backups
local snapshot
The server makes a local snapshot of the filesystem every night at midnight. Older snapshots are deleted using a rolling retention policy.
| Snapshot | Retention Duration |
|---|---|
| Daily | 7 days |
| First day of the week | 4 weeks |
| First day of the month | 12 months |
| First day of the year | 2 years |
cloud backups
The server maintains a weekly backup of all files in the Samba fileshare (including sync) to Azure cloud storage, in case the Icebox suffers a catastrophic failure. Cloud storage does not store previous snapshots, so you will not be able to recover any deleted files.
- fresh4less/Video/**
- node_modules/**
syncthing
Syncthing is a file-syncing utility like Dropbox; you can create a folder on your local device and share it with the icebox. Then when you modify a file, it's automatically synchronized with the icebox the next time you have an internet connection. This doesn't require an active connection to the VPN or fileshare.
In your Samba fileshare you will find a sync directory, where the synced files are stored. You can also copy files into sync directly through the Samba fileshare and they will appear in your sync folder.
setup
- Install SyncThing:
- Windows: I recommend installing SyncTrayzor which provides automatic startup on boot, a tray icon, and an nice UI.
- Linux: I use syncthingtray.
- Click Actions->Show ID and send me your Device ID (this is not a secret, you can post this in the icebox channel)
- Click "Add remote device" and complete the dialog with the following settings:
- Device ID
- PGRKREK-IQL25DP-GKZOTKA-BGKZHK5-L5DN3YF-VKONK37-KBZGMGD-XLBSKQC
- Device Name
- icebox
- Enable Introducer and Auto Accept
- Addresses
- tcp://icebox.fresh4less.org:22000
- Compression
- All Data
- Notify me when you are set up and I will add your Device to the icebox, which will enable syncing.
adding shared folders
You can create shared folders with one or more users by adding their Syncthing ID as a remote device, then creating a new Syncthing folder and sharing it with them.
By default, the icebox is not included in shared folder synchronization, so your shared folder will only sync when both devices are online and connected to each other.
By sharing the folder to the icebox device, you allow syncing to occur at any time, regardless of device connectivity. Files in the shared folder will also be included in icebox and cloud backups.
If you share a folder with the icebox, let me know so I can enable syncing.
wireguard vpn
Wireguard encrypts network traffic between your computer and the icebox, enabling secure filesharing through the Samba fileshare.
windows setup
- Download Wireguard
- Create a new network interface called icebox by clicking the +.
- Replace the configuration with the following:
[Interface] PrivateKey = PEER_PRIVATE_KEY Address = PEER_VPN_IP [Peer] PublicKey = bHymDyvFiUz2kQyHiNikyZ453cKwo5XQKmUgpO9HtQo= AllowedIPs = 10.200.200.0/24 Endpoint = icebox.fresh4less.org:51820 - PEER_PRIVATE_KEY is unique to you and will already be in the generated configuration file.
- Message me and I will provide you a value to replace PEER_VPN_ID.
public file sharing (http)
Your personal Samba fileshare and the fresh4less share each contain a folder named public. All files and folders placed here are viewable on the internet and can be shared with a link.
You can browse public files on the files page.
unlisted files
Your public folder also contains an 'unlisted' folder. Files placed here can be shared with a direct link, but will not appear when browsing files.
Unlisted directories and subdirectories do not list their contents.
Unlisted URLs are not obfuscated and may be vulnerable to forced browsing attacks.
The server hides all files and folders containing the word 'unlisted' in their name. There is nothing special about the 'unlisted' folder itself.
URL format
http://icebox.fresh4less.org/files/$USERNAME/$FILE
