icebox is a command-line client for secure online file storage. All metadata is protected from unauthorized access, by using icepack for archive handling.
Supported storage backends:
- Amazon S3 (
Glacier Deep Archivestorage class) - WebDAV
- Local folder (for testing or third-party tools)
Requirements:
- Python 3.8
- age 1.0
- OpenSSH 8.0
Install with pip or pipx:
$ pip install icebox
If pigz or pbzip2 are installed, they will be used for faster compression.
Configure AWS credentials as described in the Boto documentation. The credentials should have write access to the S3 buckets you plan to use. See the example IAM policy for recommended permissions.
Help for each command can be displayed by using the --help option.
Create the box mybox for an S3 bucket called mybucket:
$ icebox init mybox s3 mybucket
Please note: encrypted metadata (several KB per put operation) is stored
using the Standard storage class.
Create the box mybox for a WebDAV URL:
$ icebox init mybox webdav https://example.com/webdav/folder
To store a file or directory, simply specify its location:
$ icebox put mybox cat-pictures/grumpy.jpg
There are no directories in boxes, so you just specify the original name of the source and a destination:
$ icebox get mybox grumpy.jpg -d ~/Desktop
Bulk retrievals from S3 can take a long time. To perform a Standard
retrieval, use the Tier option:
$ icebox get mybox grumpy.jpg -d ~/Desktop -o Tier=Standard
Retrieval operations are tracked by icebox, so you can interrupt a pending retrieval and request the same source again later.
To delete a stored file or directory, use its original name:
$ icebox delete mybox grumpy.jpg
To list the contents of a box:
$ icebox list mybox
To update local box information from the backend:
$ icebox refresh mybox
Refresh operations are tracked by icebox, so you can interrupt a refresh and continue it later.
$ icebox version --dependencies
icebox 1.0.0
✅ age found. (Version: v1.0.0)
✅ age-keygen found.
✅ ssh found. (Version: OpenSSH_8.2p1)
✅ ssh-keygen found.