I've recently run into a scenario using ChromeOS which is kind of annoying, however i've found a workaround which works for me. This might help someone else.
Scenario
I have a Google account which is linked directly to my Chromebook, this means i can in the Files app see my google Files and backup these files to my Google Drive account.
I also however have a Google Workspace Account, this too has its own Google Drive capability
Syncthing v1.14 & Chromebook (Multiple Sub Directories) On my chromebook I sync the entire /Download folder, but now, I want to split it in to two sub-folders and share each folder with a different machine. On syncthing, I select the sub folders, but am told it does not have permission. I know external SD cards are a no-no, is it the same thing. Things To Do After Installing Elementary OS. GitHub Gist: instantly share code, notes, and snippets. Wrapper for Syncthing - Open and decentralized file synchronization Mullvad VPN: privacy is a universal right Protect your online privacy with a fast, trustworthy, and easy-to-use VPN. The Syncthing app is extremely bare-bones: it syncs your files to your phone or tablet. All data is saved in the actual Android file system, so you don't have to manually export. You will just need to copy the chrome.admx and the language folder to Active Directory’s Policy Definition folder. For example, if your AD is in English, copy the chrome.admx along with the everything in en-US folder to the Policy Definition folder on the server.
On the Chromebook while I can swap in the browser between Google Drive and Google Workspace Drive, the Files app doesn't yet allow me access to both Google Drives.
I want to use the services and applications linked to my Google account and have the ability to ensure all the files I create on the Chomebook are backed up to Google Workspace.
Problem
While you can connect multiple Google accounts to the Chromebook, only the primary account (ChromeOS 87) is seen as a mounted Drive instance on the Files app so its not possible to see and therefore backup files to a second google account.
Solution
![Syncthing Chromebook Syncthing Chromebook](https://img.17qq.com/images/hpfigdojhz.jpeg)
The solution to this is workable, automated, simple to setup and can be portable to a point too. and is based on
ChromeOS Linux Containers
Port Forwarding
Syncthing
inSync
At a high level the solution looks like this
Syncthing Chromebook Download
While i'm using a Mac as the conduit sync thing runs on other OS's and is in fact far more fully featured than the use case i'm going to cover here. I tend to use the Mac as a personal server now i've moved to using the Chromebook more
So how does this fit together?
ChromeOS install
Lets start with the ChromeOS device and it needs the Linux Shell up and running. I covered how to do this in a previous post
Under the section 'Enable the Shell'
Once enabled install SyncThing
Optional
The candidate channel is updated with release candidate builds, usually every second Tuesday of the month. These predate the corresponding stable builds by about three weeks.
Then proceed with the following steps to finish setting up the chosen track and install Syncthing.
Before Syncthing is started it needs to be set to listen publically on 0.0.0.0 and not locally on 127.0.0.1
Find the line
Change it to Resolution aspect ratio calculator.
Save the File (ctrl + O)
Exit (ctrl + X)
Start the services
The service is up and running and listening on the containers outward facing IP Address, however to allow Chrome to see the Syncthing service page port forwarding needs to be enabled
Open Settings and search for Port Forwarding
Add Port 8384 TCP with a label of Syncthing this will punch a hole from chromeOS and the rest of the lan into the container
Head to the browser on the Chromebook and open
Which should open
Yours will only have the default folder (not myconfigs)
Syncthing is now installed on your Chromebook and available on your lan.
Apple Install
To give Syncthing something to sync with it needs another Syncthing, you could do this on Debian/Ubuntu and just repeat the apt install instructions above.
I happen to have a MacBook Pro I can use
Syncthing
If you're not running Homebroew on your Mac, why not? Its a great way of not just installing software bue ensuring its well maintained as well. Fi pet tracker. Syncthing can be installed as a HomeBrew app.
the basics to install homebrew are
However check out the link aboe as these may change
Syncthing Chromebook Software
Once installed, installing syncthing is as simple as
This will install Syncthing on OSX and ensure it starts after a reboot
Note:
If like me, you're going to manage Syncthing from the Mac, you can leave the config as is, if you'd like to be able to access the Mac Syncthing interface on your lan then
Find the line
Change it to
then run
Syncthing is now installed on the Mac and can be opened using
Insync
I use inSync as my sync between Google Workspace Drive and my Mac, there is a google Sync tool and that is free and can also be used. I have used inSync for a long time on Linux and it works well on OSX too.
As a Mac user the isntall is pretty painless
- Download the App
- Open the DMG
- Drag the app to Applications
- Open Applications
- Open the App
Link insync to the Google Workspace account and tell it what you want to sync and you're done. It will sit there and sync any new files up to Google that hit the directory you choose.
Syncthing Chromebook
Setup
The stage has been reached where all the software is installed Syncthing is running on the Chromebook and the Mac, Insync is running too.
