eee-safe
A custom Threema Safe server implementation with multi-backend support.
Currently supported backends:
Client setup
Threema supports third party backup servers out of the box. Simply choose "Threema Safe", "Expert settings" and deactivate "Use default server". You will be asked for your custom server endpoint and credentials.
Server setup
Install from source
You need go
and GOBIN
in your PATH
. Once that is done, install eee-safe
using the following command:
go install github.com/joeig/eee-safe/cmd/eee-safe@latest
Configuration
After that, copy config.dist.yml
to config.yml
, replace the default settings and run the binary:
eee-safe -config=/path/to/config.yml
If you're intending to add the application to your systemd runlevel, you may want to take a look at init/eee-safe.service
.
Threema requires a valid CA certificate.
Choose one of the following storage backends:
Storage backend |
DynamoDB |
Filesystem |
Built-in TTL |
yes |
no |
Thread safe |
yes |
no |
Works without further efforts |
no |
yes |
DynamoDB settings
This option requires a pre-configured AWS environment.
Table settings
Create a new table with the following settings:
- Table name in this example:
EEESafe
- Primary key:
backupID
- Time to live attribute:
expirationTime
- Turn backup functionality on if required.
IAM
Required IAM permissions to access the DynamoDB table (change the resource ARN if necessary):
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "MaintainEEESafeTable",
"Effect": "Allow",
"Action": [
"dynamodb:PutItem",
"dynamodb:GetItem",
"dynamodb:DeleteItem"
],
"Resource": "arn:aws:dynamodb:eu-west-1:1234567890:table/EEESafe"
}
]
}
Examples:
See also: https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html
Filesystem settings
This option stores every backup in a dedicated file on the local filesystem.
This storage backend does currently not support thread-safety and auto-deletion of expired backups. You probably want to implement auto-deletion by using a find
cronjob.
Troubleshooting
Run eee-safe
in debug mode in order to increase the verbosity tremendously: -debug
Contribution
Feel free to contribute. This is the API reference: Cryptography Whitepaper
This project follows the Standard Go Project Layout principals.