Tapestry is a specialized backup automation utility, written in Python 3.6 for use on unix and Windows systems. It is currently tested on Windows 10, Ubuntu 18.04 and Max OS X. Tapestry operates in a somewhat novel way, performing backups of whole files, operating from recursively-generated lists taken from the contents of user-specified files, packaging them using our Blockwise Packaging Algorithm before compressing, encrypting, and signing them for storage - a model which allows the user to eliminate trust in the security of the storage solution completely, with complete portability.
Tapestry is currently in its v 2.2.0 release. This release included a variety of cross-platform bug fixes and performance enhancements, along with the critical feature to verify that files were unaltered during the backup creation process. See the changelog for details.
Already sold, and just want to try it out? Flip open your shell of choice and call pip install tapestry
.
Trust Only Uptime
Tapestry was designed from the ground up to eliminate the need for trust wherever possible. For sensitive business and personal information, simply trusting your storage provider not to view or tamper with your content is just not an option. For that reason, we’ve implemented a number of features to place proven security technologies in the hands of our users.
Asymmetric Encryption via PGP
Tapestry uses Gnu Privacy Guard (GPG), a free, open-source implementation of the OpenPGP protocol, to encrypt each and every file it produces with aymmetric encryption. The practical upshot? The public half of the recovery key could be distrubted organization-wide to generate backups, while only a few trusted admins might have access to the private half. There’s no tedious per-file key management or reliance on low-strength passwords. One recovery key, one disaster avoided.
Proof-of-Integrity with RSA Signatures
Tapestry supports automatic signing of its generated output files using a per-user-configurable signing key. With proper key management, this means you can have high confidence that the file you retrieve from your storage solution is the same file you put there when you generated the backup - not a bit out of place. Combined with the right PKI, this makes managing the trust level necessary to validate backups a snap.
Zero Data Tracking
Apart from the data which is generated and stored in each backup, Tapestry collects exactly no data about the users running it or the systems it’s being run on, and has no telemetry capabilities. We don’t even see the passphrase protecting your keys - by design, we leave collecting the passphrase up to your GPG install’s configuration by letting it trigger the Pin Entry binary you specified.
In short: you don’t even have to trust us.
Complete Freedom Of Movement
From the beginning, Tapestry was always meant to be completely platform independant. As long as you have a python interpreter and GnuPG installed, you’ll have access to the full host of features Tapestry provides.
Have Pip, Will Travel
Even recovering from a brand new OS install is easier now with the release of Tapestry via the Python Package index. An up-to-date version of Tapestry is just a pip install tapestry
away. On Linux, this means you can recover in minutes. On Windows, you’ll have to install Tapestry’s dependancies python and Gnupg4win first.
Categorical Indexing: What you want, where you want it
Tapestry’s tapestry.cfg
configuration file allows you to define the top-level path to each of your categories for both windows and linux simultaneously, while the NewRIFF recovery metadata introduced in Tapestry 2.0.0 contains the lower portion of the path for each and every file. Your documents in linux can be placed right alongside your documents from Windows, if necessary!
Lost your config file, or can’t remember your categories? Not a problem. If Tapestry can’t find the right category in your configuraiton file, it will just create a directory at your specified output path and rebuild the original file structure for that category there.
One-line Automation
Attack the problem of forgetfulness head on - triggering tapestry every third thursday at 2 AM is a single line in crontab away.
Robust Resilliency
A backup solution isn’t very good if corruption in one file means the whole backup is lost. Every precaution has been taken to prevent such an outcome.
Minimum Intervention Approach
To better protect the integrity of your data, Tapestry doesn’t mess around performing delta-based backup processes like change-logging or version control. Every Tapestry backup contains every file in every directory you told it to look at, in full and unaltered. No complex change management or tracking required.
First, Tapestry crawls the directories and sub-directories of the categories you’d indicated, preparing the indexing information it requires. Then, it performs a “moving truck” algorithm to prepare the minimum number of output blocks, each no larger than a filesize you specified. Burning to CDs or DVDs? No problem. Throwing packets over the wire to a legacy FTP or NFS share? No problem. Don’t vare about the output file size? Still no problem.
Redundant Indexing
Every single output file produced by tapestry contains the full recovery index. What’s this mean for you? That means if you only have part of the backup for some reason, you can still recover the part you had.