Syncthing needs to be setup and before this post continues its worth noting again this is only a subset of what Syncthing can do. I'm only interested in a 1 way data flow from My chromebook, to my Mac to Google Workspace Drive. It is possible to sync everything both ways, to multiple devices create versioned files and a whole lot of other options.
Setup SyncThing on Chromebook
Before we setup sync thing, we need to make sure that the folder created in ChromeOS is viable to the Linux shell
Ive setup a folder called work
Right click on this folder and select Share with Linux
Note:
If Share with Linux is not available and Manage Linux sharing displays it means that a folder above this one is already shared with linux
In my case I share the Whole My Files folder with the linux container wich i view as follows:
Note:
the defaults mountpoints are /mnt/chromeos for the hard disk or /mnt/etxternal for any external devices like usb sticks.
Knowing this information we can setup a folder to share in Syncthing
Under Folders click Add Folder
Provide the
- Folder Label
- Folder Path
Lease the Folder ID as the random characters
Click on the Sharing Tab
Its possible the other Syncthing server has now broadcast its presence, if it has, click on the tick next to it.
Click on File Versioning
For this example i'm not going to use any versioning
Click on Ignore Patterns
These are useul if you don't want ot sync large files like ISO images or Virtual file disks.
Click on Advanced
Under Folder Type i've selected Send only from the Drop down as i'm not interested in pulling files onto the Chromebook, only pushing them to the Mac.
At this point I am done and I click on Save
I have a new Folder called chromeos - work and when i open the folder i can see the information about it.
Setup SyncThing on Mac
Over on the Mac Syncthing interface
Note:
You may see a banner on the top of the screen asking if you accept the job on this server, as long as this is a job you are aware of setting up on a server you set it up on it is ok to say yes
If I expand the link for chromeos-work
We can see that the local mac has a folder called ~/chromeos-work
If i click on Edit and select the Advanced tab i can also set the folder to be recieve only.
This contains the sync files from my Chromebook.
Setup InSync
Now we know the base file on the Mac if InSync is set as ~/chromeos-work as a base folder it will sync the files from this folder up to Google Workspace Drive.
This has allowed me to have my files backed up from the Chromebook to
- Google Drive
- Mac Server
- Google Workspace
Conclusion
I appreciate for many this will be of little use, however it does show that with a little thought most problems can be solved and it also shows that Syncthing on chromeOS has the ability to not only be used but also help sync files around your home lan.
I've expanded this out further to backup photos, videos and publish photos by syncing them to a specific drive on a server.
A while ago I wrote a post about my backup solution and replacing Crashplan – a once great product I was a happy user of. It served pretty much all my backup needs in one product, but alas it was too good to last.
Eventually I settled on Duplicati on my home server backing up to Backblaze, and Urbackup to back up my various devices to the NAS. But since then a few things have changed:
![Chromebook Chromebook](/uploads/1/3/7/8/137802020/254722851.png)
- The upgrade to Ubuntu 18.04 broke the Urbackup installation on my server. I never really got around to fixing it, so my device backups have been manual. Fortunately the server hosts the important stuff, and I don’t keep much on my devices that aren’t saved elsewhere, but it’s still not ideal.
- If a broken server wasn’t enough, Urbackup discontinued support for MacOS earlier this year, which made the product useless to me.
- Perhaps somewhat mitigating this for Mac clients, the Samba project released version 4.8.0, which includes support for MacOS time machine (see “Time Machine Support with vfs_fruit”).
- Dropbox have started being dicks.
… Dropbox?
Er, yeah. Despite writing “I think that you should never use Dropbox for anything remotely private or sensitive”, words that I stand by today, I have not only been using Dropbox… but for private and sensitive things.
The main reason is that it’s the only sync tool that’s always worked well across Windows, Mac and Linux (I regularly use all 3). I’ve also had a free 6.8GB plan for years, from the days when you could do something as simple as install the app and get 500MB, or enable camera uploads and get a free 2GB. This has always been enough for my documents, plus camera uploads from my phone so long as I archive them off once a year or so.
I probably would have paid for it if the plans and pricing were more granular, but I have no need for 2TB, and £8 per month still seems a bit much to pay for the ~20GB of data I would like synchronised between devices. Historically it has cost a lot more – in the region of £15 (for 1TB) if I recall correctly.
On security, I feel the risk of exposure is small. With a strong unique password, and 2FA courtesy of a Yubikey, the greatest risks are a probably a rogue employee or large-scale hack of Dropbox via a software bug. I’m sure there would be a lot of people in deeper trouble than me if that happened.
So how have they started being dicks? Three ways:
- Discontinuing support for filesystems other than ext4 on Linux.
