Lately I’ve been playing with my Raspberry Pi and it’s impressive how many cool things we can do with one of these. There are some blog posts explaining how to install ownCloud in the Raspberry Pi, which is nice, but I feel like, for me ownCloud it’s like using a hammer to kill a mosquito. So, I decided to write my own API to upload and download files :)


A torifyed-dockerized RESTful API for storing encrypted files

Safer is a RESTful API written in Python using Flask which is mounted inside a docker container and it’s accessible via Tor. All files are encrypted and can be only decrypted by using a Key; this key is generated from a password. In order to download any file you need the ID of the file and the Key. Since the key isn’t stored by the server you will need to save it by yourself. The funny thing is that a Hidden Service is created and an .onion v3 is generated.

How does it work?

Running a Hidden Tor Service with Docker Compose

(Docker) Compose is a tool for defining and running multi-container Docker applications. With Compose, you use a Compose file to configure your application’s services. Then, using a single command, you can create and start all the services from your configuration.

I’m using Docker Compose to run a Hidden Service for the API. The URL is generated internally using (pytor)[]. To manage the containers you need to use a bash script called manage (I’m too creative! right?!):

$ bash manage -h
  _____  ____  _____  ___  ____
 / ___/ /    ||     |/  _]|    \
(   \_ |  o  ||   __/  [_ |  D  )
 \__  ||     ||  |_|    _]|    /
 /  \ ||  _  ||   _]   [_ |    \
 \    ||  |  ||  | |     ||  .  \
  \___||__|__||__| |_____||__|\_|
Usage: manage [-h]
Usage: manage [option...] --{init|start|halt|reload|rebuild|clean|onion}

   --- MANAGEMENT ---
   -i, --init, init           Initializes the containers.
   -s, --start, start         Starts all configured services.
   -p, --halt, halt           Stops all configured services.
   -r, --reload, reload       Restart all configured services.
   -b, --rebuild, rebuild     Rebuild all configured services.
   -c, --clean, clean         Cleans containers, volumes, images.

   --- UTILITIES ---
   -o, --onion, onion         Get the onion URL.
   -h, --help, help           Shows this help box.

*Docker compose should be installed.**

Starting the service

We just need to run: bash manage init:

Creating saferapi ... done
Creating saferhiddenservice ... done

Waiting 20 seconds, tor is booting up...

Finding the .onion URL...

Adding an upload function to your .bash_profile file...
Adding a download function to your .bash_profile file...
Done. Remember to do: source ~/.bash_profile

Now 2 functions were created: upload and download. Also we can access the url using Tor Browser to confirm if the containers are running:


Uploading files.

We just need to pass 2 parameters, the path and the password to generate the key; for example we’re going to upload the docker-compose.yml file:

$ upload docker-compose.yml password1234

Uploading file...
{"id": 2, "key": "AHWRnPCEwnaKPfezcEnBl6dZ0DeHx9j55DeB-Ur405g="}

Now we have an id and a key that we’re going to use to download the file.

Downloading files.

With the id and the key we can download the file like this:

$ download 2 "AHWRnPCEwnaKPfezcEnBl6dZ0DeHx9j55DeB-Ur405g\=" docker-compose.decrypted.yml
Downloading file...
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   603  100   420  100   183    372    162  0:00:01  0:00:01 --:--:--   373

$ ls -lh
-rw-r--r--  1 davidtavarez  staff   420B Jul 22 23:18 docker-compose.decrypted.yml
-rw-r--r--  1 davidtavarez  staff   420B Jul 21 14:17 docker-compose.yml

It works perfectly!

What’s next?!

Well, I think this is a pretty simple and fast solution for storing some important and personal files. I truly recommend to run the service on an encrypted disk. Try it by yourself using this link: safer. Feel free to open an issue if you found something; also I would love some contributions too.

Stay safe!