Drivethrough: private android photo backups via GDrive

drivethrough android screenshot Just documenting some code I use to privately backup photos from my android phone to a laptop. The phone uploads photos as encrypted files to GDrive. The laptop downloads and decrypts new photos, then deletes files off GDrive. It's admittedly geeky to setup right now, but it's worked out quite nicely as a private, no-hassle local backup of my phone pics.

The code is sitting on github in case you feel inclined to mess about with it. If you just want to try it out (and you'll want to be comfortable with command line tools) skip the next few paragraphs of explanatory fluff to get to the actual nuts and bolts. Otherwise, some babble about how it works.

When you install the code on the laptop, it generates an OpenPGP keypair, and stores the public key as main.pkr on your GDrive account.

Drivethrough overall

The next step is to install the android app on whatever devices you wish to backup. Upon installation, each device also generates a keypair and uploads the public half on GDrive. The app proceeds to download the main.pkr file, encrypts photos against that key, and signs it with its device key. Finally, encrypted files are uploaded to GDrive.

The app wakes up when there's a wifi connection, or there are new photos. In either case -- if there are unsaved photos, it does the same thing. That is, download the main.pkr file, encrypt, sign and then upload new photos. If the fingerprint of main.pkr changes, it stops and flags an error (so it works roughly like SSH -- trust on first use.) Periodically downloading the OpenPGP key allows me to change encryption subkeys frequently if I feel the need to do this.

Back on the laptop side, I run a cronjob that downloads any new device keys, and then any encrypted files. It decrypts the files, verifies they are signed with the appropriate device key, and then deletes the file on GDrive.

Using Drivethrough

This is what I did on my Macbook. Since it's java code, in theory it should work quite similarly on other platforms; but I haven't tested it myself.

First create a directory where you'll host your archives - let's say it's $HOME/phone-archive. Now download drivethrough.jar to a convenient directory inside here, let's say $HOME/phone-archive/bin/drivethrough.jar.

Next, you'll be setting up the app by connecting it to your GDrive account. Run it from a command shell as:

$ java -jar $HOME/phone-archive/bin/drivethrough.jar setup $HOME/phone-archive/data

This command asks it to setup your GDrive, and download the archives under $HOME/phone-archive/data. You will be asked to visit a GDrive authorization URL in your browser. Follow the directions in the browser, and you'll eventually get a code which you'll paste back in the command shell.

Enter code from browser: ...........

Let it do its thing, and hopefully when it's finished that's pretty much it as far as setting up goes. If you want to confirm that things look good, you can visit your GDrive page where you should find a new directory called drivethrough with a file called main.pkr in it. This is the public key generated from your laptop, and your connected devices will encrypt against it.

GDrive web after initial install

I have a couple more things in that directory -- these are device keys from my two connected devices. You too will find something like it once you install the app on your phone.

The next step is to install the drivethrough apk file on your device. I'll leave you to figure out how to sideload it on your device - it's currently tested only against android-19 or above.

Drivethrough app screenshot Just start it up, it should guide you through a couple of authorization screens that permits it to access your GDrive. Once you've authorized it, you can more or less forget about it. It'll just wake up as needed, and upload your photos whenever wifi is available. If you have a ton of photos on your phone (I had about 3Gb of photos and videos) it can take hours before all your photos are uploaded. It's almost entirely dependent on your wifi speed, so you might want to wait on installing it until you can leave your phone plugged in overnight next to some fast wifi connection.

Back on my laptop - I just have a cron job that runs once a day that looks like this.

$ crontab -l | grep drivethrough
00 11 * * * /usr/bin/java -jar $HOME/phone-archive/bin/drivethrough.jar pull $HOME/phone-archive/data

All this does is to pull down any new files, and copy them under the $HOME/phone-archive/data directory. Here's how it looks like at the moment.

Drivethrough on laptop

You'll notice that the files are stored under the device fingerprint key, and that the folder structure mirrors the actual structure of the data on the device.

Once setup, this has been a pretty painless way to have photos taken from my phone quietly arrive into my laptop. As a little bonus, it does it without sacrificing the privacy of the photos; I don't really want Google auto-indexing my photos. When I backup my laptop - these photos also get backed up along with everything else; so that also seems to work out well in case I lose or brick my phone.