "MaintainEEESafeTable",
            "Effect": "Allow",
            "Action": [
                "dynamodb:PutItem",
                "dynamodb:GetItem",
                "dynamodb:DeleteItem"
            ],
            "Resource": "arn:aws:dynamodb:eu-west-1:1234567890:table/EEESafe"
        }
    ]
}

Examples:

  • Provide credential files: ~/.aws/credentials and ~/.aws/config
  • Set credentials via environment variables: 
    export AWS_REGION="eu-west-1"
export AWS_ACCESS_KEY_ID="Your Access Key ID"
export AWS_SECRET_ACCESS_KEY="Your Secret Access Key"
  • Use EC2 instance roles/ECS task roles/Lambda roles/... (you should always choose this option whenever possible!)

See also: https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html

Filesystem settings

This option stores every backup in a dedicated file on the local filesystem.

This storage backend does currently not support thread-safety and auto-deletion of expired backups. You probably want to implement auto-deletion by using a find cronjob.

Troubleshooting

Run eee-safe in debug mode in order to increase the verbosity tremendously: -debug

Contribution

Feel free to contribute. This is the API reference: Cryptography Whitepaper

This project follows the Standard Go Project Layout principals.

About

Custom Threema Safe server

Topics

backup safe threema

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages