Roll your own secure Dropbox alternative

Dropbox is a great software that I have been using for almost 10 years. It has helped me a lot during university, sharing project files, backing up my thesis and much more. It is a great service, but it also comes with a lot of problems regarding security and transparency (I will not get in-depth here). You can check for example, this article, or this one (there are many more if you look for it).

With this security issue in my mind, I decided to roll my own Dropbox-like service. The main difference is that I will know where all files are and that I am the only one with access to the unencrypted files. After building my own simple infrastructure, I decided to write a quick tutorial showing my solution and how you can create your own! Let’s get started…

The main software that we are going to use is called Resilio Sync (previously BitTorrent Sync). It takes care of all the syncronization between computer, mobile and server, just like Dropbox.

One: Resilio Sync

First, install the software on your computer and mobile phone from https://www.resilio.com/individuals/.

After, create a folder on your system that you want to sync with the cloud and be able to access it from anywhere via your smartphone. When creating the first folder, make sure you create an Encrypted Folder just like the image below:

Once it is created, there will be three keys, Read & Write, Read Only and Encrypted Key.

  • Read & Write: Share this to devices that can access and edit the unencrypted version of the files,
    such other computers you want to edit and synchronize the files or your mobile phone.
  • Read Only: This key will give the peer that will only be able to read the unencrypted files but not write on the folder, not used in our case.
  • Encrypted Key: This is the key you will use on the server, the server or peer can help you share the files but cannot read (or write) any of the files.

Two: Always ON server

Now with the folder created, if the Read & Write key is shared with another computer or phone, the two devices will have all files synced at all times. There is one problem that needs to take in consideration, what would happen if you want to share files between your computer and your phone, but when you want to access the files from your mobile your computer is off? When you try to access files with Dropbox you don’t have this problem as the files are always online in the unsecured cloud.

To fix this issue, we need to have some device that is always connected to the internet that can act as a “Dropbox server” or a relay server. The server will have its own version of Resillio installed with the Encrypted Key in it. This way your precious files are going to always be available, and even if the server gets hacked, no one will have access to the unencrypted files.

My suggestion for relay server is using a company called KIMSUFI, where you can get cheap dedicated servers. Pricing starting at $7.00/month for 500GB. Another option for lower storage needs is VULTR, that offers 20GB of storage for $2.5/month.

I am not going to get into detail on how to install it on the server, as there is a good tutorial at https://www.linuxbabe.com/ubuntu/install-resilio-sync-ubuntu-16-04-16-10. If you have any problems there I am happy to help!

You can install Resilio on as many devices and servers as you want. The more encrypted relays you have, the faster you will be able to download them and the more reliable your infrastructure will be.

In my case, I have many different nodes with my files for redundancy

Three: Backups backups…

File synchronization is amazing, you can edit files on multiple computers and have everything always up to date. But if you delete a file by mistake, it will also be removed on all other devices.

The solution to thie problem is to backup all the files from the Resilio folder to a second location with version control enabled. For that I am using two amazing products, ArqBackup to manage the backup version control and Backblaze B2 as cloud storage.

ArqBackup connects to Backblaze B2 (you can also use AWS or other storage providers) and uploads the files, keeping ALL the changes ever made to the folder. In my case, I set a budget that ArqBackup will version all the files up to 100GB of storage on B2. You can check below how it works on my system (images are self-explanatory).

ArqBackup
ArqBackup – 100GB backup limit

I decided to use Backblaze B2 instead of AWS S3 because it is awesome and super cheap. It costs as little as $0.005/GB stored (with 10 first gigabytes free) and $0.02 for download when you need to retrieve files. You can check more about the pricing here: https://www.backblaze.com/b2/cloud-storage-pricing.html

Final thoughts

One last thing that I may do in the future is to share the Read & Write key to the server and install some sort of file-manager like FileRun so I can edit all the files online if needed.

I have been using this setup for a few months now with no complaints whatsoever. Of course configuring it is harder than simply paying for Dropbox, but if you want to have control of your files and want to save some money, you should give it a spin! 😉

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.