- Enforcing a limit of 3 devices on free users.
- Trying to get more in your face, and milking the customer base, rather than just sticking to file sync and keeping out of the way.
Despite being the Rolls-Royce of file-syncing (reliability and functionality wise, definitely not security wise), these things have made the product a lot less appealing recently. But then I was never a paying user, so perhaps this is just good strategy! Perhaps I would have been though, if they’d just stuck to basics, supported linux properly and kept costs down, rather than trying to expand into the enterprise market…
So while this might seem a digression (because sync is not backup!), I bring up Dropbox because I discovered a new tool which suits the Duplicati setup well and is probably going to replace it for me: syncthing.
Syncthing
Twitch riot. Syncthing is a decentralised file synchronisation tool. Your files never go to the cloud or anyone else’s hardware; they are copied directly between your devices. This creates some interesting problems for restricted networks and NAT traversal, so syncthing supports a concept of relays, which essentially provide a connection path for your devices. The data is passing through the relay, but it’s encrypted only for the receiving device with perfect forward secrecy. So even if a relay was compromised, and the attacker captured all the traffic, AND he knew the device IDs of both sides, he still wouldn’t be able to read the data. The docs have a short write-up on security here.
And there is some interesting data on its usage here – this is clearly a widely-used project.
So it works practically anywhere, syncs my files privately, appears to be a sustainable project, and unlike Dropbox it doesn’t rely on me storing my data in a way that any one else could read without access to one of my devices. What’s not to like?
A little friction never hurt anyone
Syncthing is by techies for techies. Because it’s a write-once run everywhere application (even the Android version installs the same go-based back-end and web UI), it doesn’t integrate seamlessly on any platform. Let’s start with installation:
Syncthing Chromebook App
- MacOS is probably the easiest courtesy of homebrew – you just
brew install syncthing
, followed bybrew services start syncthing
and you’re ready to go. It even opens the web UI for you. - Android is just as easy courtesy of the app wrapper – install the app, grant permission to allow it to run in the background and you’re done.
- Debian/Ubuntu Linux comes in third, because the package doesn’t install a systemd unit. It’s simple enough to create, but not everyone is a sysadmin.
- Windows comes last, because pointing and clicking around in Task Scheduler sucks.
None of these are any trouble at all for a technical user, and the approach is perfectly reasonable. With a small team of volunteers, maintaining native ports for each device is impossible. But it has to be mentioned, because for your average Dropbox user, having to manage a system service is going to be a non-starter.
Next is integrating a new device into your “cluster”. It works as designed, but in an asynchronous/eventually-consistent way. So after adding a new device… nothing happens, until some background process kicks in on the other device and a pop-up appears in the UI prompting you to accept. Again, nothing wrong with this, it’s just not intuitive to someone unfamiliar with the asynchronous nature of the product, and the UI gives little guidance.
Other (minor!) complaints
- The Android app is very basic, and seems like it won’t be terribly nice to my battery, but we’ll have to see.
- There is no iOS app, mainly because it can’t run go code. Thanks to Apple’s love of homogeneity, the whole thing would have to be rewritten in Swift or Objective-C and it’s not surprising that no one has taken this on.
- The web UI uses HTTP basic auth, which precludes the use of plugin-based password managers, and is easy to brute-force. Something form-based would be preferable for devices that have to expose it to the network.
- A web UI listening on localhost is potentially a large attack surface, as code running in your web browser can call out to it. Firefox and Chrome have some protection against this, but I’d suggest setting an admin password on every device, not just servers. That way if some JS code in your browser tries to brute force it, you’ll at least notice your lap burning!
Overall though, in my early testing, syncthing appears to work brilliantly once it’s set up. Cudos to the developers, because this is a hard problem, and other than some window-dressing it’s difficult to see how anyone could do a better job.
Syncthing Chromebook Keyboard
Time Machine and Samba
The last piece of backup-related news since my last article is that Samba added support for time machine – the built-in MacOS backup utility that supports backing up your files to a remote volume. I haven’t gotten around to testing this yet, because the required version of Samba didn’t land in Ubuntu until 18.10 and I’m sticking with LTS releases. But if it works as advertised, I can’t see why you’d want to use anything other than time machine to backup a Mac.
This page provides some nice clear instructions if you’re so inclined – just skip to the configuration if you’re already on Ubuntu 19.04 or another distro that provides samba >= 4.8.0.
Summary
My backup solution has evolved a fair bit. I didn’t really consider file synchronisation as part of the strategy, but having an open-source private solution such as syncthing, which can sync to my home server, means those files are now being backed up in exactly the same way. Backblaze B2, Duplicati, and syncthing are all I need for now; and when Ubuntu 20.04 is released with a newer version of Samba, Time Machine will be icing on the cake.