Code Monkey home page Code Monkey logo

stasis's Introduction

stasis

A stasis /ˈsteɪsɪs/ or stasis field, in science fiction, is a confined area of space in which time has been stopped or the contents have been rendered motionless.

stasis is a backup and recovery system with an emphasis on security and privacy; no personal information is collected, no unencrypted data leaves a client device and all encryption keys are fully in the control of their owner.

Linux/macOS Client CLI

asciicast

Linux/macOS Client UI

Login Screen Home Screen
Backup Definitions Screen Recovery Screen

Android Client

Bootstrap Screen" Login Screen Navigation Hint
Help Hint Home Screens Definition Details Screen

Why?

  • Trust Issues - Do you trust your backup or infrastructure/storage provider with your unencrypted data?
  • Multi-Device - How many backup providers would you need to cover all types of devices you own?
  • Self-Hosted - What if your backup provider goes out of business?

Goals

  • Recover user data from total failure or device loss
  • Replicate data to local and remote/cloud storage
  • Encrypt data before it leaves a device
  • Manage all device backups from a single service

Along with provision, the goal is to be able to grab a blank/off-the-shelf device and recover the original system in an automated and repeatable way.

Features

  • Client-only Encryption - encryption and decryption is done by client applications; the server never deals with unencrypted data or metadata
  • Device-only Secrets - user credentials and device secrets do not leave the device on which they were entered/generated
  • Default Redundancy - copies of a device's encrypted data are sent to multiple nodes by default (local and remote)
  • Hybrid Data Storage - various storage backends (Apache Geode, Slick, in-memory, file-based) are supported and used
  • Secrets Escrow - enables storing encrypted device secrets on the server to simplify recovering of a lost or replaced device
  • Serverless Mode - (TODO) enables creating backups and recovering from them without the presence of a server

Installation

Server

Docker images for server, server-ui, identity and identity-ui can be found under Packages.

See deployment/production for more information on how to set up and deploy the services.

Clients

Client binaries for Linux, macOS and Android can be found for each release.

Linux and macOS

The provided installer can be used:

$ curl -s "https://raw.githubusercontent.com/sndnv/stasis/master/deployment/production/scripts/client_install.sh" | bash
Removing

The Linux and macOS clients can be uninstalled using:

$ curl -s "https://raw.githubusercontent.com/sndnv/stasis/master/deployment/production/scripts/client_uninstall.sh" | bash
Updating

The Linux and macOS clients can be updated by uninstalling the current version and installing the latest one:

$ curl -s "https://raw.githubusercontent.com/sndnv/stasis/master/deployment/production/scripts/client_uninstall.sh" | bash
$ curl -s "https://raw.githubusercontent.com/sndnv/stasis/master/deployment/production/scripts/client_install.sh" | bash

Secrets, configuration, logs and operation state are NOT removed when uninstalling the client!

Android

On Android, installing and updating is done by simply downloading the apk file and running it.

Testing

Images and binaries for testing/development purposes can be created locally using the existing dev tools.

Development

The majority of the code is Scala so, at the very least, Java (JDK17) and SBT need to be available on your dev machine.

Some submodules use Python (ex: client-cli), Flutter (ex: identity-ui) or Kotlin for Android (ex: client-android) so the appropriate tools for those platforms need to be available as well.

Protobuf is also used, however, it is handled by an sbt plugin and no additional tools are needed.

There are also some Python and Bash scripts to help with deployment and testing.

Downloads / Installation:

Getting Started

  1. Clone or fork the repo
  2. Run sbt qa

Submodules

To execute all tests and QA steps for the Scala submodules, simply run sbt qa from the root of the repo.

Image assets used by other submodules.

  • Image files and Python script(s)
  • Testing - n/a
  • Packaging - n/a

Protocol Buffers file(s) defining gRPC services and messages used by the core networking and routing.

  • protobuf spec
  • Testing - n/a
  • Packaging - n/a

Core routing, networking and persistence code. Represents the subsystem that handles data exchange.

  • Scala code
  • Testing - sbt "project core" qa
  • Packaging - n/a

API and model code shared between the server and client submodules.

  • Scala code
  • Testing - sbt "project shared" qa
  • Packaging - n/a

OAuth2 identity management service based on RFC 6749.

  • Scala code
  • Testing - sbt "project identity" qa
  • Packaging - sbt "project identity" docker:publishLocal

Web UI for identity.

  • Flutter code
  • Testing - cd ./identity-ui && ./qa.py
  • Packaging - cd ./identity-ui && ./deployment/production/build.py

Backup management and storage service.

  • Scala code
  • Testing - sbt "project server" qa
  • Packaging - sbt "project server" docker:publishLocal

Web UI for server.

  • Flutter code
  • Testing - cd ./server-ui && ./qa.py
  • Packaging - cd ./server-ui && ./deployment/production/build.py

Linux / macOS backup client, using server for management and storage.

  • Scala code
  • Testing - sbt "project client" qa
  • Packaging - sbt "project client" docker:publishLocal

Command-line interface for client.

  • Python code
  • Testing - cd ./client-cli && source venv/bin/activate && ./qa.py
  • Packaging - cd ./client-cli && source venv/bin/activate && pip install .

Desktop interface for client.

  • Flutter code
  • Testing - cd ./client-ui && ./qa.py

Android backup client, using server for management and storage.

  • Kotlin code
  • Testing - cd ./client-android && ./gradlew qa
  • Packaging - via AndroidStudio - Build > Build Bundle(s)/APK(s) > Build APK(s)

Deployment, artifact and certificate generation scripts and configuration.

  • Python and Bash code; config files
  • Testing - cd ./deployment/dev/scripts && ./run_smoke_test.sh
  • Packaging - see ./deployment/dev/docker-compose.yml

Current State

Ready for prime time but run in production at your own risk!

  • identity / identity-ui - authentication service and web UI - complete
  • server / server-ui - backup server and web UI - operational; some features are not yet available
  • client / client-cli / client-ui- Linux / macOS client, CLI and UI - operational; some features are not yet available
  • client-android - Android client - operational; some features are not yet available;

Contributing

Contributions are always welcome!

Refer to the CONTRIBUTING.md file for more details.

Versioning

We use SemVer for versioning.

License

This project is licensed under the Apache License, Version 2.0 - see the LICENSE file for details

Copyright 2018 https://github.com/sndnv

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

stasis's People

Contributors

sndnv avatar dependabot[bot] avatar

Stargazers

Willow avatar  avatar Tyler Longren avatar  avatar  avatar  avatar  avatar  avatar Aleix Abengochea avatar Phamous avatar  avatar Sebastian Schlatow avatar  avatar Stephen Karl Larroque avatar  avatar  avatar Chaprnks avatar Jan avatar  avatar  avatar  avatar  avatar Marcus Kida avatar  avatar Rui Balau avatar Artyom Suhov avatar Muhsin Aldemir avatar  avatar Anselme Goetschmann avatar Akinmolayan Olushola avatar

Watchers

Niels Ganser avatar  avatar  avatar OpenApk avatar

stasis's Issues

Question about the android client features

Sorry to post my question as an issue, but you haven't enabled discussion on this project.

Would you mind giving some details about the clients features?
I’ve read how secure and private all of this is, but I have yet to find a single detail about what type of data the android client can actually back up?

Is it just apps and their respective data?
Can it backup say my wifi settings and credentials too?
Does it make any difference whether my phone is rooted or not?

And when it comes to the other operating systems like linux, would you mind comparing your solution to some established solutions like restic or borg?

I will spin up your docker-ciompose.yml and have a look but I'd appreciate more info too.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.